CER License Exceeded
What happens when you add phones to CER but run out of licenses (before you can purchase more)?
Message-Phones being tracked exceed the number of user licenses available.
What 911 information is sent?
Is the correct ALI information sent?
What happens with the callback number?
Cisco Emergency Responder assigns IP phones to the Default URL if and only if it has failed, or has not yet tried, to locate them by connected switch port or IP subnet. Assigment to the Default ERL has nothing at all to do with inadequate licensing.
User licensing in Emergency Responder is not enforced, except for email alerts to the system administrator and warnings that appear on the administrative user interface if Emergency Responder discovers more IP phones than it is licensed to support. Emergency calls will be processed normally, even when user licensing is deficient.
However, it is still expected that Emergency Responder is licensed for all IP phones registered to the Unified Communications Manager cluster(s) that it supports. Emergency Responder will attempt to discover all registered IP phones, and if not properly configured to locate all registered IP phones by connected switch port or IP subnet, then IP phones will be assigned to the Default ERL. Persistent assignment of any IP phone to the Default ERL is an indication of improper configuration or operation, and should be analyzed and corrected.
Similar Messages
-
Adobe license exceed maximum activation
Adobe license exceed maximum activation
Cloud License allows 2 activations http://www.adobe.com/legal/licenses-terms.html
-Install on a 2nd computer http://forums.adobe.com/thread/1452292?tstart=0
-Windows or Mac does not matter... 2 on the same operating system, or 1 on each
-Both subscriptions MAY be in use at the same time https://forums.adobe.com/thread/1683787
Remove license on a computer http://forums.adobe.com/thread/1442423?tstart=0 may help
-http://helpx.adobe.com/x-productkb/policy-pricing/error-maxium-acitvation-exceeded.html -
We are in the process of installing a new DEV system and when installing the 5.0.496 version of BPC, the install app is not asking for the .lic file. The install completes and I can log in using the sys ID, however, the system will not allow me to add new users. I get a warning saying that my user licenses have been exceeded. I check the Appserv > tblSystemDefaults for the keyId/value CompanyName/SAP.
Any ideas on how to get past this would be appreciatedThe license information is stored into a file.
The name of file it is :BPC User License.lic and it should be located into C:\BPC\Data\Webfolders\Admin Templates.
In your case or the file is missing or it is wrong.
You can ask the support to provide you a correct version for this file.
Regards
Sorin Radulescu -
Adobe Captivate license exceeded maximum number of machines
Hi,
My machine was updated from Win XP to Win 7 and it seems the Adobe Captivate license from the old version was not deactivated. I am trying to install the application now that I have Win 7 but I am receiving an message that says the license has exceeded the maximum number of users/machine. I tried clicking the option that says "I already deactivated the application from the other machine." but it does not work.
Let me know what I can do to activate the license.
Thank you,
Wendel500?? What are there so many files?
The problem is that the CAB format only allows for 300 files maximum, so there's nothing that we can do about that I'm afraid.
Mark
www.flashmobileblog.com -
I'm having issues with CER 8.x license hope some can help here, customer want to upgrade from CER 2.x on MCS server to 8.5 on UCS server. So I upgraded CER from 2.x to 7.1 to 8.5 on an interim server no license issues at all. When I did DRS back up from Interim server and restored on UCS server I started to have license issues. I called Tac engr who was helping from licensing team and explained what I was doing so she was keep issueing different license files none of them worked. I just want to delete all the license files I have installed so far and start over and see that fixes it. I thought there may be an option under CLI like we have in CUCM but there in no option to delete those lic files . Please can you help me to delete those lice files or do I need to open a TAC case to get root access.
This should be possible since CER 7.x that has implemented the fix for "CSCsk37388 Need a way to delete the licenses"
To do so:1. View / Download / Delete license files uploaded onto the system, using the File Management Utility (found under Tools)
2. After deletion, restart CER service. The License Manager shows the updated license info (i.e. decremented user license count in case of a user license, or evaluation mode in case of a server license). -
What happens when NAC Server License Exceeds ?
Hi all,
Got a simple question for which I could not find the explanations ?
I know that licensing is run by the endpoints which are in Online User (posture assessed) list.
Lets say I purchased a NAC server with 100 License. What happens if a client connects to the network as the 101th user ? Is there a flexible licensing option as in other security products of Cisco ?
Also anyone has any info about the roadmap of licensing for Cisco NAC products ? Such as central management of licenses, license pools or etc. ?
Thanks in advance.
Any comments appreciated.
DumluThanks a lot.
You said "BPEL developer should make sure unique value is supplied for correlation..",but I am confused,
"BPEL developer" means business process developer(process caller) or bpel engine developer(process runtime enviroment developer) ?
This afternoon,I installed oracle PM and did some tests. The bpel server creates two process instances which have the same correlation data. -
Add failed. [4911] Cannot connect to License Manager
Hello
I am facing a strange problem with our CCM, i cant add new phones (auto registration or manual add) although i still have 82 DLU's free
Always getting the error Add failed. [4911] Cannot connect to License Manager
I have tried restarting the Call Manager servral times and still same error appears
can anyone help ?Hi mpagacz
I have checked the license manager service and it was the problem , it wouldn't start but i wasnt related to hardware issue
I found out from other community that it is a bug in my version 7.1.3 that when license exceeded certain limit that license service doesn't work
so i resolved the issue by deleting some licenses files
Also this issue was reported solved in 7.1.5 so i and doing the upgrade
anyway i have bought version 10.5 and will do the migration
thanks -
Dear SAP Experts,
We have an inbound scenario, which uses AS2 adapter connectivity.
Trading Partner AS2 --> Seeburger AS2 (SAP PI 7.1)
SAP PI uses HTTPS protocol, while Trading Partner uses HTTP protocol.
Our trading partner is using Mozilla Firefox, and they tried pinging the inbound URL of SAP PI, but they encountered 403 Access Denied Error. They already loaded the SSL certificate of SAP PI in their server.
Is Mozilla firefox application is not advisable for the connection?
I've tried pinging the inbound url in public internet, and it was successful. (405 Status)
Kindly advise.
Thank you..
GerbertoHi Gerberto,
Pls check the following:
1) AS2ID of the party for you partner in PI is the correct.
2) AS2ID of the party which is receiving messages is the correct.
3) whether the the AS2 certificates updated properly or not (might be cache issues) either at your end or the third party's end.
