Cisco SPA 112 adapter Issue
Hi All,
We are using Cisco SPA 112 adapter and it is having 2 lines,I configured both of the lines.
There is no issue in line 1 but line 2 is automatically went to disable mode.After that i have to manually enabled that option.
Please help me to fix this issue
Dan, i will see how it goes over the next week or so with the updated F/W & shall report back, and thanks for the link as i wasnt sure how to save a syslog.
Should i set the verb as high as 6, or is that an over kill.
Gabriel, I have an FTP running on my sat receiver which i will attempt to use to catch the log, but as for the the "sipgate registration", when i loose conection my ata reports its still registered & the sipgate URL, isnt in real time as far as i can tell.
My ata would have normally shown its fault since my first post 6 days ago, but unfortunately a recent power cut has reset my testing period back to 1 day.
Similar Messages
-
Cisco SPA 112 outbound call issue.
Firstly, i applogize if i havent posted this in the correct section but this was my best educated guess.
Recently upgraded to a Cisco SPA 112 which works fine.. but only for a few days,
then If i try to call a number i get the dial tone but the number fails to
connect & all i hear is silence. If i hang up the phone to retry it fails to
disconnect correctly and i get no dial tone for several minutes. After leaving the phone
hungup for a few mins the dail tone returns but the same problem is still present.
A hard/soft reset of the 112 fixes the issue temporarily, but reoccures again withinn a few days.
Running Sipgate on lines 1 and 2 on Virgin media UK ISP.
Model:
SPA112, 2 FXS
Hardware Version:
1.0.0
Boot Version:
1.0.1 (Oct 6 2011 - 20:04:00)
Firmware Version:
1.3.1 (003) Dec 17 2012
Recovery Firmware:
1.0.2 (001)
Im no expert and now at a loss and could do with some expert help tbh.Dan, i will see how it goes over the next week or so with the updated F/W & shall report back, and thanks for the link as i wasnt sure how to save a syslog.
Should i set the verb as high as 6, or is that an over kill.
Gabriel, I have an FTP running on my sat receiver which i will attempt to use to catch the log, but as for the the "sipgate registration", when i loose conection my ata reports its still registered & the sipgate URL, isnt in real time as far as i can tell.
My ata would have normally shown its fault since my first post 6 days ago, but unfortunately a recent power cut has reset my testing period back to 1 day. -
SPA 112/122 FW 1.1.0 (011) provisioning problem
I have problem with provisionig Cisco SPA 112/122 after upgrade FW to 1.1.0 (011).
Is there any solution or just we should not use this FW?
We use provisioning by entering url to
Profile Rule: http://prov.802.cz/prov.xml
set short times and Submit, but nothing happens :-(
After downgrade FW to 1.0.1 (022) provisionign work with no problem.
Thanks for your advice
TomasWe have identified some provisioning issues and those are fixed in the upcoming release which should be out on cisco.com in the next 2 weeks. Thank you.
-
Cisco SPA-504G: Retrieving Broadsoft Personal directory does not display first and last name
Hi,
We are using the Cisco SPA-504G on BroadWorks Release 17.sp3. We are using the feature to lookup the different BroadWorks directories through the 'dir' button on the Cisco phone. For configuration you have three choices for telling the phone which directory it needs to retrieve:
- Personal
- Group
- Enterprise
This can be found by going to Voice -> Phone -> Broadsoft Settings in the web GUI of the phone (admin & advanced mode).
When retrieving the Enterprise or Group directory everything is working OK. I can see the names and the corresponding phonenumbers of the users.
