Can python be invoked inside a fetchlet?
Hi Guys
I'm trying to build a customized plug-in for our storage device which only has a python API exposed to developers. I'm wondering if it is supported by enterprise manager to invoke python script inside a fetchlet.
if it is possible, I'll manage to figure out a way to embed the client python module into the plug-in jar file, I don't know if this is supported either.
I noticed EM has already contain perl in its install directory and perl scripts could be kicked inside a OSLines fetchlet. Not sure if python has a similar treatment.
Please tell me if you have any thought on this, your input will be appreciated !
Edited by: user9219284 on Mar 30, 2010 7:08 AM
Edited by: user9219284 on Mar 30, 2010 7:08 AM
Your best bet will be to use the OSLineToken fetchlet to invoke perl or some other executable which knows how to call a python script. The agent has no special handling for python.
Similar Messages
-
Can BPEL be invoked by OA framework?
Can BPEL be invoked by OA framework?
I want the OA provide a XML file and invoke a BPEL. BPEL return a result to OA to display in the web page.
Can i do it?For anyone else who would face this problem,
"It's possible the SATA cable is going bad, which would give the same type of symptoms as a failing hard drive. An easy test is to relocate the drive to an external enclosure and boot from there. If the problems go away, it's probably the SATA cable."
Regards,
Rohit -
Can validations be done inside FOR ALL and can we use conventional insert
Hi All,
I have to move millions of data from one 'table1' to ' table 2'. Table 2 is equal Table 1 columns+ an extra column . data for the extra column is retrieved from table 3 using foreign keys of table 3 and table 1.how shud i do it using bulk collect and for all insert... I have given the sample code for my problem..
TABLES:
table 1 columns: emp_name, emp_id , emp_add, emp_txt
table 2 columns: emp_name, emp_id, emp_add,emp_txt,emp_ref
table 3 column: emp_txt,emp_ref,emp_size
CODE:
create or replace
procedure bulk_proc IS
v_emp_ref varchar2(20);
cursor cur_t1 is
select * from table 1;
TYPE bulk_t1 is table of cur_t1%rowtype;
v_bulk_t1 bulk_t1;
cursor cur_t3 is
select a.emp_txt,b.emp_ref from table 1 a, table 3 b where a.emp_txt = b.emp_txt;
TYPE bulk_t3 is table of cur_t3%rowtype;
v_bulk_t3 bulk_t3;
begin
open cur_t1;
open cur_t3;
loop
fetch cur_t1 bulk collect into v_bulk_t1 ;
exit when v_bulk_t1.count=0;
fetch cur_t3 bulk collect into v_bulk_t3 ;
exit when v_bulk_t3.count=0;
for i in v_bulk_t1.first..v_bulk_t1.last loop
for j in v_bulk_t3.first..v_bulk_t3.last loop
if (v_bulk_t1(i).emp_txt = v_bulk_t3(j).emp_txt) then
v_emp_ref := v_bulk_t1(i).emp_txt ;
else
v_emp_ref := null;
end if;
for all m in 1..v_bulk_t1.count
insert into t2(emp_name, emp_id, emp_add,emp_txt,emp_ref) values
(v_bulk_t1(m).emp_name,
v_bulk_t1(m).emp_id,
v_bulk_t1(m).emp_add,
v_bulk_t1(m).emp_txt,
v_emp_ref);
end loop;
end loop;
end loop;
close cur_t3;
close cur_t1;
end bulk_proc;
can we do validations inside FOR ALL command..i am getting error.is it possible to use conventional insert inside 'for all command' or do we have to use only 'insert ti values v_bulk_t1(i)' like that....Do i have to use only conventional cursor for this problem?...please help me..1.I want to push 18 million records from one table to another table with validations....Can i use ur code for it? You can always test how the example Tubby provided works in your environment.
Usually a single SQL statement is the right way to go.
http://asktom.oracle.com/pls/apex/f?p=100:11:0::::P11_QUESTION_ID:760210800346068768
(memorize the mantra)
Another option you have is to use CTAS (Create Table ... As Select ...) or use the APPEND hint while inserting.
Make sure first that you understand how it works:
You can find many examples including clear explanations by doing a search on http://asktom.oracle.com
2.Can we do normal insert and validations inside FOR ALL insert loop... Afaik, you cannot. ( But it wouldn't surprise me if Michael comes up with an example using dynamic SQL ;) )
http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14261/forall_statement.htm#LNPLS01321
Alternatively you should investigate if it's possible to adjust your query/queries in such a way so that only records that you want to insert are selected.
In other words: use the WHERE-clause from your query to validate rightaway instead of selecting records thatyou don't want/need at all.
3.How variables are stored in BULK COLLECT ..Is it storing pattern differs from cursor.......Sorry, I don't understand what you mean here.
4.In which scenarios we should not use COLLECTIONS ...Please help me...That's totally dependent of the scenario/requirement.