4) the path that you mention in the Receiver/ Sender Agreement for the certoficate location might be wrong.
the other reasons for 403 errors and eliminate one by one.
403.1 - Execute access forbidden.
403.2 - Read access forbidden.
403.3 - Write access forbidden.
403.4 - SSL required.
403.5 - SSL 128 required.
403.6 - IP address rejected.
403.7 - Client certificate required.
403.8 - Site access denied.
403.9 - Too many users.
403.10 - Invalid configuration.
403.11 - Password change.
403.12 - Mapper denied access.
403.13 - Client certificate revoked.
403.14 - Directory listing denied.
403.15 - Client Access Licenses exceeded.
403.16 - Client certificate is untrusted or invalid.
403.17 - Client certificate has expired or is not yet valid.
Also you can refer the following thread...
Seeburger AS2 Sender Adapter : http: 403 error
Regds,
Pinangshuk. -
Oracle Error in a Data Dictionary
Is there a data dictionary or table that contains all Oracle errors and it's description?
or sqlerrm
begin
for i in 1..100 loop
if (sqlerrm(-i) not like '%Message % not found%') then
dbms_output.put_line(sqlerrm(-i));
end if;
end loop;
end;
ORA-00001: unique constraint (.) violated
ORA-00017: session requested to set trace event
ORA-00018: maximum number of sessions exceeded
ORA-00019: maximum number of session licenses exceeded
ORA-00020: maximum number of processes () exceeded
ORA-00021: session attached to some other process; cannot switch session
ORA-00022: invalid session ID; access denied
ORA-00023: session references process private memory; cannot detach session
ORA-00024: logins from more than one process not allowed in single-process mode
ORA-00025: failed to allocate
ORA-00026: missing or invalid session ID
ORA-00027: cannot kill current session
ORA-00028: your session has been killed
ORA-00029: session is not a user session
ORA-00030: User session ID does not exist.
ORA-00031: session marked for kill
ORA-00032: invalid session migration password
ORA-00033: current session has empty migration password
ORA-00034: cannot in current PL/SQL session
ORA-00035: LICENSE_MAX_USERS cannot be less than current number of users
ORA-00036: maximum number of recursive SQL levels () exceeded
ORA-00037: cannot switch to a session belonging to a different server group
ORA-00038: Cannot create session: server group belongs to another user
ORA-00040: active time limit exceeded - call aborted
ORA-00041: active time limit exceeded - session terminated
ORA-00042: Unknown Service name
ORA-00050: operating system error occurred while obtaining an enqueue
ORA-00051: timeout occurred while waiting for a resource
ORA-00052: maximum number of enqueue resources () exceeded
ORA-00053: maximum number of enqueues exceeded
ORA-00054: resource busy and acquire with NOWAIT specified
ORA-00055: maximum number of DML locks exceeded
ORA-00056: DDL lock on object '.' is already held in an incompatible mode
ORA-00057: maximum number of temporary table locks exceeded
ORA-00058: DB_BLOCK_SIZE must be to mount this database (not )
ORA-00059: maximum number of DB_FILES exceeded
ORA-00060: deadlock detected while waiting for resource
ORA-00061: another instance has a different DML_LOCKS setting
ORA-00062: DML full-table lock cannot be acquired; DML_LOCKS is 0
ORA-00063: maximum number of log files exceeded
ORA-00064: object is too large to allocate on this O/S (,)
ORA-00065: initialization of FIXED_DATE failed
ORA-00067: invalid value for parameter ; must be at least
ORA-00068: invalid value for parameter , must be between and
ORA-00069: cannot acquire lock -- table locks disabled for
ORA-00070: command is not valid
ORA-00071: process number must be between 1 and
ORA-00072: process "" is not active
ORA-00073: command takes between and argument(s)
ORA-00074: no process has been specified
ORA-00075: process "" not found in this instance
ORA-00076: dump not found
ORA-00077: dump is not valid
ORA-00078: cannot dump variables by name
ORA-00079: variable not found
ORA-00080: invalid global area specified by level
ORA-00081: address range [, ) is not readable
ORA-00082: memory size of is not in valid set of [1], [2], [4]
ORA-00083: warning: possibly corrupt SGA mapped
ORA-00084: global area must be PGA, SGA, or UGA
ORA-00085: current call does not exist
ORA-00086: user call does not exist
ORA-00087: command cannot be executed on remote instance
ORA-00088: command cannot be executed by shared server
ORA-00089: invalid instance number in ORADEBUG command
ORA-00090: failed to allocate memory for cluster database ORADEBUG command
ORA-00091: LARGE_POOL_SIZE must be at least
ORA-00092: LARGE_POOL_SIZE must be greater than LARGE_POOL_MIN_ALLOC
ORA-00093: must be between and
ORA-00094: requires an integer value
ORA-00096: invalid value for parameter , must be from among
ORA-00097: use of Oracle SQL feature not in SQL92 Level
ORA-00100: no data found -
Internal Table with Oracle's Error Codes
Hi,
Is there any internal table where is stored every oracle error code with it's Cause, Action and all the other similar stuff?
Att,For a table of all "ORA-" error codes and messages, you could do something like:
<BR>
create type t_oracle_error is object (
error_num varchar2(9),
error_desc varchar2(1024)
create type t_oracle_error_tab is table of t_oracle_error;
create or replace function OracleErrors return t_oracle_error_tab pipelined is
l_error t_oracle_error := t_oracle_error(null,null);
begin
for errNo in reverse -32799..0 loop
l_error.error_num := errNo;
l_error.error_desc := sqlerrm(errNo);
if l_error.error_desc not like '%Message % not found;%' and l_error.error_desc != 'ORA'||to_char(errNo,'FM09999')||': ' then
pipe row(l_error);
end if;
end loop;
return;
end OracleErrors;
select * from table(oracleerrors);
SQL> select * from table(oracleerrors);
ERROR_NUM ERROR_DESC
0 ORA-0000: normal, successful completion
-1 ORA-00001: unique constraint (.) violated
-17 ORA-00017: session requested to set trace event
-18 ORA-00018: maximum number of sessions exceeded
-19 ORA-00019: maximum number of session licenses exceeded
-20 ORA-00020: maximum number of processes () exceeded
-21 ORA-00021: session attached to some other process; cannot switch session
-22 ORA-00022: invalid session ID; access denied
-23 ORA-00023: session references process private memory; cannot detach session
-24 ORA-00024: logins from more than one process not allowed in single-process mode
-25 ORA-00025: failed to allocate
-26 ORA-00026: missing or invalid session ID
-27 ORA-00027: cannot kill current session
-28 ORA-00028: your session has been killed
-29 ORA-00029: session is not a user session
-30 ORA-00030: User session ID does not exist.
