COMMUNICATION CHANEEL
Hi all,
can two communication channels have same sender interface and sender aggrement ?
Thanks,
Rao
Edited by: rao n on Apr 24, 2008 4:01 PM
Rao,
The following threads has similar discussion
schedule sender file adapter
Re: Schedule file adapter from monday to firday.
Schedule FTP Adapter on some specific days
HOW TO SCHEDULE A FILE ADAPTER
Regards
Agasthuri Doss
Similar Messages
-
FCC problem in Sender Communication Chaneel
Hi
in a i/b scenario my file has the following csv structure
1#XI_DOC#XI_DOC#XI_DOC
2#Amit#Kumar#shivhare
i need this to be converted in to the form
<?xml version="1.0" encoding="UTF-8"?>
<ns0:MT_FILE xmlns:ns0="http://SAPBPMTesting.com">
<DT_Header>
<File_Type>XI_DOC</File_Type>
<File_Name>XI_DOC</File_Name>
<File_Ext>XI_DOC</File_Ext>
</DT_Header>
<DT_CONTENT>
<FisrtName>Amit</FisrtName>
<MiddleName>Kumar</MiddleName>
<LastName>Shivhare</LastName>
</DT_CONTENT>
</ns0:MT_FILE>
so in the content conversion tab i have given the following values
doc name MT_FILE
doc name space http://SAPBPMTesting.com
doc offset
recordset name DT_File
recordset namespace
recordset structure DT_Header,DT_CONTENT,*
recordset sequence ascending
record sets per message 1
key field name KZ
key field type integer
DT_Header.fieldSeparator #
DT_Header.endSeparator 'nl'
DT_Header.fieldNames KZ,File_Type,File_Name,File_Ext
DT_Header.keyFieldValue 1
DT_Header.keyFieldInStructure ignore
DT_CONTENT.fieldSeparator #
DT_CONTENT.endSeparator 'nl'
DT_CONTENT.fieldNames KZ,FisrtName,MiddleName,LastName
DT_CONTENT.keyFieldValue 2
DT_CONTENT.keyFieldInStructure ignore
ignoreRecordsetName true
i get an error in file sender adaptor as
Conversion initialization failed: java.lang.Exception: java.lang.Exception: java.lang.Exception: Error(s) in XML conversion parameters found: Format error in 'xml.recordset' argument: incomplete structure (name,number) pair
can u pls suggest if the procedure followed is correctThnaks Vijay
that problem solved
but one problem still comming when i have sent data like
1#XI_DOC#XI_DOC#XI_DOC
2#Amit#Kumar#shivhare
2#Snit#Kumar#dasarahe
then in output structure only following XML is generated
<?xml version="1.0" encoding="UTF-8" ?>
- <ns0:MT_FILE xmlns:ns0="http://SAPBPMTesting.com">
- <DT_Header>
<File_Type>XI_DOC</File_Type>
<File_Name>XI_DOC</File_Name>
<File_Ext>XI_DOC</File_Ext>
</DT_Header>
- <DT_CONTENT>
<FisrtName>Amit</FisrtName>
<MiddleName>Kumar</MiddleName>
<LastName>shivhare</LastName>
</DT_CONTENT>
</ns0:MT_FILE>
i.e last line of input file not come in XML structure
Thanks
Amit -
Hi Experts,
My scenario is FileRFCFile Syncrinous. All the files being picked up from output tray by the Sender file CC.
and because of one error file suddenly Sender File CC is not picking remaining all the files in the tray. even after deleting the error file and after stopping and starting the Sender File CC, the new files came in the tray are not getting picked up.
kindly advice me how to resolve the issue.
Thanks,
SivaHi Abhijit,
Thanks for your reply,
The Error in auditlog is as ErrorCode: MESSAGE_NOT_FOUND
and Error Category : XI_J2EE_ADAPTER_XI_HANDLER
and Error code : CALL_CONSUMER_ERROR
Earlier somany times i got the same issue and by deleting the error file and restarting the Sender file CC by start and stop, the files has been picked up. But now the file adapter not picking the new files and it is persisting the old messsage id only which was for the error file.