Example:
http://asktom.oracle.com/pls/apex/f?p=100:11:0::::P11_QUESTION_ID:1058232381458 -
Can we have form inside a form?
Hi All,
Can we have form inside a form?
Thanks
kiranCan we have form inside a form? Yes. However you could find out that , regardless of which form gets submitted, all input fields of both forms would get submitted anyway.
That would render nested forms quite useless.
But as it has been said, why don't you try it and see for yourself?
Keep in mind that, you may think you need nested forms, but you really do not need that, and there is a problem with your design. -
Still can't launch classic inside 10.4.5 despite alias fix
Hi, I still can't launch classic inside 10.4.5 without the "connection failed" message problem. I tried the fix of removing all the aliases from the apple menu items and still I get this irritating message. classic will launch and the app within it, but I still get that message and it won't go away no matter how many times I click okay so I can't use the classic app I launched. Any other ideas? Thanks!
Hi,
The guy I bought the GeForce 7800 GS card said it had been tested with photoshop CS4 in Leopard.
Breaking news... I tried re-installing Photoshop, Now there's an error at the end of the installation. "Done with Errors" which leads to the Support Advisor which leads to...
"Error "Unable to read Adobe file version for path /Library/Fonts/MinionPro-Bold.otf" when installing the Adobe Creative Suite 4 or Point Products on Mac OSX"
Is my whole problem font-related? I tried unlocking the Minion font mentioned, re-installed. same thing. I moved all the Minions fonts to the desktop, still no good. Are all the fonts locked? The info window said that font was unlocked to System read/write, but locked to read-only for Admin. There's no way to unlock all the fonts at once? Help!
-Kit -
my i pod got wet in the rain and now its totally dead ... i can clearly see water inside the screen ...... do you think that will it work again ?????
Not normal. Take it to an Apple Store for evaluation.
Make a Genius Bar Reservation
http://www.apple.com/retail/geniusbar/
Cheers, Tom -
Some please help me. I tried to re start my iphone 4, but it went something wrong. instead of it turned black and tunred on again. it like a gray color. When i took out my card i can see the light inside it. what should i do turned it back on again..
At the AT&T store. Tried using iCloud but only 120 songs were transferred and when I access my iTunes account now it only shows 120 and not the 450 anymore that I purchased on my old phone. Tried to sync again from the phone to iTunes and it still not working.
I purchased everything under the same apple ID account I called apple support and spent almost 2 hours with tech support for assistance and we got disconected and they never called me back.
I'm at the point where I'm about to never purchase anything anymore from apple go to another company retrieve every single charge made on my bank account from iTunes and file a law suit against the company. It's being a week that I called for assistance and no one called me back to help me with this matter even after I responded a survey with a complaint about not getting a resolution to my problem.
If you could please help me I will appreciate, I'm out of the country now and can't stay on the phone for a long time.
I need to sell my old phone but as right now besides all my bank statements the old phone is the only evidence that I purchased the songs. -
How can i insert include_once inside fluid grid layout?...
How can i insert include_once inside fluid grid layout?...
Hi
You will have to insert this in code view.
If it is inside a FG div, select 'split' screen mode, click in the required div in design view and this will highlight the selection in code view.
PZ -
How Can i COM Component inside Applet.
Hi All,
I want to use a COM component which is calling C API's inside an Java applet. Is there any way i can load COM dll inside applet and directly calls COM's functions.
Pls give your suggestions.One more thing i would like to mention, I go through Implementation of Java Native Interface(JNI) and i can call COM fns through it but it is a longer procees as i have to write stub functions for each API implemented in COM component. If in my COM component is having 100 API then i have to write 100 such functions in JNI..
I think there should be direct method of calling COM API;s
Any suggestions. -
i have an ipod nano and its fall down , the inside screen is broken..... can APPLE replace this(inside screen)???!
Hello Alia A,
Sorry to hear about your iPod nano screen. I recommend reviewing the following link for service options (you can update the country selection to your location after accessing the link):
Service Answer Center - iPod
http://support.apple.com/kb/index?page=servicefaq&geo=United_States&product=ipod
Thank you for using Apple Support Communities.
Best,
Sheila M. -
How can I publish artwork inside the artboard only?
How can I publish artwork inside the artboard only?
As I don't want to show anything outside the artboard when I publish it.
Also, how can I make the published swf file fit to the artboard size? As I don't want to show the white area outside the artboard.
Hope someone could help! Many thanks!One thing I have noticed is that when you embed the .swf, if you don't designate the widht and height, sometimes you will see some of the extra outside the artboard. For example:
I uploaded my published files to www.website.com/flash and my .swf is at www.website.com/flash/Main.swf. If I just use that url I will see the extra from Main.swf. However, if I create a page where I embed the .swf, like www.website.com/main.html, I no longer see it. -
How can i use JSTL inside custom tag attribute
Hi,
I have one button tag which displays the button with round corner. I will show the button like this:
<ep:button key="buttons.submit" name="submitBtn" styleClass="But"
onClick='submitPage(''<c:out value='${buttonName}' />)' />
I am getting the problem with the above code. how can i use JSTL inside the custom tags.
