COM access?
Is Adobe Air, or the 2.0 beta able to communicate with other applications through COM? I couldn't find any examples of this on the net, so it just might mean its not possible.
I'm wanting to develop an application that communicates with Photoshop CS2
There is a specific AIR 2 forum:
http://forums.adobe.com/community/labs/air2/
You can get help over there.
You can't do this with AIR (before AIR 2).
-ted
Similar Messages
-
ASA 5505 IPSEC VPN connected but can't access to LAN
ASA : 8.2.5
ASDM: 6.4.5
LAN: 10.1.0.0/22
VPN Pool: 172.16.10.0/24
Hi, we purcahsed a new ASA 5505 and try to setup IPSEC VPN via ASDM; i just simply run the Wizards, setup vpnpool, split tunnelling,etc.
I can connect to the ASA by using cisco VPN client and internet works fine on the local PC, but it cannot access to the LAN (can't ping. can't remote desktop). I tried the same thing on our Production ASA(those have both Remote VPN and Site-to-site VPN working), the new profile i created worked fine.
Below is my configure, do I mis-configure anything?
ASA Version 8.2(5)
hostname asatest
domain-name XXX.com
enable password 8Fw1QFqthX2n4uD3 encrypted
passwd g9NiG6oUPjkYrHNt encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.1.1.253 255.255.252.0
interface Vlan2
nameif outside
security-level 0
ip address XXX.XXX.XXX.XXX 255.255.255.240
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns server-group DefaultDNS
domain-name vff.com
access-list vpntest_splitTunnelAcl standard permit 10.1.0.0 255.255.252.0
access-list inside_nat0_outbound extended permit ip 10.1.0.0 255.255.252.0 172.16.10.0 255.255.255.0
pager lines 24
logging enable
logging timestamp
logging trap warnings
logging asdm informational
logging device-id hostname
logging host inside 10.1.1.230
mtu inside 1500
mtu outside 1500
ip local pool vpnpool 172.16.10.1-172.16.10.254 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 XXX.XXX.XXX.XXX 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server AD protocol nt
aaa-server AD (inside) host 10.1.1.108
nt-auth-domain-controller 10.1.1.108
http server enable
http 10.1.0.0 255.255.252.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 10.1.0.0 255.255.252.0 inside
ssh timeout 20
console timeout 0
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy vpntest internal
group-policy vpntest attributes
wins-server value 10.1.1.108
dns-server value 10.1.1.108
vpn-tunnel-protocol IPSec l2tp-ipsec
password-storage disable
ip-comp disable
re-xauth disable
pfs disable
ipsec-udp disable
ipsec-udp-port 10000
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vpntest_splitTunnelAcl
default-domain value XXX.com
split-tunnel-all-dns disable
backup-servers keep-client-config
address-pools value vpnpool
username admin password WeiepwREwT66BhE9 encrypted privilege 15
username user5 password yIWniWfceAUz1sUb encrypted privilege 5
username user3 password umNHhJnO7McrLxNQ encrypted privilege 3
tunnel-group vpntest type remote-access
tunnel-group vpntest general-attributes
address-pool vpnpool
authentication-server-group AD
authentication-server-group (inside) AD
default-group-policy vpntest
strip-realm
tunnel-group vpntest ipsec-attributes
pre-shared-key BEKey123456
peer-id-validate nocheck
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 3 mode exec command packet-tracer
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command asp
privilege show level 3 mode exec command cpu
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command ipv6
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command vpnclient
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command dynamic-filter
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command module
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege clear level 3 mode exec command dynamic-filter
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:447bbbc60fc01e9f83b32b1e0304c6b4
: endI change a Machine's gateway to this ASA and capture again, now we can see some reply.
All ohter PCs and switches gateway are point to another ASA, maybe that's the reason why i didn't work?
what's the recommanded way to make our LAN to have two 2 gateways(for load balance or backup router, etc)?
add two gateways to all PCs and swtichwes?
1: 18:15:48.307875 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
2: 18:15:49.777685 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
3: 18:15:51.377147 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
4: 18:15:57.445777 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
5: 18:15:58.856324 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
6: 18:16:00.395090 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
7: 18:16:06.483464 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
8: 18:16:08.082805 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
9: 18:16:09.542406 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 68
10: 18:16:20.640424 802.1Q vlan#1 P0 172.16.10.1 > 10.1.1.230: icmp: echo request
11: 18:16:20.642193 802.1Q vlan#1 P0 10.1.1.230 > 172.16.10.1: icmp: echo reply
12: 18:16:21.169607 802.1Q vlan#1 P0 172.16.10.1 > 10.1.1.230: icmp: echo request
13: 18:16:21.171210 802.1Q vlan#1 P0 10.1.1.230 > 172.16.10.1: icmp: echo reply
14: 18:16:22.179556 802.1Q vlan#1 P0 172.16.10.1 > 10.1.1.230: icmp: echo request
15: 18:16:22.181142 802.1Q vlan#1 P0 10.1.1.230 > 172.16.10.1: icmp: echo reply
16: 18:16:23.237673 802.1Q vlan#1 P0 172.16.10.1 > 10.1.1.230: icmp: echo request
17: 18:16:23.239291 802.1Q vlan#1 P0 10.1.1.230 > 172.16.10.1: icmp: echo reply
18: 18:16:27.676402 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 50
19: 18:16:29.246935 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 50
20: 18:16:30.676921 802.1Q vlan#1 P0 172.16.10.1.137 > 10.1.1.108.137: udp 50
21: 18:16:49.539660 802.1Q vlan#1 P0 172.16.10.1 > 10.1.1.233: icmp: echo request
22: 18:16:54.952602 802.1Q vlan#1 P0 172.16.10.1 > 10.1.1.233: icmp: echo request
23: 18:17:04.511463 802.1Q vlan#1 P0 172.16.10.1 > 10.1.1.233: icmp: echo request -
Open firewall Ports despite DENY- ALL access rule
Hi,
See below my firewall rules.
Despite the deny all, runnning nmap from outside still reveals open ports.
name 202.1.53.41 fw1.outside.irc.com
interface GigabitEthernet0/0
nameif inside
security-level 0
ip address fw1.inside.irc.com 255.255.252.0 standby 172.16.86.219
interface GigabitEthernet0/1
nameif SSN-DMZ
security-level 0
ip address 10.20.2.1 255.255.255.0 standby 10.20.2.2
interface GigabitEthernet0/2
nameif Outside
security-level 0
ip address fw1.outside.irc.com 255.255.255.248 standby NAT-202.1.53.45
interface GigabitEthernet0/3
description Internet Access for Wireless clients on the guest network
nameif GuestInternet
security-level 0
ip address 192.168.154.2 255.255.254.0
interface Management0/0
nameif management
security-level 10
ip address 10.10.200.14 255.255.255.0 standby 10.10.200.15
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_2 any host WWW.IRC.COM-PRIV
access-list inside_access_in remark Deny POP3, SSH, TELNET to Deny-Host-Group 172.16.86.246/249
access-list inside_access_in extended deny object-group DENY-HOST-GROUP object-group DENY-HOST-GROUP-1 any
access-list inside_access_in remark Allow SMTP external access to Mail Servers group
access-list inside_access_in extended permit tcp object-group MAIL-GW-GROUP any eq smtp
access-list inside_access_in remark Deny Any other Users from sending mails via smtp
access-list inside_access_in extended deny tcp any any eq smtp
access-list inside_access_in extended deny ip object-group Botnet_Blacklist any
access-list inside_access_in extended deny ip any SPAM_MACHINE 255.255.255.0
access-list inside_access_in extended deny ip any host SPAMIP
access-list inside_access_in extended permit ip object-group Socialsites_Allowed object-group Facebook
access-list inside_access_in extended deny object-group DM_INLINE_SERVICE_8 any object-group Facebook
access-list inside_access_in remark Rule to block Internal users from accessing youtube
access-list inside_access_in extended deny object-group DM_INLINE_SERVICE_9 any object-group YoutubeIPs
access-list inside_access_in remark Suspected Virus Ports
access-list inside_access_in extended deny tcp any any object-group DM_INLINE_TCP_17
access-list inside_access_in remark Ports Commonly used by Botnet and Malwares
access-list inside_access_in extended deny tcp any any object-group IRC
access-list inside_access_in remark Allow Access to External DNS to ALL
access-list inside_access_in extended permit object-group DNS-GROUP object-group DNS-SERVERS object-group External_DNS_Servers
access-list inside_access_in remark Allow Any to Any on Custom TCP/UDP services
access-list inside_access_in extended permit tcp any any object-group DM_INLINE_TCP_12
access-list inside_access_in remark Allow Any to Any VPN Protocols group
access-list inside_access_in extended permit object-group VPN-GROUP any any
access-list inside_access_in extended permit ip any host pomttdbsvr
access-list inside_access_in remark Allow Access to DMZ from Inside
access-list inside_access_in extended permit tcp any any object-group DM_INLINE_TCP_10
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_5 any 10.20.2.0 255.255.255.0
access-list inside_access_in extended permit tcp any any eq pop3
access-list inside_access_in extended permit object-group Web-Access-Group any any
access-list inside_access_in remark DNS RATING SERVICE FOR BLUECOAT SG510 PROXY
access-list inside_access_in extended permit tcp object-group DM_INLINE_NETWORK_11 object-group DM_INLINE_NETWORK_4 eq www inactive
access-list inside_access_in extended permit tcp any host 202.165.193.134 object-group DM_INLINE_TCP_3
access-list inside_access_in remark Yahoo Messenger Test
access-list inside_access_in extended permit tcp any any object-group YahooMessenger
access-list inside_access_in extended permit ip host AVIRUSMAN 192.168.254.0 255.255.255.0
access-list inside_access_in extended permit tcp any any object-group smile
access-list inside_access_in extended permit udp any host smile.telinet.com.pg object-group smile-udp
access-list inside_access_in remark testing access for mobile phones behind wireless router
access-list inside_access_in extended permit ip host Wireless-Router any inactive
access-list inside_access_in extended permit tcp any any object-group FTP-Service-Group inactive
access-list inside_access_in extended permit ip host mailgate.irc.com any
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 object-group DM_INLINE_NETWORK_2 any object-group NTP
access-list inside_access_in extended permit tcp any any object-group web-email-services
access-list inside_access_in remark Murray PC
access-list inside_access_in extended permit ip host 10.100.20.36 any
access-list inside_access_in extended permit tcp any any object-group Itec-Citrix
access-list inside_access_in extended permit ip host EP200 any
access-list inside_access_in extended permit tcp any any object-group TCP-SMTP
access-list inside_access_in extended permit tcp any host 202.165.193.134 eq 3391
access-list inside_access_in extended permit ip object-group IT-Servers any
access-list inside_access_in extended permit tcp any any object-group DM_INLINE_TCP_1
access-list inside_access_in extended permit ip object-group DM_INLINE_NETWORK_14 any inactive
access-list inside_access_in extended permit ip host 10.100.20.23 any
access-list inside_access_in extended permit tcp host NOC-NMS-CDMA host 202.165.193.134 object-group DM_INLINE_TCP_4
access-list inside_access_in extended permit tcp object-group DM_INLINE_NETWORK_12 object-group Bluecoat-DNS-Rating eq www
access-list inside_access_in extended permit ip object-group DM_INLINE_NETWORK_13 any
access-list inside_access_in extended permit udp host solarwinds-server any eq snmp
access-list inside_access_in extended permit tcp host kaikai any object-group test-u inactive
access-list inside_access_in extended permit tcp any host fw1.outside.irc.com object-group TCP-88
access-list inside_access_in extended permit udp host solarwinds-server any object-group DM_INLINE_UDP_1
access-list inside_access_in extended permit ip host IN-WEB-APP-SERVER any
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 host KMS-Server any object-group KMS
access-list inside_access_in extended permit tcp any any object-group TeamVIewer-TCP
access-list inside_access_in extended permit icmp any any traceroute
access-list inside_access_in extended permit ip host KMS-Server any
access-list inside_access_in extended deny ip any host 87.255.51.229
access-list inside_access_in extended deny ip any host 82.165.47.44
access-list inside_access_in extended permit ip host InterConnect-BillingBox any
access-list inside_access_in extended permit icmp any host fw1.outside.irc.com
access-list inside_access_in extended permit icmp any any
access-list inside_access_in remark For ACCESS MPLS team
access-list inside_access_in extended permit tcp any host 202.165.193.134 object-group RDP-MPLS-Huawei
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 host mailgate.irc.com any eq domain
access-list inside_access_in extended permit tcp any host 66.147.244.58 object-group SMTP-26
access-list inside_access_in extended deny object-group DM_INLINE_PROTOCOL_1 any any object-group Airfiji-SW
access-list inside_access_in extended permit tcp host chief.bula.irc.com any
access-list inside_access_in extended permit ip host Avabill86.181 any
access-list inside_access_in extended permit ip any object-group AVG
access-list inside_access_in extended permit ip host solarwinds-server any
access-list inside_access_in extended permit tcp host 172.16.87.219 any object-group TCP-4948
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_10 any host Avabill_Consultant_IP_Sri-Lanka
access-list inside_access_in extended permit tcp any host 69.164.201.123 eq smtp inactive
access-list inside_access_in extended permit tcp any any object-group GMAIL inactive
access-list inside_access_in extended permit tcp any any object-group NOC1
access-list inside_access_in extended permit ip host solarwinds-server 10.10.200.0 255.255.255.0
access-list inside_access_in extended permit tcp any host smile.telinet.com.fj object-group tcp-20080-30080
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any any object-group SIP-5060-5062
access-list inside_access_in extended permit ip host LYNC-2013-SERVER any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_7 object-group Lync_Servers any
access-list inside_access_in extended permit object-group VPN-GROUP host 10.100.20.94 any inactive
access-list inside_access_in remark Pocket Solutions -TEMP
access-list inside_access_in extended permit ip host 10.100.20.121 any
access-list inside_access_in extended permit tcp host John_sibunakau any object-group JohnTESTPort inactive
access-list inside_access_in extended permit ip host CiscoRadiusTestPC any
access-list inside_access_in extended permit ip any host HungaryServer inactive
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com eq ssh
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any host fw1.outside.irc.com object-group itec-support-tcp-udp
access-list Outside_access_in remark Allow All to NAT Address on SSL/SSH/SFTP(2222)
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group DM_INLINE_TCP_9
access-list Outside_access_in remark Allow All to Outside On Fujitsu and 777-7778 ports
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group DM_INLINE_TCP_8
access-list Outside_access_in remark Allow all to Outside on Custom ports
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group DM_INLINE_TCP_7
access-list Outside_access_in remark Allow Inbound HTTP to WWW.IRC.COM
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com eq www
access-list Outside_access_in extended permit icmp any host fw1.outside.irc.com
access-list Outside_access_in extended permit object-group TCPUDP any host fw1.outside.irc.com object-group BrouardsGroup
access-list Outside_access_in remark Allow ALL to RealVNC ports
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group RealVNC-TCP5900
access-list Outside_access_in remark Allow ALL access to 202.1.53.43 on RealVNC ports
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group RealVNC-TCP5900
access-list Outside_access_in remark Allow DNS queries from Internet to DNS server
access-list Outside_access_in extended permit object-group TCPUDP object-group ITEC-Group-Inbound host fw1.outside.irc.com object-group itec-sftp
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group DM_INLINE_TCP_14
access-list Outside_access_in extended permit object-group DM_INLINE_SERVICE_1 host SkyTel host fw1.outside.irc.com
access-list Outside_access_in remark Telinet/Inomial temp access to test machine M.Orshansky
access-list Outside_access_in extended permit tcp host 203.92.29.151 host fw1.outside.irc.com eq 3390
access-list Outside_access_in extended permit tcp any host NAT-202.58.130.43 object-group RDP
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 object-group ITEC-Group-Inbound host fw1.outside.telikompng.com.pg object-group INTEC-Service
access-list Outside_access_in extended permit tcp host 220.233.157.98 host fw1.outside.irc.com eq ssh inactive
access-list Outside_access_in extended permit ip any host fw1.outside.telikompng.com.pg
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group CRM
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group HTTP-8010-CRM
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group HTTP-8005-CRM
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any any object-group NTP
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any host fw1.outside.irc.com object-group DNS
access-list Outside_access_in remark Ultra VNC connection to 172.16.84.34@nadi Exchange
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group UVNC
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group UVNC-HTTP
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group POP3-SSL
access-list Outside_access_in extended permit object-group EMAIL-SMARTPHONES any host fw1.outside.irc.com
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group exchange-RPC
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group exchange-RPC
access-list Outside_access_in extended permit icmp any host NAT-202.1.53.43
access-list Outside_access_in remark Access to Solarwinds Management box
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group Solarwinds
access-list SSN-DMZ_access_in remark Permit DNS Quiries out of DMZ
access-list SSN-DMZ_access_in extended permit object-group TCPUDP any any eq domain
access-list SSN-DMZ_access_in remark Allow SQL ports out of DMZ to Host 172.16.86.70
access-list SSN-DMZ_access_in extended permit tcp any host HOST-172.16.86.70 object-group SQL-Group
access-list SSN-DMZ_access_in remark Allow Custom protocols out of DMZ to host 172.16.86.27
access-list SSN-DMZ_access_in extended permit tcp any host HOST-172.16.86.27 object-group DM_INLINE_TCP_2
access-list SSN-DMZ_access_in extended permit tcp host suva-vdc-int2.suva.irc.com host WWW.IRC.COM=PRIV eq 3389
access-list SSN-DMZ_access_in extended permit object-group Web-Access-Group host WWW.IRC.COM-PRIV any
access-list SSN-DMZ_access_in extended permit tcp any host WWW.IRC.COM.-PRIV object-group DMZ-WebAccess
access-list SSN-DMZ_access_in extended permit ip host pomlynedsvr01_access any
access-list SSN-DMZ_access_in extended permit ip host pomlynedsvr01_webcon any
access-list SSN-DMZ_access_in extended permit ip host pomlynedsvr01_AV any
access-list inside_nat0_outbound extended permit ip any 192.168.254.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip object-group DM_INLINE_NETWORK_6 host 10.10.200.1
access-list inside_nat0_outbound extended permit ip any host WWW.IRC.COM-PRIV
access-list inside_nat0_outbound extended permit ip host ns.irc.com any
access-list inside_nat0_outbound extended permit ip any 10.200.200.0 255.255.255.0
access-list Outside_nat0_outbound extended permit ip 192.168.254.0 255.255.255.0 any
access-list Outside_nat0_outbound extended permit ip mcr_Management 255.255.255.0 any