Thanlks,
Siva -
REG: without communication chaneel
HI all,
We have the scenario like EP -> XI -> third party
in that scenario if it possible to establish the connection witout using the XI?
please explain
Regards
SukumarHi-
No,in this scenario it is not possible to establish the connection without using the XI.Here the use of XI is to act as middleware,if you don`t want to use XI then you have to use someother middleware in place of XI to interact with an SAP system.
may be if you are using webservices the middleware is not required. -
Query on Mail Receiver Adapter
Hello Experts,
I am using Asyn Proxy to Mail Scenario.
Mail receiver adapter generating the Mail with Excel file attachment by using the following details.
R3 coding (Proxy calling code):-
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-FROM = From Mail ID.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-TO = To Mail ID
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-SUBJECT = 'Alert Mail'.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-DATE = SY-DATUM.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-CONTENT_TYPE = 'application/vnd.ms-excel;name="filename.CSV"'.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-CONTENT = 'Field1,Field2,Field3'.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-CONTENT_DISPOSITION = 'attachment'.
ID COnfiguration:-
-->Selected the Use Mail Package & Content Encoding = base64
-->Selected the Keep Attachment option.
I have two questions as mentioned below.
(1)Can i generate the Mail BODY and Excel file attachment both together in a single mail?
(2)With this same IR & ID Objects can i generate only Mail body without any attachment (i.e.
by changing the Content_Type in R/3 coding) ?
Please suggest.
Thanks & Regards
JageshHi Michal,
Thanks for ur reply.
I referred your Blog /people/michal.krawczyk2/blog/2006/04/19/xi-rfc-or-abap-proxy-abap-proxies-with-attachments for genreating the
Mail With attachment and Content together.
but when I select the option KEEP ATTACHMENT in the Mail Receiver Adapter and sending only the Content data without any attachment coding as shown in this Blog then also i am getitng attachment(.txt) file and no mail content. In this case i have used the following R/3 coding.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-FROM = From Mail ID.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-TO = To Mail ID.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-SUBJECT = 'subject'.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-DATE = SY-DATUM.
G_ALERT_INPUT-MT_R3REQUEST_MAIL_SEND-MAIL-CONTENT = 'How are u? This is Mail Content'.
Calling the Proxy method.
Important:- with this same coding if i deselct the KEEP ATTACHMENT option in ID then i am geeting
Mail Content properly.
So i think i have to use different communication chaneel one for the Excel file attachment and second for the Mail content.
Please suggest me if i am wrong.
Regards,
Jagesh -
Iam using File adapter(FTP) at source.
Could not see mesage id in communication chaneel monitoring
also MONI shows no messages to display.
What cud be the issue??
Any thoughts please.I have tried changing from Test mode to Archive and specified the locatio,
still same problem
no msgId in Communication Channel Monitoring, no msgs to display in MONI.
this is my record structure
it is csv file no header,no trailer
it ia having just these values
AB11111,0123456789
AB11112,0123456768
mt Datatype looks like
DT_xxx
LLLL (I just put his as Record Set Name in DT)
userid
extension
Iam FTP with FCC
DocumentName mt_xxx
Document Namespace http://abcd/def
Record setStructure LLLL,*
Record Sequence Ascending
ignoreRecordSetName true
LLLL.fieldNames userid,extension
LLLL.fieldSeperator ,
LLLL.fieldFixedLengths 8,10
Under Processingtab,
File Transfer mode Text
Plloing Interval ETC
Under Source
Username, pwd,Connectmode Text -
Mapping issue after Content Conversion in PI 7.1
Hi Experts
I am working on a File (Fixed format) to proxy , Data is getting converted in the File Content and conversion and passing to mapping as xml data , But the when the mapping happens no values are being returned on the target side
When I load the data (xml ) file from sxmb_moni on the sender side all nodes shows in red color though file content happened without issues
please provide the inputs how to map with the values
Thanks
PRA couple of checkpoints for you:
1. When you load the XML from SXMB_MONI in the test tab of message mapping it turns red..this means the constructed XML (from CC content conversion) doesnt match the one (XSD) defined in your ESR/IR. In this case you have to check again thoroughly the file content conversion fields values/field length in the sender Communication chaneel.