When retrieving the Personal directory I only see the phonenumbers and not the names of the entries. This is probably due to the fact that the XML output of the Personal directory is different compared to the Enterprise/Group directory. Personal directory is like:
<Personal><startIndex>1</startIndex><numberOfRecords>2</numberOfRecords><totalAvailableRecords>2</totalAvailableRecords><entry><name>Name X</name><number>0123456789</number></entry><entry><name>Name Y</name><number>0987654321</number></entry></Personal>
Result of requesting: http://xsp.domain.tld/com.broadsoft.xsi-actions/v2.0/user/[email protected]/directories/Personal
Group directory is like:
<Group><startIndex>1</startIndex><numberOfRecords>1</numberOfRecords><totalAvailableRecords>1</totalAvailableRecords><groupDirectory><directoryDetails><userId>[email protected]</userId><firstName>FirstName</firstName><lastName>LastName</lastName><hiranganaLastName>LastName</hiranganaLastName><hiranganaFirstName>FirstName</hiranganaFirstName><groupId>BroadWorksGroupID</groupId><extension>9999</extension></directoryDetails></groupDirectory></Group>
Result of requesting: http://xsp.domain.tld/com.broadsoft.xsi-actions/v2.0/user/[email protected]/directories/Group
As you can see the name of a user in the Personal directory is defined by <name></name> and the name of a user in the Group directory is defined by <firstName></firstName> <lastName></lastName>.
So it looks like the phone is not capable of parsing the XML output of the Personal directory request. And to me that looks like a bug.
Anyone that can acknowledge?
Kind regards,
Bart Derks
RoutIT B.V.
edit: We are running firmware 7.4.9c.
Message was edited by: Bart DerksOur upcoming release scheduled for the end of this month should resolve this issue. There were a number of fixes in this particular area that were made.
-
Make a Cisco SPA 303 ring by sending a packet through your network?
Hey Guys,
I was wondering, and I need to know for my business, is there any way at all for me to make my Cisco SPA 303 VOIP Phone to ring by sending a packet through my local network?
I would like to just be able to click a button or send a command throught the command prompt and make it ring, but I don't know if there is any way for this to happen.
Thank!Do you know perl?
I had same issue and I wrote a simple perl script that works as wake up service.
PERL is an interpreted language and so can be executed on Linux and Windows operating systems. Linux can interpret perl natively while for Windows you can download many free interpreters like Activeperl or Strawberry perl. To run the script you must use a third party server.
In my configuration the script runs on a linux server in background as a service and checks every minute the directory called "alarm", reads files and uses the file name as called number and checks the content to verify if is the time to call. At the moment the script uses SIP and handles 4 call responses: 404 user not found, 486 busy, 487 not answer and 200 answer ok. In every cases sends an email and deletes files. Only for the answer case plays a nice music.
Files have this particular format: file name is equal to calling party number and file content is the alarm time in 24 hours format with : as separator between hours and minutes.
e.g.
ext. 101 must be called at 8 am ---> write the file 101.txt with the content 08:00
ext. 101 must be called at 8:30 am ---> write the file 101.txt with the content 08:30
There is a limitation: if you activate the Authentication for SIP messages and there are more then two simultaneous calls, the script sends some INVITEs without authentication or with wrong checksum and so not all phones ring. This problem is under investigation.
Are you intresting?
Regards. -
Force/lock rtp ports in SPA 112/122.
Hi,
I hope someone can help me. I am looking for a setting inside the Cisco/Linksys spa 112/122 which can force the rtp source port to be the same on the sip provider - is that possible? When the spa 112/122 connects to the sip provider is the port number from the box is 16384(standard range 16384-16482 inside the spa) but on the sip provider will respons with eg. port 36741.
/TomHi Bro
Before you proceed to add the line shown below, I'm guessing you're unable to access and PING 172.20.16.8 once you've successfully VPN in, am I right? If yes, which groupname and username did you use? Lastly, did you use IPSEC VPN Client or WebVPN?
access-list inside_nat0_outbound extended permit ip 10.20.60.0 255.255.255.0 172.20.16.0 255.255.255.0
Regards,
Ram -
Updating spa 112 with firmware 1.0.2 (006)
I recently purchased a spa 112 and configured for the VoIP offered by my ISP. It work more or less fine but I would like to update to the latest firmware to have access to call display and other options.
The update process mentioned specifying a path where the new firmware is saved in the Phone Adapter Configuration Utility under the administration "tab". In my case, all that shows up on the left hand side is the quick setup option. This is true regardless of the actual tab selected.
It looks like I have an older hardware (1.0.0) and firmware 1.0.2 (006) version. Could someone direct me to the procedure to update to a newer firmware?
MichelHey,
I had exactly the same problem. My original firmware was as well 1.0.2 and I wanted to upgrade to 1.3.3. However changing the browser didn't work (IE 8, IE 11, Firefox, Chromium, Safari).
