Can't get Internet working on ASA 5525X
Hello
i have a ASA 5525x
im in testing proccess and cant make internet routing working
im routing between 2 private ip cuz outside interface is connected to the lab switch.
im able to ping anything from ASDM als i tried packet tracer using the ip that assigned to the end-user and it is working fro asa but not on the win7 machine .
after enabing logging on asa i got asa teardown the icmp connection (when trying to ping 8.8.8.8)
any ideas why ?
ASA Version 9.0(2)
hostname MIKUNI-LA-ASA1
enable password nsi9HaIu8epX9MzI encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address 172.30.200.100 255.255.255.0
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 10.10.10.1 255.255.255.0
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/6
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/7
shutdown
no nameif
no security-level
no ip address
interface Management0/0
management-only
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
banner motd
banner motd !!!!!!!!!!!!!!!DO NOT LOGON!!!!!!!!!!!!!!!
boot system disk0:/asa902-smp-k8.bin
ftp mode passive
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
name-server 8.8.8.8
same-security-traffic permit intra-interface
object network internet
host 172.30.200.100
pager lines 24
logging enable
logging trap errors
logging asdm informational
mtu management 1500
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-712-102.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,inside) source dynamic any interface dns
route outside 0.0.0.0 0.0.0.0 172.30.200.1 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
sysopt noproxyarp inside
sysopt noproxyarp outside
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl encryption rc4-sha1
username admin password y9JC1OmYlTqCYCh5 encrypted privilege 15
username neocomp password zEZJ79.tgPiYxCsz encrypted privilege 15
class-map inside-class
match default-inspection-traffic
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
policy-map inside-policy
class inside-class
inspect dns
inspect ftp
inspect h323 h225
inspect h323 ras
inspect http
inspect icmp
inspect ip-options
inspect ipsec-pass-thru
service-policy global_policy global
service-policy inside-policy interface inside
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:e8f3db05e9bce814811bac225d27ded8
: end
didnt work
Itried clean configuration but its still same thing cant get to the internet thru firewall
from asa i can ping everything but from end-user side it show DNS is not responding and i can not ping the outside interface on ASA
ASA Version 9.0(2)
hostname MIKUNI-LA-ASA2
enable password 8Ry2YjIyt7RRXU24 encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface GigabitEthernet0/0
nameif OUTSIDE
security-level 0
ip address dhcp setroute
interface GigabitEthernet0/1
nameif INSIDE
security-level 100
ip address 192.168.100.1 255.255.255.0
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/6
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/7
shutdown
no nameif
no security-level
no ip address
interface Management0/0
management-only
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
banner motd !!!!!!!!!!!!!!!DO NOT LOGON!!!!!!!!!!!!!!!
boot system disk0:/asa902-smp-k8.bin
ftp mode passive
dns domain-lookup OUTSIDE
dns domain-lookup INSIDE
dns server-group DefaultDNS
name-server 8.8.8.8
object network Internet
subnet 192.168.100.0 255.255.255.0
pager lines 24
logging enable
logging console warnings
logging asdm informational
mtu management 1500
mtu OUTSIDE 1500
mtu INSIDE 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-712-102.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network Internet
nat (any,OUTSIDE) dynamic interface dns
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet timeout 5
ssh timeout 5
console timeout 0
dhcp-client client-id interface OUTSIDE
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl encryption rc4-sha1
username admin password y9JC1OmYlTqCYCh5 encrypted privilege 15
username neocomp password zEZJ79.tgPiYxCsz encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:8659ad01179820e90e68d3725961dc2c
Similar Messages
-
Can't get internet to work on my formated Satellite A100
Hey,
I recently formated my computer and then I installed all the drivers that i needed for my A100 PSAA9... but internet wont work... i kinda understand why but don't know what to do about it....
if i'm not unentierly mistaken the driver needed to get internet to work with my adsl is the LAN driver, no?
Well i downloaded that one but when i tried to install it there was no setup file or installation file only an uninstall file... unfortunately for me i managed to click that one a bit too fast without checking what it was now, that leaves me with 2 questions:
Are the LAN drivers pre'installed with windows so that internet can work from the start?
How do i do then if this is not the case to get internet working?