2. Once you rectify the error above then you can test the mapping in ESR message mapping. -
Character integrity issue after data conversion in database/JDBC
Hi
I am using oracle 9i with the following NLS setting:
NLS_LANGUAGE :AMERICANS
NLS_CHARACTERSET : UTF8
NLS_NCHAR_CHARACTERSET :AL16UTF16
I am running on Linux with this as my environment Language:
Lang: en_US.UTF8
I am sending hindi characters in XML file (UTF-8 encoding) to my java application to be stored in the database. In my xml file, I give this encoding (ignore the double quotes, reason for putting in the quotes so that the browser will not interpret it)
"न";"म";"स";"्";"त";"े"
But the characters appeared unreadable in the database. When I use Select DUMP to check the characters encoding:
Typ=1 Len=12 CharacterSet=UTF8: 0,28,0,2e,0,38,0,4d,0,24,0,47
When I retrieve data from the database via my application, the weird characters will appear.
However, if i manually input the hindi characters into the column of the table, then the Hindi characters appear correctly. When I do a DUMP to check, this is what I get:
Typ=1 Len=12 CharacterSet=UTF8: 9,28,9,2e,9,38,9,4d,9,24,9,47
When I check the unicode chart here http://www.unicode.org/charts/PDF/U0900.pdf, the second DUMP result is correct. When I retrieve data from the database via my application, the correct hindi string appear.
I understand that in Java the encoding is in UTF-16 and Oracle JDBC will convert from UTF-16 to UTF-8 before storing in my database and vice versa. The thing that puzzles me is why correct hindi string appears on my web interface when that the same conversion is used to extract the data from the database. At first I suspect it is the conversion problem in JDBC when the UTF-16 characters get truncated to UTF-8 when I try to store the data to database. But when good data is stored in the database, the extraction seems to be correct albeit that it is going through the same conversion.
I read from several threads of this forum and also the Oracle Globalization Support article but I cannot find an answer to my question.
Can anyone help? Thanks.
Edited by: user13085722 on May 10, 2010 1:12 AM
Edited by: user13085722 on May 10, 2010 1:16 AMA couple of checkpoints for you:
1. When you load the XML from SXMB_MONI in the test tab of message mapping it turns red..this means the constructed XML (from CC content conversion) doesnt match the one (XSD) defined in your ESR/IR. In this case you have to check again thoroughly the file content conversion fields values/field length in the sender Communication chaneel.
2. Once you rectify the error above then you can test the mapping in ESR message mapping. -
File to Sync Webservice using BPM
Hi all,
My scenarios is File to Webservice and again the output of this web service to some other file...
I an refering a document in which its written as
*In the Integration Directory Create Configuration Scenario, Then create three communication channels, one for sending the xml file to the BPM, one for sending the request to Web Service from BPM and one for sending the response as xml file to the desired location.*
My doubt is do I need a communication chaneel for BPM also?
and if yes then what will be my receiver adapter in case of BPM.
Thanks in advanceHi,
No need for 3 Communication channels.
you define a CC for Sender and another CC fro receiver(webservice)
In BPM we'll define the IM(this is between the two abstract interfaces)
Reward points if this is helpful
Thanks,
Madhu -
Regarding receiver FILE adapter, REMOTE FTP server
Hi All,
The scenario was to get XML file from a local FTP server and to place that XML file in REMOTE FTP server, which we dont have any control over that REMOTE FTP,
While executing the scenario it is successfully picked the file and processed and it was success in SXMB_MONI, but when we see the Communication Chaneel of the receiver adapter it is generating the following error..
