Cannot ping RRAS Client from RRAS server.

Similar Messages

• I cannot ping any VIP from within the ACE or from rservers

  I cannot ping any VIP from within the ACE or from rservers.  Is this expected?  I have rservers in other serverfarms that need to be able to communicate with the VIP of other serverfarms.  Any help is greatly appreciated.

  Thanks for you reply.  here is the config.  I removed other rserver and serverfarm config that does not have to do with this issue.
  logging enable
  logging fastpath
  logging standby
  logging console 4
  logging timestamp
  logging trap 4
  logging history 4
  logging buffered 4
  logging persistent 4
  logging monitor 4
  logging device-id hostname
  logging host 172.26.254.185 udp/514
  logging host 172.26.221.25 udp/514
  access-list INBOUND line 8 extended permit ip any any
  access-list INBOUND line 16 extended permit icmp any any
  access-list INBOUND line 24 extended permit tcp any any
  access-list INBOUND line 32 extended permit udp any any
  access-list ORADB line 8 extended permit tcp any any
  probe http CITRIX
    interval 30
    passdetect interval 15
    passdetect count 6
    open 1
  probe tcp HYPERION
    port 19000
    interval 2
    faildetect 2
    passdetect interval 2
    passdetect count 2
    receive 2
    open 1
  probe icmp PROBE_SERVICE_ICMP
    interval 5
    passdetect interval 5
  probe tcp W15SPSWFET001_PROBE
    interval 5
    passdetect interval 5
    connection term forced
    open 1
  parameter-map type connection TIMEOUT
    set timeout inactivity 43200
  parameter-map type http test
    persistence-rebalance
    set header-maxparse-length 2006
  rserver host w0bairwatch003
    description MDM-SEG
    ip address 172.20.60.73
    inservice
  rserver host w0bairwatch004
    description MDM-SEG
    ip address 172.20.60.74
    inservice
  rserver host w0bairwatch005
    description MDM-DEVICE
    ip address 172.20.60.75
    inservice
  rserver host w0bairwatch006
    description MDM-DEVICE
    ip address 172.20.60.76
    inservice
  rserver host w0bhamobile001
    description Lotus Notes Traveler Server
    ip address 172.20.60.57
    inservice
  rserver host w0bhamobile002
    description Lotus Notes Traveler Server
    ip address 172.20.60.58
    inservice
  serverfarm host MDMDEVICE
    predictor leastconns
    probe PROBE_SERVICE_ICMP
    rserver w0bairwatch005
      inservice
    rserver w0bairwatch006
  serverfarm host MDMSEG
    predictor leastconns
    probe PROBE_SERVICE_ICMP
    rserver w0bairwatch003
      inservice
    rserver w0bairwatch004
      inservice
  serverfarm host TRAVLR
    predictor leastconns
    probe PROBE_SERVICE_ICMP
    rserver w0bhamobile001
      inservice
    rserver w0bhamobile002
      inservice
  class-map match-all MDMDEVICE-VIP
    2 match virtual-address 172.20.48.35 any
  class-map match-all MDMSEG-VIP
    2 match virtual-address 172.20.48.33 any
  class-map type management match-any REMOTE_ACCESS
    description Remote access traffic match
    201 match protocol ssh any
    202 match protocol telnet any
    203 match protocol icmp any
    204 match protocol https any
    205 match protocol http any
    206 match protocol xml-https any
    207 match protocol snmp any
  class-map match-all TRAVLR-VIP
    2 match virtual-address 172.20.48.34 any
  policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
    class REMOTE_ACCESS
      permit
  policy-map type loadbalance first-match MDMDEVICE
    class class-default
      serverfarm MDMDEVICE
  policy-map type loadbalance first-match MDMSEG
    class class-default
      serverfarm MDMSEG
  policy-map type loadbalance first-match TRAVLR
    class class-default
      serverfarm TRAVLR
  policy-map multi-match CLIENTS-VIPS
    class MDMDEVICE-VIP
      loadbalance vip inservice
      loadbalance policy MDMDEVICE
      loadbalance vip icmp-reply active
    class MDMSEG-VIP
      loadbalance vip inservice
      loadbalance policy MDMSEG
      loadbalance vip icmp-reply active
    class TRAVLR-VIP
      loadbalance vip inservice
      loadbalance policy TRAVLR
      loadbalance vip icmp-reply active
  interface vlan 48
    ip address 172.20.48.10 255.255.255.0
    access-group input INBOUND
    access-group output INBOUND
    service-policy input REMOTE_MGMT_ALLOW_POLICY
    service-policy input CLIENTS-VIPS
    no shutdown
  interface vlan 60
    ip address 172.20.60.10 255.255.255.0
    access-group input INBOUND
    access-group output INBOUND
    service-policy input REMOTE_MGMT_ALLOW_POLICY
    no shutdown
  ip route 0.0.0.0 0.0.0.0 172.20.48.1