Thanks in Advance,
LALITHNo. The details are given below:
I have included the follwing line in web.xml file:
<taglib>
<taglib-uri>/tags/button</taglib-uri>
<taglib-location>/WEB-INF/button.tld</taglib-location>
</taglib>button.tld file
<taglib>
<tlibversion>1.0</tlibversion>
<jspversion>2.0</jspversion>
<shortname>button</shortname>
<tag>
<name>button</name>
<tagclass>com.ksi.ep.web.taglib.ButtonTag</tagclass>
<bodycontent>empty</bodycontent>
<attribute>
<name>name</name>
<required>true</required>
<rtexprvalue>false</rtexprvalue>
</attribute>
<attribute>
<name>key</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<name>onClick</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</taglib>ButtonTag.java :
public class ButtonTag extends TagSupport {
private static final long serialVersionUID = 6837146537426981407L;
* Initialise the logger for the class
protected final transient Log log = LogFactory.getLog(ButtonTag.class);
* holds the Value of the button tag
protected String onClick = null;
* holds message resources key
protected String key = null;
* The message resources for this package.
protected static MessageResources messages =
MessageResources.getMessageResources
("ApplicationResources");
* (non-Javadoc)
* @see javax.servlet.jsp.tagext.TagSupport#doStartTag()
public int doStartTag() throws JspException {
StringBuffer label = new StringBuffer();
HttpServletRequest request = (HttpServletRequest)pageContext.getRequest();
try {
log.debug("in doStartTag()");
Locale locale = pageContext.getRequest().getLocale();
if (locale == null) {
locale = Locale.getDefault();
log.info("");
label.append("<a border=\"0\" style=\"text-decoration:none;color:#FFFFFF\" href=\"JavaScript:");
label.append(onClick);
label.append("\" >");
label.append("<table onClick=\"");
label.append(onClick);
label.append("\" ");
if(onmouseout!=null && !"".equalsIgnoreCase(onmouseout))
label.append(" onmouseout=\"");
label.append(onmouseout);
label.append("\" ");
if(onmouseover!=null && !"".equalsIgnoreCase(onmouseover)){
label.append(" onmouseover=\"");
label.append(onmouseover);
label.append("\" ");
if(title!=null && !"".equalsIgnoreCase(title)){
label.append(" title=\"");
label.append(title);
label.append("\" ");
label.append("style=\"cursor:hand\" tabindex=\"1\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" background=\"");
label.append(request.getContextPath());
label.append(System.getProperty("file.separator"));
label.append("images");
label.append(System.getProperty("file.separator"));
label.append("background1.jpg\" > ");
label.append("<tr><td width=\"10\"><img border=\"0\" src=\"");
label.append(request.getContextPath());
label.append(System.getProperty("file.separator"));
label.append("images");
label.append(System.getProperty("file.separator"));
label.append("leftcorner.jpg\" ></td> ");
label.append("<td valign=\"middle\" style=\"padding-bottom:2px\"><font color=\"#FFFFFF\" style=\"");
label.append(styleClass);
label.append("\">");
label.append(messages.getMessage(key));
label.append("</font></td>");
label.append("<td width=\"10\" align=\"right\"><img src=\"");
label.append(request.getContextPath());
label.append(System.getProperty("file.separator"));
label.append("images");
label.append(System.getProperty("file.separator"));
label.append("rightcorner.jpg\" border=\"0\" ></td>");
label.append("</tr></table></a>");
pageContext.getOut().print(label.toString());
} catch (Exception e) {
log.error("Exception occured while rendering the button", e);
throw new JspException(e);
return (SKIP_BODY);
* Release all allocated resources.
public void release() {
this.name=null;
this.key=null;
this.onClick=null;
}In my JSP I have mentioned the taglib directive as
<%@ taglib uri="/tags/button" prefix="ep"%>and
<ep:button key="buttons.submit" name="submitBtn" styleClass="But"
onClick='overwritePreApprovals('<c:out value='${transactionalDetails['inPrepList']}' />')' />Servlet.service() for servlet action threw exception
org.apache.jasper.JasperException: /pages/pms/coordinator/Dashboard.jsp(325,48) Unterminated <ep:button tag
Thanks,
LALITH -
Can I put Read inside loop?
Hi Folks
Can I put Read inside loop?
Performance wise is it acceptable?
Regards,
SreeramHi
there is no problem to put READ statement inside the LOOP
its a better way to put
to avoid SELECT in a LOOP
see this example
i had used that in my program
in the performance point of view it is a good method
LOOP AT IT_SOBID INTO WA_SOBID." where otype eq s_otype and objid eq s_objid.