Error when getting an FTP connection from connection pool: com.sap.aii.af.service.util.concurrent.ResourcePoolException: Unable to create new pooled resource: ConnectException: Connection timed out: connect
Message processing failed. Cause: com.sap.aii.af.ra.ms.api.RecoverableException: Error when getting an FTP connection from connection pool: com.sap.aii.af.service.util.concurrent.ResourcePoolException: Unable to create new pooled resource: ConnectException: Connection timed out: connect
clarifications needed ASAP
regards,
Kishore.Hi,
Verify the Host details of the Remote FTP.
Try to ping the Remote host as below
Goto > start>Run --->type cmd and give the command as below
c:\>ping <host details or IP address> press enter and see if you get the successful communication response.
If its not it indicates that the connection is not setup.
Ask you FTP administrators to look into connectivity issue for it.
Thanks
Swarup -
Hi xi gurus,
My Scenario is File(xml) -- to -- Proxy
After the file is picked up from the directory,i must archieve the file in to another folder.
In the adpter i had given the option archieve and the directory the file to be archieved.
But iam gettion error in communication chaneel that the file cannot be archieved.
Let me know if iam missing anything here.
Thanks
SriHi Sri,
Please make sure that the file adapter has been configured properly, please refer to SAP link below: [http://help.sap.com/saphelp_nw04/Helpdata/EN/e3/94007075cae04f930cc4c034e411e1/content.htm]
At the same time, also go to see the error message from your communication channel monitoring using link [http://<host>:<port>/mdt/channelmonitorservlet]
Hope it helps.
Regards,
Lim...
Edited by: Ruslim Chang on Feb 26, 2009 2:18 AM -
Hi SAP-xi guru,
Check the mesage in sxmb_moni i got a mapping error "MAPPING">EXCEPTION_DURING_EXECUTE. I copied the payload data and execute the mapping.Then i got a clear eror message "No value is assigned to parameter rfcChannel".
What does these error means and how to resolve it?
Thanks & Regards
VijayaHi ambati.vijaya
are you doing RFC lookup in pi 7.1 using SAP guide (RFC Mapping lookups in message mapping)available on SDN
then while doing message mapping and defining RFC lookup assign your RFC communication chaneel name
while in guide this is shown as undefined channel so replace it witrh your RFC channel
Regards
sandeep -
Problem of Creating Multiple Communication channels for multiple files
Hi Everybody
I have a very basic doubt but this struck me...
For a file-XI-file scenario,if multiple files are coming from same FTP server but with different names then we have to create multiple communication channels for all the files of different names..but is this a intelligent approach?Can we do something so that only one communication channel can receive multiple files of different names?plz explain in detail if possible ASAP.
I have another doubt as in File-XI-File scenario how the XI understands that a particular file is from this FTP server needs to be send to another particular FTP Server?is it only the name of the file which we give in sender comm channel & receiver comm chaneel which determines this????that means this name should always be same?plz explain in detail if anybody knows?Thanks Aamir.I understood the solution.
Correct me if I am wrong.......
1)If there are multiple files with different names & different extensions in the sender FTP then we use-->
2)if there are multiple files with different names & different extensions in sender FTP & I want only say files of 2 extension types(say .xml & .txt)then we use-->
*.xml
in one comm channel &
*.txt
in another comm channel rite??
Also I wanted to ask that only two kinda files we can pick up through sender comm channel rite?
.xml and .txt(File content Conversion).Can we pick files of other extensions also?(say .doc,.xls)If we use as u said
then files of all other extensions will also be picked up rite?bt hw will xi convert them into xml?plz explain......