All help is much appreciated, thanks on beforehand Maxime MaisonHey, thanks for all the advice so far!!! I googled the device manager and figured out what it was :P problem is i have my OS in swedish so it's different...'
anyway, I did what you said but i still doesn't work.. i don't know if there is something else but i'll provide details so you can tell me if i did something wrong:
I enter the device manager, I expand net adapters and i get 1 option called: 1394 Net Adapter I click update drivers and get the options that you posted above. When I click the don't seach i'll choose myself part i get the 1394 net adapter in a little box displayed as net adapters and i can either click "floppy exists" or click previous, next or cancel nothing where i can choose to click the unzipped driver i downloaded. I click next and the says that the software has been installed for the 1394 Net Adapter and then i click finish.
This might mean that the driver was installed all along i don't know but internet still won't work so i don't know what to do and until you showed me all of this i had done nothing else but the first time i did it, nothing seemed to have changed....
i wish it could just fix itself :( -
Can't get internet to work w/windows: DSL- Graphite
I am trying to get this home network to function, here is the problem.
The home network consists of the following:
DSL
Airport Graphite
Ibook G4
Win 2K PC
The G4 works fine, but i can't get internet on the Win2K machine. It even gets as far as having an IP assigned using DHCP, but then no internet.
Perhaps because the default gateway is missing?
I am able to connect to the base station it seems. The wireless connection comes up and shows that it is connected.
Thanks,
Nicklooks I'm having same problem
my Ibook G3 and ABS graphite working as perfect team, any way I set the DHCP in my network. BTW, here is it:
- DSL router (hired from ISP), web GUI, bad technical help; set with 192.168.1.1 private IP@, no DHCP
- ABS fw 3.84, manually set as 192.168.1.3, internally DHCPing addresses like 10.1.1.x with NAT
- iBook G3 700 with X 10.3.3 and airport card
- company laptop running W2K SP4 with D-Link DWL-G122 wireless adapter, always connecting to the network but unable to browse any web page
everything works fine (I'm writing this message wirelessly from iBook), looks there's no way PC can get an IP@, the wifi adapter can't reach DHCP server (as a result of a "ipconfig /renew [adapter name]"; it always gets automatically an IP@ like 169.x.x.x because no DHCP server is available.
I tried also the ABS to distribute IP@s in 192.168.1.x format (without NAT) but no change. I tried to work with ABS as simple bridge to router working as DHCP server, but PC cannot pass thru ABS... can connect only using ethernet cable to router directly
any suggestion GREATLY appreciated, since I'm working from home and I need to connect from 9 to 6 with PC!!!
thanks
Andrea (Mac newbie)
PS: ABS is configured on those two MAC@s only, I have also a PIII desktop running Mandrake Live, but by now will use the D-Link adapter on it -
Can't get Mail working properly
I just got my new MacPro this week, and it's really great except for I can't get Mail working right. I've set up my accounts and a few emails come through, though not many, and because it's been a week since I've been online, there should be many more than that. Also, I can't send any emails at all, no matter what I do. They will eventually go into my Sent box, but I've been sending them to myself to see if it's working, and they never come through. I spent an hour on the phone yesterday with the tech support for my ISP, and they told me that I'd have to talk to the Apple techs because they didn't have current info for *Mail 3.1*, the version I have, that the latest they had was for 2.something. So I called the Apple tech support and spent 2 hours on the phone with them, and they weren't able to help me get it going correctly either. It keeps giving me error messages such as Connection Failed, or Unable to Receive Mail, saying "there may be a problem with the mail server or network" and that "the connection to the server on ... port has timed out." I'm on DSL and am always online, so I know it's not the internet connection that's the problem. Can anybody give me some advice on what I should try? Any help will be gratefully appreciated!
Is your ISP Verizon, Demon, or Glocalnet, then it might be Apples biggest Leopard Bug in conjunction with these ISP:s POP-servers.
The one that randomly changes the settings in "advanced" from "password" to "APOP".
The visual result of this bug is that you will get a popup-box where Mail asks you to enter your password. (Which is useless entering, since the preference settings are changed.)
My advice counts only when you are supposed to use "password" as the correct setting in "Advanced" and in conjunction with some ISP:s.
Michael -
How to get internet working?