READ TABLE IT_HRP1026 WITH KEY OBJID = WA_SOBID-SOBID OTYPE = WA_SOBID-SCLAS INTO WA_HRP1026.
IF SY-SUBRC EQ 0.
READ TABLE IT_HRP1000 WITH KEY OBJID = WA_SOBID-SOBID INTO WA_HRP1000.
WA_OUTPUT-OBJID = WA_HRP1026-OBJID.
WA_OUTPUT-BEGDA = WA_SOBID-BEGDA.
WA_OUTPUT-ENDDA = WA_SOBID-ENDDA.
WA_OUTPUT-AEDTM = WA_HRP1026-AEDTM.
WA_OUTPUT-UNAME = WA_HRP1026-UNAME.
WA_OUTPUT-STEXT = WA_HRP1000-STEXT.
READ TABLE IT_REASON WITH KEY CANCR = WA_HRP1026-CANCR INTO WA_REASON.
WA_OUTPUT-CANCRT = WA_REASON-CANCRT.
CLEAR WA_REASON-CANCRT.
READ TABLE IT_LOCATION1 WITH KEY OBJID = WA_HRP1026-OBJID INTO WA_LOCATION1..
READ TABLE IT_LSTEXT WITH KEY OBJID = WA_LOCATION1-SOBID OTYPE = 'F' INTO WA_LSTEXT.
WA_OUTPUT-LSTEXT = WA_LSTEXT-LSTEXT.
CLEAR WA_LSTEXT-LSTEXT.
APPEND WA_OUTPUT TO IT_OUTPUT.
CLEAR WA_OUTPUT.
CLEAR WA_OUTPUT-CANCRT.
ENDIF.
ENDLOOP.
<b>Reward if usefull</b> -
Can't SSH to inside interface on ASA
Hi there
I have generated the key and can ssh to outside interface. I have allowed access on inside interface. I can telnet but not ssh. I captured packets and can see incoming only. Any ideas?
TIA
Sent from Cisco Technical Support iPhone AppHi there,
Here it is -
asa01(config)# sh cap capin
4 packets captured
1: 21:59:03.583343 802.1Q vlan#240 P0 192.168.1.2.56686 > 192.168.1.1.22: S 2251599477:2251599477(0) win 4128
2: 21:59:05.586990 802.1Q vlan#240 P0 192.168.1.2.56686 > 192.168.1.1.22: S 2251599477:2251599477(0) win 4128
3: 21:59:09.588577 802.1Q vlan#240 P0 192.168.1.2.56686 > 192.168.1.1.22: S 2251599477:2251599477(0) win 4128
4: 21:59:17.591659 802.1Q vlan#240 P0 192.168.1.2.56686 > 192.168.1.1.22: S 2251599477:2251599477(0) win 4128
4 packets shown
asa01(config)#
asa01(config)# sh cap asp
0 packet captured
0 packet shown
asa01(config)#
Can you ping the Switch interface from the ASA? - Yes
Can you ping the ASA from the switch? - Yes -
Connect to VPN but can't ping past inside interface
Hello,
I've been working on this issue for a few days with no success. We're setting up a new Cisco ASA 5515 in our environment and are trying to get a simple IPSec VPN setup on it for remote access. After some initial problems, we've gotten it to where the VPN tunnel authenticates the user and connects as it should, however we cannot ping into our LAN. We are able to ping as far as the firewall's inside interface. I've tried other types of traffic too and nothing gets through. I've checked the routes listed on the VPN client while we're connected and they look correct - the client also shows both sent and received bytes when we connect using TCP port 10000, but no Received bytes when we connect using UDP 4500. We are trying to do split tunneling, and that seems to be setup correctly because I can still surf while the VPN is connected.
Below is our running config. Please excuse any messyness in the config as there are a couple of us working on it and we've been trying a whole bunch of different settings throughout the troubleshooting process. I will also note that we're using ASDM as our primary method of configuring the unit, so any suggestions that could be made with that in mind would be most helpful. Thanks!