• Is it possible to lock the keyboard of a client from a server using java

  please explain wheterit is possible to lock the keyboard of a client from a server using java

  You want to process code on one machine, and thereby lock the keyboard on another machine? No, that's not possible. It is extremely far from possible.
  Of course, if the client is running software with security holes in it you might hack into it and crash the thing. This will lock up the keyboard pretty good. I hope that's not what you want ...
  Or are you talking about a setup where you already have code running on the client, and some sort of communication between client and server? In that case what you need to know is whether it is possible to lock the keyboard at all. Once you have figured that out, it is trivial to add the communication code to have the server software tell the client software to lock the keyboard.
  So what do you mean with "lock the keyboard"? It's pretty easy to remove/disable all keyboard related listeners in your own application. It's a lot harder (and AFAIK impossible with pure java) to disable alt-tabbing out of the application. And impossible, except from exploiting security holes, to lock the ctrl-alt-delete-combination on windows machine.

• Database Connection Error: Cannot obtain error message from the server

  I have a SQL statement that wants to add a temp table to the database.   The SQL statement works fine but when I try to add it via 'Add Command' feature in Crystal XI R2, I get the following error message:
  Database Connection Error: Cannot obtain error message from the server
  Any ideas?
  Thanks in advance,
  Zack H.

  Hi Raghavendra,
  I am using this in the 'Add Command' feature but I get the error message displayed in the subject line:
  CREATE TABLE #TibetanYaks(
  YakID char(4),
  YakName char(20) )
  INSERT INTO #TibetanYaks (YakID, YakName)
  SELECT  LastName, FirstName
  FROM      Employee
  WHERE      EmployeeID between '2000' and '3000'
  I haven't tried to add this as a stored procedure but I imagine it will work as I have no problems yet with stored procedures.  I simply want to be able to use temporary tables for the sole purpose of that session and not creating anything static in the database.
  By the way, even though I get the error message, when I look on the backend database, I see that the temporary table was successfully created...its just not brought across correctly in Crystal.
  Any ideas?
  Zack H.

• Kicking out a client from rmi server

  I have a few clients on a rmi server .
  how can I disconnect a client from the server?
  the client is an applet.
  I treid calling a method containning System.exit(0)
  from the server on to the client but it throws a
  java.securtiy .. exception?
  so how can I close down the client applet from the server?
  thanks

  please help
  shall I throw a remote exception on the server

• Cannot ping or print from MacBook...

  I'm having a really strange issue where I cannot print from my MacBook wired or wireless, I can, however, ping and print from my iMac. They are both connected to the same router/wap. I cannot ping anything from the MacBook when it is wired or wireless! All other network functions work normally though, I can access the internet and screen share over my local network... but I cannot ping to or from the MacBook.. weird eh? Can someone please shed some light on this? Thanks!
  Dan O

  Have you tried to log in as a different user then trying from there. If you do not have a different user just create one...
  Go to Sys Pref/accounts then click on the lock at the bottom left corner put in the admin password then the plus button at the bottom left of accounts window will become active, press it to create a new account.
  If the ping and print work from that account then you'll know the problem is not OSX globally, at it may be fix by trashing some .plist? Not sure which ones yet.
  Message was edited by: iyacyas