access-list alcatel-my remark Allow Alcatel-my access to TIRC(1)
access-list alcatel-my standard permit 172.16.24.0 255.255.252.0
access-list alcatel-my remark Allow Alcatel-my access to TIRC(2)
access-list alcatel-my standard permit 172.16.84.0 255.255.252.0
access-list 131 extended permit ip host MICHAEL any
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 mcr_Management 255.255.255.0
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_5
access-list management_access_in extended permit object-group Web-Access-Group host 10.10.200.1 any
access-list management_access_in extended permit ip host 10.10.200.1 host 172.16.87.47
access-list management_access_in extended permit ip host 10.10.200.1 host IN-WSC
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_8
access-list management_access_in extended permit tcp host 10.10.200.1 object-group DM_INLINE_NETWORK_3 eq 3389
access-list management_access_in remark To BlueCaot Appliances
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_1
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_7
access-list management_access_in extended permit tcp 10.10.200.0 255.255.255.0 object-group Management_Hosts object-group RDP
access-list management_access_in extended permit icmp host 10.10.200.1 any traceroute
access-list management_access_in extended permit ip host 10.10.200.1 host NOC-NMS-CDMA
access-list management_access_in extended permit object-group DM_INLINE_SERVICE_3 host 10.10.200.1 any
access-list management_access_in extended permit tcp host 10.10.200.1 any eq ftp
access-list management_access_in extended permit tcp host bula host 10.10.200.1 object-group RDP inactive
access-list management_access_in extended permit tcp host 10.100.20.23 host 10.10.200.1 object-group RDP
access-list management_access_in extended permit ip host 10.10.200.1 any
access-list management_access_in extended permit ip host solarwinds-server 10.10.200.0 255.255.255.0
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 host solarwinds-server
access-list management_access_in extended permit ip any any
access-list management_access_in extended permit ip host 10.10.200.1 host bula inactive
access-list management_access_in extended permit ip any host solarwinds-server
access-list management_access_in extended permit ip host solarwinds-server any
access-list management_access_in extended permit ip object-group PacketFence-Servers 10.10.200.0 255.255.255.0
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 object-group PacketFence-Servers
access-list management_access_in extended permit ip object-group 3750-Switches host solarwinds-server
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 host 10.10.200.1
access-list management_access_in extended permit ip host 10.10.200.1 10.10.200.0 255.255.255.0
access-list Outside_access_in_1 extended permit ip any any
access-list management_access_in_1 extended permit ip mcr_Management 255.255.255.0 any
access-list inside-networks remark internal tpng corporate subnetwork
access-list inside-networks standard permit 172.16.84.0 255.255.252.0
access-list inside-networks remark dms10
access-list inside-networks standard permit host 10.10.0.0
access-list 84-subnet remark 84 subnet
access-list 84-subnet standard permit 172.16.84.0 255.255.252.0
access-list 84-subnet remark 4 subnet
access-list 84-subnet standard permit inside-network-extra-subnet 255.255.252.0
access-list split-tunnel remark 84 subnet
access-list split-tunnel standard permit 172.16.84.0 255.255.252.0
access-list split-tunnel remark 4 subnet
access-list split-tunnel standard permit inside-network-extra-subnet 255.255.252.0
access-list split-tunnel remark Access to internal POP3 server
access-list split-tunnel standard permit host neptune.waigani.telikompng.com.pg
access-list split-tunnel remark Access to internal SMTP server
access-list split-tunnel standard permit host minerva.suva.irc.com
access-list split-tunnel remark Allow access to the 24 subnet
access-list split-tunnel standard permit 172.16.24.0 255.255.252.0
access-list split-tunnel standard permit Cisco-VLans 255.255.0.0
access-list inside_authentication extended permit tcp any object-group DM_INLINE_TCP_11 any object-group DM_INLINE_TCP_13 time-range WorkingHours inactive
access-list itsupport standard permit NOC 255.255.252.0
access-list itsupport standard permit 172.16.96.0 255.255.252.0
access-list itsupport standard permit 10.20.2.0 255.255.255.0
access-list itsupport standard permit 10.10.200.0 255.255.255.0
access-list itsupport standard permit 172.16.84.0 255.255.252.0
access-list itsupport standard permit inside-network-extra-subnet 255.255.252.0
access-list itsupport standard permit 10.2.1.0 255.255.255.0
access-list itsupport standard permit 172.16.88.0 255.255.252.0
access-list itsupport standard permit Cisco-VLans 255.255.0.0
access-list itsupport remark Access to IT-LAN-UPGRADE Network
access-list itsupport standard permit IT-NETWORK-NEW 255.255.0.0
access-list itsupport remark KWU Exchange subnet
access-list itsupport standard permit 172.16.188.0 255.255.252.0
access-list itsupport standard permit ATM-Network 255.255.0.0
access-list global_mpc extended permit ip any any
access-list management_nat0_outbound extended permit ip any inside-network-extra-subnet 255.255.252.0 inactive
access-list management_nat0_outbound extended permit ip mcr_Management 255.255.255.0 any
access-list management_nat0_outbound extended permit ip any object-group DM_INLINE_NETWORK_9
access-list management_nat0_outbound extended permit ip host 10.10.200.1 object-group Management_Hosts
access-list management_nat0_outbound extended permit ip any 172.16.84.0 255.255.252.0
access-list management_nat0_outbound extended permit ip any MCR_POM 255.255.255.0
access-list management_nat0_outbound extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_10
access-list management_nat0_outbound extended permit ip any Cisco-VLans 255.255.0.0
access-list management_nat0_outbound extended permit ip 10.10.200.0 255.255.255.0 host solarwinds-server
access-list management_nat0_outbound extended permit ip 10.10.200.0 255.255.255.0 object-group DM_INLINE_NETWORK_15
access-list Capture extended permit ip any host 192.118.82.140
access-list Capture extended permit ip host 192.118.82.140 any
access-list Capture extended permit ip host 192.118.82.160 any
access-list Capture extended permit ip any host 192.118.82.160
a
access-list inside-network-access-only remark Allow Maggie Talig access to the 84 subnet only
access-list inside-network-access-only standard permit 172.16.84.0 255.255.252.0
access-list inside-network-access-only remark Allow Maggie Talig access to the 4 subnet only
access-list inside-network-access-only standard permit inside-network-extra-subnet 255.255.252.0
access-list SSN-DMZ_nat0_outbound extended permit ip host WWW.IRC.COM-PRIV object-group Internal-Networks
access-list inside_nat0_outbound_1 extended permit ip host AVIRUSMAN 192.168.254.0 255.255.255.0
access-list NETFLOW extended permit tcp any any
access-list NETFLOW extended permit object-group DNS-GROUP any host fw1.outside.irc.com
access-list NETFLOW extended permit object-group DM_INLINE_SERVICE_6 any host fw1.outside.irc.com
access-list NETFLOW extended permit udp any host fw1.outside.irc.com
access-list NETFLOW extended permit tcp any host fw1.outside.irc.com eq smtp
access-list NETFLOW extended permit tcp any host fw1.outside.irc.com object-group DM_INLINE_TCP_5
access-list NETFLOW extended permit tcp any host fw1.outside.irc.com object-group TCP-8080
access-list NETFLOW extended permit object-group DM_INLINE_SERVICE_4 any host NAT-202.58.130.43
access-list NETFLOW remark Reverse Proxy Inbound Rules from Internet- Lync 2013 Project - Lync Simple URLs
access-list NETFLOW extended permit tcp any host 202.58.130.69 object-group DM_INLINE_TCP_6
access-list NETFLOW remark Lync Edge Access Inbound Rule - Restricting Inbound
access-list NETFLOW extended permit object-group pomlynedsvr01_access_Outside_to_DMZ any host 202.58.130.66
access-list NETFLOW remark Lync Edge Outside to Inside for AV Interface
access-list NETFLOW extended permit object-group pomlynedsvr01_webcon_outside_to_DMZ any host 202.58.130.67
access-list NETFLOW extended permit object-group pomlynedsvr01_AV_Outside_to_DMZ any host 202.58.130.68
access-list NETFLOW extended permit object-group DM_INLINE_SERVICE_11 any host NAT-fijiircdata
access-list NETFLOW extended deny ip host SPAMIP any
access-list NETFLOW extended deny ip SPAM_MACHINE 255.255.255.0 any
access-list NETFLOW extended deny ip host 220.233.157.99 any log debugging
access-list Huawei-Access-Networks remark HUawei-Network-Elements
access-list Huawei-Access-Networks standard permit 192.168.200.0 255.255.255.0
access-list Huawei-Access-Networks remark Access to Ela Beach MPLS network
access-list Huawei-Access-Networks standard permit 10.100.70.0 255.255.255.0
access-list Huawei-Access-Networks remark Huawei Network elements
access-list Huawei-Access-Networks standard permit 192.168.210.0 255.255.255.0
access-list Huawei-Access-Networks remark Huawei network elements
access-list Huawei-Access-Networks standard permit 192.168.213.0 255.255.255.0
access-list management_nat0_outbound_1 extended permit ip host solarwinds-server 10.10.200.0 255.255.255.0
access-list Alcatel-NMS-ACL remark Access allowed to Alcatel NMS devices in NOC
access-list Alcatel-NMS-ACL standard permit 10.2.1.0 255.255.255.0
access-list Business-Systems-Access remark Mail Server 1
access-list Business-Systems-Access standard permit host neptune.waigani.telikompng.com.pg
access-list Business-Systems-Access remark Mail Server 2
access-list Business-Systems-Access standard permit host minerva.waigani.telikompng.com.pg
access-list Business-Systems-Access remark SAP PROD
access-list Business-Systems-Access standard permit host SAP-SAPPROD
access-list Business-Systems-Access remark Avabill Application Server
access-list Business-Systems-Access standard permit host Avabill86.177
access-list Business-Systems-Access remark Backup Avabill Application Server
access-list Business-Systems-Access standard permit host Avabill84.170
access-list Business-Systems-Access remark HRSelfcare
access-list Business-Systems-Access standard permit host HOST-172.16.86.248
access-list Business-Systems-Access remark Intranet Server
access-list Business-Systems-Access standard permit host 172.16.85.32
access-list IT-Systems-Support remark Access to inside network
access-list IT-Systems-Support standard permit 172.16.84.0 255.255.252.0
access-list IT-Systems-Support remark Access to IN netwwork
access-list IT-Systems-Support standard permit 172.16.88.0 255.255.252.0
access-list IT-Systems-Support standard permit Cisco-VLans 255.255.0.0
access-list Systems-XS remark Access to 84 subnet
access-list Systems-XS standard permit 172.16.84.0 255.255.252.0
access-list Systems-XS remark Access to .4 subnet
access-list Systems-XS standard permit inside-network-extra-subnet 255.255.252.0
access-list Systems-XS remark Access to 10.100.x.x/24
access-list Systems-XS standard permit Cisco-VLans 255.255.0.0
access-list Huawei-NOC standard permit 172.16.84.0 255.255.252.0
access-list Huawei-NOC standard permit Cisco-VLans 255.255.0.0
access-list Huawei-NOC standard permit HASUT 255.255.255.0
access-list Huawei-NOC standard permit IT-NETWORK-NEW 255.255.0.0
access-list efdata remark Allow efdata access to above device as per request by chris mkao
access-list efdata standard permit 172.16.92.0 255.255.252.0
access-list test standard permit 172.16.92.0 255.255.252.0
access-list Ghu_ES_LAN remark Allow efdata access to fij ES LAN
access-list Ghu_ES_LAN extended permit ip any 172.16.92.0 255.255.252.0
access-list GuestInternet_access_in extended permit ip any any
global (inside) 1 interface
global (SSN-DMZ) 1 interface
global (Outside) 1 interface
global (management) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 0 access-list inside_nat0_outbound_1 outside
nat (inside) 1 0.0.0.0 0.0.0.0
nat (SSN-DMZ) 0 access-list SSN-DMZ_nat0_outbound
nat (SSN-DMZ) 1 WWW.IRC.COM-PRIV 255.255.255.255
nat (Outside) 0 access-list Outside_nat0_outbound
nat (GuestInternet) 1 0.0.0.0 0.0.0.0
nat (management) 0 access-list management_nat0_outbound
nat (management) 0 access-list management_nat0_outbound_1 outside
nat (management) 1 10.10.200.1 255.255.255.255
static (inside,Outside) tcp interface 10103 mailgate.irc.com 10103 netmask 255.255.255.255
static (SSN-DMZ,Outside) tcp interface www WWW.IRC.COM-PRIV www netmask 255.255.255.255
static (inside,Outside) tcp interface smtp mailgate.irc.com smtp netmask 255.255.255.255
static (inside,Outside) tcp interface telnet HOST-172.16.84.144 telnet netmask 255.255.255.255
static (inside,Outside) tcp interface pcanywhere-data HOST-192.168.1.14 pcanywhere-data netmask 255.255.255.255
static (inside,Outside) udp interface pcanywhere-status HOST-192.168.1.14 pcanywhere-status netmask 255.255.255.255
static (inside,Outside) tcp interface ssh InterConnect-BillingBox ssh netmask 255.255.255.255
static (inside,Outside) udp interface ntp confusious.suva.irc.com ntp netmask 255.255.255.255
static (inside,Outside) tcp interface 10002 HOST-172.16.200.121 10002 netmask 255.255.255.255
static (inside,Outside) tcp interface 10003 HOST-172.16.200.122 10003 netmask 255.255.255.255
static (inside,Outside) tcp interface 10004 HOST-172.16.41.26 10004 netmask 255.255.255.255
static (inside,Outside) tcp interface 10005 HOST-172.16.41.27 10005 netmask 255.255.255.255
static (inside,Outside) tcp interface https Avabill86.181 https netmask 255.255.255.255
static (inside,Outside) tcp interface 7778 Avabill86.181 7778 netmask 255.255.255.255
static (inside,Outside) tcp interface 8080 Avabill86.181 8080 netmask 255.255.255.255
static (inside,Outside) tcp interface 7777 Avabill86.181 7777 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.45 https Avabill86.177 https netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 2222 daywalker.suva.irc.com 2222 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 ftp waigani-pdc-int2.suva.irc.com ftp netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 www neptune.suva.irc.com www netmask 255.255.255.255
static (inside,Outside) tcp interface 5900 Primary1352CM 5900 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 5900 Backup1352CM 5900 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 https neptune.suva.irc.com https netmask 255.255.255.255
static (inside,Outside) tcp interface 24 HOST-172.16.86.87 24 netmask 255.255.255.255
static (inside,Outside) udp interface domain ns.irc.com domain netmask 255.255.255.255
static (inside,Outside) tcp interface pop3 neptune.suva.irc.com pop3 netmask 255.255.255.255
static (inside,Outside) tcp interface 7780 Apache-WebServer 7780 netmask 255.255.255.255
static (inside,Outside) tcp interface 8000 CRM-SERVER2 8000 netmask 255.255.255.255
static (inside,Outside) tcp interface 8010 CRM-SERVER4 8010 netmask 255.255.255.255
static (inside,Outside) tcp interface 8005 CRM-SERVER3 8005 netmask 255.255.255.255
static (inside,Outside) tcp interface 123 confusious.suva.irc.com 123 netmask 255.255.255.255
static (inside,Outside) tcp interface imap4 neptune.suva.irc.com imap4 netmask 255.255.255.255
static (inside,Outside) tcp interface domain ns.irc.com domain netmask 255.255.255.255
static (inside,Outside) tcp interface ftp telitgate.irc.com ftp netmask 255.255.255.255
static (inside,Outside) tcp interface 5901 uvnc-server 5901 netmask 255.255.255.255
static (inside,Outside) tcp interface 5801 uvnc-server 5801 netmask 255.255.255.255
static (inside,Outside) tcp interface 5902 172.16.84.200 5902 netmask 255.255.255.255
static (inside,Outside) tcp interface 5802 172.16.84.200 5802 netmask 255.255.255.255
static (inside,Outside) tcp interface 995 neptune.suva.irc.com 995 netmask 255.255.255.255
static (inside,Outside) tcp interface 993 neptune.suva.irc.com 993 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 6001 neptune.suva.irc.com 6001 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 6002 neptune.suva.irc.com 6002 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 6004 neptune.suva.irc.com 6004 netmask 255.255.255.255
static (inside,Outside) tcp interface 6001 minerva.suva.irc.com 6001 netmask 255.255.255.255
static (inside,Outside) tcp interface 6002 minerva.suva.irc.com 6002 netmask 255.255.255.255
static (inside,Outside) tcp interface 6004 minerva.suva.irc.com 6004 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 8720 solarwinds-server 8720 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 9000 solarwinds-server 9000 netmask 255.255.255.255
static (inside,Outside) tcp interface 2055 solarwinds-server 2055 netmask 255.255.255.255
static (inside,Outside) tcp interface 88 A-10.100.20.250 88 netmask 255.255.255.255
static (inside,Outside) tcp interface 10000 ns.irc.com 10000 netmask 255.255.255.255
static (inside,Outside) udp Ext-R2-Outside-Interface 2055 solarwinds-server 2055 netmask 255.255.255.255
static (inside,Outside) udp Ext-R2-Outside-Interface snmp solarwinds-server snmp netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 135 neptune.suva.irc.com 135 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 3389 BT-DesktopPC 3389 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.65 www IN-WSC www netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.65 https IN-WSC https netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 ssh Avabill86.176 ssh netmask 255.255.255.255
static (Outside,inside) tcp 10.100.20.36 5432 smile.telinet.com.pg 5432 netmask 255.255.255.255
static (inside,Outside) tcp interface 222 chief.suva.irc.com ssh netmask 255.255.255.255
static (inside,Outside) tcp interface 5061 LYNC-2013-SERVER 5061 netmask 255.255.255.255
static (inside,Outside) tcp interface 5432 10.100.20.36 5432 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 182 dadbsvr www netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.69 pomlynrprx01 netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.66 pomlynedsvr01_access netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.67 pomlynedsvr01_webcon netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.68 pomlynedsvr01_AV netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group SSN-DMZ_access_in in interface SSN-DMZ
access-group Outside_access_in_1 in interface Outside control-plane
access-group NETFLOW in interface Outside
access-group GuestInternet_access_in in interface GuestInternet
access-group management_access_in_1 in interface management control-plane
access-group management_access_in in interface management
route Outside 0.0.0.0 0.0.0.0 Ext-R1-Inside-Interface 1
route inside 10.2.1.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.8.0.0 255.255.255.0 VPNGATE 1
route inside 10.9.254.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.1.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.2.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.3.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.4.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.5.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.10.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.15.100.0 255.255.255.0 fw1.outside.irc.com 1
route inside Cisco-VLans 255.255.0.0 Cisco7200 1
route inside VLan20-2F 255.255.255.0 Cisco7200 1
route inside 10.100.67.0 255.255.255.0 IPVPN-Router 1
route inside 10.100.74.0 255.255.255.0 172.16.86.0 1
route inside 10.100.75.0 255.255.255.0 172.16.86.0 1
route inside 10.100.76.0 255.255.255.0 172.16.86.0 1
route inside LAE 255.255.255.0 172.16.86.0 1
route inside 10.100.91.0 255.255.255.0 172.16.86.0 1
route inside 10.100.110.0 255.255.255.0 172.16.86.0 1
route inside 10.100.111.0 255.255.255.0 172.16.86.0 1
route inside 10.100.114.0 255.255.255.0 172.16.86.0 1
route inside 10.200.200.0 255.255.255.0 Cisco7200 1
route inside A-10.250.0.0 255.255.0.0 Cisco7200 1
route inside 10.254.2.0 255.255.255.252 IPVPN-Router 1
route inside 11.11.3.0 255.255.255.0 172.16.86.0 1
route inside 11.11.4.0 255.255.255.0 172.16.86.0 1