Instead I used the following direct upgrade link:
http:///Upgrade_run.asp;session_id=
where has to be replaced by the generated ID after login (see address bar).
Example:
http://192.168.1.132/Upgrade_run.asp;session_id=40c5188219bf4ea4beb4952003c13365
Marc -
SPA 112 PROBLEM WITH SIMULTANEOUS CALLS
HELLO,I HAVE A PROBLEM IN THE ATA SPA 112 ABOUT SIMLUTANEOUS CALLS. The ata has 2 lines,when a call falls in line 1, the call on line 2 falls at the same time...and when I'm on line 1 and I recevive a call on line 2 the call in line 1 becomes mute and then drops.I didn' have these problems with the old pap2t .
Can you please help me to solve this problem ? Do I have to change something in the configuration ? Thanks,MarioHi,
thanks for responding.
I had found out about the timing problem in the meantime, but did not find a way to mark this thread as solved.
There are two timing values: one is the PSTN answer delay, and the other one the PSTN ring timeout.
It seems that ring timeout should be longer than ring time + ring pause. As long as this conndition is not met. the dial plan is not even considered -
I just went through a download of recommended Lenovo updates and now have problems starting up the computer. I get consistent blue screen telling me that I may have memory or video adapter issues. Is this a video adapter or is there another cause? I wasn't getting this prior to the update at the end of July...
What ThinkPad exactly are we discussing here?
Cheers,
George
In daily use: R60F, R500F, T61, T410
Collecting dust: T60
Enjoying retirement: A31p, T42p,
Non-ThinkPads: Panasonic CF-31 & CF-52, HP 8760W
Starting Thursday, 08/14/2014 I'll be away from the forums until further notice. Please do NOT send private messages since I won't be able to read them. Thank you. -
CISCO SPA-504G & CISCO SPA-525G plug nad play???
Hi,
we have CCM 7.1.5 and I need to add about 100 new phone/users. we received good price for this two phones CISCO SPA-504G & CISCO SPA-525G.
This one look and I think is the same linksys spa 942 phone, and for that one I need to do provisioning to get them to work.
Are this two phones CISCO SPA-504G & CISCO SPA-525G, "plug and play" does CCM recognized them like other Cisco phones (like 7941....)
THX,
IVanSounds like you need to adjust the dial plan string under the relevant Ext tab on the admin web interface of the phone.
-
Cisco SPA 504G dialling out.
Cisco SPA 504G. After reset to factory defaults, I now have to add 1 to any 10 digit phone number to dial out.
How can I avoid this additional 1 before every number. What setting do I have to change on the phone. interface. [email protected]Sounds like you need to adjust the dial plan string under the relevant Ext tab on the admin web interface of the phone.
-
SPA 112 - Faxing with ATA gateway
I had a regular phone line but the only purpose for having that line was for sending faxes, which only happens a few times per month. So, naturally, I felt it was a waste to be paying so much money for it.
I purchased the SPA 112 and configured it to use with VoiceNetwork.ca. I was successfully able to send faxes.
I later cancelled my phone number and switched my internet to cable (since I was on DSL before).
I can no longer successfully complete a fax ever since I switched to cable internet. I don't know why because the speed is 3 times faster upload and 5 times faster download.
I'm guessing there is a setting that needs to be changed in the ATA admin panel to adjust for cable internet.
My configuration settings are attached as screenshots.
Firmware: 1.3.2-XU (014) Jul 2 2013I had a regular phone line but the only purpose for having that line was for sending faxes, which only happens a few times per month. So, naturally, I felt it was a waste to be paying so much money for it.
I purchased the SPA 112 and configured it to use with VoiceNetwork.ca. I was successfully able to send faxes.
I later cancelled my phone number and switched my internet to cable (since I was on DSL before).
I can no longer successfully complete a fax ever since I switched to cable internet. I don't know why because the speed is 3 times faster upload and 5 times faster download.
I'm guessing there is a setting that needs to be changed in the ATA admin panel to adjust for cable internet.
My configuration settings are attached as screenshots.
Firmware: 1.3.2-XU (014) Jul 2 2013 -
Issue blf cisco Spa 500 and spa504g
Dear,
phoneA : spa500+spa504
phoneB : spa504
Pbx : draytek 3510
Scenario 1 :
PhoneB boot first and register
PhoneA boot second and register
=> blf is ok
Scenario 2 : issue
PhoneA boot first and register
blf = blink orange
PhoneB boot second and register
=> blf always blink yellow !