I bought a blackberry curve 8530 on pay as you go, and I can use my home wi-fi fine but I am wondering, how can i get internet to work anywhere?
ThanksAs long as that is The BlackBerry Data Plan, yes. You might need to give it a few hours to get provisioned to your device, and it will.
1. If any post helps you please click the below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code -
My itunes has stopped responding how can I get it working again
My itunes has stopped responding how can I get it working again?
I have a related issue (I think, hard to know for sure from the short frustrated post above).
Since the last update of iTunes (11.0.5), it kind of freezes while checking for and downloading new podcasts. Processor load goes to 100% (sometimes above! figure from Swedish OSX "Aktivitetskontroll" which I can imagine is something like "Activity Control" or "Activity Manager" in English OSX) and stays there for a few minutes, 3-5 minutes is common. During that time the mouse pointer turns into a spinning ball when moved above iTunes. Other apps work ok meanwhile. (Four processors)
Have a fixed connection to the internet, which I have tested while iTunes is frozen. We acheive above 100 Mbit/s downstream, 20 Mbit/s upstream, so the connection shouldn't be the problem.
Any ideas on what to do?
iTunes 11.0.5 (Swedish)
MacOSX 10.8.4 (Swedish)
iMac 27", late 2009 http://support.apple.com/kb/SP576 -
i ave an ipad 2 with wifi only, can i get internet access from any cell phone, or do i need a specific phone or type of phone
I received an iPad 2 for Christmas (the 1st Apple item I've ever owned!) and own a Nokia N95 8GB mobile (that's pretty much on its last legs/ready to die any day).
On the Nokia I've got 2 apps (downloaded from/via Nokia's 'Ovi' app store): JoikuSpot & HandyWi. Both are the free versions.
I've not used HandyWi much - if at all - but JoikuSpot has been great. Basically, it creates a wifi hotspot (as pjl123 mentioned) in a couple of straightforward steps, and allows a few devices to be connected. It displays who/what is connected at a given time - so you can check if the guy having coffee behind you is piggybacking your hotspot or not! - data packets sent received etc.
The paid version has the benefit of allowing you to secure the hotspot and other security features. Their website is www.joiku.com, FYI.
Given how slow behind the 8 ball Nokia has been, their phones are getting cheaper and cheaper - given Joiku's meant to work with Nokia S60, Symbian ^3, Maemo, Meego & Sony Ericsson S60, this might be a cost effective option.
Ps. Ah! One more thing - Joiku's website specifies that 3G must be used; that WAP will not work. Good luck, enjoy! -
Can't get Internet to Linksys WRT54G using ARRIS TM502 modem (Cable ISP)
I just switched from DSL to Cable and now i can't get internet to the Linksys router. I can connect to it from a wireless laptop but just not get on the internet I've read other posts about doing the "clone mac" address and doing the power cycle but still cannot get the Linksys to respond. I enabled the WRT54G to clone the mac address and have spent about 10 hours in two days trying to get this to work and looking online, etc.... Any information at all would be greatly appreciated. Thank you, leo
After talking to Comcast again and getting another support person who didn't seem to know much, I decided to take matters in my own hands. I connected new Linksys wrt160n to Arris tm502g, but left router power off. I then did reset button on Arris modem for 10+ seconds and let it reset. I powered up router and then powered up PC that I had plugged in port1. When I went to status on router I finally had gotten IP addresses from Comcast. I then plugged my switch into port 4 and checked other devices in the house and they were ok.
Hard to believe that no one from Comcast or Linksys seemed to have a clue on what to do when I talked to them.