route inside 11.11.8.0 255.255.255.0 172.16.86.0 1
route inside 11.11.9.0 255.255.255.0 172.16.86.0 1
route inside 20.200.200.0 255.255.255.0 172.16.86.17 1
route inside inside-network-extra-subnet 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.8.0 255.255.252.0 Cisco7200 1
route inside 172.16.12.0 255.255.252.0 172.16.86.197 1
route inside 172.16.24.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside NOC 255.255.252.0 172.16.87.187 1
route inside 172.16.48.0 255.255.252.0 172.16.84.41 1
route inside 172.16.52.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.56.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.60.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.64.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.68.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.72.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.76.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.80.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.84.185 255.255.255.255 172.16.86.217 1
route inside CRM-SERVER1 255.255.255.255 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.88.0 255.255.252.0 Cisco7200 1
route inside 172.16.92.0 255.255.252.0 Cisco7200 1
route inside 172.16.96.0 255.255.252.0 172.16.87.172 1
route inside 172.16.104.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.108.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.112.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.120.0 255.255.252.0 TFIJIG-CORE-INT-ROUTER 1
route inside 172.16.124.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.128.0 255.255.252.0 172.16.86.185 1
route inside 172.16.132.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.136.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.140.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.144.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.148.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.152.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.156.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.160.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.164.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.168.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.172.0 255.255.252.0 172.16.87.172 1
route inside 172.16.180.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.184.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.188.0 255.255.252.0 172.16.86.85 1
route inside 172.16.188.0 255.255.252.0 Cisco7200 1
route inside 172.16.192.0 255.255.252.0 172.16.86.194 1
route inside 172.16.200.0 255.255.252.0 172.16.87.11 1
route inside 172.16.204.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.208.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.212.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.220.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.224.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.236.0 255.255.252.0 172.16.87.254 1
route inside 172.16.240.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.248.0 255.255.252.0 IPVPN-Router 1
route inside 172.17.84.0 255.255.255.224 IPVPN-Router 1
route inside 172.18.252.0 255.255.252.0 172.16.84.15 1
route inside 172.20.0.0 255.255.252.0 172.16.87.11 1
route management 172.20.1.32 255.255.255.240 10.10.200.18 1
route inside 192.167.5.0 255.255.255.0 172.16.86.42 1
route inside 192.168.1.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.1.0 255.255.255.0 HOST-172.16.84.144 1
route inside 192.168.1.96 255.255.255.224 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.1.128 255.255.255.224 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.2.0 255.255.255.0 172.16.87.192 1
route inside 192.168.5.0 255.255.255.0 HOST-172.16.84.144 1
route inside 192.168.11.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.150.0 255.255.255.0 IPVPN-Router 1
route inside 192.168.200.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.201.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.202.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.210.0 255.255.255.0 Cisco7200 1
route inside 192.168.213.0 255.255.255.0 Cisco7200 1
route inside 192.168.254.0 255.255.255.0 fw1.outside.irc.com 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
class-map inspection_default
match default-inspection-traffic
class-map flow_export_class
match access-list global_mpc
policy-map global_policy
class inspection_default
inspect dns
inspect esmtp
inspect h323 h225
inspect h323 ras
inspect icmp error
inspect ipsec-pass-thru
inspect mgcp
inspect rsh
inspect sip
inspect skinny
inspect snmp
inspect tftp
inspect ftp strict
inspect icmp
class flow_export_class
flow-export event-type all destination solarwinds-server
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
service-policy global_policy global
smtp-server 172.16.86.16
prompt hostname context
Cryptochecksum:24270eebd6c941fb7b302b034e32bba1
: endHi,
NMAP gives the report for the first firewall interface it hits. In your case you have allowed tcp any any where it allows all the ports. I have mentioned only one example.... There are many in your case....
Also NMAP results will be effective once when you directly connect to outside interface or directly on to the outside LAN.
Regards
Karthik -
Error 406 access denied while trying to Add Windows 2008 HV host in SCVMM 2008.
I am trying to add Windows 2008 HV host in SCVMM 2008. While adding host i am getting error message...
Error (406)
Access
has been denied while contacting the server <server name>.
Recommended
Action
1.
Verify that the specified user account has administrative privileges on <server name>.
2.
Verify that DCOM access, launch, and activation permissions are enabled on <server name> for the Administrators group. Use dcomcnfg.exe to modify
permissions, and then try the operation again.
I have already done DCOM security modification for my user. I am able to RDP or any file sharing HV host from SCVMM machine. My user is member of local administrator for both the machines.
Before that i have added one Windows 2008 HV (Core) successfully and 2 ESX host in same SCVMM machine.
Any Help would be greatly appreciated.
vaibhavHas anyone found a fix for this? I've been troubleshooting this issue for 4 days now. I've unjoined/rejoined the host to the domain, deleted SCVMM certificate, given permissions (out the wahzoo) in COM/Access Permissions, all updates installed, firewall
is off (I even tried turning it on and configuring program/port access), I've tried with 3 different domain accounts that are a member of the local Administrators group.
The other day I managed to get the host added (don't ask me how) but then all the VM's were in status 'Host not responding' so I couldn't even manage them. So I removed it and now can't get the host added again. I'm using SCVMM 2008 R2 SP1 and the problem
host is Server 2008 R2 SP1 x64.
Error (406)
Access has been denied while contacting the server xxxxxxxx.domain.com.
Recommended Action
1. Verify that the specified user account has administrative privileges on xxxxxxx.domain.com.
2. Verify that DCOM access, launch, and activation permissions are enabled on xxxxxxx.domain.com for the Administrators group. Use dcomcnfg.exe to modify permissions, and then try the operation again.
I was getting this error after I got the host added:
Error (2910)
VMM does not have appropriate permissions to access the resource C:\Windows\system32\qmgr.dll on the xxxxxxxx.domain.com server.
(Access is denied (0x80070005))
Recommended Action
Ensure that Virtual Machine Manager has the appropriate rights to perform this action. -
Sun Java System Access Manager 7.1 config. failed during installation
{color:#0000ff}Hi,
I have installed sun java communication suite 5 on a single host on sun solaris 10.
I have installed required packages and it works fine.
But as per organization need, I have to change domain name.
So i have uninstalled everything and tried to install again with new domain name.
I have made proper entries in hosts file and resolve.conf file.
But duing the first phase of installation only , i failed in configuring access manager 7.1
I have also cerate same scenario in my test environment, but everytime i face the same error.
and sun java access manager 7.1 fails in first stage of installation only.
So would like to know the proper installation procedure while i change the domain name on same hardware...
I have checked both installation logs & summary logs.
But no error, no failed , no severe.
Attached is the summary of installation logs.
Summary Logs :
Installation Summary Report
Install Summary
Sun Java(TM) Communications Suite : Installed
Sun Java(TM) System Web Server 7.0 : Installed, Configured
Java DB : Installed, Configure After Install
Sun Java(TM) System Message Queue 3.7 UR1 : Installed
Sun Java(TM) System Monitoring Console 1.0 : Installed, Configure After Install
Sun Java(TM) System Directory Preparation Tool : Installed
Sun Java(TM) System Directory Server Enterprise Edition 6.0 : Installed, Configured
Sun Java(TM) System Access Manager 7.1 : Installed, Configuration Failed
Sun Java(TM) System Messaging Server 6.3 : Installed, Configure After Install
Sun Java(TM) System Communications Express 6 : Installed, Configure After Install
Communication Services Delegated Administrator : Installed, Configure After Install
Configuration Data
Sun Java(TM) System Web Server 7.0 :
Web Server Instance installation Directory : /var/opt/SUNWwbsvr7
Web Server installation Directory : /opt
Web Server Administration Server Host : RADAGWMSG221.myreliancemail.com
Web Server Admin Server Mode : true
Web Server only CLI installation : false
Sun Java(TM) System Directory Preparation Tool :
Directory Preparation Tool Installation Directory : /opt/SUNWcomds
Sun Java(TM) System Directory Server Enterprise Edition 6.0 :
Directory Server Installation Directory : /opt/SUNWdsee
Sun Java(TM) System Access Manager 7.1 :
Access Manager Installation Directory : /opt
Access Manager Protocol : http
Access Manager Port : 80
LDAP User ID : amldapuser
Administrator User ID : amAdmin
Web Container : WebServer
Access Manager Web Server Host Name : RADAGWMSG221.myreliancemail.com
Access Manager Web Server Instance Directory : /var/opt/SUNWwbsvr7/https-RADAGWMSG221.myreliancemail.com
Access Manager Web Server Port : 80
Access Manager Console Host (for Existing console) : RADAGWMSG221.myreliancemail.com
Access Manager Console Deploy URI : amconsole
Access Manager Password Deploy URI : ampassword
Access Manager Host : RADAGWMSG221.myreliancemail.com
Access Manager Console Port(for Existing console) : 80
Access Manager Services Deploy URI : amserver
Access Manager Cookie Domain List : .myreliancemail.com
Access Manager Common Domain Deploy URI : amcommon
Access Manager Directory Server Host Name : RADAGWMSG221
Access Manager Directory Server Host : RADAGWMSG221.myreliancemail.com
Access Manager Directory Server Port : 389
Access Manager Directory Root Suffix : o=rmail
Access Manager Directory Manager DN : cn=Directory Manager
Organization Marker Object Class : sunISManagedOrganization
User Marker Object Class : inetorgperson
Organization Naming Attribute : o
User Naming Attribute : uid
Sun Java(TM) System Messaging Server 6.3 :
Messaging Server Installation Directory : /opt/SUNWmsgsr
Sun Java(TM) System Communications Express 6 :
Communications Express Installation Directory : /opt/SUNWuwc
Communication Services Delegated Administrator :
Communication Services Delegated Administrator Installation Directory : /opt/SUNWcomm
{color}Rushi-Reliance wrote:
Kindly let us know how to proceed further as we are waiiting some reply from your team.As I already advised in your previous posting (http://forums.sun.com/thread.jspa?threadID=5359095), you are best off re-installing solaris from scratch and installing Communication Suite 6 update 1 if you cannot get Access Manager 7.1 configured.
Regards
Shane. -
Unable to Access Remote LAN over IPSec VPN
I have a Cisco ASA 5540 setup with Remote Access VPN for users. Suddenly no one can access the remote LAN over VPN. Below is my config:
ASA Version 7.0(8)
hostname DC2ASA
domain-name yorktel.com
enable password d2XdVlFOzleWlH1j encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
dns-guard
interface GigabitEthernet0/0
description outside/savvis
nameif outside
security-level 0
ip address 216.33.198.4 255.255.255.0 standby 216.33.198.5
interface GigabitEthernet0/1
description inside
nameif inside
security-level 100
ip address 10.203.204.1 255.255.254.0 standby 10.203.204.2
interface GigabitEthernet0/2
nameif insidesan
security-level 100
ip address 10.203.206.1 255.255.254.0 standby 10.203.206.2
interface GigabitEthernet0/3
description LAN/STATE Failover Interface
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
ftp mode passive
object-group service FileMaker tcp-udp
port-object range 16000 16001
access-list outside-in extended permit ip 65.123.204.0 255.255.254.0 216.33.198.0 255.255.255.0 log
access-list outside-in extended permit ip 216.33.198.0 255.255.255.0 216.33.198.0 255.255.255.0 log
access-list outside-in extended permit icmp 216.33.198.0 255.255.255.0 216.33.198.0 255.255.255.0 log
access-list outside-in extended permit icmp any any
access-list outside-in extended permit icmp any any echo
access-list outside-in extended permit ip any host 216.33.198.22 inactive
access-list outside-in extended permit tcp any host 216.33.198.19
access-list outside-in extended permit udp any host 216.33.198.19
access-list outside-in extended permit ip any host 216.33.198.19
access-list outside-in extended permit tcp any host 216.33.198.10 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.10 eq ftp inactive
access-list outside-in extended permit tcp any host 216.33.198.10 eq ftp-data inactive
access-list outside-in extended permit tcp any host 216.33.198.10 eq ssh inactive
access-list outside-in extended permit tcp any host 216.33.198.19 eq www
access-list outside-in extended permit tcp any host 216.33.198.19 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.19 eq https
access-list outside-in extended permit tcp any host 216.33.198.19 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.19 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.19 eq smtp
access-list outside-in extended permit tcp any host 216.33.198.19 eq pop3
access-list outside-in extended permit tcp any host 216.33.198.19 eq 587
access-list outside-in extended permit tcp any host 216.33.198.16 eq www
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.16 eq https
access-list outside-in extended permit tcp any host 216.33.198.16 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.16 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.38 eq www
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.38 eq https
access-list outside-in extended permit tcp any host 216.33.198.38 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.38 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.25 eq www
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.25 eq https
access-list outside-in extended permit tcp any host 216.33.198.25 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.25 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.22 eq www
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.22 eq https
access-list outside-in extended permit tcp any host 216.33.198.22 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.22 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.17 eq www
access-list outside-in extended permit tcp any host 216.33.198.17 eq rtsp
access-list outside-in extended permit udp any host 216.33.198.17 eq 5005
access-list outside-in extended permit tcp any host 216.33.198.17 eq 1755
access-list outside-in extended permit udp any host 216.33.198.17 eq 1755
access-list outside-in extended permit tcp any host 216.33.198.17 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.17 eq https
access-list outside-in extended permit tcp any host 216.33.198.17 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.17 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.17 eq 989
access-list outside-in extended permit tcp any host 216.33.198.17 eq 990
access-list outside-in extended permit tcp any host 216.33.198.24 eq www
access-list outside-in extended permit tcp any host 216.33.198.24 eq rtsp
access-list outside-in extended permit udp any host 216.33.198.24 eq 5005
access-list outside-in extended permit tcp any host 216.33.198.24 eq 1755
access-list outside-in extended permit udp any host 216.33.198.24 eq 1755
access-list outside-in extended permit udp any host 216.33.198.24
access-list outside-in extended permit tcp any host 216.33.198.24 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.24 eq https
access-list outside-in extended permit tcp 209.67.5.96 255.255.255.224 any inactive
access-list outside-in extended permit udp 209.67.5.96 255.255.255.224 any inactive
access-list outside-in extended permit udp any host 216.33.198.17 inactive
access-list outside-in extended permit tcp any host 216.33.198.18 eq 1433
access-list outside-in extended permit tcp any host 216.33.198.18 eq 1434
access-list outside-in extended permit tcp any host 216.33.198.100 eq www
access-list outside-in extended permit tcp any host 216.33.198.101 eq www
access-list outside-in extended permit tcp any host 216.33.198.102 eq www
access-list outside-in extended permit tcp any host 216.33.198.103 eq www
access-list outside-in extended permit tcp any host 216.33.198.104 eq www
access-list outside-in extended permit tcp any host 216.33.198.105 eq www
access-list outside-in extended permit tcp any host 216.33.198.106 eq www
access-list outside-in extended permit tcp any host 216.33.198.107 eq www
access-list outside-in extended permit tcp any host 216.33.198.108 eq www
access-list outside-in extended permit tcp any host 216.33.198.109 eq www
access-list outside-in extended permit tcp any host 216.33.198.110 eq www
access-list outside-in extended permit tcp any host 216.33.198.100 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.101 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.102 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.103 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.104 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.105 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.106 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.107 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.108 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.109 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.110 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.100 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.101 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.102 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.103 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.104 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.105 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.106 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.107 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.108 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.109 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.110 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.100 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.101 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.102 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.103 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.104 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.105 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.106 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.107 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.108 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.109 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.110 eq ftp-data
access-list outside-in extended permit tcp host 12.71.134.4 any
access-list outside-in extended permit udp host 12.71.134.4 any
access-list outside-in remark Allow Mark to access remote desktop from home office.