One of my other q is not answered yet.........all these same doubts are there for receiver communication channel.......but you all have not said nething abt the receiver comm channel........plz explain the answers to all these queries for receiver comm channel for a receiver FTP........ASAP......thanks once again....... -
Hi Community,
I have a challenge getting 2 Oracle servers with each located in "internal" and "DMZ" network segments.
The oracle server on the internal network can communicate with the one on the DMZ but the one on the DMZ can NOT talk to the one on the internal network.
The customer wants the architecture to enable realtime data updates on the Oracle in DMZ.
My config is as follows: I need help.
ciscoasa# wr t
: Saved
ASA Version 8.4(3)
hostname ciscoasa
domain-name default.domain.invalid
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 10.1.184.131 Proxy_Server
name 192.168.10.1 Internet_Router
name 10.1.184.122 Mail_Server
name 10.1.184.116 Mail_Server_2
name 10.1.184.121 Mail_Server_3
dns-guard
interface GigabitEthernet0/0
nameif Inside
security-level 100
ip address 10.1.184.1 255.255.248.0 standby 10.1.184.254
interface GigabitEthernet0/1
description LAN/STATE Failover Interface
interface GigabitEthernet0/2
nameif DMZ
security-level 50
ip address 192.168.30.1 255.255.255.0 standby 192.168.30.2
interface GigabitEthernet0/3
nameif Outside
security-level 0
ip address 192.168.10.2 255.255.255.0 standby 192.168.10.20
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
boot system disk0:/asa843-k8.bin
ftp mode passive
clock timezone GMT 1
dns server-group DefaultDNS
domain-name default.domain.invalid
object network Proxy_Server
host 10.1.184.131
object network Mail_Server
host 10.1.184.122
object network Internet_Router
host 192.168.10.1
description Created during name migration
object network Mail_Server_2
host 10.1.184.116
description Created during name migration
object network Mail_Server_3
host 10.1.184.121
description Created during name migration
object network WebServer1
host 192.168.30.3
object network InternalNetwork
subnet 10.1.184.0 255.55.248.0
object network DMZ-IdentityPool
range 192.168.30.30 192.168.30.254
object network WebServer2
host 192.168.30.4
object network obj-remote
subnet 192.168.0.0 255.255.255.0
object network obj-DMZ
subnet 192.16.30.0 255.255.255.0
object network DatabaseServer
host 10.1.184.134
object network AppServer
host 10.1.184.126
object network MailServer
host 10.1.184.116
access-list Inside_access_in extended permit ip object Proxy_Server any
access-list Inside_access_in extended permit ip host 10.1.184.190 any
access-list Inside_access_in extended permit ip host 10.1.184.83 any
access-list Inside_access_in extended permit icmp host 10.1.184.190 any
access-list Inside_access_in extended permit ip host 10.1.184.67 any inactive
access-list Inside_access_in extended permit ip host 10.1.184.83 object Internet_Router
access-list Inside_access_in extended permit ip host 10.1.184.190 object Internet_Router
access-list Inside_access_in extended permit udp any any
access-list Inside_access_in extended permit icmp any any
access-list Inside_access_in extended permit ip object Mail_Server any
access-list Inside_access_in extended permit tcp object Mail_Server any eq smtp
access-list Inside_access_in extended permit ip object Mail_Server_2 any
access-list Inside_access_in extended permit tcp object Mail_Server_2 any eq smtp
access-list Inside_access_in extended deny tcp any any eq smtp
access-list Inside_access_in extended permit icmp host 10.1.184.43 any
access-list Inside_access_in extended permit ip object Mail_Server_3 any
access-list Inside_access_in extended permit tcp object Mail_Server_3 any eq smtp
access-list Inside_access_in extended permit ip host 10.1.184.190 host 192.168.30.3
access-list Inside_access_in extended permit tcp object InternalNetwork host 192.168.30.3 eq www
access-list Inside_access_in extended permit ip host 10.1.184.137 host 10.1.184.133