Thanks for your help. Hopefully someone else will find this if they need it. -
Can t get to work tint2 launcher
I'm a beginner in arch linux and i'm trying to figure out why the laucher don't show up in my panel,
i've set up the panel the way i want but i would like to have a few launcher
I've try serveral thing but i can't get it to work,
and chromium.desktop and gparted.desktop do exist in /usr/share/applications/
tks
Here my tint2rc
# TINT2 CONFIG FILE
# horizontal panel
# squared taskbars
# idirae config
# Background definitions
# ID 1
rounded = 0
border_width = 1
background_color = #808080 20
border_color = #ffffff 10
# ID 2 - task active
rounded = 0
border_width = 0
background_color = #feffff 0
border_color = #d8d8d8 0
# ID 3 - task
rounded = 0
border_width = 0
background_color = #F5F5DC 0
border_color = #000000 0
# ID 4
rounded = 0
border_width = 1
background_color = #888888 0
border_color = #ED2323 60
# ID 5 - taskbar
rounded = 0
border_width = 1
background_color = #feffff 10
border_color = #ffffff 10
# ID 6 - active taskbar
rounded = 0
border_width = 1
background_color = #feffff 30
border_color = #ffffff 30
# ID 7 - tooltip
rounded = 3
border_width = 0
background_color = #222222 90
border_color = #222222 90
# ID 8
rounded = 0
border_width = 1
background_color = #888888 20
border_color = #888888 20
# Panel
panel_monitor = all
panel_position = top left horizontal
panel_items = LTSBC
panel_size = 100% 32
panel_margin = 0 1
panel_padding = 3 3
panel_dock = 0
wm_menu = 1
panel_layer = bottom
panel_background_id = 1
# Panel Autohide
autohide = 0
autohide_show_timeout = 0.3
autohide_hide_timeout = 1.5
autohide_height = 6
strut_policy = follow_size
# Taskbar
taskbar_mode = multi_desktop
taskbar_padding = 5 2
taskbar_background_id = 5
taskbar_active_background_id = 6
taskbar_name = 1
taskbar_name_background_id = 0
taskbar_name_active_background_id = 0
taskbar_name_font = Crisp 12
taskbar_name_font_color = #ffffff 30
taskbar_name_active_font_color = #ffffff 50
# Tasks
urgent_nb_of_blink = 20
task_icon = 1
task_text = 0
task_centered = 1
task_maximum_size = 20 20
task_padding = 0 0
task_background_id = 3
task_active_background_id = 2
task_urgent_background_id = 4
task_iconified_background_id = 3
# Task Icons
task_icon_asb = 80 0 0
task_active_icon_asb = 100 0 0
task_urgent_icon_asb = 100 0 0
task_iconified_icon_asb = 80 0 0
# Fonts
task_font = BankGothic Md BT 10
task_font_color = #696969 60
task_active_font_color = #696969 100
task_urgent_font_color = #696969 100
task_iconified_font_color = #696969 60
font_shadow = 0
# Launcher
launcher_icon_theme = elementary
launcher_padding = 2 2
launcher_background_id = 1
launcher_icon_size = 20
# Specify icon theme names with launcher_icon_theme.
# if you have an XSETTINGS manager running (like xfsettingsd), tint2 will follow your current theme.
#launcher_icon_theme = AwOkenWhite
# Each launcher_item_app must be a full path to a .desktop file
launcher_item_app = /usr/share/applications/chromium.desktop
launcher_item_app = /usr/share/applications/gparted.desktop
# Clock
time1_timezone = :/usr/share/zoneinfo/dir/Canada/Eastern
time1_format = %I:%M %p
time1_font = BankGothic Md BT 9
#time2_format = %A, %B %d
#time2_font = Ubuntu-L 7
clock_font_color = #ffffff 80
clock_padding = 5 0
clock_background_id = 5
clock_lclick_command = gsimplecal
#lock_rclick_command =
# System Tray
systray = 1
systray_padding = 2
systray_sort = right2left
systray_background_id = 5
systray_icon_size = 20
systray_icon_asb = 100 0 0
# Tooltips
tooltip = 0
tooltip_padding = 2 2
tooltip_show_timeout = 0.0
tooltip_hide_timeout = 0.0
tooltip_background_id = 7
tooltip_font_color = #ff0000 100
tooltip_font = Roboto-Thin normal 9.0
# Mouse
mouse_middle = none
mouse_right = toggle
mouse_scroll_up = toggle
mouse_scroll_down = iconify
# Battery
battery = 1
battery_hide = never
battery_low_status = 10
battery_low_cmd = notify-send "battery low"
bat1_font = sans 8
bat2_font = sans 6
battery_font_color = #ffffff 80
battery_padding = 5 0
battery_background_id = 5
# End of config
Last edited by jolejo07 (2013-07-05 01:39:25)I've try but can't get it working ether, i've download from Aur but when i'm trying to use the PKGBUILD with makepkg
it telling me
==> ERROR: Cannot find the fakeroot binary required for building as non-root user.