• Cannot ping IAS RADIUS from WLC 2504

  I'm having some weird issues where I cannot ping from the WLC to the IAS RADIUS server.  All of my clients cannot connect, but from the switch, router, RADIUS server, and hard wired clients, I can ping to the WLC and RADIUS server.  The only thing that cannot ping the RADIUS server is the WLC itself.  Nothing in the FW is blocking connectivity.  Any ideas?
  (Cisco Controller) >show radius summ
  Vendor Id Backward Compatibility................. Disabled
  Call Station Id Case............................. lower
  Call Station Id Type............................. IP Address
  Aggressive Failover.............................. Disabled
  Keywrap.......................................... Disabled
  Fallback Test:
      Test Mode.................................... Off
      Probe User Name.............................. cisco-probe
      Interval (in seconds)........................ 300
  MAC Delimiter for Authentication Messages........ none
  MAC Delimiter for Accounting Messages............ hyphen
  Authentication Servers
  Idx  Type  Server Address    Port    State     Tout  RFC3576  IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr
  1    NM    10.10.50.63       1645    Enabled   5     Enabled   Disabled - none/unknown/group-0/0 none/none
  2    NM    10.10.50.130      1645    Enabled   5     Enabled   Disabled - none/unknown/group-0/0 none/none
  Accounting Servers
  Idx  Type  Server Address    Port    State     Tout  RFC3576  IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr
  1      N     10.10.50.63       1646    Enabled   5     N/A       Disabled - none/unknown/group-0/0 none/none
  2      N     10.10.50.130      1646    Enabled   5     N/A       Disabled - none/unknown/group-0/0 none/none

  It's in the arp cache through the default router
  (Cisco Controller) >show interface detailed management
  Interface Name................................... management
  MAC Address...................................... d0:c2:82:df:5b:c0
  IP Address....................................... 10.30.72.250
  IP Netmask....................................... 255.255.255.0
  IP Gateway....................................... 10.30.72.1
  External NAT IP State............................ Disabled
  External NAT IP Address.......................... 0.0.0.0
  VLAN............................................. untagged
  Quarantine-vlan.................................. 0
  Active Physical Port............................. 1
  Primary Physical Port............................ 1
  Backup Physical Port............................. Unconfigured
  Primary DHCP Server.............................. 10.10.10.65
  Secondary DHCP Server............................ Unconfigured
  DHCP Option 82................................... Disabled
  ACL.............................................. Unconfigured
  AP Manager....................................... Yes
  Guest Interface.................................. No
  L2 Multicast..................................... Disabled
  (Cisco Controller) >show arp switch
  Number of arp entries................................ 19
      MAC Address        IP Address     Port   VLAN   Type
  50:57:A8:D6:DE:C0   10.10.19.1       1      5      Host
  50:57:A8:D6:DE:C0   10.10.20.138     1      5      Host
  50:57:A8:D6:DE:C0   10.10.50.63      1      5      Host
  64:00:F1:08:A0:D0   10.30.72.1       1      0      Host
  50:57:A8:9E:B5:CD   10.30.72.40      1      0      Host
  50:57:A8:A1:7B:C5   10.30.72.44      1      0      Host
  50:57:A8:9E:99:78   10.30.72.48      1      0      Host
  50:57:A8:3B:66:E3   10.30.72.49      1      0      Host
  00:07:7D:43:23:DA   10.30.72.58      1      0      Host
  50:57:A8:9E:B6:1D   10.30.72.59      1      0      Host
  50:57:A8:9E:95:C5   10.30.72.60      1      0      Host
  50:57:A8:A1:7C:0D   10.30.72.61      1      0      Host
  00:07:7D:65:36:DD   10.30.72.62      1      0      Host
  50:57:A8:44:57:0C   10.30.72.63      1      0      Host
  50:57:A8:CA:CC:01   10.30.72.64      1      0      Host