access-list Inside_access_in extended permit ip host 10.1.184.62 host 10.1.184.133
access-list Inside_access_in extended permit ip host 10.1.184.117 any
access-list Inside_access_in extended permit ip host 10.1.184.117 object Internet_Router
access-list Inside_access_in extended permit ip host 10.1.184.129 any
access-list Inside_access_in extended permit ip host 10.1.184.129 object Internet_Router
access-list Inside_access_in extended permit ip host 10.1.184.150 host 10.1.184.133
access-list Inside_access_in extended permit ip host 10.1.184.150 any
access-list Inside_access_in extended permit ip host 10.1.184.190 host 192.168.30.4
access-list Inside_access_in extended permit tcp object InternalNetwork host 192.168.30.4 eq www
access-list Inside_access_in extended permit tcp host 10.1.184.134 host 192.168.30.4 eq sqlnet
access-list Outside_access_in extended permit udp any eq domain object Proxy_Server
access-list Outside_access_in extended permit icmp object Internet_Router any
access-list Outside_access_in extended permit icmp any host 10.1.184.190
access-list Outside_access_in extended permit icmp any host 10.1.184.83 inactive
access-list Outside_access_in extended permit tcp any object Proxy_Server eq https
access-list Outside_access_in extended permit tcp any object Proxy_Server eq www
access-list Outside_access_in extended permit tcp any object Mail_Server eq smtp inactive
access-list Outside_access_in extended permit tcp any object Mail_Server_2 eq pop3
access-list Outside_access_in extended permit udp any eq domain object Mail_Server_2
access-list Outside_access_in extended permit tcp any object Mail_Server eq imap4 inactive
access-list Outside_access_in extended permit icmp any object Mail_Server inactive
access-list Outside_access_in extended permit tcp any object Mail_Server_2 eq smtp
access-list Outside_access_in extended permit tcp any object Mail_Server_2 eq imap4
access-list Outside_access_in extended permit icmp any object Mail_Server_2
access-list Outside_access_in extended permit icmp any host 10.1.184.43
access-list Outside_access_in extended permit tcp any host 192.168.30.3 eq www
access-list Outside_access_in extended permit tcp any host 192.168.30.3 eq https
access-list Outside_access_in extended permit icmp any host 192.168.30.3
access-list Outside_access_in extended permit icmp any any echo-reply
access-list Outside_access_in extended permit icmp any host 192.168.30.3 echo
access-list Outside_access_in extended permit tcp any host 192.168.30.4 eq www
access-list Outside_access_in extended permit tcp any host 192.168.30.4 eq https
access-list Outside_access_in extended permit icmp any host 192.168.30.4 echo
access-list Outside_access_in extended permit icmp any host 192.168.30.4
access-list branchgroup-SplitACL standard permit 10.0.0.0 255.0.0.0
access-list branchgroup-SplitACL standard permit 192.168.30.0 255.255.255.0
access-list DMZ_access_in extended permit tcp host 192.168.30.4 host 192.168.30.116 eq smtp
access-list DMZ_access_in extended permit icmp host 192.168.30.4 any
access-list DMZ_access_in extended permit ip host 192.168.30.4 host 192.168.30.134
access-list DMZ_access_in extended permit tcp host 192.168.30.4 host 192.168.30.134 eq sqlnet
pager lines 24
logging enable
logging timestamp
logging standby
logging emblem
logging list InformationalLog level informational
logging list InformationalLog message 101001
logging buffer-size 16384
logging console notifications
logging monitor errors
logging buffered critical
logging trap errors
logging asdm critical
logging mail informational
logging host Inside 10.1.184.132
logging host Inside 10.1.184.190 6/1470
logging debug-trace
logging ftp-server 10.1.184.190 \\marinasec\akanoa akanoa *****
logging permit-hostdown
logging class auth buffered emergencies trap emergencies
logging class bridge buffered emergencies trap emergencies
logging class config buffered alerts trap emergencies
logging class ip buffered emergencies trap alerts
