Communication , firewall
In developer 2000 documentation I read:
In an Internet environment you would run the Developer/2000
Web Cartridge outside the firewall, with a secure SQL*Net tunnel
to the database.
In future versions we will also be adding IIOP as the
communication protocol between the client and application server,
so that the server could
also be inside the firewall.
Is this implemented in version 6?
null
Helen Reznik (guest) wrote:
: In developer 2000 documentation I read:
: In an Internet environment you would run the
Developer/2000
: Web Cartridge outside the firewall, with a secure SQL*Net
tunnel
: to the database.
: In future versions we will also be adding IIOP as the
: communication protocol between the client and application
server,
: so that the server could
: also be inside the firewall.
: Is this implemented in version 6?
On OOW 98 they supposed us to. But who tested it ?
Frank
null
Similar Messages
-
Exchange 2010 Required Communication (Firewall Ports and Protocols)
Forgive me if this question has been asked before, but a search did not give me much on my scenario.
We currently have one Forest with multiple Domains and Child Domains. We have two departments that have Exchange 2010 running and control their own individual users and mailboxes inside their Domains. These two Exchange servers communicate with each other
just fine.
We now have a department (another domain) that needs control of their own Exchange 2010 server, but here is the catch. They are behind a Firewall. My question is, what Ports and Protocols do I need opened for the Exchange server behind the Firewall to properly
communicate to the two other Exchange servers knowing that the Exchange Environment is a Forest wide activity.
At this point in time, we cannot get Exchange installed as the prereq check fails with an error that we need to prep the AD schema for Exchange, but we know this has been done since we have to other servers in the Forest.
Perhaps we need ports not only opened to the two other exchange servers, but also the Forest Root controller?
Any help is appreciated.Exchange needs to be able to fully access all other Exchange servers, Active Directory Domain Controllers, and Active Directory Global Catalogs. Additionally, if I remember correctly, there was a blog from the Exchange team a couple of years ago that said
Exchange wasn't supported with firewalls between the various Exchange servers in the environment.
I will ask one question - why aren't you centralizing your Exchange management and servers, and granting rights to these groups for their mailbox management (based on an Organizational Unit that their accounts are in, and granted at the Active Directory
level)? You would no longer have this issue each time another group decides they want to host their own Exchange system. -
Prblem while adding firewall in ciscoworks lms 2.6
We are not able to add firewall ASA5510 in ciscoworks LMS 2.6.
SNMP configuration on firewall is as follows
snmp-server host inside 10.48.2.54 community firewall version 2c
no snmp-server location
no snmp-server contact
snmp-server community ****
snmp-server enable traps snmp authentication linkup linkdown coldstart
Please check attached file for ciscoworks configuration, SNMP Walk command output and Firewall "show version" output.Now I am able to add firewall but when i am trying to access firewall through Cisco View> Chassis View I am getting following error.
Message
Can't find applicable device package for 10.44.100.37.
Cause
Device package for this device type is not installed or device support for this device type might not be available or you are attempting to open a component inside a device.
Action
Please install a device package for the device type or open the parent device to manage the component.
When I configured netshow job for "show running-config" and "show tech-support" it ends with following error
Command(s) failed on the device Insufficient no. of interactive responses(or timeout) for command: show tech-support. Insufficient no. of interactive responses(or timeout) for command: show tech-support. -
Communication between 2 vlans on firewall.
communication between 2 vlans.
i have 2 vlans
Vlan 100
ip add 1.1.1.1
Vlan 200
ip add 2.2.2.2
i want to make communication between 2 vlans on firewall 5520 ASA 8.2.
Please provide configuration for same.You need to follow this guide the configuration which you have pasted has got nothing but the IP. Other parameters are also required to configure ASA firewall.
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/intrface.html
Thanks
Ajay -
How do I set my firewall settings in Avasti to allow communications between my HP 8600 and my comput
How do I set my firewall settings in Avasti to allow communications between my HP 8600 and my computer
Something to Consider:
If you are talking about "Avast!" Security Software, either the free or the paid version, the following may apply to you:
There are three main levels of Security in the Avast! software: Home, Work, and Public
Home is the setting many people use when "at home", that is, connected to the home network. The home network is sometimes defined as the "192.168" network: these are the computers and printers that you have and use in your home environment. The network is (most usually) private and (should be) secured with with a passphrase at your router. The Avast! Software sees the "Home" network as a "safe" environment: devices connected within the "Home" network are allowed to "talk" (communicate) with one another without undue restrictions.
Work is the next setting. The software places some restrictions on this level of communication. Home users can certainly use this setting -- in many (most) cases, the "Work" setting is a solution that provides for communication and a bit more security for the home network and its devices.
Public is the strictest setting and is meant to keep your computer safe in a public place: the library, coffee shop, on a street corner. Outside "prying eyes" are prevented from peeping and outside communications are restricted.