-31 ORA-00031: session marked for kill
-32 ORA-00032: invalid session migration password
-33 ORA-00033: current session has empty migration password
-34 ORA-00034: cannot in current PL/SQL session
-35 ORA-00035: LICENSE_MAX_USERS cannot be less than current number of users
-36 ORA-00036: maximum number of recursive SQL levels () exceeded
-37 ORA-00037: cannot switch to a session belonging to a different server group
-38 ORA-00038: Cannot create session: server group belongs to another user
-50 ORA-00050: operating system error occurred while obtaining an enqueue
-51 ORA-00051: timeout occurred while waiting for a resource
-52 ORA-00052: maximum number of enqueue resources () exceeded
-53 ORA-00053: maximum number of enqueues exceeded
-54 ORA-00054: resource busy and acquire with NOWAIT specified
-55 ORA-00055: maximum number of DML locks exceeded
-56 ORA-00056: DDL lock on object '.' is already held in an incompatible mode
-57 ORA-00057: maximum number of temporary table locks exceeded
-58 ORA-00058: DB_BLOCK_SIZE must be to mount this database (not )
-59 ORA-00059: maximum number of DB_FILES exceeded
-60 ORA-00060: deadlock detected while waiting for resource
-61 ORA-00061: another instance has a different DML_LOCKS setting
-62 ORA-00062: DML full-table lock cannot be acquired; DML_LOCKS is 0
-63 ORA-00063: maximum number of LOG_FILES exceeded
-64 ORA-00064: object is too large to allocate on this O/S (,)
-65 ORA-00065: initialization of FIXED_DATE failed
-66 ORA-00066: LOG_FILES is but needs to be to be compatible
-67 ORA-00067: invalid value for parameter ; must be at least
-68 ORA-00068: invalid value for parameter , must be between and
-69 ORA-00069: cannot acquire lock -- table locks disabled for
-70 ORA-00070: command is not valid
-71 ORA-00071: process number must be between 1 and
-72 ORA-00072: process "" is not active
-73 ORA-00073: command takes between and argument(s)
-74 ORA-00074: no process has been specified
-75 ORA-00075: process "" not found in this instance
-76 ORA-00076: dump not found
-77 ORA-00077: dump is not valid
-78 ORA-00078: cannot dump variables by name
-79 ORA-00079: variable not found
-80 ORA-00080: invalid global area specified by level
-81 ORA-00081: address range [, ) is not readable
-82 ORA-00082: memory size of is not in valid set of [1], [2], [4]
-83 ORA-00083: warning: possibly corrupt SGA mapped
-84 ORA-00084: global area must be PGA, SGA, or UGA
-85 ORA-00085: current call does not exist
-86 ORA-00086: user call does not exist
-87 ORA-00087: command cannot be executed on remote instance
-88 ORA-00088: command cannot be executed by shared server
-89 ORA-00089: invalid instance number in ORADEBUG command
-90 ORA-00090: failed to allocate memory for cluster database ORADEBUG command
-91 ORA-00091: LARGE_POOL_SIZE must be at least
-92 ORA-00092: LARGE_POOL_SIZE must be greater than LARGE_POOL_MIN_ALLOC
-93 ORA-00093: must be between and
-94 ORA-00094: requires an integer value
-96 ORA-00096: invalid value for parameter , must be from among
-97 ORA-00097: use of Oracle SQL feature not in SQL92 Level
-99 ORA-00099: timed out while waiting for resource, potential PDML deadlock
-100 ORA-00100: no data found
-101 ORA-00101: invalid specification for system parameter DISPATCHERS
-102 ORA-00102: network protocol cannot be used by dispatchers
-103 ORA-00103: invalid network protocol; reserved for use by dispatchers
-104 ORA-00104: deadlock detected; all public servers blocked waiting for resources
-105 ORA-00105: dispatching mechanism not configured for network protocol
-106 ORA-00106: cannot startup/shutdown database when connected to a dispatcher
-107 ORA-00107: failed to connect to ORACLE listener process
-108 ORA-00108: failed to set up dispatcher to accept connection asynchronously
-111 ORA-00111: not all servers started because number of servers is limited to
-112 ORA-00112: only created up to (maximum specified) dispatchers
-113 ORA-00113: protocol name is too long
-114 ORA-00114: missing value for system parameter SERVICE_NAMES
-115 ORA-00115: connection refused; dispatcher connection table is full
-116 ORA-00116: SERVICE_NAMES name is too long
-117 ORA-00117: value out of range for system parameter SERVICE_NAMES
-118 ORA-00118: value out of range for system parameter DISPATCHERS
-119 ORA-00119: invalid specification for system parameter
-120 ORA-00120: dispatching mechanism not enabled or installed
-121 ORA-00121: SHARED_SERVERS specified without DISPATCHERS
-122 ORA-00122: cannot initialize network configuration
-123 ORA-00123: idle public server terminating
-124 ORA-00124: DISPATCHERS specified without MAX_SHARED_SERVERS
-125 ORA-00125: connection refused; invalid presentation
-126 ORA-00126: connection refused; invalid duplicity
-127 ORA-00127: dispatcher does not exist
-128 ORA-00128: this command requires a dispatcher name
... -
Cisco 1921 Dual ADSL Load Balancing/Failover?
Hello,
We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
I had a look at ppp multilink but I am unsure our ISP (BT) support this?