• I can SSH from the outside but cannot ping ISP gateway from 2911

  Hello all,
  I came across a rather strange issue. I am able to SSH to the device from my home but while I am consoled in, I cannot ping the ISP gateway or any other IP's. As expected, all trace-routes fail without hitting the gateway as the first hop. I have been reading about the NVI0 interface and I decided to use it. Most of the sample cofigs on here use the "old" ip nat inside / outside on the appropriate interfaces. What do you guys suggest?
  Here is the running config. It is rather simple since i did not add all the access-lists except the ones I thought necessary to test the circuit. Please point out any mistakes or errors. Thanks in advance!
  Current configuration : 1679 bytes
  ! Last configuration change at 04:05:17 UTC Fri Sep 12 2014
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname StandbyGZ-2911
  boot-start-marker
  boot-end-marker
  enable secret 5 $1$BRaM$igChPMXLeHjgYR7EGk/Nb/
  no aaa new-model
  no ipv6 cef
  no ip source-route
  ip cef
  no ip domain lookup
  ip domain name StandbyGZ.local
  ip name-server 211.136.20.203
  ip name-server 211.139.136.68
  multilink bundle-name authenticated
  license udi pid CISCO2911/K9 sn FGL174410H9
  username StandbyGZ secret 5 $1$CXWC$m6kqTGbf0HDLCvkfU7.RA/
  ip ssh version 2
  interface GigabitEthernet0/0
   no ip address
   shutdown
   duplex auto
   speed auto
  interface GigabitEthernet0/1
   description UPLINK TO CHINA MOBILE
   ip address 183.x.x.x 255.255.255.128
   ip access-group REMOTE-ADMIN-ACL in
   no ip redirects
   ip nat enable
   duplex auto
   speed auto
  interface GigabitEthernet0/2
   description CONNECTION TO LAN SWITCH 3650-CORE
   ip address 10.10.1.254 255.255.254.0
   no ip redirects
   ip nat enable
   duplex auto
   speed auto
  ip forward-protocol nd
  no ip http server
  no ip http secure-server
  ip nat source list LAN-NAT-ACL interface GigabitEthernet0/1 overload
  ip route 0.0.0.0 0.0.0.0 183.x.x.x
  ip access-list standard LAN-NAT-ACL
   permit 10.10.0.0 0.0.1.255
  ip access-list extended REMOTE-ADMIN-ACL
   permit tcp host 68.107.195.213 any eq 22 log
  control-plane
  line con 0
   exec-timeout 0 0
   logging synchronous
  line aux 0
  line vty 0 4
   exec-timeout 0 0
   logging synchronous
   login local
   transport input ssh
   transport output ssh
  scheduler allocate 20000 1000
  end
  StandbyGZ-2911# sh ip int br
  Interface                            IP-Address        OK?   Method      Status                  Protocol
  GigabitEthernet0/0         unassigned        YES    NVRAM     administratively  down down
  GigabitEthernet0/1         183.x.x.x             YES    NVRAM     up                         up
  GigabitEthernet0/2         10.10.1.254       YES    NVRAM     up                         up
  NVI0                                 183.x.x.x             YES    unset          up                         up
  StandbyGZ-2911#sh ip route
  Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2
         i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
         ia - IS-IS inter area, * - candidate default, U - per-user static route
         o - ODR, P - periodic downloaded static route, + - replicated route
  Gateway of last resort is 183.233.184.129 to network 0.0.0.0
  S*    0.0.0.0/0 [1/0] via 183.233.184.129
        10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
  C        10.10.0.0/23 is directly connected, GigabitEthernet0/2
  L        10.10.1.254/32 is directly connected, GigabitEthernet0/2
        183.233.0.0/16 is variably subnetted, 2 subnets, 2 masks
  C        183.x.x.x/25 is directly connected, GigabitEthernet0/1
  L        183.x.x.x/32 is directly connected, GigabitEthernet0/1

  Hi Chris,
  That is what how I am used to configure the NAT, but IOS 12.3 and on introduced interface NVI0, which according to cisco documentation should make applying the NAT statements "easier". IP nat enable has to be enabled on all interfaces and then NVI0 makes the "inside" and "outside" decisions. I was hoping that someone could clarify the real use of that NVI0 interface and if it causes problems. Apparently it cannot be removed from the config. 

• Host Custom client from TES server?

  I am working on a custom webapp client for Cisco Tidal Enterprise Scheduler that will let me quickly view running jobs, restart jobs, etc. (similar to the iOS app offers).  The intent is to only show the features that I want and need quick access to.  My plan is to write everything in HTML5 and Javascript (no server side scripting).  I've quickly realized that my XmlHttpRequests and Ajax requests to the TES REST API are failing because of the Same Origin Policy enforced by browsers which prevents cross site scripting.  I am currently developing locally on my personal machine and so the requests are originating from outside of the TES domain.
  Is it possible to host my custom web client from the Tidal Server itself, and is this likely to fix the cross site origin issues I am having?  Does anyone have advice regarding this issue?  I am relatively new to Tidal and appreciate any help regarding this.

  Thanks for your input. Yeah, the article has been there for quite sometimes. That's why I am a bit sceptical about using it. The strange thing is that there has not been any updates about this topic since then (searched in google and not many web pages are mentioning this thing). I am wondering whether it is a good choice to change the code or not.