Sip trace give me error 481 : call/transaction dont exist
I need reboot all ours Spa with attendant console after all ours spa50x without attendant console.
This issue occur too with programmable softkey on spa50x without attendant console.
Attendant console setting have retry subscribe interval : 30
Server type : asterisk
Subscribe expires : 1800
firmware : 7.5.5
Any chance to resolve this ?
Maybe my error or draytek ippbx?
Regards
Sent from Cisco Technical Support iPhone AppCatch the SIP SUBSCRIBE requests sent by phone to your Asterisk (and responses as well). It should help you to analyze the problem.
-
Cisco 881 Zone Firewall issues
I'm having issues with an 881 that I have configured as a zone based firewall.
I have allowed HTTP(s) and DNS on the DMZ but my user is saying he cannot access the internet.
On the corporate side the user complains that some websites fail, such as Linked in.
I have been using CCP to configure the device. What am I doing wrong?
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.03.15 11:49:00 =~=~=~=~=~=~=~=~=~=~=~=
sh run
Building configuration...
Current configuration : 22210 bytes
! Last configuration change at 15:30:21 UTC Tue Mar 12 2013 by SpecIS
! NVRAM config last updated at 14:12:39 UTC Thu Mar 7 2013 by specis
! NVRAM config last updated at 14:12:39 UTC Thu Mar 7 2013 by specis
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname -Rt
boot-start-marker
boot-end-marker
security authentication failure rate 10 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5
enable password 7
aaa new-model
aaa authentication login local_auth local
aaa session-id common
memory-size iomem 10
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-3066996233
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3066996233
revocation-check none
rsakeypair TP-self-signed-3066996233
crypto pki certificate chain TP-self-signed-3066996233
certificate self-signed 01
quit
no ip source-route
no ip gratuitous-arps
ip dhcp excluded-address 10.0.2.2
ip dhcp excluded-address 10.0.2.1
ip dhcp pool Trusted
import all
network 10.0.2.0 255.255.255.0
default-router 10.0.2.1
domain-name spectra.local
dns-server 10.0.2.2 10.0.1.6
option 150 ip 10.1.1.10 10.1.1.20
ip dhcp pool Guest
import all
network 192.168.112.0 255.255.255.0
default-router 192.168.112.1
dns-server 4.2.2.2 4.2.2.3
ip cef
no ip bootp server
ip domain name yourdomain.com
ip name-server 10.0.2.2
ip name-server 4.2.2.2
login block-for 5 attempts 3 within 2
no ipv6 cef
multilink bundle-name authenticated
vpdn enable
vpdn-group 1
parameter-map type inspect global
log dropped-packets enable
log summary flows 256 time-interval 30
parameter-map type regex ccp-regex-nonascii
pattern [^\x00-\x80]
parameter-map type protocol-info yahoo-servers
server name scs.msg.yahoo.com
server name scsa.msg.yahoo.com
server name scsb.msg.yahoo.com
server name scsc.msg.yahoo.com
server name scsd.msg.yahoo.com
server name cs16.msg.dcn.yahoo.com
server name cs19.msg.dcn.yahoo.com
server name cs42.msg.dcn.yahoo.com
server name cs53.msg.dcn.yahoo.com
server name cs54.msg.dcn.yahoo.com
server name ads1.vip.scd.yahoo.com
server name radio1.launch.vip.dal.yahoo.com
server name in1.msg.vip.re2.yahoo.com
server name data1.my.vip.sc5.yahoo.com
server name address1.pim.vip.mud.yahoo.com
server name edit.messenger.yahoo.com
server name messenger.yahoo.com
server name http.pager.yahoo.com
server name privacy.yahoo.com
server name csa.yahoo.com
server name csb.yahoo.com
server name csc.yahoo.com
parameter-map type protocol-info msn-servers
server name messenger.hotmail.com
server name gateway.messenger.hotmail.com
server name webmessenger.msn.com
parameter-map type protocol-info aol-servers
server name login.oscar.aol.com
server name toc.oscar.aol.com
server name oam-d09a.blue.aol.com
license udi pid CISCO881-SEC-K9 sn FCZ1703C01Y
archive
log config
logging enable
username S privilege 15 secret 4
username ed privilege 15 password 7
ip tcp synwait-time 10
ip tcp path-mtu-discovery
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-any SDM_BOOTPC
match access-group name SDM_BOOTPC
class-map type inspect imap match-any ccp-app-imap
match invalid-command