logging class sys trap alerts
logging class ca trap emergencies
logging class email buffered emergencies trap errors
mtu Inside 1500
mtu DMZ 1500
mtu Outside 1500
mtu management 1500
ip local pool remoteusers 192.168.0.1-192.168.0.254
failover
failover lan unit secondary
failover lan interface stateful_failover GigabitEthernet0/1
failover replication http
failover link stateful_failover GigabitEthernet0/1
failover interface ip stateful_failover 192.168.20.1 255.255.255.252 standby 192.168.20.2
no monitor-interface management
icmp unreachable rate-limit 1 burst-size 1
icmp permit any Inside
asdm image disk0:/asdm-647.bin
no asdm history enable
arp timeout 14400
nat (DMZ,Outside) source static obj-DMZ obj-DMZ destination static obj-remote obj-remote
nat (Inside,Outside) source static InternalNetwork InternalNetwork destination static obj-remote obj-remote
object network Mail_Server
nat (Inside,Outside) static Mail_Server no-proxy-arp route-lookup
object network WebServer1
nat (DMZ,Outside) static 192.168.30.3 dns
object network WebServer2
nat (DMZ,Outside) static 192.168.30.4 dns
object network DatabaseServer
nat (Inside,DMZ) static 192.168.30.134
object network AppServer
nat (Inside,DMZ) static 192.168.30.126
object network MailServer
nat (Inside,DMZ) static 192.168.30.116
access-group Inside_access_in in interface Inside
access-group DMZ_access_in in interface DMZ
access-group Outside_access_in in interface Outside
route Outside 0.0.0.0 0.0.0.0 Internet_Router 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server vpn protocol radius
aaa-server vpn (Inside) host 10.1.184.119
key *****
aaa-server vpn (Inside) host 10.1.184.120
key *****
user-identity default-domain LOCAL
http server enable
http 10.1.184.190 255.255.255.255 Inside
http 10.1.184.2 255.255.255.255 Inside
http 10.1.184.83 255.255.255.255 Inside
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev1 transform-set rmtset esp-3des esp-md5-hmac
crypto dynamic-map dyn1 1 set ikev1 transform-set rmtset
crypto dynamic-map dyn1 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface Outside
crypto ikev1 enable Outside
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
telnet 10.1.184.83 255.255.255.255 Inside
telnet 10.1.184.190 255.255.255.255 Inside
telnet 10.1.184.167 255.255.255.255 Inside
telnet timeout 5
ssh 10.1.184.83 255.255.255.255 Inside
ssh 10.1.184.190 255.255.255.255 Inside
ssh 10.1.184.43 255.255.255.255 Inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
webvpn
group-policy branchgroup internal
group-policy branchgroup attributes
dns-server value 10.1.184.120
split-tunnel-policy tunnelspecified
split-tunnel-network-list value branchgroup-SplitACL
default-domain value marinasecuritieslimited.com
username sannib password 3gB/xWLMBVp/AjjW encrypted
username adebimpel password O./lZ/3rlYD/87u2 encrypted
username ojoawob password w1h9Aq2Welzv1fuW encrypted
username agbajer password NuDaZPLHC0BcF7iI encrypted
username oyenihib password eoxptVEUfczen6VR encrypted
username odewolef password yB12L9t1gcr.Wgx/ encrypted
username mainuser password 8KBTvbq5FOuoFce2 encrypted privilege 15
username maakano password c1Cb3uSluyfsyWUb encrypted
tunnel-group branchgroup type remote-access
tunnel-group branchgroup general-attributes
address-pool remoteusers
default-group-policy branchgroup
tunnel-group branchgroup ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
class class-default
user-statistics accounting
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
hpm topN enable
Cryptochecksum:bbe838eb9af33fc84083989823bc0c22
: end
[OK]
ciscoasa#Hi,
Seems to me that you have configured Static NAT from "inside" to "dmz" so that the "inside" servers are visible to the "dmz" with the IP address belonging to the "dmz"
Is this something that you absolutely need? Is there something preventing you from using the IP address ranges on both "inside" and "dmz" and not doing NAT for them at all between those interfaces?