This is my current config which I think only one ADSL line is being used. Some input would be appreciated
Robbie
! Last configuration change at 13:18:34 UTC Tue Mar 29 2011
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname xxxxxx
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 xxxxx
enable password xxxx
no aaa new-model
no ipv6 cef
ip source-route
ip cef
ip name-server 194.74.65.68
ip name-server 194.72.0.114
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-xxxxxx
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-xxxxx0
revocation-check none
rsakeypair TP-self-signed-xxxxx!
crypto pki certificate chain TP-self-signed-xxxxxx
certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
license udi pid CISCO1921/K9 xxxxx
username admin privilege 15 secret 5 xxxxxxxxxx/
interface GigabitEthernet0/0
description lan$ETH-LAN$
ip address 10.0.8.1 255.255.248.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/0/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/1/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dialer0
mtu 1483
ip address negotiated
ip access-group spalding in
ip access-group spalding out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
interface Dialer1
mtu 1483
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp link reorders
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.0.15.201 3389 interface Dialer0 3389
ip nat outside source static tcp 195.194.75.218 3389 10.0.15.200 3389 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 permit 10.0.0.0 0.254.255.255
dialer-list 1 protocol ip permit
control-plane
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
scheduler allocate 20000 1000
endHi,
Can anyone help me with this config? not very reliable.
Building configuration...
Current configuration : 17349 bytes
! Last configuration change at 06:08:06 UTC Sun Apr 5 2015 by Shawn
version 15.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Router
boot-start-marker
boot system flash0:c2900-universalk9-mz.SPA.154-3.M2.bin
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$sNeA$GB6.SMrcsxPf51tK2Eo9Z.
aaa new-model
aaa authentication login local_authen local
aaa authorization exec local_author local
aaa session-id common
no ip source-route
ip port-map user-protocol--8 port udp 3392
ip port-map user-protocol--9 port tcp 3397
ip port-map user-protocol--2 port udp 3391
ip port-map user-protocol--3 port tcp 14000
ip port-map user-protocol--1 port tcp 3391
ip port-map user-protocol--6 port udp 3394
ip port-map user-protocol--7 port tcp 3392
ip port-map user-protocol--4 port udp 14100
ip port-map user-protocol--5 port tcp 3394
ip port-map user-protocol--10 port udp 3397
ip dhcp excluded-address 192.168.1.1 192.168.1.49
ip dhcp excluded-address 192.168.10.1 192.168.10.49
ip dhcp pool DHCP_POOL1
import all
network 192.168.1.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.1.1
lease infinite
ip dhcp pool ccp-pool1
import all
network 192.168.10.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.10.1
lease infinite
no ip bootp server
ip host SHAWN-PC 192.168.1.10
ip host DIAG 192.168.1.5
ip host MSERV 192.168.1.13
ip name-server 139.130.4.4
ip name-server 203.50.2.71
ip cef
ip cef load-sharing algorithm include-ports source destination
no ipv6 cef
multilink bundle-name authenticated
cts logging verbose
crypto pki trustpoint TP-self-signed-1982477479
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1982477479
revocation-check none
rsakeypair TP-self-signed-1982477479
license udi pid
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package datak9
redundancy
controller VDSL 0/0/0
operating mode adsl2+
controller VDSL 0/1/0
operating mode adsl2+
no cdp run
track timer interface 5
track 1 interface Dialer0 ip routing
delay down 15 up 10
track 2 interface Dialer1 ip routing
delay down 15 up 10
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-all sdm-nat-user-protocol--7-1
match access-group 104
match protocol user-protocol--7
match access-group 102
class-map type inspect match-all sdm-nat-user-protocol--4-2
match access-group 101
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--6-1
match access-group 103
match protocol user-protocol--6
class-map type inspect match-all sdm-nat-user-protocol--5-1
match access-group 103
match protocol user-protocol--5
class-map type inspect match-all sdm-nat-user-protocol--4-1
match access-group 102
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--7-2
match access-group 101
match protocol user-protocol--7
class-map type inspect match-all sdm-nat-user-protocol--3-1
match access-group 102
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--2-1
match access-group 101
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--1-2
match access-group 102
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--2-2
match access-group 102
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--3-2
match access-group 101
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--8-2
match access-group 101
match protocol user-protocol--8
class-map type inspect match-all sdm-nat-user-protocol--9-2
match access-group 104
match protocol user-protocol--9
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-all sdm-nat-user-protocol--9-1
match access-group 101
match protocol user-protocol--9
match access-group 104
class-map type inspect match-all sdm-nat-user-protocol--8-1
match access-group 104
match protocol user-protocol--8
match access-group 102
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all sdm-nat-user-protocol--10-2
match access-group 104
match protocol user-protocol--10
class-map type inspect match-all sdm-nat-user-protocol--10-1
match access-group 101
match protocol user-protocol--10
match access-group 104
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-cls-insp-traffic
match protocol pptp
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect match-any CCP_PPTP
match class-map SDM_GRE
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class type inspect sdm-nat-user-protocol--2-1
inspect
class type inspect sdm-nat-user-protocol--3-1
inspect
class type inspect sdm-nat-user-protocol--4-1
inspect
class type inspect sdm-nat-user-protocol--5-1
inspect
class type inspect sdm-nat-user-protocol--6-1
inspect
class type inspect sdm-nat-user-protocol--7-1
inspect
class type inspect sdm-nat-user-protocol--8-1
inspect
class type inspect sdm-nat-user-protocol--9-1
inspect
class type inspect sdm-nat-user-protocol--10-1
inspect
class type inspect CCP_PPTP
pass
class type inspect sdm-nat-user-protocol--7-2
inspect
class type inspect sdm-nat-user-protocol--8-2
inspect
class type inspect sdm-nat-user-protocol--1-2
inspect
class type inspect sdm-nat-user-protocol--2-2
inspect
class type inspect sdm-nat-user-protocol--9-2