• Cannot ping/access iphone from pc via wifi connection

  Hi! Im trying to ping my iphone from my pc, they are in the same subnet/network, and they are both connected to same wifi/wireless network, but I cannot ping my iphone, is there other things i need to do on my iphone for it to ping-able/accessable from my pc wirelessly? Thank you.

  Yes that worked thank you and has taken me back to the start of the migration assistant. Unless there is anything else I should do, very many thanks! I will try the full process again shortly, having turned off all window updates include virus checker updates which may have caused the problem and I will use the Ethernet cable method. It would have taken hours via wifi,  4 hours to transfer music alone.
  Thank yu
  Ljs

• Disconnecting clients from Streaming Server

  Hello,
  We have Streaming Server installed to stream online-seminars to the clients. We want to manually disconnect some clients during the translation while leaving others online. What is the way to do it? Clients connect to server by opening a web-page on the other web-server with embedded flash player which has the source streamer uri rtmp://our_server/live.
  Thank you,
  Olga Butygina.

  Спасибо за ответ!
  У нас как раз php-сайт c данными о клиентах в mysql, так что предлагаемый вариант - то что надо. Одна проблема: мы используем уже готовый плеер (http://www.longtailvideo.com/players/jw-flv-player/) и не задумывались о разработке собственного флэшового плеера.
  Разреши задать тебе пару вопросов.
  1. Такой плеер, способный общаться с php-сервером, можно написать на Flex в свободном IDE или же требуется Flash Professional? Насколько я знаю, во Flash уже есть готовый компонент FLVPlayBack, можно ли без него обойтись во Flex?
  2. С помощью Loadvars можно также посылать серверу информацию о запуске проигрывателя для пополнения счетчика просмотров или есть более простой способ внедрить такой посыльщик запроса в обычный swf, содержащий видео?
  С уважением,
  Ольга Бутыгина.

• NFS - Solaris 10 client from Ubuntu server gives Rpcbind error

  Hello All,
  New to Solaris, and I've been scouring the Internet to find a solution, but none have been produced. I'll start by giving you details about the setups, and then go into the error:
  Server Setup:
  Ubuntu 8.04
  Exports file ->
  /home/<folder> <Solaris 10 Server DNS name>(rw,no_subtree_check,async)
  Client Setup:
  Solaris 10
  Set /etc/default/nfs to have NFS_CLIENT_VERSMAX=3
  Ran svcadm -v enable -r network/nfs/client and then tried
  mount -F nfs <Ubuntu Server DNS name>:/home/<folder> /mnt/test/
  and all I ever get are Rpcbind failure - RPC: Timed Out and then it says it's retrying: /mnt/test
  I've gotten the firewall out of the way, I can ping the Ubuntu server from the Solaris server and vice versa, and I'm able to mount the Ubuntu NFS share on another Ubuntu machine perfectly, but I can't get it to mount on the Solaris server. If I specify v3 of NFS, that doesn't change anything. If I specify v4 of NFS, I get the error that the file or folder doesn't exist on the Ubuntu server.
  Any ideas? Any more info needed?

  This is the exact same problem I've been having. My server is Ubuntu 8.10, and the client is Solaris 10. This is on my home network, so I'm pretty confident it isn't a network issue. I do NFS all the time at work between Solaris machines, but I'm stumped on this one. I've noticed there are similar threads on the topic with no real answer that I have found --
  http://www.linuxquestions.org/questions/linux-networking-3/nfs-server-on-ubuntu-doesnt-play-nice-with-nfs-client-on-solaris-626508/
  I did a dfshares from the Solaris box, and I actually get a response listing the shares. Even though I can see it I still can't mount it. Here is what I see:
  bash-3.00# dfshares tabasco
  RESOURCE SERVER ACCESS TRANSPORT
  tabasco:/media/Shared tabasco - -
  bash-3.00# mount -F nfs -o ro tabasco:/media/Shared /mnt
  nfs mount: tabasco:/media/Shared: No such file or directory
  bash-3.00#
  NFS is working on the server, as I can mount it locally (see below)
  root@tabasco:/# cat /etc/exports
  /media/Shared *(ro,sync)
  root@tabasco:/# mount tabasco:/media/Shared /mnt
  root@tabasco:/# cd /mnt
  root@tabasco:/mnt# ls
  Videos lost+found Music Pictures Other
  root@tabasco:/mnt#
  Yes... my server''s name is tabasco... remember it's a home network... and I like Tabasco... :)