access-list outside-in extended permit tcp host 96.255.220.240 any
access-list outside-in remark Allow Mark to access remote desktop from home office.
access-list outside-in extended permit udp host 96.255.220.240 any
access-list outside-in extended permit tcp host 67.81.54.83 any
access-list outside-in remark Allow Chris to access remote desktop from home office.
access-list outside-in extended permit tcp host 100.1.41.196 any
access-list outside-in remark Allow Chris to access remote desktop from home office.
access-list outside-in extended permit udp host 100.1.41.196 any
access-list outside-in extended permit udp host 67.81.54.83 any
access-list outside-in remark Allow Jim Johnstone to remote in from home office.
access-list outside-in extended permit tcp host 96.225.44.46 any
access-list outside-in remark Allow Jim Johnstone to remote in from home office.
access-list outside-in extended permit udp host 96.225.44.46 any
access-list outside-in extended permit tcp host 64.19.183.67 any
access-list outside-in extended permit udp host 64.19.183.67 any
access-list outside-in remark Allow Steve Fisher to remote in from home office.
access-list outside-in extended permit tcp host 173.67.0.16 any
access-list outside-in remark Allow Steve Fisher to remote in from home office.
access-list outside-in extended permit udp host 173.67.0.16 any
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq 3389
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq ftp-data
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq ftp
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq www
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq https
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 inactive
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit udp any host 216.33.198.20 inactive
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit ip any host 216.33.198.20 inactive
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.19 eq 3389 inactive
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq 3389
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq www
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq https
access-list outside-in extended permit tcp any host 216.33.198.21 eq 8080
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq ftp
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.19 eq 3306
access-list outside-in extended permit udp any host 216.33.198.19 eq 3306
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq 3389
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq ftp
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq www
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.18 eq 3389 inactive
access-list outside-in extended permit tcp any host 216.33.198.17 inactive
access-list outside-in extended permit ip any host 216.33.198.17 inactive
access-list outside-in extended permit tcp any host 216.33.198.18 inactive
access-list outside-in extended permit udp any host 216.33.198.17 eq 554
access-list outside-in extended permit udp any host 216.33.198.24 eq 554
access-list outside-in remark Allow any access from Treasury
access-list outside-in extended permit tcp host 64.241.196.50 any
access-list outside-in remark Allow any access from Treasury
access-list outside-in extended permit udp host 64.241.196.50 any
access-list outside-in remark Allow any access from Treasury
access-list outside-in extended permit ip host 64.241.196.50 any
access-list outside-in extended permit tcp any host 216.33.198.26 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.26 eq www
access-list outside-in extended permit tcp any host 216.33.198.26 eq https
access-list outside-in extended permit tcp any host 216.33.198.27 eq https
access-list outside-in extended permit tcp any host 216.33.198.27 eq www
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.27 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.27 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.26 eq ftp inactive
access-list outside-in extended permit tcp any host 216.33.198.26 eq ssh inactive
access-list outside-in extended permit tcp any host 216.33.198.28 eq 81
access-list outside-in extended permit tcp any host 216.33.198.28 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.28 eq www
access-list outside-in extended permit tcp any host 216.33.198.28 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.29 eq www
access-list outside-in extended permit tcp any host 216.33.198.28 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.29 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.30 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.31 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.20 object-group FileMaker
access-list outside-in extended permit tcp any host 216.33.198.20 eq 5003
access-list outside-in extended permit udp any host 216.33.198.20 eq 5003
access-list outside-in extended permit tcp any host 216.33.198.33 eq www
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.33 eq https
access-list outside-in extended permit tcp any host 216.33.198.33 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.33 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.34 eq www
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.34 eq https
access-list outside-in extended permit tcp any host 216.33.198.34 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.34 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.36 eq www
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.36 eq https
access-list outside-in extended permit tcp any host 216.33.198.36 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.36 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.37 eq www
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.37 eq https
access-list outside-in extended permit tcp any host 216.33.198.37 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.37 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.39 eq www
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.39 eq https
access-list outside-in extended permit tcp any host 216.33.198.39 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.39 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.41 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.41 eq www
access-list outside-in extended permit tcp any host 216.33.198.41 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.41 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.41 eq https
access-list outside-in extended permit tcp any host 216.33.198.41 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.42 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.42 eq www
access-list outside-in extended permit tcp any host 216.33.198.42 eq https
access-list outside-in extended permit tcp any host 216.33.198.42 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.42 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.42 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.28
access-list inside-out extended permit tcp any host 216.33.198.17 eq rtsp
access-list inside-out extended permit udp any host 216.33.198.17 eq 5004
access-list inside-out extended permit udp any host 216.33.198.17 eq 5005
access-list inside-out extended permit tcp any host 216.33.198.17 eq 1755
access-list inside-out extended permit udp any host 216.33.198.17 eq 1755
access-list rtsp-acl extended deny tcp any host 216.33.198.17 eq rtsp
access-list rtsp-acl extended permit tcp any any eq rtsp
access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 10.203.204.0 255.255.255.192
access-list inside_nat0_outbound extended permit ip any 10.203.204.48 255.255.255.240
access-list inside_nat0_outbound extended permit ip any 10.203.204.0 255.255.255.192
access-list inside_nat0_outbound extended permit ip host 10.203.204.19 10.203.204.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 192.168.250.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 192.168.252.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip any 10.203.204.144 255.255.255.240
access-list inside_nat0_outbound extended permit ip host 216.33.198.33 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.19 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.17 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.24 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.20 any inactive
access-list inside_nat0_outbound extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip any 10.203.204.48 255.255.255.248
access-list inside_nat0_outbound extended permit ip any 216.33.198.56 255.255.255.248
access-list dc2vpn_splitTunnelAcl standard permit 10.203.204.0 255.255.255.0
access-list dc2vpn_splitTunnelAcl standard permit 192.168.250.0 255.255.255.0
access-list dc2vpn_splitTunnelAcl standard permit 192.168.252.0 255.255.255.0
access-list dc2vpn_splitTunnelAcl standard permit any
access-list outside_map standard permit any
access-list Split_Tunnel_List standard permit 10.203.204.0 255.255.255.0
access-list test_splitTunnelAcl standard permit any
access-list outside_access_out extended permit tcp any host 12.71.134.75 inactive
access-list outside_in extended permit tcp host 12.71.134.75 any eq smtp
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.130.31
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.102
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.103
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.104
access-list outside_nat0_inbound extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
access-list outside_cryptomap_80 extended permit ip 10.203.204.0 255.255.255.0 192.168.250.0 255.255.255.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.33 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.19 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.17 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.24 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
access-list outside_cryptomap_100 extended permit ip 10.203.204.0 255.255.255.0 192.168.252.0 255.255.255.0
access-list dc2vpntest_splitTunnelAcl standard permit 10.203.204.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
logging ftp-bufferwrap
logging ftp-server 10.203.204.10 logs asa ****
mtu outside 1500
mtu inside 1500
mtu insidesan 1500
mtu management 1500
ip local pool vpnpool 10.203.204.60-10.203.204.65 mask 255.255.255.0
failover
failover lan unit secondary
failover lan interface failover GigabitEthernet0/3
failover polltime unit msec 999 holdtime 3
failover polltime interface 5
failover link failover GigabitEthernet0/3
failover interface ip failover 172.16.100.1 255.255.255.252 standby 172.16.100.2
monitor-interface outside
monitor-interface inside
monitor-interface insidesan
no monitor-interface management
icmp permit 65.123.204.0 255.255.254.0 outside
asdm image disk0:/asdm-508.bin
no asdm history enable
arp timeout 14400
nat-control
nat (outside) 0 access-list outside_nat0_inbound outside
nat (inside) 0 access-list inside_nat0_outbound
static (inside,outside) 216.33.198.10 10.203.204.10 netmask 255.255.255.255
static (inside,outside) 216.33.198.11 10.203.204.11 netmask 255.255.255.255
static (inside,outside) 216.33.198.12 10.203.204.12 netmask 255.255.255.255
static (inside,outside) 216.33.198.13 10.203.204.13 netmask 255.255.255.255
static (inside,outside) 216.33.198.14 10.203.204.14 netmask 255.255.255.255
static (inside,outside) 216.33.198.15 10.203.204.15 netmask 255.255.255.255
static (inside,outside) 216.33.198.16 10.203.204.16 netmask 255.255.255.255
static (inside,outside) 216.33.198.17 10.203.204.17 netmask 255.255.255.255
static (inside,outside) 216.33.198.18 10.203.204.18 netmask 255.255.255.255
static (inside,outside) 216.33.198.19 10.203.204.19 netmask 255.255.255.255
static (inside,outside) 216.33.198.20 10.203.204.20 netmask 255.255.255.255
static (inside,outside) 216.33.198.21 10.203.204.21 netmask 255.255.255.255
static (inside,outside) 216.33.198.22 10.203.204.22 netmask 255.255.255.255
static (inside,outside) 216.33.198.23 10.203.204.23 netmask 255.255.255.255
static (inside,outside) 216.33.198.24 10.203.204.24 netmask 255.255.255.255
static (inside,outside) 216.33.198.25 10.203.204.25 netmask 255.255.255.255
static (inside,outside) 216.33.198.26 10.203.204.26 netmask 255.255.255.255
static (inside,outside) 216.33.198.27 10.203.204.27 netmask 255.255.255.255
static (inside,outside) 216.33.198.28 10.203.204.28 netmask 255.255.255.255
static (inside,outside) 216.33.198.29 10.203.204.29 netmask 255.255.255.255
static (inside,outside) 216.33.198.30 10.203.204.30 netmask 255.255.255.255
static (inside,outside) 216.33.198.31 10.203.204.31 netmask 255.255.255.255
static (inside,outside) 216.33.198.32 10.203.204.32 netmask 255.255.255.255
static (inside,outside) 216.33.198.33 10.203.204.33 netmask 255.255.255.255
static (inside,outside) 216.33.198.34 10.203.204.34 netmask 255.255.255.255
static (inside,outside) 216.33.198.35 10.203.204.35 netmask 255.255.255.255
static (inside,outside) 216.33.198.36 10.203.204.36 netmask 255.255.255.255
static (inside,outside) 216.33.198.37 10.203.204.37 netmask 255.255.255.255
static (inside,outside) 216.33.198.38 10.203.204.38 netmask 255.255.255.255
static (inside,outside) 216.33.198.39 10.203.204.39 netmask 255.255.255.255
static (inside,outside) 216.33.198.40 10.203.204.40 netmask 255.255.255.255
static (inside,outside) 216.33.198.41 10.203.204.41 netmask 255.255.255.255
static (inside,outside) 216.33.198.42 10.203.204.42 netmask 255.255.255.255
static (inside,outside) 216.33.198.43 10.203.204.43 netmask 255.255.255.255
static (inside,outside) 216.33.198.44 10.203.204.44 netmask 255.255.255.255
static (inside,outside) 216.33.198.45 10.203.204.45 netmask 255.255.255.255
static (inside,outside) 216.33.198.46 10.203.204.46 netmask 255.255.255.255
static (inside,outside) 216.33.198.47 10.203.204.47 netmask 255.255.255.255
static (inside,outside) 216.33.198.48 10.203.204.48 netmask 255.255.255.255
static (inside,outside) 216.33.198.49 10.203.204.49 netmask 255.255.255.255
static (inside,outside) 216.33.198.50 10.203.204.50 netmask 255.255.255.255
static (inside,outside) 216.33.198.51 10.203.204.51 netmask 255.255.255.255
static (inside,outside) 216.33.198.52 10.203.204.52 netmask 255.255.255.255
static (inside,outside) 216.33.198.53 10.203.204.53 netmask 255.255.255.255
static (inside,outside) 216.33.198.54 10.203.204.54 netmask 255.255.255.255
static (inside,outside) 216.33.198.55 10.203.204.55 netmask 255.255.255.255
static (inside,outside) 216.33.198.56 10.203.204.56 netmask 255.255.255.255
static (inside,outside) 216.33.198.57 10.203.204.57 netmask 255.255.255.255
static (inside,outside) 216.33.198.58 10.203.204.58 netmask 255.255.255.255
static (inside,outside) 216.33.198.59 10.203.204.59 netmask 255.255.255.255
static (inside,outside) 216.33.198.60 10.203.204.60 netmask 255.255.255.255
static (inside,outside) 216.33.198.61 10.203.204.61 netmask 255.255.255.255
static (inside,outside) 216.33.198.62 10.203.204.62 netmask 255.255.255.255
static (inside,outside) 216.33.198.63 10.203.204.63 netmask 255.255.255.255
static (inside,outside) 216.33.198.64 10.203.204.64 netmask 255.255.255.255
static (inside,outside) 216.33.198.65 10.203.204.65 netmask 255.255.255.255
static (inside,outside) 216.33.198.66 10.203.204.66 netmask 255.255.255.255
static (inside,outside) 216.33.198.67 10.203.204.67 netmask 255.255.255.255
static (inside,outside) 216.33.198.68 10.203.204.68 netmask 255.255.255.255
static (inside,outside) 216.33.198.69 10.203.204.69 netmask 255.255.255.255
static (inside,outside) 216.33.198.70 10.203.204.70 netmask 255.255.255.255
static (inside,outside) 216.33.198.71 10.203.204.71 netmask 255.255.255.255
static (inside,outside) 216.33.198.100 10.203.204.100 netmask 255.255.255.255
static (inside,outside) 216.33.198.101 10.203.204.101 netmask 255.255.255.255
static (inside,outside) 216.33.198.102 10.203.204.102 netmask 255.255.255.255
static (inside,outside) 216.33.198.103 10.203.204.103 netmask 255.255.255.255
static (inside,outside) 216.33.198.104 10.203.204.104 netmask 255.255.255.255
static (inside,outside) 216.33.198.105 10.203.204.105 netmask 255.255.255.255
static (inside,outside) 216.33.198.106 10.203.204.106 netmask 255.255.255.255