ASA-01# sh run
: Saved
ASA Version 8.6(1)2
hostname ASA-01
domain-name domain.org
enable password **** encrypted
passwd **** encrypted
names
interface GigabitEthernet0/0
speed 100
duplex full
nameif inside
security-level 100
ip address 10.2.0.1 255.255.0.0
interface GigabitEthernet0/1
description Primary WAN Interface
nameif outside
security-level 0
ip address 76.232.211.169 255.255.255.192
interface GigabitEthernet0/2
shutdown
<--- More --->
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface Management0/0
speed 100
<--- More --->
duplex full
shutdown
nameif management
security-level 100
ip address 10.4.0.1 255.255.0.0
ftp mode passive
clock timezone MST -7
clock summer-time MDT recurring
dns domain-lookup inside
dns server-group DefaultDNS
name-server 10.2.11.6
domain-name domain.org
dns server-group sub
name-server 10.2.11.121
name-server 10.2.11.138
domain-name sub.domain.net
same-security-traffic permit intra-interface
object network 76.232.211.132
host 76.232.211.132
object network 10.2.11.138
host 10.2.11.138
object network 10.2.11.11
host 10.2.11.11
<--- More --->
object service DB91955443
service tcp destination eq 55443
object service 113309
service tcp destination range 3309 8088
object service 11443
service tcp destination eq https
object service 1160001
service tcp destination range 60001 60008
object network LAN
subnet 10.2.0.0 255.255.0.0
object network WAN_PAT
host 76.232.211.170
object network Test
host 76.232.211.169
description test
object network NETWORK_OBJ_10.2.0.0_16
subnet 10.2.0.0 255.255.0.0
object network NETWORK_OBJ_10.2.250.0_24
subnet 10.2.250.0 255.255.255.0
object network VPN_In
subnet 10.3.0.0 255.255.0.0
description VPN User Network
object-group service 11
service-object object 113309
<--- More --->
service-object object 11443
service-object object 1160001
object-group service IPSEC_VPN udp
port-object eq 4500
port-object eq isakmp
access-list outside_access_in extended permit icmp object VPN_In 10.2.0.0 255.255.0.0 traceroute log disable
access-list outside_access_in extended permit object-group 11 object 76.232.211.132 interface outside
access-list outside_access_in extended permit object DB91955443 any interface outside
access-list outside_access_in extended permit udp any object Test object-group IPSEC_VPN inactive
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended deny ip any any
access-list inside_access_in extended permit ip any any log disable
access-list inside_access_in extended permit icmp any any echo-reply log disable
access-list inside_access_in extended permit ip object VPN_In 10.2.0.0 255.255.0.0 log disable
access-list domain_splitTunnelAcl standard permit 10.2.0.0 255.255.0.0
access-list domain_splitTunnelAcl standard permit 10.3.0.0 255.255.0.0
access-list vpn_access_in extended permit ip any any
pager lines 24
logging enable
logging asdm informational
mtu management 1500
mtu inside 1500
mtu outside 1500
ip local pool VPNUsers 10.3.0.1-10.3.0.254 mask 255.255.0.0
<--- More --->
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any management
icmp permit any inside
icmp permit any outside
no asdm history enable
arp timeout 14400
nat (inside,outside) source dynamic any interface
nat (inside,outside) source dynamic any WAN_PAT inactive
nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 113309 113309
nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 11443 11443
nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 1160001 1160001
nat (outside,outside) source static any any destination static interface 10.2.11.138 service DB91955443 DB91955443
nat (inside,outside) source static NETWORK_OBJ_10.2.0.0_16 NETWORK_OBJ_10.2.0.0_16 destination static NETWORK_OBJ_10.2.250.0_24 NETWORK_OBJ_10.2.250.0_24 no-proxy-arp route-lookup
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 76.232.211.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
<--- More --->
dynamic-access-policy-record DfltAccessPolicy
aaa-server ActiveDirectory protocol nt
aaa-server ActiveDirectory (inside) host 10.2.11.121
nt-auth-domain-controller sub.domain.net
aaa-server ActiveDirectory (inside) host 10.2.11.138
nt-auth-domain-controller sub.domain.net
user-identity default-domain LOCAL
eou allow none
http server enable
http 10.4.0.0 255.255.255.0 management
http 10.2.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
no sysopt connection permit-vpn
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
<--- More --->
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto ca trustpoint ASDM_TrustPoint0
enrollment self
<--- More --->
subject-name CN=ASA-01
crl configure
crypto ca certificate chain ASDM_TrustPoint0
certificate a6c98751
308201f1 3082015a a0030201 020204a6 c9875130 0d06092a 864886f7 0d010105
0500303d 31153013 06035504 03130c43 5248442d 4d432d46 57303131 24302206
092a8648 86f70d01 09021615 43524844 2d4d432d 46573031 2e637268 642e6f72
67301e17 0d313330 35303730 32353232 325a170d 32333035 30353032 35323232
5a303d31 15301306 03550403 130c4352 48442d4d 432d4657 30313124 30220609
2a864886 f70d0109 02161543 5248442d 4d432d46 5730312e 63726864 2e6f7267