If you have set (or left) your Avast! software set to Public, or even Work (and you do not know how to handle the restrictions), then you may have simply locked out the communication between the printer and the computer(s) on your home network.
Open your Avast! Software and set the security level to either "Home" or "Work".
You can find out more about how to use the software settings at the Avast! website.
Advanced Users Only - You will know if you changed the Rules... this is not something one does by accident.
If you have changed the rules within the settings, you may have locked yourself out. Make sure you have both "in" and "out" traffic settings adjusted correctly for each rule you change / adapt / add.
Kind Regards,
Dragon-Fur -
My first generation AppleTV will not sync with iTunes anymore. I get an error message that says: "The Apple TV is not responding Check that any firewall software running on this comptuter has been set to allow communication on port 3689" firewall is turned off.. Any ideas?
Thanks Rudegar,
I only synch and do not stream off of my 1st Gen AppleTV
I will try with ethernet but will be a pain in the butt if i can not fix it with wifi for long term fix
I may end up trying to do a named IP address vs DHCP for this appleTV (not sure if i can do both and do not want to remove DHCP as i have a bunch of sensors and other devices that I prefer to dynamically add to the network via DHCP vs. assign each one
Will keep working on other fix options (factory reset, etc.)
Thanks again -
Crystal Reports logon issue across firewall - Transport error:communication
Hi,
We are facing an error when we try to logon to the BO server using the crystal reports tool (Crystal Reports Enterprise XI Release 2 ) outside the firewall. The login is working fine when inside the firewall. The BO server is on a unix box within the customer network and we are trying to login from a PC (using Crystal Reports Enterprise XI Release 2) which is outside that network. The following are the errors we get when trying to logon using authentication as "Enterprise" and system name as "fully qualified server name:6400"
1. Without including any IP addresses in the PC host file we get "Transport error:communication failure" on login.
2. When I included the IP and name of the BO server in the PC host file (xx.xx.xx.xx host name) we get an error - "CMS host 'xxxx' address was resolved properly,but cannot be reached to establish a CMS connection.Verify your router/firewall allows communication on port 6400."
(The IP address I include in the PC host file is the actual IP address of the BO server)
3. I know we have natted IP addresses.. and the IP address of the BO server appears to be different when I do a ping to the BO server from outside the customer network i.e from the external PC. When I include the IP address in the host file (which I get from the ping <servername> outside the customer network from my PC) I get "Transport error:communication failure".
The port 6400 has been opened in the firewall. We are able to login to the CMC link and the Info view without any issues.
It will be great to get some advise on this as it has become a high priority issue in our workspace now.
Thanks,
ReetiHi All,
I had a breakthrough in logging to BOX1R2 Crystal Reports client outside the firewall. The following was done in our case:
1. Open the port 6400 on the server to allow traffic from outside the firewall.
2. Add the following command at the end in the cmsLAUNCH command line in ccm.config (ours is a BO server on Sun OS)
-port FQDN:6400 -requestport XXXX
The -port parameter was explicitly specified to make CMS explicitly listen on port 6400.
The -requestport parameter was added to configure the server to register a fixed port (which has external access) with the CMS rather than letting it choose a dynamically selected one...so XXXX can be any port which is not allocated to any app and is also open in the firewall)
Thanks,
Reeti -
How to fix this. Happens even when firewall is disabled. (Apple TV 1st generation)
Apple TV: "Check that any firewall software running on this computer has been set to allow communication on port 3689" alert in WindowsAfter a few hours the same issue started again. (Port 3689 error) I checked my router settings and it shows ATV asd connected to my netrwork. ATV also shows in iTunes devices. It asll works till I try to sync. Then the error pops up
I tired restoring ATV to factory settings. Even backed iTunes up to version 8 and every combonation therein. I started an older Gateway running Vista 64bit and it syncs fine with ATV although it's slow and I have to transfer movies from my Win 7 to tyhe Vista machiner.
I cannot find any reason for this issue. Can anybody solve this before it dribves me crazy? (Crazier) -
Broken Link - Firewall and Virtual Private Network Communication for Oracle
The link for Firewall and Virtual Private Network Communication for Oracle Enterprise Manager on http://otn.oracle.com/products/oem/files/best_practices.html returns a 404 error. It is not pointing to the correct document
This link is still broken !
Can you please correct this ASAP ?
Best regards, Yolanda
Oracle HUB support services -
Cant add an ASA firewall on the Cisco Network Assistant community
I've tried to add my ASA firewall on the modify button of my current community and after i entered the ip of the ASA it prompted me to accept the certificate and enter my credentials but after all that it returned an error "unsupported device type: Unknown cannot add device 192.168.x.x to community"
how do i add my ASA firewall so that i could see it in my topology view?
please help. thanksCisco PIX 515E Firewalls. PIX Firewalls do not support the Cisco Discovery Protocol, so they are not automatically shown as neighbors in the Topology view. They are shown only after you add them to a community by using a Create Community or Modify Community window. To see a PIX Firewall link to another community member, you must add the link manually by selecting Add Link in a Topology popup menu
-
Firewall disrupting network communication...