static (inside,outside) 216.33.198.107 10.203.204.107 netmask 255.255.255.255
static (inside,outside) 216.33.198.108 10.203.204.108 netmask 255.255.255.255
static (inside,outside) 216.33.198.109 10.203.204.109 netmask 255.255.255.255
static (inside,outside) 216.33.198.110 10.203.204.110 netmask 255.255.255.255
static (inside,outside) 216.33.198.111 10.203.204.111 netmask 255.255.255.255
static (inside,outside) 216.33.198.112 10.203.204.112 netmask 255.255.255.255
static (inside,outside) 216.33.198.113 10.203.204.113 netmask 255.255.255.255
static (inside,outside) 216.33.198.114 10.203.204.114 netmask 255.255.255.255
static (inside,outside) 216.33.198.115 10.203.204.115 netmask 255.255.255.255
static (inside,outside) 216.33.198.116 10.203.204.116 netmask 255.255.255.255
static (inside,outside) 216.33.198.117 10.203.204.117 netmask 255.255.255.255
static (inside,outside) 216.33.198.118 10.203.204.118 netmask 255.255.255.255
static (inside,outside) 216.33.198.119 10.203.204.119 netmask 255.255.255.255
static (inside,outside) 216.33.198.120 10.203.204.120 netmask 255.255.255.255
static (inside,outside) 216.33.198.121 10.203.204.121 netmask 255.255.255.255
static (inside,outside) 216.33.198.122 10.203.204.122 netmask 255.255.255.255
static (inside,outside) 216.33.198.123 10.203.204.123 netmask 255.255.255.255
static (inside,outside) 216.33.198.124 10.203.204.124 netmask 255.255.255.255
static (inside,outside) 216.33.198.125 10.203.204.125 netmask 255.255.255.255
static (inside,outside) 216.33.198.126 10.203.204.126 netmask 255.255.255.255
static (inside,outside) 216.33.198.127 10.203.204.127 netmask 255.255.255.255
static (inside,outside) 216.33.198.128 10.203.204.128 netmask 255.255.255.255
static (inside,outside) 216.33.198.129 10.203.204.129 netmask 255.255.255.255
static (inside,outside) 216.33.198.130 10.203.204.130 netmask 255.255.255.255
static (inside,outside) 216.33.198.131 10.203.204.131 netmask 255.255.255.255
static (inside,outside) 216.33.198.132 10.203.204.132 netmask 255.255.255.255
static (inside,outside) 216.33.198.133 10.203.204.133 netmask 255.255.255.255
static (inside,outside) 216.33.198.134 10.203.204.134 netmask 255.255.255.255
static (inside,outside) 216.33.198.135 10.203.204.135 netmask 255.255.255.255
static (inside,outside) 216.33.198.136 10.203.204.136 netmask 255.255.255.255
static (inside,outside) 216.33.198.137 10.203.204.137 netmask 255.255.255.255
static (inside,outside) 216.33.198.138 10.203.204.138 netmask 255.255.255.255
static (inside,outside) 216.33.198.139 10.203.204.139 netmask 255.255.255.255
static (inside,outside) 216.33.198.140 10.203.204.140 netmask 255.255.255.255
static (inside,outside) 216.33.198.141 10.203.204.141 netmask 255.255.255.255
static (inside,outside) 216.33.198.142 10.203.204.142 netmask 255.255.255.255
static (inside,outside) 216.33.198.143 10.203.204.143 netmask 255.255.255.255
static (inside,outside) 216.33.198.144 10.203.204.144 netmask 255.255.255.255
static (inside,outside) 216.33.198.145 10.203.204.145 netmask 255.255.255.255
static (inside,outside) 216.33.198.146 10.203.204.146 netmask 255.255.255.255
static (inside,outside) 216.33.198.147 10.203.204.147 netmask 255.255.255.255
static (inside,outside) 216.33.198.148 10.203.204.148 netmask 255.255.255.255
static (inside,outside) 216.33.198.149 10.203.204.149 netmask 255.255.255.255
static (inside,outside) 216.33.198.150 10.203.204.150 netmask 255.255.255.255
static (inside,outside) 216.33.198.151 10.203.204.151 netmask 255.255.255.255
static (inside,outside) 216.33.198.152 10.203.204.152 netmask 255.255.255.255
static (inside,outside) 216.33.198.153 10.203.204.153 netmask 255.255.255.255
static (inside,outside) 216.33.198.154 10.203.204.154 netmask 255.255.255.255
static (inside,outside) 216.33.198.155 10.203.204.155 netmask 255.255.255.255
static (inside,outside) 216.33.198.156 10.203.204.156 netmask 255.255.255.255
static (inside,outside) 216.33.198.157 10.203.204.157 netmask 255.255.255.255
static (inside,outside) 216.33.198.158 10.203.204.158 netmask 255.255.255.255
static (inside,outside) 216.33.198.159 10.203.204.159 netmask 255.255.255.255
static (inside,outside) 216.33.198.160 10.203.204.160 netmask 255.255.255.255
static (inside,outside) 216.33.198.161 10.203.204.161 netmask 255.255.255.255
static (inside,outside) 216.33.198.162 10.203.204.162 netmask 255.255.255.255
static (inside,outside) 216.33.198.163 10.203.204.163 netmask 255.255.255.255
static (inside,outside) 216.33.198.164 10.203.204.164 netmask 255.255.255.255
static (inside,outside) 216.33.198.165 10.203.204.165 netmask 255.255.255.255
static (inside,outside) 216.33.198.166 10.203.204.166 netmask 255.255.255.255
static (inside,outside) 216.33.198.167 10.203.204.167 netmask 255.255.255.255
static (inside,outside) 216.33.198.168 10.203.204.168 netmask 255.255.255.255
static (inside,outside) 216.33.198.169 10.203.204.169 netmask 255.255.255.255
static (inside,outside) 216.33.198.170 10.203.204.170 netmask 255.255.255.255
static (inside,outside) 216.33.198.171 10.203.204.171 netmask 255.255.255.255
static (inside,outside) 216.33.198.172 10.203.204.172 netmask 255.255.255.255
static (inside,outside) 216.33.198.173 10.203.204.173 netmask 255.255.255.255
static (inside,outside) 216.33.198.174 10.203.204.174 netmask 255.255.255.255
static (inside,outside) 216.33.198.175 10.203.204.175 netmask 255.255.255.255
static (inside,outside) 216.33.198.176 10.203.204.176 netmask 255.255.255.255
static (inside,outside) 216.33.198.177 10.203.204.177 netmask 255.255.255.255
static (inside,outside) 216.33.198.178 10.203.204.178 netmask 255.255.255.255
static (inside,outside) 216.33.198.179 10.203.204.179 netmask 255.255.255.255
static (inside,outside) 216.33.198.180 10.203.204.180 netmask 255.255.255.255
static (inside,outside) 216.33.198.181 10.203.204.181 netmask 255.255.255.255
static (inside,outside) 216.33.198.182 10.203.204.182 netmask 255.255.255.255
static (inside,outside) 216.33.198.183 10.203.204.183 netmask 255.255.255.255
static (inside,outside) 216.33.198.184 10.203.204.184 netmask 255.255.255.255
static (inside,outside) 216.33.198.185 10.203.204.185 netmask 255.255.255.255
static (inside,outside) 216.33.198.186 10.203.204.186 netmask 255.255.255.255
static (inside,outside) 216.33.198.187 10.203.204.187 netmask 255.255.255.255
static (inside,outside) 216.33.198.188 10.203.204.188 netmask 255.255.255.255
static (inside,outside) 216.33.198.189 10.203.204.189 netmask 255.255.255.255
static (inside,outside) 216.33.198.190 10.203.204.190 netmask 255.255.255.255
static (inside,outside) 216.33.198.191 10.203.204.191 netmask 255.255.255.255
static (inside,outside) 216.33.198.192 10.203.204.192 netmask 255.255.255.255
static (inside,outside) 216.33.198.193 10.203.204.193 netmask 255.255.255.255
static (inside,outside) 216.33.198.194 10.203.204.194 netmask 255.255.255.255
static (inside,outside) 216.33.198.195 10.203.204.195 netmask 255.255.255.255
static (inside,outside) 216.33.198.196 10.203.204.196 netmask 255.255.255.255
static (inside,outside) 216.33.198.197 10.203.204.197 netmask 255.255.255.255
static (inside,outside) 216.33.198.198 10.203.204.198 netmask 255.255.255.255
static (inside,outside) 216.33.198.199 10.203.204.199 netmask 255.255.255.255
static (inside,outside) 216.33.198.200 10.203.204.200 netmask 255.255.255.255
access-group outside-in in interface outside
route outside 0.0.0.0 0.0.0.0 216.33.198.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
group-policy test internal
group-policy test attributes
dns-server value 10.203.204.14 10.203.204.15
split-tunnel-policy tunnelspecified
split-tunnel-network-list value test_splitTunnelAcl
default-domain value yorkmedia.local
webvpn
group-policy tunneltest internal
group-policy tunneltest attributes
dns-server value 10.203.204.14 4.2.2.2
default-domain value yorkmedia.local
webvpn
group-policy testpol internal
group-policy testpol attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelall
split-tunnel-network-list value dc2vpn_splitTunnelAcl
webvpn
group-policy aes internal
group-policy aes attributes
dns-server value 10.203.204.14 10.203.204.15
vpn-tunnel-protocol IPSec
group-lock value aestest
webvpn
group-policy grouptest internal
group-policy grouptest attributes
dns-server value 10.203.204.14 4.2.2.2
default-domain value yorkmedia.local
webvpn
group-policy dc2vpntest internal
group-policy dc2vpntest attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value dc2vpntest_splitTunnelAcl
webvpn
group-policy dc2vpn internal
group-policy dc2vpn attributes
dns-server value 10.203.204.14 10.203.204.15
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value dc2vpn_splitTunnelAcl
webvpn
group-policy BMSTV internal
group-policy BMSTV attributes
wins-server none
dns-server none
dhcp-network-scope none
vpn-access-hours none
vpn-simultaneous-logins 3
vpn-idle-timeout none
vpn-session-timeout none
vpn-filter none
vpn-tunnel-protocol IPSec
password-storage disable
ip-comp disable
re-xauth disable
group-lock none
pfs disable
ipsec-udp disable
ipsec-udp-port 10000
split-tunnel-policy tunnelall
split-tunnel-network-list none
default-domain none
split-dns none
secure-unit-authentication disable
user-authentication disable
user-authentication-idle-timeout none
ip-phone-bypass disable
leap-bypass disable
nem disable
backup-servers keep-client-config
client-firewall none
client-access-rule none
webvpn
username mmaxey password zSSKHLc.gx8szpy2 encrypted privilege 15
username mmaxey attributes
vpn-group-policy dc2vpn
webvpn
username jjohnstone password qElIg/rYW4OoTIEP encrypted privilege 15
username jjohnstone attributes
vpn-group-policy dc2vpntest
webvpn
username sragona password ZgCBom/StrITlFdU encrypted
username sragona attributes
vpn-group-policy dc2vpn
webvpn
username admin password 5zvQXQPrcnyHyGKm encrypted
username seng password PP8UcINDKi7BSsj2 encrypted
username seng attributes
vpn-group-policy dc2vpn
webvpn
username chauser password I3OIxCe8FBONQlhK encrypted
username chauser attributes
vpn-group-policy dc2vpn
webvpn
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http 65.123.204.0 255.255.254.0 outside
http 0.0.0.0 0.0.0.0 outside
http 10.203.204.0 255.255.254.0 inside
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map outside_dyn_map 20 set pfs group7
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-AES-256-SHA
crypto dynamic-map outside_dyn_map 20 set security-association lifetime seconds 28800
crypto dynamic-map outside_dyn_map 20 set security-association lifetime kilobytes 4608000
crypto map outside_map 60 match address outside_cryptomap_60
crypto map outside_map 60 set peer 165.89.240.1
crypto map outside_map 60 set transform-set ESP-3DES-SHA
crypto map outside_map 60 set security-association lifetime seconds 28800
crypto map outside_map 60 set security-association lifetime kilobytes 4608000
crypto map outside_map 80 match address outside_cryptomap_80
crypto map outside_map 80 set pfs
crypto map outside_map 80 set peer 64.19.183.67
crypto map outside_map 80 set transform-set ESP-3DES-SHA
crypto map outside_map 80 set security-association lifetime seconds 28800
crypto map outside_map 80 set security-association lifetime kilobytes 4608000
crypto map outside_map 100 match address outside_cryptomap_100
crypto map outside_map 100 set pfs
crypto map outside_map 100 set peer 64.241.196.50
crypto map outside_map 100 set transform-set ESP-3DES-SHA
crypto map outside_map 100 set security-association lifetime seconds 28800
crypto map outside_map 100 set security-association lifetime kilobytes 4608000
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
isakmp enable outside
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp policy 30 authentication pre-share
isakmp policy 30 encryption aes-256
isakmp policy 30 hash sha
isakmp policy 30 group 5
isakmp policy 30 lifetime 86400
isakmp policy 50 authentication pre-share
isakmp policy 50 encryption aes-256
isakmp policy 50 hash sha
isakmp policy 50 group 7
isakmp policy 50 lifetime 86400
isakmp nat-traversal 20
isakmp ipsec-over-tcp port 10000
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *
tunnel-group dc2vpn type ipsec-ra
tunnel-group dc2vpn general-attributes
address-pool vpnpool
default-group-policy dc2vpn
tunnel-group dc2vpn ipsec-attributes
pre-shared-key *
tunnel-group test type ipsec-ra
tunnel-group test general-attributes
default-group-policy test
tunnel-group test ipsec-attributes
pre-shared-key *
tunnel-group 165.89.240.1 type ipsec-l2l
tunnel-group 165.89.240.1 general-attributes
default-group-policy BMSTV
tunnel-group 165.89.240.1 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 3600 retry 2
tunnel-group 64.19.183.67 type ipsec-l2l
tunnel-group 64.19.183.67 ipsec-attributes
pre-shared-key *
tunnel-group 64.241.196.50 type ipsec-l2l
tunnel-group 64.241.196.50 ipsec-attributes
pre-shared-key *
isakmp keepalive disable
tunnel-group dc2vpntest type ipsec-ra
tunnel-group dc2vpntest general-attributes
default-group-policy dc2vpntest
tunnel-group dc2vpntest ipsec-attributes
pre-shared-key *
tunnel-group aestest type ipsec-ra
tunnel-group aestest general-attributes
address-pool vpnpool
default-group-policy aes
tunnel-group aestest ipsec-attributes
pre-shared-key *
tunnel-group TunnelGroup1 type ipsec-ra
tunnel-group TunnelGroup1 general-attributes
address-pool vpnpool
telnet 10.203.204.10 255.255.255.255 inside
telnet timeout 5
ssh 65.123.204.0 255.255.254.0 outside
ssh 10.203.204.0 255.255.254.0 inside
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd lease 3600
dhcpd ping_timeout 50
class-map rtsp-traffic
match access-list rtsp-acl
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
class rtsp-traffic
inspect rtsp
service-policy global_policy global
tftp-server inside 10.203.204.10 dc2asa01/config
Cryptochecksum:6d74d3994ea6764893c420f477568aac
: endYou have three site-site VPNs and a remote access VPN setup. so the statement "Suddenly no one can access the remote LAN over VPN. " is a bit ambiguous in that context.
From which source to what destination is not working for you? -
I am a vision teacher and work on the Assistive Technology Team in a school district. Is it possible to set up the iPad to allow the blind student access to the device using auditory scanning, then selecting their choice by using a switch or tapping the iPad?
Hi eriepa3,
Thanks for using Apple Support Communities. This page includes information about Voiceover, which may help the student do just that:
Apple - Accessibility - iOS - Voiceover
http://www.apple.com/accessibility/ios/voiceover/
For other options for blind users, see this page:
Apple - Accessibility - iOS
http://www.apple.com/accessibility/ios/#vision
Cheers,
- Ari -
Serious accessibility regression in Acrobat 9 UI, low constrast black toolbars
I've been evaluating whether to upgrade to Acrobat 9, or stay with Acrobat 8. Acrobat 9 fixes a Javascript auto-crash code segment I want to use in a PDF Form my business uses (the PDF currently coaches the users do a less user friendly workaround in Acrobat 8). I see in Acrobat 9, Adobe reworked the interface. Form editing is now modal to my displeasure. Even worse, there are these garish candy Vista-ish black low contrast tool and side bar. So I turned on accessible colors through Control Panel->Display->Appearance Tab->Color Scheme Drop-down List->High Constrast White. I use the Windows 2000 interface, not the blue XP interface. In Acrobat 8, it obeyed the accessible color scheme, as shown in the attached screenshots. In Acrobat 9, it ignores them (see attachments). Adobe claims Acrobat 9 follows legal/regulatory/industry accessibility compliance at http://www.adobe.com/accessibility/products/compliance/acrobat_9_508.html#softwaredetails and at http://www.adobe.com/accessibility/products/acrobat/faq.html#q7 . I see no way of getting rid of the white on black low contrast toolbars/sidebars in Acrobat 9. The method that worked in Acrobat 8, doesn't in Acrobat 9. I see nothing in the release notes for 9.1.0, 9.1.1, 9.1.2, or 9.1.3 about accessibility, so I assume this bug exists in later versions. Am I doing something wrong in changing the UI colors of Acrobat 9, or Adobe dropped the ball on this issue?