30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181 00c23d5f
acbf2b3f 9fe6e3c9 1866c344 07b6ee49 f6f31798 0b87a38b 890f70e2 c28cc1d5
fd1b4e80 7fa25483 09e79459 6bf92155 c55240b4 93eeb4eb af3f8aec 8906ef48
140c57bb 5ca4471f 275c1932 7e90976f f0dfe8a3 04a7861f cce7a320 7267df2e
61f9b6b8 22bb70ac d9cedb73 3cf9747b c2636892 48b35385 a94bfae5 fd020301
0001300d 06092a86 4886f70d 01010505 00038181 003c7e16 be4aff40 8fe69a31
acf31808 680e44eb 8ede9094 f9a4a147 0ae18cdc 000dc07f c1da1af4 a2d964ed
288689ee 95179ad0 90728324 9803248d b9d10641 01897453 fe7fafcd 34dee13a
92798615 4acb1f27 14fdb346 ab3eb825 04f23791 81d08fa2 b54c6a47 aedd9694
1c9fbcb4 455fd5ce 420298aa 9333737c 19f0e715 50
quit
crypto isakmp identity address
crypto isakmp nat-traversal 30
crypto ikev2 policy 1
<--- More --->
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
<--- More --->
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
crypto ikev1 enable inside
crypto ikev1 enable outside
crypto ikev1 ipsec-over-tcp port 10000
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
<--- More --->
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
<--- More --->
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
<--- More --->
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
<--- More --->
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd dns 10.2.11.121 10.2.11.138
dhcpd lease 36000
dhcpd ping_timeout 30
dhcpd domain sub.domain.net
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl trust-point ASDM_TrustPoint0 outside
webvpn
<--- More --->
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
anyconnect profiles VPN_client_profile disk0:/VPN_client_profile.xml
anyconnect enable
tunnel-group-list enable
group-policy domain internal
group-policy domain attributes
banner value You are attempting to access secured systems at thsi facility. All activity is monitored and recorded. Disconnect now if you are not authorized to access these systems or do not possess valid logon credentials.
wins-server value 10.2.11.121 10.2.11.138
dns-server value 10.2.11.121 10.2.11.138
vpn-idle-timeout none
vpn-filter value vpn_access_in
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value domain_splitTunnelAcl
default-domain value sub.domain.net
split-dns value sub.domain.net
group-policy DfltGrpPolicy attributes
dns-server value 10.2.11.121 10.2.11.138
vpn-filter value outside_access_in
vpn-tunnel-protocol l2tp-ipsec
default-domain value sub.domain.net
split-dns value sub.domain.net
address-pools value VPNUsers
username **** password **** encrypted privilege 15
<--- More --->
username **** password **** encrypted privilege 15
username **** attributes
webvpn
anyconnect keep-installer installed
anyconnect dtls compression lzs
anyconnect ssl dtls enable
anyconnect profiles value VPN_client_profile type user
tunnel-group DefaultL2LGroup general-attributes
default-group-policy domain
tunnel-group DefaultRAGroup general-attributes
address-pool VPNUsers
authentication-server-group ActiveDirectory
default-group-policy domain
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
ikev1 trust-point ASDM_TrustPoint0
tunnel-group DefaultWEBVPNGroup general-attributes
default-group-policy domain
tunnel-group domain type remote-access
tunnel-group domain general-attributes
address-pool (inside) VPNUsers
address-pool VPNUsers
authentication-server-group ActiveDirectory LOCAL
authentication-server-group (inside) ActiveDirectory LOCAL
<--- More --->
default-group-policy domain
dhcp-server link-selection 10.2.11.121
tunnel-group domain ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
<--- More --->
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly 21
subscribe-to-alert-group configuration periodic monthly 21
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:2578e19418cb5c61eaf15e9e2e5338a0
: endHello,
I've been working on this issue for a few days with no success. We're setting up a new Cisco ASA 5515 in our environment and are trying to get a simple IPSec VPN setup on it for remote access. After some initial problems, we've gotten it to where the VPN tunnel authenticates the user and connects as it should, however we cannot ping into our LAN. We are able to ping as far as the firewall's inside interface. I've tried other types of traffic too and nothing gets through. I've checked the routes listed on the VPN client while we're connected and they look correct - the client also shows both sent and received bytes when we connect using TCP port 10000, but no Received bytes when we connect using UDP 4500. We are trying to do split tunneling, and that seems to be setup correctly because I can still surf while the VPN is connected.
Below is our running config. Please excuse any messyness in the config as there are a couple of us working on it and we've been trying a whole bunch of different settings throughout the troubleshooting process. I will also note that we're using ASDM as our primary method of configuring the unit, so any suggestions that could be made with that in mind would be most helpful. Thanks!