==> ERROR: Cannot find the strip binary required for object file stripping.
Last edited by jolejo07 (2013-07-05 01:45:21) -
I have 2 itunes a/cs one at work and one at home. Both computers are authorised for the 2 a/cs, but I can;t get my work a/c songs to show on my home computer, even though I sign in my work a/c, and I can't get my home songs to show up on the work computer even though I sign in my home a/c. V. frustrating!
Hi,
You will have to manually copy your music. Get a pen-drive big enough to accommodate all your music. And follow these steps:
1. Create a new folder on the pen-drive.
2. Copy the music from your work computer to the folder you just created. It's in (yourhomefolder)>Music>iTunes>iTunes Media>Music if you're using a Mac, or in C:\Users\(yourusername)\Music\iTunes\iTunes Media\Music if you're using Windows.
3. Now on your home computer quit iTunes, and copy your music from work to the "Automatically Add to iTunes" folder in (yourhomefolder)>Music>iTunes>iTunes Media.
4. Start iTunes. It will automatically start to process the files and move them to the appropriate place.
Repeat these steps with your music from home on your work computer. Also I suggest to use only one iTunes account if possible.
Hope it helps
Regards,
Gábor -
How can we get ADFSecurity work when used in OC4J, OID and OAM?
I am getting error in http server log "mod_oc4j: Response status=499 and reason=Oracle SSO, but failed to get mod_osso global context."
But I am not using Oracle SSO and my client doesn't want to use it either, I am using OAM SSO(CoreIDSSO) in my configuration. Please read the details below.
I am using ADFSecurity in an app that is protected by OAM. To migrate ADFSecurity permissions from
system-jazn-data.xml to OID, I used JAZNMigrationTool to populate OID with Grantees and Permissions. OAM gives login page, and authentication works fine.
But ADFSecurity is not working. ADFComponent Delete button is enabled even for roles that dont have permissions for the iterator delete.
- The app works fine when I use without OAM. ADF Security permissions work fine.
- The app works fine when used with OAM, but with ADFSecurity disabled (enforce=false).
- When I enforce ADFSecurity alongwith OAM, ADFSecurity is not working.
In the doc "Oracle Containers for J2EE Security Guide b28957", there is a mention of use of CoreIDPrincipal for permissions. Our OID Permissions entries show
LDAPRealmRole for attribute orcljaznprincipal. I am not sure if this could be the reason.
We have configured AccessServerSDK for the SOA instance and have policy for the urls in the policy manager. We have entries in orion-application.xml, orion-web.xml and system-jazn-data.xml as per the documentations.
How can we get ADFSecurity work when used with OID and OAM?Have you been able to successfully integrate OAS with OAM & OID? We have similar requriement and so far we have not been able to get it working.
We have application specific roles which we map to OID roles using orion-application.xml.
Any pointers to achieve this would be greatly appreciated.
thanks,
Dipal -
In disk utility, it shows that my external hard drive is somehow unmounted and I can't access it in finder or repair it in Disk Utility. How can I get this working without losing my important data?
Thank you!When you erased the disk did you select Mac OS Extended Journaled as the format option?
-
My hard drive crashed on my Imac 24" 2009, I installed a new hard drive 2TB and a SSD drive 240 GB and removed the optical drive.
What external DVD can I get to work with the IMac? The Apple super drive is not compatible.Virtually any DVD burner that can connect to your Mac will work. They start at $40 on Amazon.
-
Hello, I use MAC AIR OSX 10.6.8 and have Adobe CS2, that I was using 2 years ago on my older computer. I stopped using it because it would close down in the middle of work. Now I would like to reinstall it on the MacAir but I can not get it working. It tells Adobe doesnT support my System. But I can not update my old version or activate it. What can I do?
The mac you want to install photoshop cs2 on is running mac os x 10.6.8 Snow Leopard?
(photoshop cs2 won't run on intel macs with mac os x newer than snow leopard)
Did you ever have cs2 installed on this particular computer before?
If the problem is that you already installed cs2, but it won't activate, that's because adobe took the activation servers offline for some older adobe products such as cs2.