class-map type inspect match-any ccp-cls-protocol-p2p
match protocol edonkey signature
match protocol gnutella signature
match protocol kazaa2 signature
match protocol fasttrack signature
match protocol bittorrent signature
class-map type inspect match-any SDM_DHCP_CLIENT_PT
match class-map SDM_BOOTPC
class-map type inspect match-any SDM_AH
match access-group name SDM_AH
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect http match-any ccp-app-nonascii
match req-resp header regex ccp-regex-nonascii
class-map type inspect match-any sdm-cls-bootps
match protocol bootps
class-map type inspect match-any TFTP
match protocol tftp
class-map type inspect match-any SDM_ESP
match access-group name SDM_ESP
class-map type inspect match-any SDM_VPN_TRAFFIC
match protocol isakmp
match protocol ipsec-msft
match class-map SDM_AH
match class-map SDM_ESP
class-map type inspect match-all SDM_VPN_PT
match access-group 105
match class-map SDM_VPN_TRAFFIC
class-map type inspect match-all ccp-cls-ccp-permit-outside-in-1
match access-group name Any-From-HO
class-map type inspect match-any Skinny
match protocol skinny
class-map type inspect match-all ccp-cls-ccp-permit-outside-in-2
match class-map Skinny
match access-group name Hostcom-Skinny
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
class-map type inspect match-any ccp-cls-protocol-im
match protocol ymsgr yahoo-servers
match protocol msnmsgr msn-servers
match protocol aol aol-servers
class-map type inspect match-any Pings
match protocol icmp
class-map type inspect match-any Ping-
match class-map Pings
class-map type inspect match-all ccp-cls-ccp-inspect-2
match class-map Ping-
match access-group name Ping-
class-map type inspect match-any DNS
match protocol dns
class-map type inspect match-all ccp-cls-ccp-inspect-3
match class-map DNS
match access-group name Any-any
class-map type inspect match-all ccp-protocol-pop3
match protocol pop3
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-all ccp-cls-ccp-inspect-1
match access-group name Any/Any
class-map type inspect match-any https
match protocol https
class-map type inspect match-all ccp-cls-ccp-inspect-4
match class-map https
match access-group name any-any
class-map type inspect match-any UDP
match protocol udp
match protocol tcp
class-map type inspect match-all ccp-cls-ccp-inspect-5
match class-map UDP
match access-group name InsideOut
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any SDM_SSH
match access-group name SDM_SSH
class-map type inspect pop3 match-any ccp-app-pop3
match invalid-command
class-map type inspect match-any SDM_HTTPS
match access-group name SDM_HTTPS
class-map type inspect match-all ccp-protocol-p2p
match class-map ccp-cls-protocol-p2p
class-map type inspect match-all ccp-cls-ccp-permit-2
match class-map Pings
match access-group name RespondtoSomePings
class-map type inspect match-any RemoteMgt
match protocol ssh
match protocol https
class-map type inspect match-all ccp-cls-ccp-permit-1
match class-map RemoteMgt
match access-group name Spectra-RemoteMgt
class-map type inspect match-any SDM_SHELL
match access-group name SDM_SHELL
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-protocol-im
match class-map ccp-cls-protocol-im
class-map type inspect match-all ccp-icmp-access
class-map type inspect match-all ccp-invalid-src
match access-group 103
class-map type inspect http match-any ccp-app-httpmethods
match request method bcopy
match request method bdelete
match request method bmove
match request method bpropfind
match request method bproppatch
match request method connect
match request method copy
match request method delete
match request method edit
match request method getattribute
match request method getattributenames
match request method getproperties
match request method index
match request method lock
match request method mkcol
match request method mkdir
match request method move
match request method notify
match request method options
match request method poll
match request method post
match request method propfind
match request method proppatch
match request method put
match request method revadd
match request method revlabel
match request method revlog
match request method revnum
match request method save