inspect
class type inspect sdm-nat-user-protocol--10-2
inspect
class type inspect sdm-nat-user-protocol--3-2
inspect
class type inspect sdm-nat-user-protocol--4-2
inspect
class class-default
drop log
policy-map type inspect ccp-permit
class class-default
drop
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-NATOutsideToInside-1
interface Null0
no ip unreachables
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 192.168.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
no mop enabled
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/0/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/0/0.2 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
interface Ethernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/1/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
interface Ethernet0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface GigabitEthernet0/3/0
no ip address
interface GigabitEthernet0/3/1
no ip address
interface GigabitEthernet0/3/2
no ip address
interface GigabitEthernet0/3/3
no ip address
interface GigabitEthernet0/3/4
no ip address
interface GigabitEthernet0/3/5
no ip address
interface GigabitEthernet0/3/6
no ip address
interface GigabitEthernet0/3/7
no ip address
interface Vlan1
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 1444405858557A
ppp pap sent-username [email protected] password 7 135645415F5D54
ppp multilink
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 01475E540E5D55
ppp pap sent-username [email protected] password 7 055F5E5F741A1D
ppp multilink
router eigrp as#
router eigrp 10
network 192.168.1.1 0.0.0.0
router rip
version 2
network 192.168.1.0
no auto-summary
ip forward-protocol nd
ip http server
ip http access-class 3
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static udp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static tcp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static udp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static tcp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static udp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static tcp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static udp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static tcp 192.168.1.10 14000 interface Dialer0 14000
ip nat inside source static udp 192.168.1.10 14100 interface Dialer0 14100
ip nat inside source route-map ADSL0 interface Dialer0 overload
ip nat inside source route-map ADSL1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip access-list extended NAT
remark CCP_ACL Category=18
permit ip 192.0.0.0 0.255.255.255 any
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
remark CCP_ACL Category=1
ip access-list extended STATIC-NAT-SERVICES
permit ip host 192.168.1.35 any
permit ip host 192.168.1.5 any
permit ip host 192.168.1.10 any
permit ip host 192.168.1.17 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
route-map ADSL0 permit 10
match ip address NAT
match interface Dialer0
route-map ADSL1 permit 10
match ip address NAT
match interface Dialer1
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 3 remark HTTP Access-class list
access-list 3 remark CCP_ACL Category=1
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 3 deny any
access-list 10 remark INSIDE_IF=NAT
access-list 10 remark CCP_ACL Category=2
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 139.130.227.0 0.0.0.255 any
access-list 100 permit ip 203.45.106.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.10
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.35
access-list 101 permit tcp any any eq www
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.35
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.10
access-list 103 remark CCP_ACL Category=0
access-list 103 permit ip any host 192.168.1.5
access-list 104 remark CCP_ACL Category=0
access-list 104 permit ip any host 192.168.1.17
control-plane
banner login ^CCE-Rescue Systems^C
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
authorization exec local_author
login authentication local_authen
transport input telnet ssh
scheduler allocate 20000 1000
end
Thanks
Shawn -
What Tables or Views for ORA- errors?
What are those tables or views where you can lookup for the ORA- errors which has a description or meaning?
Thanks,
WarrenOf course, you can always use the SQLERRM function, as well:
SQL> begin
2 for i in 1..100 loop
3 dbms_output.put_line(SQLERRM(i * -1));
4 end loop;
5 end;
6 /
ORA-00001: unique constraint (.) violated
ORA-00002: Message 2 not found; product=RDBMS; facility=ORA
ORA-00003: Message 3 not found; product=RDBMS; facility=ORA
ORA-00004: Message 4 not found; product=RDBMS; facility=ORA
ORA-00005: Message 5 not found; product=RDBMS; facility=ORA
ORA-00006: Message 6 not found; product=RDBMS; facility=ORA
ORA-00007: Message 7 not found; product=RDBMS; facility=ORA
ORA-00008: Message 8 not found; product=RDBMS; facility=ORA
ORA-00009: Message 9 not found; product=RDBMS; facility=ORA
ORA-00010: Message 10 not found; product=RDBMS; facility=ORA
ORA-00011: Message 11 not found; product=RDBMS; facility=ORA
ORA-00012: Message 12 not found; product=RDBMS; facility=ORA
ORA-00013: Message 13 not found; product=RDBMS; facility=ORA
ORA-00014: Message 14 not found; product=RDBMS; facility=ORA
ORA-00015: Message 15 not found; product=RDBMS; facility=ORA
ORA-00016: Message 16 not found; product=RDBMS; facility=ORA
ORA-00017: session requested to set trace event
ORA-00018: maximum number of sessions exceeded
ORA-00019: maximum number of session licenses exceeded
ORA-00020: maximum number of processes () exceeded
ORA-00021: session attached to some other process; cannot switch session
ORA-00022: invalid session ID; access denied
ORA-00023: session references process private memory; cannot detach session
ORA-00024: logins from more than one process not allowed in single-process mode
ORA-00025: failed to allocate
ORA-00026: missing or invalid session ID
ORA-00027: cannot kill current session
ORA-00028: your session has been killed
ORA-00029: session is not a user session
ORA-00030: User session ID does not exist.
ORA-00031: session marked for kill
ORA-00032: invalid session migration password
ORA-00033: current session has empty migration password
ORA-00034: cannot in current PL/SQL session
ORA-00035: LICENSE_MAX_USERS cannot be less than current number of users
ORA-00036: maximum number of recursive SQL levels () exceeded
ORA-00037: cannot switch to a session belonging to a different server group
ORA-00038: Cannot create session: server group belongs to another user
ORA-00039: Message 39 not found; product=RDBMS; facility=ORA
ORA-00040: Message 40 not found; product=RDBMS; facility=ORA