• Can't authenticate Mac VPN client from RADIUS server

  Hello,
  I'm a real noob here so please bear with me.
  I have been able to configure my PIX 515E to allow VPN connections onto my network, but what I need to do is set up some sort of user authentication to control access at a user level. From what I've read here and in the Configuration Guide I should be able to do this authentication with a RADIUS server. I'm running a Corriente Networks Elektron Security server which has RADIUS server capabilities. It is running on my (inside) interface at IP 192.168.10.26.
  I thought that I had everything configured properly but it never seems to authenticate. I connect, the XAUTH window pops up, I add my username and password as it's configured on my RADIUS server, but when I click OK it just cycles the progress bar at the bottom and eventually times out. The client log doesn't show me anything and the log on the RADIUS server shows me nothing. Any ideas? this seems like it should be simple because I can connect until I attempt to authenticate to the RADIUS server.
  TIA for any direction you can provide me.
  Christine

  If it helps, here is my config with a some of the non-related bits deleted:
  interface ethernet0 auto
  interface ethernet1 auto
  interface ethernet2 auto
  nameif ethernet0 outside security0
  nameif ethernet1 inside security100
  nameif ethernet2 DMZ security50
  enable password ********* encrypted
  passwd ******* encrypted
  hostname pixfirewall
  domain-name acme.com
  fixup protocol dns maximum-length 512
  fixup protocol ftp 21
  fixup protocol http 80
  fixup protocol http 82
  fixup protocol rsh 514
  fixup protocol rtsp 554
  fixup protocol sip 5060
  fixup protocol sip udp 5060
  fixup protocol skinny 2000
  fixup protocol smtp 25
  access-list inside_outbound_nat0_acl permit ip any 192.168.10.0 255.255.255.0
  access-list inside_outbound_nat0_acl permit ip host 192.168.10.26 192.168.10.192 255.255.255.224
  access-list inside_outbound_nat0_acl permit ip host 192.168.10.69 192.168.10.192 255.255.255.224
  access-list outside_cryptomap_dyn_20 permit ip any 192.168.10.0 255.255.255.0
  access-list outside_cryptomap_dyn_40 permit ip any 192.168.10.192 255.255.255.224
  mtu outside 1500
  mtu inside 1500
  mtu DMZ 1500
  ip address outside 207.XXX.XXX.130 255.255.255.0
  ip address inside 192.168.10.1 255.255.255.0
  ip address DMZ 192.168.100.1 255.255.255.0
  multicast interface inside
  ip audit info action alarm
  ip audit attack action alarm
  ip local pool CBI_VPN_Pool 192.168.10.201-192.168.10.220
  pdm location 192.168.10.50 255.255.255.255 inside
  pdm group CBI_Servers inside
  pdm logging warnings 100
  pdm history enable
  arp timeout 14400
  global (outside) 200 interface
  global (DMZ) 200 interface
  nat (inside) 0 access-list inside_outbound_nat0_acl
  nat (inside) 200 192.168.10.0 255.255.255.0 0 0
  static (inside,outside) 207.XXX.XXX.150 192.168.10.27 netmask 255.255.255.255 0 0
  static (inside,outside) 207.XXX.XXX.132 192.168.10.26 dns netmask 255.255.255.255 0 0
  access-group 100 in interface outside
  route outside 0.0.0.0 0.0.0.0 207.XXX.XXX.129 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
  timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
  timeout uauth 0:05:00 absolute
  aaa-server radius-authport 1812
  aaa-server radius-acctport 1812
  aaa-server TACACS+ protocol tacacs+
  aaa-server RADIUS protocol radius
  aaa-server RADIUS (inside) host 192.168.10.26 ************* timeout 10
  aaa-server LOCAL protocol local
  http server enable
  http 192.168.10.3 255.255.255.255 inside
  no floodguard enable
  sysopt connection permit-ipsec
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20
  crypto dynamic-map outside_dyn_map 20 set transform-set ESP-DES-MD5
  crypto dynamic-map outside_dyn_map 40 match address outside_cryptomap_dyn_40
  crypto dynamic-map outside_dyn_map 40 set transform-set ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map client authentication RADIUS
  crypto map outside_map interface outside
  crypto map inside_map interface inside
  isakmp enable outside
  isakmp nat-traversal 3600
  isakmp policy 20 authentication pre-share
  isakmp policy 20 encryption des
  isakmp policy 20 hash md5
  isakmp policy 20 group 2
  isakmp policy 20 lifetime 86400
  vpngroup Test_VPN address-pool CBI_VPN_Pool
  vpngroup Test_VPN dns-server 142.77.2.101 142.77.2.36
  vpngroup Test_VPN default-domain acme.com
  vpngroup Test_VPN idle-time 1800
  vpngroup Test_VPN authentication-server RADIUS
  vpngroup Test_VPN user-authentication
  vpngroup Test_VPN user-idle-timeout 1200
  vpngroup Test_VPN password ********
  ssh timeout 5
  console timeout 0
  dhcpd address 192.168.10.100-192.168.10.254 inside
  dhcpd dns 142.77.2.101 142.77.2.36
  dhcpd lease 3600
  dhcpd ping_timeout 750
  dhcpd auto_config outside
  dhcpd enable inside