You'll need to use the non activation version of cs2 from here and the supplied serial number:
Activation server shut down for Creative Suite 2, Acrobat 7, and Macromedia products -
Can't get webutil working on AS
Hi All,
As topic, I can't get webutil working on the application server. I can run individual forms or sessions that do not utilise webutil. As soon as I have baseHTMLjinitiator/baseHTMLjpi/baseHTML defined in the bit of the formsweb.cfg that I am using, I get this problem. The webutiljini.htm etc are located in the forms/server directory as they should be.
I've got it working fine on my 10.1.2 developer suite XP platform.
I've been trying without success on the App Server. Version 10.1.2 under Win2003
I have been right through the installation instructions several time trying to see what I have missed.
I have installed version 1.0.6 of webutil and version 1.8 of jacob.
I try and run the wu_test_106 form, and all I get is "Applet Started" at the bottom of the browser window, and a blank browser window.
My URL is
http://10.64.125.51:7778/forms/frmservlet?config=webutil1
The config in the formsweb.cfg is:
[webutil1]
WebUtilArchive=frmwebutil.jar,jacob.jar
WebUtilLogging=off
WebUtilLoggingDetail=normal
WebUtilErrorMode=Alert
WebUtilDispatchMonitorInterval=5
WebUtilTrustInternal=true
WebUtilMaxTransferSize=16384
baseHTMLjinitiator=webutiljini.htm
baseHTMLjpi=webutiljpi.htm
baseHTML=webutilbase.htm
archive_jini=frmall_jinit.jar
archive=frmall.jar
lookAndFeel=generic
form=wu_test_106.fmx
width=100%
height=100%
separateFrame=True
The other parameters are default. If I try a different form name it makes no difference.
I've done the other configuration stuff, default.env, signing jar files, etc.
The java console just shows:
Oracle JInitiator: Version 1.3.1.22
Using JRE version 1.3.1.22-internal Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\griggto01
Proxy Configuration: Manual Configuration
Proxy:
Proxy Overrides:
JAR cache enabled
Location: C:\Documents and Settings\griggto01\Oracle Jar Cache
Maximum size: 50 MB
Compression level: 0
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
q: hide console
s: dump system properties
t: dump thread list
x: clear classloader cache
0-5: set trace level to <n>
Loading http://10.64.125.51:7778/forms/java/frmwebutil.jar from JAR cache
RegisterWebUtil - Loading WebUtil Version 1.0.6
Thanks for your help.
TonyHi Tony,
Form your post it doesn't look like jacob.jar is being loaded. Can you confirm that you have the following files in the <ORACLE_AS>/forms directory:
java\
jacob.jar
frmwebutil.jar
webutil\
d2kwut60.dll
jacob.dllAlso open up your default.env file and check that
ORACLE_HOME -- is correct
FORMS_PATH -- has the path where wu_test_106.fmx is located
WEBUTIL_CONFIG -- is correct (I've experienced what you describe when this path was invalid)
CLASSPATH -- contains frmwebutil.jar
Regards
Tom Casserly
Maybe you are looking for
-
Hi Experts I got a error like this while posting MIRO "No amount authorization for customers/vendors in company code 401" I tried to look out in T043 Table,since i cant able to go further Let me know the reason for this error and the settings to do R
-
Problems creating a spatial index
I have tried to create spatial indexes the same way that the MapInfo Easy Loader does but when I issue the following sql: CREATE INDEX SPATIAL.TEST_TABLE3_SX ON "SPATIAL".TEST_TABLE3(GEOMETRY) TABLESPACE SYSTEM PCTFREE 0 I get the following error mes
-
i have just bought an iphone 5, went to set it up and it says 'your iphone cannot be activated because the activation server cant be reached. anyone know what to do? itunes is unavadible and i cant get onto my phone
-
How to configure HR Administrator
Hi, I am going to deploy BP - HR Administrator in Portal 7.0. Could any of you please guide me with some documents explaining the process right from the beginning? Greatly appreciate your inputs. Thanks. Venkat
-
10.9.2 + Premiere Pro CC Crashing upon open!
So I am using a mid-2011 iMac and these errors keep popping up as I try to open Premiere Pro CC. I should not have updated to 10.9.2 at all all this has done is give me errors, I have uninstalled and reinstalled many times and I just got Photoshop to