ORA-00041: Message 41 not found; product=RDBMS; facility=ORA
ORA-00042: Message 42 not found; product=RDBMS; facility=ORA
ORA-00043: Message 43 not found; product=RDBMS; facility=ORA
ORA-00044: Message 44 not found; product=RDBMS; facility=ORA
ORA-00045: Message 45 not found; product=RDBMS; facility=ORA
ORA-00046: Message 46 not found; product=RDBMS; facility=ORA
ORA-00047: Message 47 not found; product=RDBMS; facility=ORA
ORA-00048: Message 48 not found; product=RDBMS; facility=ORA
ORA-00049: Message 49 not found; product=RDBMS; facility=ORA
ORA-00050: operating system error occurred while obtaining an enqueue
ORA-00051: timeout occurred while waiting for a resource
ORA-00052: maximum number of enqueue resources () exceeded
ORA-00053: maximum number of enqueues exceeded
ORA-00054: resource busy and acquire with NOWAIT specified
ORA-00055: maximum number of DML locks exceeded
ORA-00056: DDL lock on object '.' is already held in an incompatible mode
ORA-00057: maximum number of temporary table locks exceeded
ORA-00058: DB_BLOCK_SIZE must be to mount this database (not )
ORA-00059: maximum number of DB_FILES exceeded
ORA-00060: deadlock detected while waiting for resource
ORA-00061: another instance has a different DML_LOCKS setting
ORA-00062: DML full-table lock cannot be acquired; DML_LOCKS is 0
ORA-00063: maximum number of LOG_FILES exceeded
ORA-00064: object is too large to allocate on this O/S (,)
ORA-00065: initialization of FIXED_DATE failed
ORA-00066: LOG_FILES is but needs to be to be compatible
ORA-00067: invalid value for parameter ; must be at least
ORA-00068: invalid value for parameter , must be between and
ORA-00069: cannot acquire lock -- table locks disabled for
ORA-00070: command is not valid
ORA-00071: process number must be between 1 and
ORA-00072: process "" is not active
ORA-00073: command takes between and argument(s)
ORA-00074: no process has been specified
ORA-00075: process "" not found in this instance
ORA-00076: dump not found
ORA-00077: dump is not valid
ORA-00078: cannot dump variables by name
ORA-00079: variable not found
ORA-00080: invalid global area specified by level
ORA-00081: address range [, ) is not readable
ORA-00082: memory size of is not in valid set of [1], [2], [4]
ORA-00083: warning: possibly corrupt SGA mapped
ORA-00084: global area must be PGA, SGA, or UGA
ORA-00085: current call does not exist
ORA-00086: user call does not exist
ORA-00087: command cannot be executed on remote instance
ORA-00088: command cannot be executed by shared server
ORA-00089: invalid instance number in ORADEBUG command
ORA-00090: failed to allocate memory for cluster database ORADEBUG command
ORA-00091: LARGE_POOL_SIZE must be at least
ORA-00092: LARGE_POOL_SIZE must be greater than LARGE_POOL_MIN_ALLOC
ORA-00093: must be between and
ORA-00094: requires an integer value
ORA-00095: Message 95 not found; product=RDBMS; facility=ORA
ORA-00096: invalid value for parameter , must be from among
ORA-00097: use of Oracle SQL feature not in SQL92 Level
ORA-00098: Message 98 not found; product=RDBMS; facility=ORA
ORA-00099: timed out while waiting for resource, potential PDML deadlock
ORA-00100: no data found
PL/SQL procedure successfully completed -
FlexVPN Cannot Ping From Spoke LAN only
Topology:
Hub:
(hub lan: 10.0.1.0/24) > (lan int [ip nat inside], g0/0: 10.0.1.1) > (flex interface, loopback100: 172.31.100.1) > (flex virtual interface, Virtual-Template1: ip unnumbered loopback100) > (wan int [ip nat outside], dialer0 - g0/1) > ISP
Spoke:
(hub lan: 10.0.3.0/24) > (lan int [ip nat inside], vlan1: 10.0.3.1) > (flex interface, Tunnel0 ip address negotiated, tunnel source vlan 1) > (wan int, dialer0 [ip nat inside] - f0/4) > ISP
I have full reachability from both routers.
Hub router can ping 172.31.100.x, 10.0.3.1 and hosts on 10.0.3.0/24 via standard ping, or extended and sourced from 10.0.1.1 or g0/0
Spoke router can ping 172.31.100.1, 10.0.1.1 and hosts on 10.0.1.0/24 via standard ping, or extended and sourced from 10.0.3.1 or vlan1
Partial reachability from lan hosts
Hub hosts can ping 172.31.100.x and 10.0.3.1, but not hosts on 10.0.3.0/24 (Possibly because host cannot reply to echo request?)
Spoke hosts cannot ping 172.31.100.1, 10.0.1.1 or hosts on 10.0.1.0/24
Any help would be appreciatedWe've been working with these confs for a while, so they aren't as clean as they could be, but here they are
---HUB---
version 15.2
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname HUB
boot-start-marker
boot system flash:c1900-universalk9-mz.SPA.152-4.M5.bin
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
enable secret xxxxx
aaa new-model
aaa group server radius FLEXVPN_AUTH-C_SERVER_GROUP
server-private 10.0.1.15 key xxxxx
aaa authentication login default local
aaa authentication login xxxxxVPN_VPN_XAUTH local
aaa authentication login FLEXVPN_AUTH-C_LIST group FLEXVPN_AUTH-C_SERVER_GROUP
aaa authorization exec default local
aaa authorization network default local
aaa authorization network xxxxxVPN_VPN_GROUP local
aaa authorization network FLEXVPN_AUTH-Z_LIST local
aaa session-id common
clock timezone CST -6 0
clock summer-time CDT recurring
clock calendar-valid
no ip source-route
no ip gratuitous-arps
ip cef
no ip bootp server
ip domain name xxxxx.net
ip name-server 166.102.165.13
ip name-server 166.102.165.11
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip name-server 4.2.2.1
no ipv6 cef
multilink bundle-name authenticated
vpdn enable
vpdn-group VPN_GROUP
key chain EIGRP_KEY_CHAIN
key 1
key-string xxxxx
crypto pki trustpoint FLEXVPN_RA_TP
enrollment terminal
serial-number none
fqdn vpn.xxxxx.net
ip-address none
subject-name cn=vpn.xxxxx.net
revocation-check crl
eckeypair FLEXVPN_RA_TP-Key
crypto pki certificate chain FLEXVPN_RA_TP
certificate 460000.. nvram:xxxxx#2.cer
certificate ca 59A43A15.. nvram:xxxxx#BC60CA.cer
license udi pid CISCO1921/K9 sn xxxxx
archive
path ftp://xxxxx
write-memory
username xxxxx privilege 15 password xxxxx
redundancy
crypto ikev2 authorization policy default
pool FLEX_SPOKES_POOL
route set interface
crypto ikev2 authorization policy FLEXVPN_RA_LOCAL_POLICY
pool FLEXVPN_RA_POOL
dns 10.0.1.15
netmask 255.255.255.0
def-domain xxxxx.net
route set access-list FLEXVPN_RA_ACL
crypto ikev2 proposal SHA1-only
encryption aes-cbc-256
integrity sha1
group 5
crypto ikev2 policy SHA1-only
match fvrf any
proposal SHA1-only
crypto ikev2 keyring FLEX_KEY
peer ALL
address 0.0.0.0 0.0.0.0
pre-shared-key local xxxxx
pre-shared-key remote xxxxx
crypto ikev2 profile FLEX_IKEv2
match identity remote address 0.0.0.0
authentication remote pre-share
authentication local pre-share
keyring local FLEX_KEY
aaa authorization group psk list default default
virtual-template 1