Versions details:
Windows XP SP2, Acrobat 9.0.0 Pro
Windows XP SP3, Acrobat 8.1.0 Pro -
JAVA + ACCESS + MYSQL + ENCODING!!!!
i have to migrate some data from access to mysql. however, i have some japanese characters in the access table and whenever i am done w/ migration and open the mysql table, i see bunch of ?????? instead japanese character. since im now working for a japanese company, this pc is in japanese eviorioment.
i set mysql table to use utf8. does anyone here know whats going wrong? i guess there is something to do w/ encoding stuff. please help!!!
here is some more information:
java1.5.1, access2003, mysql5.1 and japanese xpHXTT Access(http://www.hxtt.com/access.html) supports Japanese. You can try http://www.hxtt.com/test/mysql_migration.zip . You should visit http://forums.mysql.com/list.php?104 too.
-
E51 Gmail and Yahoo mail box access
Dear All
I was trying to configure the gmail and yahoo mail accounts in the new E51 which I have bought. I have correctly configured the mail setup with the correct username and password. But I am getting an error "Invalid Mail for exchange credentials. Check credential settings". The pop up is coming repeatedly on the phone even if am not using the same.
Please help me out for the same.
Thanks in advance.
Regards
JosephHi Guys!
I'm sure by now your problems are solved. Nevertheless, let me simplify this for you. I have both my Gmail and my Yahoo mail setup on my E51 and they work beautifully. One thing you should be aware of is that while Gmail offers mobile & POP access free, you need to upgrade to a business account in yahoo to avail the same. That being said, here are the settings for each:
For Gmail:
Connection Settings > Incoming E-Mail
User name: Enter your complete Gmail e-mail address including '@gmail.com'
Password: Enter your Password
Incoming Mail Server: imap.gmail.com
Access Point in Use: Select the active data connection
Mailbox Name: Whatever you like
Mailbox Type: IMAP4
Security (ports): SSL/TLS
Port: Default
Connection Settings > Outgoing E-Mail
My e-mail address: Enter your complete Gmail e-mail address including '@gmail.com'
User name: Again enter your complete Gmail e-mail address including '@gmail.com'
Password: Enter your password
Outgoing Mail Server: smtp.gmail.com
Access Point in Use: Select the active data connection
Security (ports): StartTLS
Port: 587
User Settings:
My Name: Whatever name you'd like to appear in your sent emails
Send Message: Choose 'Immediately' if you would like your phone to connect to the internet and send the message everytime you send an e-mail. Otherwise choose 'during next connection'
Send copy to self: Choose yes if you would like a copy of all mails that you send using your mobile, to be sent to your inbox too.Otherwise choose No.
Include Signature: Your choice. If you choose yes, enter the signature text
New E-Mail alerts: On
Reply to: If you would like people to reply to a different e-mail id then the current one, enter that.Else choose Off.
Delete E-mails From: Select Phone or Server. If you select phone, th emails get deleted only from the phone, although the header still remains till the next time you refresh. What this means is that mails deleted from you phone will continue to remain on your server and will be accessible the next time you access your mail using a PC.
Retrieval Settings:
E-Mail to retrieve: No choice here. Gmail only allows you to retrieve headers first. If you feel a mail is important you can select it and download the entire message later.
Retrieval Amount: Set how many e-mails you would like downloaded
IMAP4 folder path: This is set to 'Unix path' by default. Let it be
Folder Subscriptions: No changes required here
Automatic Retrieval: Select E-mail retrieval and set it to 'Enabled'.
Retrieval Days: All Days
Retrieval Hours: All Hours
Retrieval Intervalet it to 5 mins if you would like e-mails to get downloaded to your phone almost as soon as they arrive (Like Push E-Mail). Else select a time interval as desired.
Yahoo: (Provided you are subscribed to premium business mail)
Connection Settings > Incoming E-Mail
User name: Enter your yahoo user name only (without '@yahoo.com)
Password: Enter your Password
Incoming Mail Server: pop.mail.yahoo.com
Access Point in Use: Select the active data connection
Mailbox Name: Whatever you like
Mailbox Type: POP3
Security (ports): SSL/TLS
Port: Default
APOP secure login: Off
Connection Settings > Outgoing E-Mail
My e-mail address: Enter your complete yahoo e-mail address including '@yahoo.com'
User name: Enter your yahoo user name only (without '@yahoo.com)
Password: Enter your password
Outgoing Mail Server: smtp.mail.yahoo.com
Access Point in Use: Select the active data connection
Security (ports): SSL/TLS
Port: Default
User Settings:
My Name: Whatever name you'd like to appear in your sent emails
Send Message: Choose 'Immediately' if you would like your phone to connect to the internet and send the message everytime you send an e-mail. Otherwise choose 'during next connection'
Send copy to self: Choose yes if you would like a copy of all mails that you send using your mobile, to be sent to your inbox too.Otherwise choose No.
Include Signature: Your choice. If you choose yes, enter the signature text
New E-Mail alerts: On
Reply to: If you would like people to reply to a different e-mail id then the current one, enter that.Else choose Off.
Delete E-mails From: Select Phone or Server. If you select phone, th emails get deleted only from the phone, although the header still remains till the next time you refresh. What this means is that mails deleted from you phone will continue to remain on your server and will be accessible the next time you access your mail using a PC.
Retrieval Settings:
E-Mail to retrieve: Select 'Headers' only to retrieve headers first. If you feel a mail is important you can select it and download the entire message later. Select 'Size Limit' to set a limit to the size of e-mails that can be downloaded. Select 'Msgs. & Attchs' if you want everything to be downloaded.
Retrieval Amount: All
Automatic Retrieval: Select E-mail retrieval and set it to 'Enabled'.
Retrieval Days: All Days
Retrieval Hours: All Hours
Retrieval Interval: Select a time interval as desired.
With this done you should have no poblems accessing both, your yahoo mail and gmail on your E51 over a Wi-Fi connection or a data plan from your service provider. -
Expression using Map access not working....
I am attempting to use the ability to access a Map by key from a binding expression on the jsp. I have extended HashMap and overridden the get method in order to return a Boolean from the get(key) method.
This works:
rendered="#{bean.enabledFunctionSecurityMap['key1']}"
it ends up calling the bean.getEnableFunctionSecurityMap().get("key1");
This should work also but doesn't:
rendered="#{bean.enabledFunctionSecurityMap['key1'] or bean.enabledFunctionSecurityMap['key2']}"
Any reason why a single Boolean returned from a Map would work fine, but a more complex statement with 2 Booleans will not work. Doing a statement like this just accessing multiple boolean getter functions on a bean works, how come access muiltiple Map returns does not?
Any help is appreciated.
Thanks,
MikeAll righty then, I solved my own problem.
There were actually 2 issues.
1. I could so far only get this to work if the Overridden Map Object is registered as a manged-bean itself.
2. I was testing to see if it worked by using System.out.println methods in my overridden get() method. Appearantly the JSF EL is smarter than I am. If you have #{binding1 or binding2} and binding1 evaluates to True, binding2 is never evaluated. The expression is short circuited and returns true... DUH....
So this expression fires both bindings....
rendered="#{enabled['key1'] and not enabled['key2']}"
Where enabled is...
<managed-bean>
<managed-bean-name>enabled</managed-bean-name>
<managed-bean-class>security.EnabledFunctionSecurityMap</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
</managed-bean>
Next step will be to try and figure out how to get this to work where the EnabledFunctionSecurityMap is on another bean.
Hope this helps anyone trying to do the same.
Mike -
Help...create database(access) using java
i had developed an java application that capture packet using Jpcap but i dont know how to keep the packet captured into database(access).i can save the packet captured in text file but not in database(access).i already had the database conectivity but i don't know how to insert the packet caputred in the table in access, is it using sql statement like INSERT INTO? or else?i realy don't know.can someone help me....?
i can save the packet captured in to text file but not in database(access).I guess that you wish to get a databse file with your data, not a simple insert sql question.
1. commercial solution: HXTT Access(http://www.hxtt.com/access.html), which supports create database, create table sql, and batch insert data from any JDBC driver.
2. free solution: jdbc-odbc bridge and dsn-less jdbc url, you need to prepare a blank mdb file with blank table, then copy that blank mdb file into new mdb file, then repeat insert sql for that new mdb file. -
5520 to 5525 all access rules being ignored.
I copied my config from my old 5520 to our new 5525 and when I cut over to it from the inside out I could get to the internet no problem but from the outside in none of our access rules were working. Could someone take a look at our config and maybe inlighten me on the problem please. Thanks,
http://www.ebay.com/itm/290951611556?ssPageName=STRK:MEWNX:IT&_trksid=p3984.m1497.l2649
: Saved
: Written by admin at 02:33:30.875 EDT Mon Sep 30 2013
ASA Version 8.6(1)2
hostname ColASA01-HA
domain-name corp.COMPANY.com
names
name 172.22.5.133 ColBarracuda description Colo Barracuda Internal
name 74.XXX.XXX.133 ColBarracuda- description Colo Barracuda External
name 74.XXX.XXX.132 ColVPN- description Colo VPN External
name 172.22.5.138 ww2 description ww2 Internal
name 74.XXX.XXX.138 ww2- description ww2 External
name 172.22.5.139 www1 description www1 Internal
name 74.XXX.XXX.139 www1- description www1 External
name 172.22.5.140 www1-COMPANY.co.uk description www1 COMPANY.co.uk Internal
name 172.22.5.143 ColSysAid description ColSysAid Internal
name 74.XXX.XXX.143 ColSysAid- description ColSysAid External
name 172.22.5.141 Colww3 description Colww3 Internal
name 74.XXX.XXX.141 Colww3- description Colww3 External
name 10.1.1.100 Facts description Facts Internal
name 74.XXX.XXX.135 Facts- description Facts External
name 74.XXX.XXX.144 ftp.boundree.co.uk- description ftp.COMPANY.co.uk External
name 172.22.5.144 ftp.COMPANY.co.uk description ftp.COMPANY.co.uk Internal
name 10.101.0.24 Dubmss01 description Voicemail Server - Internal
name 74.XXX.XXX.145 Dubmss01- description Voicemail Sever - External
name 172.22.5.146 ColBI01 description ColBI01 Internal
name 74.XXX.XXX.146 ColBI01- description ColBI01 External
name 172.22.5.147 ColMOSS01 description ColMOSS01 Internal
name 74.XXX.XXX.147 ColMOSS01- description ColMOSS01 External
name 172.22.5.149 ambutrak description AmbuTRAK Internal
name 74.XXX.XXX.149 ambutrak- description AmbuTRAK External
name 172.22.5.136 NSTrax description NSTrax Internal
name 74.XXX.XXX.136 NSTrax- description NSTrax External
name 172.22.5.150 btmu description BTMU Internal
name 74.XXX.XXX.150 btmu- description BTMU External
name 172.22.5.155 w2k-isoft description w2k-isoft Internal
name 74.XXX.XXX.155 w2k-isoft- description w2k-isoft External
name 172.22.5.142 Colexch01 description Colexch01 Internal
name 172.22.5.151 Coltixdb description Coltxdb Internal
name 74.XXX.XXX.151 Coltixdb- description Coltixdb External
name 172.22.5.156 colexcas description colexcas Internal
name 74.XXX.XXX.156 colexcas- description colexcas External
name 172.22.3.74 colexcas01 description colexcas01 Internal
name 172.22.3.75 colexcas02 description colexcas02 Internal
name 172.22.5.157 ColFTP01 description ColFTP01 Internal
name 74.XXX.XXX.157 ColFTP01- description ColFTP01 External
name 172.22.5.158 www.COMPANY.com description www.COMPANY.com Internal
name 74.XXX.XXX.158 www.COMPANY.com- description www.COMPANY.com External
name 172.22.5.159 act.COMPANY.com description COMPANY ACT Internal - colww4
name 74.XXX.XXX.159 act.COMPANY.com- description COMPANY ACT External
name 172.22.3.93 test.COMPANY.com description test.COMPANY.com Internal
name 172.22.5.161 ColdevAS2 description ColdevAS2 Internal
name 74.XXX.XXX.160 Rewards.COMPANY.com- description COMPANY Rewards External
name 74.XXX.XXX.153 as2.COMPANY.com- description as2.COMPANY.com External
name 74.XXX.XXX.161 as2test.COMPANY.com- description as2test.COMPANY.com External
name 172.22.5.153 colas2 description colas2 Internal
name 172.22.5.160 colww5 description colww5 Internal
name 172.22.3.91 colexcas01NLB description colexcas01 NLB Interface
name 172.22.3.92 colexcas02NLB description colexcas02 NLB Interface
name 172.22.3.100 ColVPN description Colo VPN Internal
name 172.22.5.134 intra.COMPANY.com description on NewPortal
name 74.XXX.XXX.134 intra.COMPANY.com- description It's on NewPortal
name 10.1.0.80 asgard description asgard Internal
name 74.XXX.XXX.163 www.COMPANY.net- description www.COMPANY.net External
name 172.22.5.165 crmws.COMPANY.com description ColCrmRouter01 Internal
name 74.XXX.XXX.165 crmws.COMPANY.com- description ColCrmRouter01 External
name 10.1.5.137 dubngwt description Test Next Gen Web Farm Internal
name 74.XXX.XXX.137 dubngwt- description Test Next Gen Web Farm External
name 10.1.0.87 dubexcas description Dublin CAS NLB
name 10.1.0.85 dubexcas01 description Dublin CAS Server
name 10.1.0.86 dubexcas02 description Dublin CAS Server
name 74.XXX.XXX.166 collync01- description Lync Edge Server External
name 74.XXX.XXX.167 coltmg01- description TMG Server External
name 172.23.2.166 collync01 description Lync Edge Server DMZ
name 172.23.2.167 coltmg01 description TMG Server DMZ
name 172.22.5.168 COMPANYfed.com description COMPANYfed.com Internal
name 74.XXX.XXX.168 COMPANYfed.com- description COMPANYfed.com External
name 172.22.3.60 www1.COMPANY.com description www1.COMPANY.com Internal
name 74.XXX.XXX.169 www1.COMPANY.com- description www1.COMPANY.com External
name 172.22.3.63 www1.COMPANYfed.com description www1.COMPANYfed.com Internal
name 74.XXX.XXX.171 www1.COMPANYfed.com- description www1.COMPANYfed.com External
name 172.22.3.61 www2.COMPANY.com description www2.COMPANY.com Internal
name 74.XXX.XXX.170 www2.COMPANY.com- description www2.COMPANY.com External
name 172.22.3.64 www2.COMPANYfed.com description www2.COMPANYfed.com Internal
name 74.XXX.XXX.172 www2.COMPANYfed.com- description www2.COMPANYfed.com External
name 172.22.5.154 COMPANY.com description COMPANY.com Web Farm Production
name 74.XXX.XXX.154 COMPANY.com- description COMPANY.com Web Farm Outside
name 184.XXX.XXX.226 PMISonicWALL description PMI SonicWALL
name 10.10.0.0 PMI_SonicWALL-Subnet description PMI LAN
name 10.1.0.0 DublinData description Dublin Data Network
name 10.2.0.0 SouthavenData description Southaven Data Network
name 10.0.0.0 BrentwoodData description Brentwood Data Network
name 10.8.0.0 GilbertData description Gilbert Data Network
name 10.101.0.0 DublinVoIP description Dublin VoIP Network
name 10.110.0.0 PMI_SonicWALL-VOICSubnet
name 172.24.3.50 ColUT04-PCITrust
name 172.22.3.31 coldc01
name 172.22.3.4 coldc02
name 172.22.3.23 ColWSUS02 description Windows Update Server
name 74.XXX.XXX.175 monitor.COMPANY.com- description PRTG Network Monitor
name 172.22.3.150 ColPRTG01 description PRTG Monitor
dns-guard
interface GigabitEthernet0/0
description Connected to Internet via COLRTR01
speed 100
duplex full
shutdown
nameif outside
security-level 0
ip address 74.XXX.XXX.130 255.255.255.192 standby 74.XXX.XXX.176
ospf cost 10
interface GigabitEthernet0/1
description Connected to Colo LAN
speed 100
duplex full
nameif inside