match request method search
match request method setattribute
match request method startrev
match request method stoprev
match request method subscribe
match request method trace
match request method unedit
match request method unlock
match request method unsubscribe
class-map type inspect match-any ccp-dmz-protocols
match protocol http
match protocol dns
match protocol https
class-map type inspect match-any WebBrowsing
match protocol http
match protocol https
class-map type inspect match-any DNS2
match protocol dns
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect http match-any ccp-http-blockparam
match request port-misuse im
match request port-misuse p2p
match request port-misuse tunneling
match req-resp protocol-violation
class-map type inspect match-all ccp-protocol-imap
match protocol imap
class-map type inspect match-all ccp-cls-ccp-permit-dmzservice-1
match class-map WebBrowsing
match access-group name DMZ-Out
class-map type inspect match-all ccp-cls-ccp-permit-dmzservice-2
match class-map DNS2
match access-group name DMZtoAny
class-map type inspect match-all ccp-protocol-smtp
match protocol smtp
class-map type inspect match-all ccp-protocol-http
match protocol http
policy-map type inspect ccp-permit-icmpreply
class type inspect sdm-cls-bootps
pass
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect imap ccp-action-imap
class type inspect imap ccp-app-imap
log
reset
policy-map type inspect pop3 ccp-action-pop3
class type inspect pop3 ccp-app-pop3
log
reset
policy-map type inspect ccp-inspect
class type inspect ccp-cls-ccp-inspect-2
inspect
class type inspect ccp-cls-ccp-inspect-1
inspect
class type inspect ccp-cls-ccp-inspect-5
pass log
class type inspect TFTP
inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-cls-ccp-inspect-4
inspect
class type inspect ccp-protocol-http
inspect
class type inspect ccp-protocol-smtp
inspect
class type inspect ccp-cls-ccp-inspect-3
inspect
class type inspect ccp-protocol-imap
inspect
service-policy imap ccp-action-imap
class type inspect ccp-protocol-pop3
inspect
service-policy pop3 ccp-action-pop3
class type inspect ccp-protocol-p2p
drop log
class type inspect ccp-protocol-im
drop log
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop log
policy-map type inspect ccp-permit-outside-in
class type inspect ccp-cls-ccp-permit-outside-in-2
inspect
class type inspect ccp-cls-ccp-permit-outside-in-1
pass
class class-default
drop log
policy-map type inspect http ccp-action-app-http
class type inspect http ccp-http-blockparam
log
reset
class type inspect http ccp-app-httpmethods
log
reset
class type inspect http ccp-app-nonascii
log
reset
policy-map type inspect ccp-permit
class type inspect SDM_VPN_PT
pass
class type inspect ccp-cls-ccp-permit-2
inspect
class type inspect ccp-cls-ccp-permit-1
pass
class type inspect SDM_DHCP_CLIENT_PT
pass
class class-default
drop log
policy-map type inspect ccp-permit-dmzservice
class type inspect ccp-cls-ccp-permit-dmzservice-1
inspect
class type inspect ccp-cls-ccp-permit-dmzservice-2
inspect
class class-default
drop
zone security in-zone
zone security out-zone
zone security dmz-zone
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security ccp-zp-out-in source out-zone destination in-zone
service-policy type inspect ccp-permit-outside-in
zone-pair security Spec-zp-dmz-out source dmz-zone destination out-zone
service-policy type inspect ccp-permit-dmzservice
crypto isakmp policy 2
encr aes 256
authentication pre-share
group 5
lifetime 28800
crypto isakmp key Y address x.x.x.x
crypto isakmp key o1 address x.x.x.x
crypto ipsec transform-set ESP-AES256-SHA esp-aes 256 esp-sha-hmac
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to x.x.x.x
set peer x.x.x.x
set transform-set ESP-AES256-SHA
match address 100
crypto map SDM_CMAP_1 2 ipsec-isakmp
description Tunnel to x.x.x.x
set peer x.x.x.x
set security-association lifetime kilobytes 128000
set security-association lifetime seconds 28800
set transform-set ESP-AES256-SHA
match address 102
interface FastEthernet0
description B
switchport access vlan 2
no ip address
spanning-tree portfast
interface FastEthernet1
description Docker
switchport access vlan 2
no ip address