IF you want to keep the current setup intact regarding NAT, change the DMZ ACL to use the actual 10.1.184.x IP addresses as the destination IP address in the ACL.
In other words, always use the Real IP address of the host in the ACL configuration, NOT the NAT IP address. After doing that change I suppose it should also work for "dmz" to "inside". (NAT IP was used in the ACL in the ASA versions 8.2 and below, the Real IP address is used in software 8.3 and above)
Change
access-list DMZ_access_in extended permit tcp host 192.168.30.4 host 192.168.30.116 eq smtp
access-list DMZ_access_in extended permit icmp host 192.168.30.4 any
access-list DMZ_access_in extended permit ip host 192.168.30.4 host 192.168.30.134
access-list DMZ_access_in extended permit tcp host 192.168.30.4 host 192.168.30.134 eq sqlnet
To
access-list DMZ_access_in extended permit tcp host 192.168.30.4 host 10.1.184.116 eq smtp
access-list DMZ_access_in extended permit icmp host 192.168.30.4 any
access-list DMZ_access_in extended permit ip host 192.168.30.4 host 10.1.184.134
access-list DMZ_access_in extended permit tcp host 192.168.30.4 host 10.1.184.134 eq sqlnet
You can also use the "object" names in the ACL.
Which would be
access-list DMZ_access_in extended permit tcp host 192.168.30.4 object MailServer eq smtp
access-list DMZ_access_in extended permit icmp host 192.168.30.4 any
access-list DMZ_access_in extended permit ip host 192.168.30.4 object DatabaseServer
access-list DMZ_access_in extended permit tcp host 192.168.30.4 object DatabaseServer eq sqlnet
Hope the above helps Please ask more if needed.
- Jouni -
Open and close communication channel in one link
Hello,
I implement with successful the scenario that described in this blog:
Control Communication Channels Externally without using RWB
Right now I use with this link to start the CC
http://aaaa:50000/AdapterFramework/ChannelAdminServlet?party=*&service=Open_Friday_Service_Sender&channel=Open_Friday_Sender&action=start
And with this link to stop the CC
http://aaaa:50000/AdapterFramework/ChannelAdminServlet?party=*&service=Open_Friday_Service_Sender&channel=Open_Friday_Sender&action=stop
I looking for the way to start and stop the communication channel in one link.
Eladhi elan
i think you need to write an abap program and schedule it..
abap program will call this HTTP link as The URL has no dependency on where it is called.
regards
kummari
Maybe you are looking for
-
How can I add a custom footnote at the beginning of my document?
Hi, I need to start a document adding my credentials using a custom footnote (the traditional * footnote...), but can't seem to do that without having to change the whole numbering of the other footnotes in the document. Is there any way to do it?
-
Bug 7007980: Dots are used as value separator ...REMAINS
Hi This problem may be caused by a crash I had on my computer which caused me to ask for help "unable to re-install 1.5.1 after crash" After replacing the entire "C:\Documents and Settings\guan\Application Data\SQL Developer\system1.5.1.54.40" folder
-
I am trying to use Access Connections to automatically switch my location profiles, i have 2 problems though: 1. every time I plug in my computer to the lan, first I receive an IP properly, then access connections seems to be siwtching profiles and t
-
Hi We are having problems with JAVA chat on a macbook air with mountain lion and java 7 v9 have tried everything already suggested to roll back jave to 6 but this also does not work issue is that when hit the enter button nothing happens, smilies are
-
When I try to download all my songs to my iPad it says I need to get the new version when I already have it already