crypto ikev2 profile FLEXVPN_RA_IKEv2_PROFILE
match identity remote key-id xxxxx.net
identity local dn
authentication remote eap query-identity
authentication local rsa-sig
pki trustpoint FLEXVPN_RA_TP
dpd 60 2 on-demand
aaa authentication eap FLEXVPN_AUTH-C_LIST
aaa authorization group eap list FLEXVPN_AUTH-Z_LIST FLEXVPN_RA_LOCAL_POLICY
virtual-template 10
crypto ikev2 dpd 30 5 on-demand
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
crypto logging session
crypto isakmp client configuration group xxxxxVPN
key xxxxx
pool xxxxxVPN_POOL
acl xxxxxVPN_ACL
netmask 255.255.255.0
crypto isakmp profile xxxxxVPN_IKE_PROFILE
match identity group xxxxxVPN
client authentication list xxxxxVPN_VPN_XAUTH
isakmp authorization list xxxxxVPN_VPN_GROUP
client configuration address respond
virtual-template 100
crypto ipsec transform-set xxxxxVPN_SET esp-3des esp-sha-hmac
mode tunnel
crypto ipsec transform-set IKEv2 esp-gcm
mode transport
crypto ipsec profile xxxxxVPN_IPSEC_PROFILE
set transform-set xxxxxVPN_SET
set isakmp-profile xxxxxVPN_IKE_PROFILE
crypto ipsec profile FLEXVPN_RA_IPSEC_PROFILE
set ikev2-profile FLEXVPN_RA_IKEv2_PROFILE
crypto ipsec profile default
set transform-set IKEv2
set ikev2-profile FLEX_IKEv2
interface Loopback100
ip address 172.31.100.1 255.255.255.255
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address 10.0.1.1 255.255.255.0
no ip unreachables
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface Virtual-Template1 type tunnel
description FlexVPN hub-to-spokes
ip unnumbered Loopback100
ip mtu 1400
ip nhrp network-id 1
ip nhrp redirect
ip tcp adjust-mss 1360
tunnel path-mtu-discovery
tunnel protection ipsec profile default
interface Virtual-Template10 type tunnel
ip unnumbered GigabitEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile FLEXVPN_RA_IPSEC_PROFILE
interface Dialer0
mtu 1492
ip address negotiated
no ip unreachables
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1450
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password xxxxx
ppp pap sent-username [email protected] password xxxxx
no cdp enable
router eigrp 1
distribute-list EIGRP_SUMMARY_PFLIST out Virtual-Template1
network 10.0.1.0 0.0.0.255
network 172.30.200.0 0.0.0.255
network 172.31.100.1 0.0.0.0
passive-interface GigabitEthernet0/0
ip local pool xxxxxVPN_POOL 172.30.255.1 172.30.255.254
ip local pool FLEX_SPOKES_POOL 172.31.100.10 172.31.100.254
ip local pool FLEXVPN_RA_POOL 172.30.200.1 172.30.200.254
ip forward-protocol nd
no ip http server
no ip http secure-server
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 172.30.200.0 255.255.255.0 Null0
ip access-list standard FLEXVPN_RA_ACL
permit 10.0.1.0 0.0.0.255
permit 10.0.2.0 0.0.0.255
permit 10.0.3.0 0.0.0.255
permit 10.0.4.0 0.0.0.255
ip access-list standard MGMT_ACL
permit 172.30.200.0 0.0.0.255
permit 172.31.254.0 0.0.0.255
permit 10.0.1.0 0.0.0.255
ip access-list extended xxxxxVPN_ACL
permit ip 172.30.255.0 0.0.0.255 any
permit ip 10.0.1.0 0.0.0.255 any
permit ip 172.31.254.0 0.0.0.255 any
ip prefix-list EIGRP_SUMMARY_PFLIST seq 10 permit 10.0.1.0/24
ip prefix-list EIGRP_SUMMARY_PFLIST seq 20 permit 172.30.200.0/24
ip prefix-list EIGRP_SUMMARY_PFLIST seq 30 permit 172.31.100.1/32
access-list 1 permit 10.0.1.0 0.0.0.255
route-map EIGRP_SUMMARY_RMAP permit 10
match ip address prefix-list EIGRP_SUMMARY_PFLIST
control-plane
banner motd Cxxxxx
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class MGMT_ACL in
privilege level 15
transport input telnet ssh
line vty 5 15
transport input all
scheduler allocate 20000 1000
ntp update-calendar
ntp server 1.pool.ntp.org
ntp server 0.pool.ntp.org prefer
end
---SPOKE---
version 15.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname SPOKE
boot-start-marker
boot system flash:c880data-universalk9-mz.152-4.M5.bin
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
enable secret xxxxx
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa authorization network default local
aaa session-id common
memory-size iomem 10
clock timezone CST -6 0
clock summer-time CDT recurring
clock calendar-valid
no ip source-route
no ip gratuitous-arps
no ip bootp server
ip domain name xxxxx.net
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip name-server 4.2.2.1
ip cef
no ipv6 cef
multilink bundle-name authenticated
key chain EIGRP_KEY_CHAIN
key 1
key-string xxxxx
license udi pid CISCO881-SEC-K9 sn FTX1740854N
archive
path ftp://xxxxx
write-memory
username xxxxx privilege 15 password xxxxx
crypto ikev2 authorization policy default
route set interface
crypto ikev2 keyring FLEX_KEY
peer ALL
address 0.0.0.0 0.0.0.0
pre-shared-key local xxxxx
pre-shared-key remote xxxxx
crypto ikev2 profile FLEX_IKEv2
match identity remote address 0.0.0.0
authentication remote pre-share
authentication local pre-share
keyring local FLEX_KEY
aaa authorization group psk list default default
virtual-template 1
crypto ikev2 dpd 30 5 on-demand
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
crypto ipsec transform-set IKEv2 esp-gcm
mode transport
crypto ipsec profile default
set transform-set IKEv2
set ikev2-profile FLEX_IKEv2
interface Loopback101
ip address 172.31.101.3 255.255.255.255
interface Tunnel0
description FlexVPN tunnel
ip address negotiated
ip mtu 1400
ip nhrp network-id 1
ip nhrp shortcut virtual-template 1
ip nhrp redirect
ip tcp adjust-mss 1360
delay 1000
tunnel source Vlan1
tunnel destination x.x.x.x
tunnel path-mtu-discovery
tunnel protection ipsec profile default
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
ip address dhcp
no ip unreachables
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface Virtual-Template1 type tunnel
description FlexVPN spoke-to-spoke
ip unnumbered Loopback101
ip nhrp network-id 1
ip nhrp shortcut virtual-template 1
ip nhrp redirect
tunnel protection ipsec profile default
interface Vlan1
ip address 10.0.3.1 255.255.255.0
ip helper-address 10.0.1.15
no ip unreachables
ip nat inside
ip virtual-reassembly in
ip forward-protocol nd
no ip http server
no ip http secure-server
ip dns server
ip nat inside source list INTERNET_BOUND_ACL interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 dhcp
ip access-list standard INTERNET_BOUND_ACL
permit 10.0.3.0 0.0.0.255
ip access-list standard MGMT_ACL
permit 172.30.255.0 0.0.0.255
permit 172.31.100.0 0.0.0.255
permit 10.0.1.0 0.0.0.255
permit 10.0.3.0 0.0.0.255
permit 172.30.200.0 0.0.0.255
access-list 99 permit 10.0.3.0
control-plane
banner motd xxxxx
line con 0
no modem enable
line aux 0
line vty 0 4
access-class MGMT_ACL in
privilege level 15
transport input telnet ssh
ntp update-calendar
ntp server 0.pool.ntp.org prefer
ntp server 1.pool.ntp.org
end -
1941w - Need help with IP address assigning, and relay wireless to a DHCP server.