ASA-01# sh run
: Saved
ASA Version 8.6(1)2
hostname ASA-01
domain-name domain.org
enable password **** encrypted
passwd **** encrypted
names
interface GigabitEthernet0/0
speed 100
duplex full
nameif inside
security-level 100
ip address 10.2.0.1 255.255.0.0
interface GigabitEthernet0/1
description Primary WAN Interface
nameif outside
security-level 0
ip address 76.232.211.169 255.255.255.192
interface GigabitEthernet0/2
shutdown
<--- More --->
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface Management0/0
speed 100
<--- More --->
duplex full
shutdown
nameif management
security-level 100
ip address 10.4.0.1 255.255.0.0
ftp mode passive
clock timezone MST -7
clock summer-time MDT recurring
dns domain-lookup inside
dns server-group DefaultDNS
name-server 10.2.11.6
domain-name domain.org
dns server-group sub
name-server 10.2.11.121
name-server 10.2.11.138
domain-name sub.domain.net
same-security-traffic permit intra-interface
object network 76.232.211.132
host 76.232.211.132
object network 10.2.11.138
host 10.2.11.138
object network 10.2.11.11
host 10.2.11.11
<--- More --->
object service DB91955443
service tcp destination eq 55443
object service 113309
service tcp destination range 3309 8088
object service 11443
service tcp destination eq https
object service 1160001
service tcp destination range 60001 60008
object network LAN
subnet 10.2.0.0 255.255.0.0
object network WAN_PAT
host 76.232.211.170
object network Test
host 76.232.211.169
description test
object network NETWORK_OBJ_10.2.0.0_16
subnet 10.2.0.0 255.255.0.0
object network NETWORK_OBJ_10.2.250.0_24
subnet 10.2.250.0 255.255.255.0
object network VPN_In
subnet 10.3.0.0 255.255.0.0
description VPN User Network
object-group service 11
service-object object 113309
<--- More --->
service-object object 11443
service-object object 1160001
object-group service IPSEC_VPN udp
port-object eq 4500
port-object eq isakmp
access-list outside_access_in extended permit icmp object VPN_In 10.2.0.0 255.255.0.0 traceroute log disable
access-list outside_access_in extended permit object-group 11 object 76.232.211.132 interface outside
access-list outside_access_in extended permit object DB91955443 any interface outside
access-list outside_access_in extended permit udp any object Test object-group IPSEC_VPN inactive
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended deny ip any any
access-list inside_access_in extended permit ip any any log disable
access-list inside_access_in extended permit icmp any any echo-reply log disable
access-list inside_access_in extended permit ip object VPN_In 10.2.0.0 255.255.0.0 log disable
access-list domain_splitTunnelAcl standard permit 10.2.0.0 255.255.0.0
access-list domain_splitTunnelAcl standard permit 10.3.0.0 255.255.0.0
access-list vpn_access_in extended permit ip any any
pager lines 24
logging enable
logging asdm informational
mtu management 1500
mtu inside 1500
mtu outside 1500
ip local pool VPNUsers 10.3.0.1-10.3.0.254 mask 255.255.0.0
<--- More --->
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any management
icmp permit any inside
icmp permit any outside
no asdm history enable
arp timeout 14400
nat (inside,outside) source dynamic any interface
nat (inside,outside) source dynamic any WAN_PAT inactive
nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 113309 113309
nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 11443 11443
nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 1160001 1160001
nat (outside,outside) source static any any destination static interface 10.2.11.138 service DB91955443 DB91955443
nat (inside,outside) source static NETWORK_OBJ_10.2.0.0_16 NETWORK_OBJ_10.2.0.0_16 destination static NETWORK_OBJ_10.2.250.0_24 NETWORK_OBJ_10.2.250.0_24 no-proxy-arp route-lookup
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 76.232.211.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
<--- More --->
dynamic-access-policy-record DfltAccessPolicy
aaa-server ActiveDirectory protocol nt
aaa-server ActiveDirectory (inside) host 10.2.11.121
nt-auth-domain-controller sub.domain.net
aaa-server ActiveDirectory (inside) host 10.2.11.138
nt-auth-domain-controller sub.domain.net
user-identity default-domain LOCAL
eou allow none
http server enable
http 10.4.0.0 255.255.255.0 management
http 10.2.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
no sysopt connection permit-vpn
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
<--- More --->
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto ca trustpoint ASDM_TrustPoint0
enrollment self
<--- More --->
subject-name CN=ASA-01
crl configure
crypto ca certificate chain ASDM_TrustPoint0
certificate a6c98751
308201f1 3082015a a0030201 020204a6 c9875130 0d06092a 864886f7 0d010105
0500303d 31153013 06035504 03130c43 5248442d 4d432d46 57303131 24302206
092a8648 86f70d01 09021615 43524844 2d4d432d 46573031 2e637268 642e6f72
67301e17 0d313330 35303730 32353232 325a170d 32333035 30353032 35323232
5a303d31 15301306 03550403 130c4352 48442d4d 432d4657 30313124 30220609
2a864886 f70d0109 02161543 5248442d 4d432d46 5730312e 63726864 2e6f7267
30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181 00c23d5f