security-level 100
ip address 172.22.1.8 255.255.0.0 standby 172.22.1.50
ospf cost 10
authentication key eigrp 10 Fiyalt1 key-id 1
authentication mode eigrp 10 md5
interface GigabitEthernet0/2
nameif DMZ
security-level 10
ip address 172.23.2.1 255.255.255.0 standby 172.23.2.50
ospf cost 10
interface GigabitEthernet0/3
description Connected to COLSW01 port 9 - PCI Trust Area (no internet)
nameif Colo_PCI_Trust
security-level 100
ip address 172.24.3.1 255.255.255.0 standby ColUT04-PCITrust
ospf cost 10
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/6
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/7
description LAN/STATE Failover Interface
interface Management0/0
nameif management
security-level 100
ip address 10.1.200.20 255.255.0.0 standby 10.1.200.21
ospf cost 10
management-only
boot system disk0:/asa861-2-smp-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns server-group DefaultDNS
domain-name corp.COMPANY.com
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj-172.22.255.0
subnet 172.22.255.0 255.255.255.0
object network PMI_SonicWALL-Subnet
subnet 10.10.0.0 255.255.0.0
object network obj-172.24.3.0
subnet 172.24.3.0 255.255.255.0
object network ColWSUS02
host 172.22.3.23
object network ambutrak
host 172.22.5.149
object network ambutrak-
host 74.XXX.XXX.149
object network btmu
host 172.22.5.150
object network btmu-
host 74.XXX.XXX.150
object network ColBarracuda
host 172.22.5.133
object network ColBarracuda-
host 74.XXX.XXX.133
object network ColBI01
host 172.22.5.146
object network ColBI01-
host 74.XXX.XXX.146
object network colexcas
host 172.22.5.156
object network colexcas-
host 74.XXX.XXX.156
object network ColMOSS01
host 172.22.5.147
object network ColMOSS01-
host 74.XXX.XXX.147
object network COMPANY.com
host 172.22.5.154
object network COMPANY.com-
host 74.XXX.XXX.154
object network Coltixdb
host 172.22.5.151
object network Coltixdb-
host 74.XXX.XXX.151
object network Colww3
host 172.22.5.141
object network Colww3-
host 74.XXX.XXX.141
object network ColSysAid
host 172.22.5.143
object network ColSysAid-
host 74.XXX.XXX.143
object network ColVPN
host 172.22.3.100
object network ColVPN-
host 74.XXX.XXX.132
object network colas2
host 172.22.5.153
object network as2.COMPANY.com-
host 74.XXX.XXX.153
object network Dubmss01
host 10.101.0.24
object network Dubmss01-
host 74.XXX.XXX.145
object network Facts
host 10.1.1.100
object network Facts-
host 74.XXX.XXX.135
object network ftp.COMPANY.co.uk
host 172.22.5.144
object network ftp.boundree.co.uk-
host 74.XXX.XXX.144
object network NSTrax
host 172.22.5.136
object network NSTrax-
host 74.XXX.XXX.136
object network w2k-isoft
host 172.22.5.155
object network w2k-isoft-
host 74.XXX.XXX.155
object network www1
host 172.22.5.139
object network www1-
host 74.XXX.XXX.139
object network ww2
host 172.22.5.138
object network ww2-
host 74.XXX.XXX.138
object network ColFTP01
host 172.22.5.157
object network ColFTP01-
host 74.XXX.XXX.157
object network www.COMPANY.com
host 172.22.5.158
object network www.COMPANY.com-
host 74.XXX.XXX.158
object network act.COMPANY.com
host 172.22.5.159
object network act.COMPANY.com-
host 74.XXX.XXX.159
object network colww5
host 172.22.5.160
object network Rewards.COMPANY.com-
host 74.XXX.XXX.160
object network ColdevAS2
host 172.22.5.161
object network as2test.COMPANY.com-
host 74.XXX.XXX.161
object network intra.COMPANY.com
host 172.22.5.134
object network intra.COMPANY.com-
host 74.XXX.XXX.134
object network asgard
host 10.1.0.80
object network www.COMPANY.net-
host 74.XXX.XXX.163
object network crmws.COMPANY.com
host 172.22.5.165
object network crmws.COMPANY.com-
host 74.XXX.XXX.165
object network dubngwt
host 10.1.5.137
object network dubngwt-
host 74.XXX.XXX.137
object network COMPANYfed.com
host 172.22.5.168
object network COMPANYfed.com-
host 74.XXX.XXX.168
object network www1.COMPANYfed.com
host 172.22.3.63
object network www1.COMPANYfed.com-
host 74.XXX.XXX.171
object network www2.COMPANYfed.com
host 172.22.3.64
object network www2.COMPANYfed.com-
host 74.XXX.XXX.172
object network www1.COMPANY.com
host 172.22.3.60
object network www1.COMPANY.com-
host 74.XXX.XXX.169
object network www2.COMPANY.com
host 172.22.3.61
object network www2.COMPANY.com-
host 74.XXX.XXX.170
object network ColPRTG01
host 172.22.3.150
object network monitor.COMPANY.com-
host 74.XXX.XXX.175
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network collync01
host 172.23.2.166
object network collync01-
host 74.XXX.XXX.166
object network coltmg01
host 172.23.2.167
object network coltmg01-
host 74.XXX.XXX.167
object-group service DM_INLINE_SERVICE_1
service-object gre
service-object tcp destination eq pptp
object-group service Barracuda tcp
port-object eq 8000
object-group service DM_INLINE_TCP_1 tcp
port-object eq www
port-object eq https
port-object eq smtp
port-object eq ssh
group-object Barracuda
object-group service DM_INLINE_TCP_2 tcp
port-object eq www
port-object eq https
port-object eq smtp
object-group service DM_INLINE_TCP_3 tcp
port-object eq www
port-object eq https
port-object eq smtp
object-group service DM_INLINE_TCP_5 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_7 tcp
port-object eq www
port-object eq https
object-group service mySQL tcp
description mySQL Database
port-object eq 3306
object-group service DM_INLINE_TCP_9 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_10 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_11 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_12 tcp
port-object eq www
port-object eq https
object-group service as2 tcp
description as2
port-object eq 4080
port-object eq 5080
port-object eq https
port-object eq 6080
object-group network DM_INLINE_NETWORK_2
network-object host ColBarracuda
network-object host ww2
network-object host www1
network-object host colexcas01
network-object host colexcas02
network-object host colexcas
network-object host test.COMPANY.com
network-object host colexcas01NLB
network-object host colexcas02NLB
network-object host dubexcas01
network-object host dubexcas02
network-object host dubexcas
object-group service SQLServer tcp
description Microsoft SQL Server
port-object eq 1433
object-group service DM_INLINE_TCP_13 tcp
port-object eq www
port-object eq https
port-object eq smtp
object-group service DM_INLINE_TCP_14 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_15 tcp
port-object eq www
port-object eq https
object-group network DM_INLINE_NETWORK_1
network-object host as2.COMPANY.com-
network-object host as2test.COMPANY.com-
object-group service DM_INLINE_TCP_6 tcp
port-object eq www
port-object eq https
object-group service rdp tcp
description Remote Desktop Protocol
port-object eq 3389
object-group service DM_INLINE_TCP_8 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_16 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_17 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_4 tcp
port-object eq www
port-object eq https
object-group service LyncEdge tcp-udp
description sip-tls, 443, 444, rtp 50000-59999, stun udp 3478
port-object eq 3478
port-object eq 443
port-object eq 444
port-object range 50000 59999
port-object eq 5061
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service DM_INLINE_TCP_18 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_19 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_20 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_21 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_22 tcp
port-object eq www
port-object eq https
object-group network PMIVPNNetworks
description VPN Networks to PMI
network-object BrentwoodData 255.255.0.0
network-object DublinData 255.255.0.0
network-object SouthavenData 255.255.0.0
network-object GilbertData 255.255.0.0
network-object 172.22.0.0 255.255.0.0
network-object DublinVoIP 255.255.0.0
object-group network PMI_SonicWALL-Subnets
network-object PMI_SonicWALL-Subnet 255.255.0.0
network-object PMI_SonicWALL-VOICSubnet 255.255.0.0
object-group network COLDCs
network-object host coldc01
network-object host coldc02
access-list inside_access_in remark Allow SMTP from certain servers.
access-list inside_access_in extended permit tcp object-group DM_INLINE_NETWORK_2 any eq smtp
access-list inside_access_in remark No SMTP except from allowed servers
access-list inside_access_in extended deny tcp any any eq smtp log errors
access-list inside_access_in extended permit ip any any
access-list inside_access_in remark For debugging (can enable logging)
access-list inside_access_in extended deny ip any any
access-list outside_access_in remark Allow Ping
access-list outside_access_in extended permit icmp any any
access-list outside_access_in remark Allow VPN
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object ColVPN-
access-list outside_access_in remark Allow SMTP, HTTP, and HTTPS to the Exchange CAS NLB Cluster
access-list outside_access_in extended permit tcp any object colexcas- object-group DM_INLINE_TCP_13
access-list outside_access_in remark Allow SMTP, SSH, and Web
access-list outside_access_in extended permit tcp any object ColBarracuda- object-group DM_INLINE_TCP_1
access-list outside_access_in remark Allow HTTP and HTTPS to AmbuTRAK
access-list outside_access_in extended permit tcp any object ambutrak- object-group DM_INLINE_TCP_10
access-list outside_access_in remark Allow SMTP, HTTP and HTTPS to ww2
access-list outside_access_in extended permit tcp any object ww2- object-group DM_INLINE_TCP_2
access-list outside_access_in remark Allow SMTP, HTTP and HTTPS to www1
access-list outside_access_in extended permit tcp any object www1- object-group DM_INLINE_TCP_3
access-list outside_access_in remark Allow portal.bouindtree.com to COLMOSS01
access-list outside_access_in extended permit tcp any object ColMOSS01- object-group DM_INLINE_TCP_9
access-list outside_access_in remark Allow HTTP and HTTPS to ems.COMPANY.com
access-list outside_access_in extended permit tcp any object Colww3- object-group DM_INLINE_TCP_5
access-list outside_access_in remark Allow HTTP and HTTPS to helpdesk.COMPANY.com
access-list outside_access_in extended permit tcp any object ColSysAid- object-group DM_INLINE_TCP_7
access-list outside_access_in remark Allow SSH to Facts
access-list outside_access_in extended permit tcp any object Facts- eq ssh inactive
access-list outside_access_in remark Allow mySQL to NSTrax for IQ
access-list outside_access_in extended permit tcp any object NSTrax- object-group mySQL inactive
access-list outside_access_in remark Allow FTP to ftp.COMPANY.co.uk
access-list outside_access_in extended permit tcp any object ftp.boundree.co.uk- eq ftp inactive
access-list outside_access_in remark Allow IMAP to the Voice Mail Server
access-list outside_access_in extended permit tcp any object Dubmss01- eq imap4
access-list outside_access_in remark Permit HTTPS to ColBI01 for https://reports.COMPANY.com
access-list outside_access_in extended permit tcp any object ColBI01- eq https inactive
access-list outside_access_in remark Allow FTP to btmu.COMPANY.com
access-list outside_access_in extended permit tcp any object btmu- eq ftp
access-list outside_access_in remark Allow HTTP and HTTPS to colngwt - the Test Next Gen Web Farm
access-list outside_access_in extended permit tcp any object dubngwt- object-group DM_INLINE_TCP_17 inactive
access-list outside_access_in remark Allow HTTP and HTTPS to COMPANYfed.com
access-list outside_access_in extended permit tcp any object COMPANYfed.com- object-group DM_INLINE_TCP_18
access-list outside_access_in remark Allow HTTP and HTTPS to colngwp - the Next Gen Web Farm
access-list outside_access_in extended permit tcp any object COMPANY.com- object-group DM_INLINE_TCP_11
access-list outside_access_in remark Allow HTTP and HTTPS to Colww5, which is one of our web servers.
access-list outside_access_in remark rewards.COMPANY.com is going live first on this web server.
access-list outside_access_in extended permit tcp any object Rewards.COMPANY.com- object-group DM_INLINE_TCP_12
access-list outside_access_in remark Allow HTTP and HTTPS to act.COMPANY.com
access-list outside_access_in extended permit tcp any object act.COMPANY.com- object-group DM_INLINE_TCP_15
access-list outside_access_in remark Allow AS2 (443, 4080, 5080, 6080) to the AS2 Production and Test Machines
access-list outside_access_in extended permit tcp any object-group DM_INLINE_NETWORK_1 object-group as2
access-list outside_access_in remark Allow HTTP and HTTPS to www.COMPANY.com
access-list outside_access_in extended permit tcp any object www.COMPANY.com- object-group DM_INLINE_TCP_14
access-list outside_access_in remark Allow AS2 to w2k-isoft
access-list outside_access_in extended permit tcp any object w2k-isoft- object-group as2
access-list outside_access_in remark All SQL Server (SSL) to Coltixdb
access-list outside_access_in extended permit tcp any object Coltixdb- object-group SQLServer
access-list outside_access_in remark Allow FTP to ColFTP01
access-list outside_access_in extended permit tcp any object ColFTP01- eq ftp
access-list outside_access_in remark allow http/https access in intra.COMPANY.com
access-list outside_access_in extended permit tcp any object intra.COMPANY.com- object-group DM_INLINE_TCP_6
access-list outside_access_in remark Allow http and https to asgard
access-list outside_access_in extended permit tcp any object www.COMPANY.net- object-group DM_INLINE_TCP_8
access-list outside_access_in remark Allow HTTP and HTTPS to ColCrmRouter01 (crmws.COMPANY.com)
access-list outside_access_in extended permit tcp any object crmws.COMPANY.com- object-group DM_INLINE_TCP_16
access-list outside_access_in remark Allow HTTP and HTTPS to coltmg01
access-list outside_access_in extended permit tcp any object coltmg01- object-group DM_INLINE_TCP_4
access-list outside_access_in remark Allow Lync Edgel traffic to collync01
access-list outside_access_in extended permit object-group TCPUDP any object collync01- object-group LyncEdge
access-list outside_access_in remark Allow HTTP and HTTPS to www1.COMPANY.com
access-list outside_access_in extended permit tcp any object www1.COMPANY.com- object-group DM_INLINE_TCP_19
access-list outside_access_in remark Allow HTTP and HTTPS to www2.COMPANY.com
access-list outside_access_in extended permit tcp any object www2.COMPANY.com- object-group DM_INLINE_TCP_20
access-list outside_access_in remark Allow HTTP and HTTPS to www1.COMPANYfed.com
access-list outside_access_in extended permit tcp any object www1.COMPANYfed.com- object-group DM_INLINE_TCP_21
access-list outside_access_in remark Allow HTTP and HTTPS to www2.COMPANYfed.com
access-list outside_access_in extended permit tcp any object www2.COMPANYfed.com- object-group DM_INLINE_TCP_22
access-list outside_access_in extended permit tcp any object monitor.COMPANY.com- eq www
access-list outside_access_in remark For debugging (can enable logging)
access-list outside_access_in extended deny ip any any
access-list inside_nat0_outbound extended permit ip any 172.22.255.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip object-group PMIVPNNetworks object PMI_SonicWALL-Subnet
access-list inside_nat0_outbound remark Domain Controller one to many rule so PCI Trust servers can reslove DNS names and authenticate.
access-list inside_nat0_outbound extended permit ip object-group COLDCs 172.24.3.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip object ColWSUS02 172.24.3.0 255.255.255.0
access-list outside_1_cryptomap extended permit ip object-group PMIVPNNetworks object-group PMI_SonicWALL-Subnets
access-list Colo_PCI_Trust_access_in extended permit ip any any
pager lines 24
logging enable
logging asdm warnings
logging mail critical
logging from-address [email protected]
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
mtu Colo_PCI_Trust 1500
mtu management 1500
ip local pool vpnphone-ip-pool 172.22.255.1-172.22.255.254 mask 255.255.255.0
failover
failover lan unit primary
failover lan interface HA GigabitEthernet0/7
failover key Fiyalt!