Hope someone can point me in the right direction -
Basically have a Win08 R2 DHCP server, and a 1941w router.
I've got the internet, got the lan clients getting DHCP ok (with ip helper-address set on the 0/0 internal interface).
Also have the SSID, and wireless clients can connect - but no IPs are being handed out, also not sure if I understand or did the bridging correctly or assigned IPs to the vlan or bvi1 correctly.
for ex:
DHCP server IP:
10.10.2.4
Router Ethernet internal interface 0/0 IP:
10.10.2.1
with helper-address 10.10.2.4 (lan clients are resolving IPs correctly from the DHCP server)
Vlan1 IP address:
10.10.3.1
Does this interface need the helper-address as well? (10.10.2.4)?
wlan-ap 0 IP address:
unnumbered
interface BVI1 IP address (static):
10.10.2.2
am i totally off? not even sure if i have the vlan bridged to the 0/0 adapter or not correctly - but as I said, i can get a wireless client to connect with the SSID.
would appreciate any advice/pointers, thanksof course - here is the router config:
=======================================================
Using 5591 out of 262136 bytes
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname router
boot-start-marker
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$JWwK$.04.NFg7tQ82UTy68/hyv.
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
no ipv6 cef
no ip source-route
ip cef
no ip bootp server
ip name-server 10.10.2.4
multilink bundle-name authenticated
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-975501586
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-975501586
revocation-check none
rsakeypair TP-self-signed-975501586
crypto pki certificate chain TP-self-signed-975501586
certificate self-signed 01 nvram:IOS-Self-Sig#3.cer
license udi pid CISCO1941W-A/K9 sn FTX155085QG
hw-module ism 0
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ES_LAN$$FW_INSIDE$
ip address 10.10.2.1 255.255.255.0
ip helper-address 10.10.2.4
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered GigabitEthernet0/0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
arp timeout 0
no mop enabled
no mop sysid
interface GigabitEthernet0/1
description $ES_WAN$$FW_OUTSIDE$
ip address dhcp client-id GigabitEthernet0/1
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
interface Wlan-GigabitEthernet0/0
description Internal switch interface connecting to the embedded AP
no ip address
interface Vlan1
ip address 10.10.3.1 255.255.255.0
ip helper-address 10.10.2.4
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface GigabitEthernet0/1 overload
logging trap debugging
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.2.0 0.0.0.255
no cdp run
control-plane
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
scheduler allocate 20000 1000
end
=======================================================
and the ap config:
=======================================================
Using 2067 out of 32768 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap
enable secret 5 $1$xKDT$GdLGeA6h.H9LKL9l3dPmj.
no aaa new-model
dot11 syslog
dot11 ssid WIFI1
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 044B1E030D2D43632A
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm
broadcast-key vlan 1 change 30
ssid WIFI1
antenna gain 0
station-role root
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm
broadcast-key vlan 1 change 30
ssid WIFI1
antenna gain 0
dfs band 3 block
channel dfs
station-role root
interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
no ip route-cache
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 10.10.2.2 255.255.255.0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
no activation-character
line vty 0 4
login local
end
============================================ -
OK i have 4 servers in my cluster and wanted to check pooling is working ok as i have reports from Oracle dba we have exceeded maximum licensing connections with 'ORA-00019: maximum number of session licenses exceeded'
Now.. first of all would this be down to the application not closing the connection off after query?
Would this be in connection pooling? Ive checked already and can see 100connections set by default.
One thing im concerned about after looking in monitoring is this
Current capacity for 3 nodes is 100 and for one it shows 4?? I thought these would be equal. num available is also 4 whilst the others are 100?
Any answers to above apreciated.The application not closing the connection may have an effect, because this 'leaks' from the pool,
which may then have to make more. If you cannot fix the app, at least set a idle-connection-timeout
for the pool, so it can retract connections that your app has reserved but not used for that long.
As to one server showing 4 while the others 100, that is a higher-than-JDBC issue, asking why
user load was not sent to that node. JDBC just supplies a connection from the local instance
of the pool if/when the work is being done on a node.
Maybe you are looking for
-
How to return an error code to DOS at the end of a java batch
Hi, I have a batch file which launch my java program. At the end of the program, I would like to give my batch file an error code. Do you know how to do that? Does the main function is able to return an error code? Does the bat file is able to recove
-
I am working on a help project extracted from a .chm file. I am unfamiliar with the creation of the original help file but when viewing the compiled .chm file a series of topics following a particular browse sequence (for a Quick Tour) include button
-
Images in Finder but not in iPhoto
Just restored using Backup 3.1.2. Most pics & Events appear in iPhoto '08. However, most current pics (March to August) do not. I can see the pics using "Show Package Contents" of Picture/iPhoto Library/Data -OR- Picture/iPhoto Library/Originals If I
-
I Updated my 3g yesterday to ios 4, and now it says exactly what is in the title. i have tried 3 sim cards all different networks, and one from an Iphone 4. none of them work. is there anyway i can get this phone working again, i want to give it to m
-
Hi All, Can anyone please help, how can i establish database link from oracle to mysql via pl/sql developer or sth else? thank you Ugur