• Cannot access sapdb backend from Content Server?

  I am unable to access my sapdb from my Content Server via CSADMIN or with the /ContentServer.dll?serverInfo page.
  I run a Content Server on Unix - version 640, build 16. Here's what I've verified thus far:
  - SAPDB is up and running.
  - x_server process is running
  - apache is running (httpd processes)
  - Standalone gateway on same server is running.
  In the apache error logs I find the following message:
  ErrorDescription: Cannot start Document request, reason: SQLConnect
  failed, [MySQL MaxDB][LIBSQLOD SO][MaxDB] Invalid authorization specification;-4008 POS
  (1) Unknown user name/password combination, Error
  Code: -4008\r\nX-ServerId: server="nwkwcs";serverPort="1090"\r\nX-
  ServerType: SAP HTTP Content Server\r\n
  I had not changed my SAPR3 user or password in the database, so I am confused why this started happening all of a sudden?
  In an attempt to fix, I reset SAPR3 to custom password and ran report
  RSCMSPWS to store the new password in the cs.conf file. However, the
  same error is still a result.
  So, I deleted and recreated SAPR3 based upon SUPERDBA profile with default "SAP" password.  
  Then, I commented out DBNAME and PASSWORD in cs.conf file.  So, it should be using the default SAPR3/SAP login to the database. 
  However, this did not help either.
  I looked at note 706664, however I cannot even get the repositories to a defined status. I cannot connect via CSADMIN?
  Here's an excerpt from the http://server:port/ContentServer/ContentServer.dll?serverInfo page for
  further analysis:
  serverType="SAP HTTP Content Server";serverVendorId="SAPAG";
  serverVersion="640"; serverPatch="0";serverBuild="16";
  pVersion="0046";serverStatus="running";serverDate="2008-07-
  10";serverTime="13:58:28";startUpDate="2008-07-10";
  startUpTime="13:58:20";lastAccessDate="2008-07-
  10";lastAccessTime="13:58:20";
  contRep="Z_EKM_IWBHELP";contRepStatus="offline";contRepStatusDescription="SQLConnect failed, [MySQL MaxDB][LIBSQLOD SO]
  [MaxDB] Invalidauthorization specification;-4008 POS(1) Unknown user name/passwordcombination, Error Code: -
  4008";storageVersion="17";storage="SAPDB";buildLevel="1";contentStorageName="SDB";contentStorageHost="localhost"; security="1";contRepDescription="Content Repository for IWBHELP";
  I am unsure why the Content Server will not connect to the database?
  Points to all helpful answers!
  Thanks,
  Jeff

  Hi,
  How did you resolve this problem ?
  Thanks,
  Hemant

• Monitoring an applet on a thin client from the server

  Hello all,
  I'm not even sure if this is possible or not, but here is what I would like to do.
  I want to be able to monitor an applet running on a remote thin client device from the central server to determine if there have been any problems (exceptions, device failures, etc).
  I'll be using java 1.5.0. If you require more info please let me know.
  Thanks,

  But would anyone know if there is a similar method for applets?
  What makes you think you can't use that technique in an applet? Use that, and contact the server when there's an uncaught exception.
  You'll probably want to report a number of caught exceptions too (unless you're really bad at handling exceptions).
  Best bet is to use a utility class on your applet with a method like "logError(Throwable t, String message)" which will send the details up to the server, maybe output to the console, maybe even pop up a dialog. If you did this via an interface you could plug in different implementations and compound them if required.