failover link HA GigabitEthernet0/7
failover interface ip HA 172.16.200.1 255.255.255.248 standby 172.16.200.2
no monitor-interface DMZ
no monitor-interface Colo_PCI_Trust
no monitor-interface management
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit 172.24.3.0 255.255.255.0 Colo_PCI_Trust
asdm image disk0:/asdm-66114.bin
asdm location ColVPN- 255.255.255.255 inside
asdm location ColBarracuda- 255.255.255.255 inside
asdm location ColBarracuda 255.255.255.255 inside
asdm location ww2- 255.255.255.255 inside
asdm location www1- 255.255.255.255 inside
asdm location ww2 255.255.255.255 inside
asdm location www1 255.255.255.255 inside
asdm location Colww3- 255.255.255.255 inside
asdm location Colww3 255.255.255.255 inside
asdm location ColSysAid- 255.255.255.255 inside
asdm location ColSysAid 255.255.255.255 inside
asdm location Facts 255.255.255.255 inside
asdm location Facts- 255.255.255.255 inside
asdm location NSTrax- 255.255.255.255 inside
asdm location ftp.boundree.co.uk- 255.255.255.255 inside
asdm location ftp.COMPANY.co.uk 255.255.255.255 inside
asdm location Dubmss01 255.255.255.255 inside
asdm location Dubmss01- 255.255.255.255 inside
asdm location ColBI01- 255.255.255.255 inside
asdm location ColBI01 255.255.255.255 inside
asdm location ColMOSS01 255.255.255.255 inside
asdm location ColMOSS01- 255.255.255.255 inside
asdm location ambutrak- 255.255.255.255 inside
asdm location ambutrak 255.255.255.255 inside
asdm location NSTrax 255.255.255.255 inside
asdm location btmu- 255.255.255.255 inside
asdm location btmu 255.255.255.255 inside
asdm location COMPANY.com- 255.255.255.255 inside
asdm location COMPANY.com 255.255.255.255 inside
asdm location as2.COMPANY.com- 255.255.255.255 inside
asdm location colas2 255.255.255.255 inside
asdm location w2k-isoft- 255.255.255.255 inside
asdm location w2k-isoft 255.255.255.255 inside
asdm location Coltixdb- 255.255.255.255 inside
asdm location Coltixdb 255.255.255.255 inside
asdm location colexcas- 255.255.255.255 inside
asdm location colexcas01 255.255.255.255 inside
asdm location colexcas02 255.255.255.255 inside
asdm location colexcas 255.255.255.255 inside
asdm location ColFTP01- 255.255.255.255 inside
asdm location ColFTP01 255.255.255.255 inside
asdm location www.COMPANY.com- 255.255.255.255 inside
asdm location www.COMPANY.com 255.255.255.255 inside
asdm location act.COMPANY.com- 255.255.255.255 inside
asdm location act.COMPANY.com 255.255.255.255 inside
asdm location Rewards.COMPANY.com- 255.255.255.255 inside
asdm location colww5 255.255.255.255 inside
asdm location as2test.COMPANY.com- 255.255.255.255 inside
asdm location ColdevAS2 255.255.255.255 inside
asdm location test.COMPANY.com 255.255.255.255 inside
asdm location colexcas01NLB 255.255.255.255 inside
asdm location colexcas02NLB 255.255.255.255 inside
asdm location ColVPN 255.255.255.255 inside
asdm location intra.COMPANY.com- 255.255.255.255 inside
asdm location intra.COMPANY.com 255.255.255.255 inside
asdm location asgard 255.255.255.255 inside
asdm location www.COMPANY.net- 255.255.255.255 inside
asdm location crmws.COMPANY.com- 255.255.255.255 inside
asdm location crmws.COMPANY.com 255.255.255.255 inside
asdm location dubngwt- 255.255.255.255 inside
asdm location dubngwt 255.255.255.255 inside
asdm location dubexcas01 255.255.255.255 inside
asdm location dubexcas02 255.255.255.255 inside
asdm location dubexcas 255.255.255.255 inside
asdm location collync01- 255.255.255.255 inside
asdm location coltmg01- 255.255.255.255 inside
asdm location collync01 255.255.255.255 inside
asdm location coltmg01 255.255.255.255 inside
asdm location COMPANYfed.com- 255.255.255.255 inside
asdm location COMPANYfed.com 255.255.255.255 inside
asdm location www1.COMPANY.com- 255.255.255.255 inside
asdm location www2.COMPANY.com- 255.255.255.255 inside
asdm location www1.COMPANYfed.com- 255.255.255.255 inside
asdm location www2.COMPANYfed.com- 255.255.255.255 inside
asdm location www1.COMPANY.com 255.255.255.255 inside
asdm location www2.COMPANY.com 255.255.255.255 inside
asdm location www1.COMPANYfed.com 255.255.255.255 inside
asdm location www2.COMPANYfed.com 255.255.255.255 inside
asdm location PMI_SonicWALL-Subnet 255.255.0.0 inside
asdm location PMISonicWALL 255.255.255.255 inside
asdm location BrentwoodData 255.255.0.0 inside
asdm location GilbertData 255.255.0.0 inside
asdm location coldc01 255.255.255.255 inside
asdm location coldc02 255.255.255.255 inside
asdm location ColWSUS02 255.255.255.255 inside
asdm location monitor.COMPANY.com- 255.255.255.255 inside
asdm location ColPRTG01 255.255.255.255 inside
no asdm history enable
arp timeout 14400
nat (inside,any) source static any any destination static obj-172.22.255.0 obj-172.22.255.0 no-proxy-arp
nat (inside,any) source static PMIVPNNetworks PMIVPNNetworks destination static PMI_SonicWALL-Subnet PMI_SonicWALL-Subnet no-proxy-arp
nat (inside,any) source static COLDCs COLDCs destination static obj-172.24.3.0 obj-172.24.3.0 no-proxy-arp
nat (inside,any) source static ColWSUS02 ColWSUS02 destination static obj-172.24.3.0 obj-172.24.3.0 no-proxy-arp
object network ambutrak
nat (inside,outside) static ambutrak-
object network btmu
nat (inside,outside) static btmu-
object network ColBarracuda
nat (inside,outside) static ColBarracuda-
object network ColBI01
nat (inside,outside) static ColBI01-
object network colexcas
nat (inside,outside) static colexcas-
object network ColMOSS01
nat (inside,outside) static ColMOSS01-
object network COMPANY.com
nat (inside,outside) static COMPANY.com-
object network Coltixdb
nat (inside,outside) static Coltixdb-
object network Colww3
nat (inside,outside) static Colww3-
object network ColSysAid
nat (inside,outside) static ColSysAid-
object network ColVPN
nat (inside,outside) static ColVPN-
object network colas2
nat (inside,outside) static as2.COMPANY.com-
object network Dubmss01
nat (inside,outside) static Dubmss01-
object network Facts
nat (inside,outside) static Facts-
object network ftp.COMPANY.co.uk
nat (inside,outside) static ftp.COMPANY.co.uk-
object network NSTrax
nat (inside,outside) static NSTrax-
object network w2k-isoft
nat (inside,outside) static w2k-isoft-
object network www1
nat (inside,outside) static www1-
object network ww2
nat (inside,outside) static ww2-
object network ColFTP01
nat (inside,outside) static ColFTP01-
object network www.COMPANY.com
nat (inside,outside) static www.COMPANY.com-
object network act.COMPANY.com
nat (inside,outside) static act.COMPANY.com-
object network colww5
nat (inside,outside) static Rewards.COMPANY.com-
object network ColdevAS2
nat (inside,outside) static as2test.COMPANY.com-
object network intra.COMPANY.com
nat (inside,outside) static intra.COMPANY.com-
object network asgard
nat (inside,outside) static www.COMPANY.net-
object network crmws.COMPANY.com
nat (inside,outside) static crmws.COMPANY.com-
object network dubngwt
nat (inside,outside) static dubngwt-
object network COMPANYfed.com
nat (inside,outside) static COMPANYfed.com-
object network www1.COMPANYfed.com
nat (inside,outside) static www1.COMPANYfed.com-
object network www2.COMPANYfed.com
nat (inside,outside) static www2.COMPANYfed.com-
object network www1.COMPANY.com
nat (inside,outside) static www1.COMPANY.com-
object network www2.COMPANY.com
nat (inside,outside) static www2.COMPANY.com-
object network ColPRTG01
nat (inside,outside) static monitor.COMPANY.com-
object network obj_any
nat (inside,outside) dynamic 74.XXX.XXX.131
object network collync01
nat (DMZ,outside) static collync01-
object network coltmg01
nat (DMZ,outside) static coltmg01-
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
access-group Colo_PCI_Trust_access_in in interface Colo_PCI_Trust
router eigrp 10
no auto-summary
eigrp router-id 172.22.1.8
network 172.22.0.0 255.255.0.0
route outside 0.0.0.0 0.0.0.0 74.XXX.XXX.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server Colo protocol radius
aaa-server Colo (inside) host coldc02
timeout 5
key Bound/\Tree
radius-common-pw Bound/\Tree
aaa-server Colo (inside) host coldc01
timeout 5
key Bound/\Tree
user-identity default-domain LOCAL
http server enable
http 172.22.0.0 255.255.0.0 inside
http DublinData 255.255.0.0 inside
http DublinData 255.255.0.0 management
snmp-server host inside 10.1.0.59 community public
snmp-server host inside ColPRTG01 community public
snmp-server location Columbus, OH - Colo
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer PMISonicWALL
crypto map outside_map 1 set ikev1 transform-set ESP-3DES-SHA
crypto map outside_map 1 set nat-t-disable
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ikev1 enable outside
crypto ikev1 enable inside
crypto ikev1 policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 28800
telnet BrentwoodData 255.0.0.0 inside
telnet coldc02 255.255.255.255 inside
telnet DublinData 255.255.0.0 management
telnet timeout 5
ssh 172.22.0.0 255.255.0.0 inside
ssh DublinData 255.255.0.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp server 74.14.179.211 source outside prefer
ntp server 69.64.72.238 source outside prefer
ntp server coldc02 source inside
ntp server 74.120.8.2 source outside prefer
ntp server 108.61.56.35 source outside prefer
ntp server coldc01 source inside
webvpn
group-policy GroupPolicy_74.XXX.XXX.130 internal
group-policy GroupPolicy_74.XXX.XXX.130 attributes
vpn-tunnel-protocol ikev1
group-policy VPNPHONE internal
group-policy VPNPHONE attributes
dns-server value 172.22.3.4 172.22.3.31
vpn-tunnel-protocol ikev1
default-domain value corp.COMPANY.com
tunnel-group VPNPHONE type remote-access
tunnel-group VPNPHONE general-attributes
address-pool vpnphone-ip-pool
authentication-server-group Colo
default-group-policy VPNPHONE
tunnel-group VPNPHONE ipsec-attributes
ikev1 pre-shared-key *
tunnel-group 184.XXX.XXX.226 type ipsec-l2l
tunnel-group 184.XXX.XXX.226 ipsec-attributes
ikev1 pre-shared-key *
peer-id-validate nocheck
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect tftp
inspect http
inspect icmp
inspect pptp
inspect icmp error
inspect ip-options
class class-default
service-policy global_policy global
smtp-server 172.22.5.156
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly 18
subscribe-to-alert-group configuration periodic monthly 18
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:65e78911eefb94bd98892700b143f716
: endHi,
Any ASA using software 8.3 or above that does Static NAT between private and public IP addresses (or any NAT at all) and you want to allow traffic from public network to those Static NATed servers you will need to use the local/real IP address in the ACL statements.
If your ASA5520 was running 8.3 or above software levels then there should be no major changes compared to an ASA5525-X running 8.6 software level.
The only situation I can think of right now is if you had used ASA5520 with software 8.2 or below BUT in that case you WOULD NOT have been able to directly copy/paste the configuration to the ASA5525-X device as the lowest software level that the ASA5525-X supports is 8.6(1)
So I am kind of wondering what the situation has actually been.
But one thing is certain. You need to use the real/local IP address of the server in the ACL rules even if you are allowing traffic from the public/external network.
The "packet-tracer" test used to simulate a connection coming to one of your Static NAT public IP address should also tell if your ACLs are configured correctly, among other things.
- Jouni -
Connection from MS Access to Oracle DB
Hi,
One of my test application, running in windows XP is using MS ACCESS. They need to connect to oracle DB (10GR2). What all should i install at the client side to connect to my DB Listeners ?
I thought of installaing 10G client at the application PC. Is it needed or just installing ODBC and NET8 is enough ?... If so where will i get ODBC and Net8 for download ?
Regards,
JibuPavel wrote:
Hi Jibu
You need at least to create an ODBC connection to your Oracle database using the {Microsoft ODBC for Oracle} driver.
Why the MS driver? Oracle supplies their own, and either way you still need to install the oracle client. ODBC is NOT a replacement for native database connection layers -- at least not if the database is other than MS. There's not tell what MS does with its own stuff.
http://www.techonthenet.com/access/questions/oracle_connect.php
http://www.databasejournal.com/features/oracle/article.php/3358411/Connecting-with-Oracle-Accessing-Oracle-via-Access-and-Excel.htm
Regards,
Pavel -
Access manager installation on solaris zone
Hi
I have installed the Access manager 7.0, Sun java system app server 8.1, Sun sirectory server 5.2 through JES installer on solaris 10 zone AM55-zone. Installer summarry is below, which shows installtion complete without error, but I am not able to launch the amserver login page.
Any suggestion, what I did wrong? any thoughts?
Sid
Installation Complete
Software installation has completed successfully. You can view the installation
summary and log by using the choices below. Summary and log files are available
in /var/sadm/install/logs/.
Your next step is to perform the postinstallation configuration and
verification tasks documented in the Postinstallation Configuration and Startup
Chapter of the Sun Java(TM) Enterprise System Installation Guide. See: http:
//docs.sun.com/doc/819-2328.
Enter 1 to view installation summary and Enter 2 to view installation logs
[1] {"!" exits} 1
Installation Summary Report
Install Summary
Java Enterprise System : Installed
Sun Java(TM) System Message Queue 3 2005Q4 Enterprise Edition : Installed
Sun Java(TM) System Application Server Enterprise Edition 8.1 2005Q4 : Installed
Sun Java(TM) System Directory Preparation Tool : Installed
Sun Java(TM) System Directory Server 5 2005Q4 : Installed
Sun Java(TM) System Access Manager 7 2005Q4 : Installed
Configuration Data
Sun Java(TM) System Application Server Enterprise Edition 8.1 2005Q4 :
Domains and Instance Configuration Directory : /var/opt/SUNWappserver
Application Server Installation Directory : /opt/SUNWappserver
Sun Java(TM) System Directory Preparation Tool :
Directory Preparation Tool Installation Directory : /opt/SUNWcomds
Sun Java(TM) System Directory Server 5 2005Q4 :
Directory Server Admin User : admin
Directory Server Manager : cn=Directory Manager
Directory Server Identifier : AM55-zone
Directory Server Port : 389
Directory Server Root Suffix : dc=ipsolutionshowcase,dc=com
<--[33%]--[ENTER To Continue]--[n To Finish]--> {"!" exits}
Directory Server Administration Domain : ipsolutionshowcase.com
System User : root
System Group : root
Existing Configuration Directory : 0
Configuration Directory Host : AM55-zone.ipsolutionshowcase.com
Configuration Directory Port : 389
Configuration Directory Admin User : admin
Existing User Directory : 0
User Directory Host : AM55-zone.ipsolutionshowcase.com
User Directory Port : 389
User Directory Admin User : admin
User Directory Suffix : dc=ipsolutionshowcase,dc=com
Disable Schema Checking : 0
Add Sample Entries : 0
Populate Database : 1
Sun Java(TM) System Access Manager 7 2005Q4 :
Access Manager Installation Directory : /opt
Access Manager Protocol : http
Access Manager Port : 8080
LDAP User ID : amldapuser
<--[66%]--[ENTER To Continue]--[n To Finish]--> {"!" exits}
Administrator User ID : amAdmin
Web Container : AppServer
Access Manager Application Server Installation Directory :
/opt/SUNWappserver/appserver
Document Root : /var/opt/SUNWappserver/domains/domain1/docroot
Access Manager Console Host (for Existing console) : AM55-zone.
ipsolutionshowcase.com
Access Manager Console Deploy URI : amconsole
Access Manager Password Deploy URI : ampassword
Access Manager Host : AM55-zone.ipsolutionshowcase.com
Access Manager Services Deploy URI : amserver
Access Manager Cookie Domain List : .ipsolutionshowcase.com
Access Manager Common Domain Deploy URI : amcommon
Access Manager Directory Server Host Name : AM55-zone
Access Manager Directory Server Host : AM55-zone.ipsolutionshowcase.com
Access Manager Directory Server Port : 389
Access Manager Directory Root Suffix : dc=ipsolutionshowcase,dc=com
Access Manager Directory Manager DN : cn=Directory Manager
Organization Marker Object Class : sunISManagedOrganization
User Marker Object Class : inetorgperson
Organization Naming Attribute : o
User Naming Attribute : uid
<--[100%]--[ENTER To Continue]--[n To Finish]--> {"!" exits}
Enter 1 to view installation summary and Enter 2 to view installation logs
[1] {"!" exits} !
You have new mail in /var/mail/root
bash-3.00#
bash-3.00# cd /var/opt/mps/serverroot/slapd-AM55-zone
bash-3.00# ./start-slapdThanks samk,
After the installation, I have started the Directory server,admin,and console with following commands:
bash-3.00# directoryserver start
bash-3.00# directoryserver start-admin
SunONE-WebServer-Enterprise/6.0SP3 B05/19/2004 02:48
warning: daemon is running as super-user
[LS ls1] http://AM55-zone.ipsolutionshowcase.com <http://AM55-zone.ipsolutionshowcase.com> , port 390 ready to accept requests
startup: server started successfully
bash-3.00# directoryserver startconsole
Recieved the Login console window,logged in and got the ipsolutionshowcase tree.
What are the next steps I need to folow in order to launch the Access Manager page?
Ant thoughts?
Thanks for ye help
Sid
Maybe you are looking for
-
HR PA-EC: No Data in Source when data is there
All, I have activated standard business content and have connected ECC 5.0 source to BW 3.5. I tried executing a load for Compensation Process ODS and the load says there is no data available in source system. I checked the source and infotype tables
-
After re installing Mac OS X 10.4.8, I lost my documents and pictures. Can I retrieve them some how?
-
My MacBook crashes every time I connect a USB cord to it, anyone else have this problem?
I went to plug in my phone charger to update my music on my iPhone to my MacBook and it shut off. So i tried about 5 more times and each time the laptop crashed when the USB was plugged into the port. Can anyone explain why this is happening??
-
Unable to retain year setting in preferences
iMac 2.66 GHz OS X 10.6.8 Unable to retain "short year settings" in Preferences > Language & Text > Formats. Am able to set the year setting in the customize window to two digits with the pop-up menu for the year, which then appears correctly when t
-
Mail constantly asks for password
I have 3 email accounts setup in Mail. 1 is a POP email. The other 2 are IMAP. For some strange reason from the moment I open Mail, 1 of the IMAPs prompts me for my password. I enter it. Emmediately, it asks for my password again, and then the prompt