acbf2b3f 9fe6e3c9 1866c344 07b6ee49 f6f31798 0b87a38b 890f70e2 c28cc1d5
fd1b4e80 7fa25483 09e79459 6bf92155 c55240b4 93eeb4eb af3f8aec 8906ef48
140c57bb 5ca4471f 275c1932 7e90976f f0dfe8a3 04a7861f cce7a320 7267df2e
61f9b6b8 22bb70ac d9cedb73 3cf9747b c2636892 48b35385 a94bfae5 fd020301
0001300d 06092a86 4886f70d 01010505 00038181 003c7e16 be4aff40 8fe69a31
acf31808 680e44eb 8ede9094 f9a4a147 0ae18cdc 000dc07f c1da1af4 a2d964ed
288689ee 95179ad0 90728324 9803248d b9d10641 01897453 fe7fafcd 34dee13a
92798615 4acb1f27 14fdb346 ab3eb825 04f23791 81d08fa2 b54c6a47 aedd9694
1c9fbcb4 455fd5ce 420298aa 9333737c 19f0e715 50
quit
crypto isakmp identity address
crypto isakmp nat-traversal 30
crypto ikev2 policy 1
<--- More --->
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
<--- More --->
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
crypto ikev1 enable inside
crypto ikev1 enable outside
crypto ikev1 ipsec-over-tcp port 10000
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
<--- More --->
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
<--- More --->
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
<--- More --->
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
<--- More --->
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd dns 10.2.11.121 10.2.11.138
dhcpd lease 36000
dhcpd ping_timeout 30
dhcpd domain sub.domain.net
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl trust-point ASDM_TrustPoint0 outside
webvpn
<--- More --->
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
anyconnect profiles VPN_client_profile disk0:/VPN_client_profile.xml
anyconnect enable
tunnel-group-list enable
group-policy domain internal
group-policy domain attributes
banner value You are attempting to access secured systems at thsi facility. All activity is monitored and recorded. Disconnect now if you are not authorized to access these systems or do not possess valid logon credentials.
wins-server value 10.2.11.121 10.2.11.138
dns-server value 10.2.11.121 10.2.11.138
vpn-idle-timeout none
vpn-filter value vpn_access_in
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value domain_splitTunnelAcl
default-domain value sub.domain.net
split-dns value sub.domain.net
group-policy DfltGrpPolicy attributes
dns-server value 10.2.11.121 10.2.11.138
vpn-filter value outside_access_in
vpn-tunnel-protocol l2tp-ipsec
default-domain value sub.domain.net
split-dns value sub.domain.net
address-pools value VPNUsers
username **** password **** encrypted privilege 15
<--- More --->
username **** password **** encrypted privilege 15
username **** attributes
webvpn
anyconnect keep-installer installed
anyconnect dtls compression lzs
anyconnect ssl dtls enable
anyconnect profiles value VPN_client_profile type user
tunnel-group DefaultL2LGroup general-attributes
default-group-policy domain
tunnel-group DefaultRAGroup general-attributes
address-pool VPNUsers
authentication-server-group ActiveDirectory
default-group-policy domain
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
ikev1 trust-point ASDM_TrustPoint0
tunnel-group DefaultWEBVPNGroup general-attributes
default-group-policy domain
tunnel-group domain type remote-access
tunnel-group domain general-attributes
address-pool (inside) VPNUsers
address-pool VPNUsers
authentication-server-group ActiveDirectory LOCAL
authentication-server-group (inside) ActiveDirectory LOCAL
<--- More --->
default-group-policy domain
dhcp-server link-selection 10.2.11.121
tunnel-group domain ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
<--- More --->
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly 21
subscribe-to-alert-group configuration periodic monthly 21
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:2578e19418cb5c61eaf15e9e2e5338a0
: end
Maybe you are looking for
-
It keeps asking if i want to turn on air plane mode after cleaning it...
HELP!!! I cleaned my phone tonight with a damp wash cloth, it 'wasn't' soaking wet either. And i had it cut off too, i just wipped it down , and i believe a little bit of water went into the speakers below or something, now it's asking me if i want t
-
How to move the Thumbnails & the photo caption to top in Galleria
I am working on a click-able gallery using the coding found on jQuery Galleria 1.0b from http://galleria.aino.se/ Similar coding can be found on here; http://monc.se/kitchen/146/galleria-a-javascript-image-gallery#comments I would like to move the th
-
Can I update my 3rd generation ipod to ios 7?
I have an iPod 3rd generation. Can I update to iOS 7 At the moment, I have iOS 5.1.1 and it says it is up to date. Please Help Me
-
Hi experts! I have a Time dimension with next members: Year--> INT-----> Exemple: 2011 Quarter-> Char--> Exemple: Q1/11 Month-> Char --> Exemple: January Day-> Char ------> Exemple: 1 January Date-> Date ---> Exemple: 01/01/2011 When I try to get a r
-
Information Broadcaster in WAD 7.0
Hi gurus, I have a requirement where i have to put information broadcaster in a webtemplate. we are using wad 7.0. i created a button and assigned broadcaster command to it. when i click on it but it launches a adhoc query template whe