spanning-tree portfast
interface FastEthernet2
description Phone
switchport access vlan 2
no ip address
spanning-tree portfast
interface FastEthernet3
description Guest
switchport access vlan 3
no ip address
spanning-tree portfast
interface FastEthernet4
description External $FW_OUTSIDE$
bandwidth inherit
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
ip verify unicast source reachable-via rx allow-default 104
duplex auto
speed auto
pppoe-client dial-pool-number 1
hold-queue 224 in
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip tcp adjust-mss 1452
shutdown
interface Vlan2
description Trusted Network$FW_INSIDE$
ip address 10.0.2.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
ip tcp adjust-mss 1440
interface Vlan3
description Guest Network$FW_DMZ$
ip address 192.168.112.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security dmz-zone
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
ip directed-broadcast
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
ip verify unicast reverse-path
encapsulation ppp
load-interval 30
dialer pool 1
dialer-group 1
ppp authentication chap pap callout
ppp chap hostname
ppp chap password 7
ppp pap sent-username password 7
no cdp enable
interface Dialer1
ip address negotiated
no ip redirects
no ip unreachables
ip directed-broadcast
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
ip verify unicast reverse-path
zone-member security out-zone
encapsulation ppp
load-interval 30
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname
ppp chap password 7
ppp pap sent-username password 7
ppp ipcp route default
ppp ipcp address accept
no cdp enable
crypto map SDM_CMAP_1
ip forward-protocol nd
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map SDM_RMAP_1 interface Dialer1 overload
ip access-list standard SSH-Management
permit x.x.x.x log
permit 10.0.2.0 0.0.0.255 log
permit 10.0.1.0 0.0.0.255 log
ip access-list extended Any-From-HO
remark CCP_ACL Category=128
permit ip 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255
permit ip 10.1.1.0 0.0.0.255 10.0.2.0 0.0.0.255
ip access-list extended Any-any
remark CCP_ACL Category=128
permit ip any any
ip access-list extended Any/Any
remark CCP_ACL Category=128
permit ip host 10.0.2.0 host 10.0.1.0
ip access-list extended DMZ-Out
remark CCP_ACL Category=128
permit ip 192.168.112.0 0.0.0.255 any
ip access-list extended DMZtoAny
remark CCP_ACL Category=128
permit ip 192.168.112.0 0.0.0.255 any
ip access-list extended Hostcom-Skinny
remark CCP_ACL Category=128
permit ip 10.1.1.0 0.0.0.255 10.0.2.0 0.0.0.255
ip access-list extended InsideOut
remark CCP_ACL Category=128
permit ip 10.0.2.0 0.0.0.255 10.0.1.0 0.0.0.255
ip access-list extended Ping-Hostcom
remark CCP_ACL Category=128
permit ip host 10.0.2.2 any
ip access-list extended RespondtoSomePings
remark CCP_ACL Category=128
permit ip 10.0.1.0 0.0.0.255 any
permit ip host x.x.x.x any
permit ip host 37.0.96.2 any
ip access-list extended SDM_AH
remark CCP_ACL Category=1
permit ahp any any
ip access-list extended SDM_BOOTPC
remark CCP_ACL Category=0
permit udp any any eq bootpc
ip access-list extended SDM_ESP
remark CCP_ACL Category=1
permit esp any any
ip access-list extended SDM_HTTPS
remark CCP_ACL Category=1
permit tcp any any eq 443
ip access-list extended SDM_SHELL
remark CCP_ACL Category=1
permit tcp any any eq cmd
ip access-list extended SDM_SSH
remark CCP_ACL Category=1
permit tcp any any eq 22
ip access-list extended RemoteMgt
remark CCP_ACL Category=128
permit ip host x.x.x.x any
permit ip 10.0.1.0 0.0.0.255 any
ip access-list extended any-any
remark CCP_ACL Category=128
permit ip any any
logging trap debugging
logging facility local2
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.0.2.0 0.0.0.255
access-list 1 permit 192.168.112.0 0.0.0.255
access-list 23 remark HTTPS Access
access-list 23 permit 10.0.2.1
access-list 23 permit x.x.x.x
access-list 23 permit 10.0.2.0 0.0.0.255
access-list 23 permit 10.0.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 10.0.2.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 101 remark CCP_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny ip 10.0.2.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 101 remark IPSec Rule
access-list 101 deny ip 10.0.2.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 101 permit ip 192.168.112.0 0.0.0.255 any
access-list 101 permit ip 10.0.2.0 0.0.0.255 any
access-list 102 remark CCP_ACL Category=4
access-list 102 remark IPSec Rule
access-list 102 permit ip 10.0.2.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 103 remark CCP_ACL Category=128
access-list 103 permit ip host 255.255.255.255 any
access-list 103 permit ip 127.0.0.0 0.255.255.255 any
access-list 104 permit udp any any eq bootpc
access-list 105 remark CCP_ACL Category=128
access-list 105 permit ip host x.x.x.x any
access-list 105 permit ip host x.x.x.x any
dialer-list 1 protocol ip permit
no cdp run
route-map SDM_RMAP permit 1
route-map SDM_RMAP_1 permit 1
match ip address 101
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner login ^C
Authorised Access Only
If your not supposed to be here. Close the connection
^C
banner motd ^C
Access Is Restricted To Personel ONLY^C
line con 0
exec-timeout 5 0
login authentication local_auth
transport output telnet
line aux 0
exec-timeout 15 0
login authentication local_auth
transport output telnet
line vty 0 4
access-class SSH-Management in
privilege level 15
logging synchronous
login authentication local_auth
transport input telnet ssh
scheduler interval 500
endHello Martin,
Please apply the following changes and let us know:
ip access-list extend DMZtoAny
1 permit udp 192.168.12.0 0.0.0.255 any eq 53
no permit ip 192.168.112.0 0.0.0.255 any
Ip access-list extended DMZ-Out
1 permit tcp 192.168.12.0 0.0.0.255 any eq 80
2 permit tcp 192.168.12.0 0.0.0.255 any eq 443
no permit ip 192.168.112.0 0.0.0.255 any
Change that, try and if it does not work post the configuration with the changes applied,
Regards,
Remember to rate all of the helfpul posts, that is as important as a thanks
Julio -
Hi All,
We are getting this error in Sender Mail adapter.
"exception caught during processing mail message; java.net.ConnectException: A remote host refused an attempted connect operation"
It is a (Lotus Notes) Mail to File scenario.
Used POP3, and gave the URL as POP:// ** .
I have tried pinging the server and getting a good response.
I have also tried the OS01 ans it returned a response : Program Terminated.
I am not sure if the POP3 port is enabled.
Are there any check points we are missing ?
Please throw some light on this as we need to solve this asap ..
Yashwanth
Edited by: YashwanthSVK on Aug 2, 2011 7:18 PMShabarish is right.
This seem a connectivity issue. Try to ping Mail server from your PI System and check pop3 port.
This document can be helpful for you:
http://wiki.sdn.sap.com/wiki/display/XI/SMTPConfigurationinSAPXI
Maybe you are looking for
-
My safari no longer works on my mac desktop
Safari No longer wroeks. At first it would open up but not open any websites, now it won't even open up. This is what the CrashReporter says SafariDAVClient_2014-01-26-125107_Sues-iMac.crash SafariDAVClient_2014-01-25-135110_Sues-iMac.crash Safari_2
-
Could not change countries in app store
i live in kuwait and every time i should sign out and sign in again to buy or update in app store and i have change the country to kuwait but i have messages every time you are in the british, canadian, usa store so you should change to you country s
-
Computer won't progress past POST with my new processor
Just bought a 3ghz P4 800 FSB prescott, my MB is a PT880 MS7008. It will post showing all the devices but then it will not go on to boot the OS. Here is my Dxdiag. If anyone has any ideas please let me know. System Information Time of this report: 9/
-
Mysql_num_row in java
hi im designing a database program with java but i cant find the way to return the number of column count which is appropriate to my query in php i used to mysql_num_row function are there anything like this in java? Ps: I'm using mysql-connector-jav
-
Help on Reconstruction of Binary Tree
I have everything expect the reconstruct method and main method. Could someone help me create the reconstruct and main method? package binarytree; public class BinaryTree { public BinaryTree(Object value, BinaryTree left, BinaryTree right){