Hey,
This Mac connects to the Internet via a USB modem, and then shares that connection through its Airport card on 128-bit WEP, on "Fruity'.
The XP machine can connect to "Fruity" just fine, when the Macs standard firewall is off.
But once I turn on the Mac's firewall, the XP machine can no longer use the Internet, still the network connection is live and well (the iTunes on the machines stream music just fine).
Also, when the firewall is on, the XP machine has an IP address such as 196.x.x.x or 192.x.x.x (something like that), but when its off it gets 10.0.2.2 (which I can connect to perfectly through smb://10.0.2.2).
All appropriate services that the Mac tells me to have turned on are on to allow Internet sharing.
The Internet works fine with the firewall Mac's internal firewall turned off and a third-party firewall doing the job (demo / trial version), such as DoorStop X, though I don't really want a third-party firewall running.
I've searched afar, but I can't seem to find a way to tell the Mac firewall to let XP through.
Anyway to do so?
Any help is greatly appreciated,
Thank you.
iMac G5 - PowerMac12,1. Mac OS X (10.4.4)Hi,
It seems like this issue is more related to Microsoft Azure SQL Database, I will move this thread to Microsoft Azure SQL Database Forum for a better help.
Thank you for your understanding.
Best Regards
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
I recently upgraded to Verizon Fios Quantum high speed internet and was given an ActionTec router. I sucessfully installed all and connected wth my Apple TV. Although it worked initially it no longer does. Something appears to be blocking the Homesharing between my PC and the AppleTV even though the Apple TV is successfully connected to my home network. I spoke with an Apple Support Tech who was unable to help me becuase I have a PC! He admitted this is a common problem with FIOS and PCS. There must be a port that needs to be opened in the router. I do not beleive it is anything to do with my antivirus software or Windows Defender as i uninstalled all and still not communication. Must be a port within the routter that is blocking tis communication. On my Itunes you can see that it does not see the Apple TV. Please advise.
I'd have to agree. I set my vms and two clients on Saturday in one hour. I think the picture is better I did not see an issue with the brightness. For the heck of it I recorded five channels at once to test it. I've also noticed when playing a recorded show on the client everything responds a lot quicker. So I am impressed and curious to see what new features come later.
Kudos to verizon. -
Printer communication error and cannot add a new printer
I was happily using my Epson Artisan 810 printer this morning, connected wirelessly to my iMac. All of a sudden I cannot print, get "Communication Error". Checked Epson's website, no luck there. Re-checked my wireless settings on the printer itself and re-confirmed them, it will print test pages from the printer, but still not communicating with the iMac. I thought that removing the printer and then adding it back in might help, but now I cannot add any printer at all.
I resorted to my MacBook Pro, and now have the same problem with this as well.
Any ideas please? What else can I check. My internet and so on are fine. The printer itself shows the wireless icon and says the reception is excellent on the printout it produced.
Thanks so much!
L.It would be unusual for only Bonjour to stop working in the printer. The more likely is that the printer is set to a different network subnet to that for your Mac or, as you mentioned, something like a firewall is blocking it.
The IP addressing is the most common cause. If there is a process to view or print the network settings for the Epson, then this will show what IP address range it has, which should be the same as your Mac. With the IP address, there will be four sets of numbers. For a typical home network, the first three sets are known as the IP subnet, while the last set is the network address. For example, a device with an IP address of 10.0.1.5, has an IP subnet of 10.0.1 and a network address of 5. For your Mac to 'see' the printer, both devices would need the same IP subnet, while having a different network address. So if you can check what IP address the Epson has, you may find it is using a different IP subnet to your Mac. -
Webserver on DMZ cannot send email via php script using SMTP (cisco firewall pix 515e)
Hello,
I have two web servers that are sitting in a DMZ behind a Cisco Firewall PIX 515e. The webservers appear to be configured correctly as our website and FTP website are up. On two of our main website, we have two contact forms that use a simple html for to call a php script that uses smtp as its mailing protocol. Since, I am not the network administrator, I don't quite understand how to read the current configurations on the firewall, but I suspect that port 25 is blocked, which prevents the script from actually working or sending out emails. What I've done to narrow the problem done is the following: I used a wamp server to test our scripts with our smtp servers settings, was able to successfully send an email out to both my gmail and work place accounts. Currently, we have backupexec loaded on both of these servers, and when I try to send out an alert I never receive it. I think because port 25 is closed on both of those servers. I will be posting our configuration. if anyone can take a look and perhaps explain to me how I can change our webservers to communicate and successfully deliver mail via that script, I would gladly appreciate it. our IP range is 172.x.x.x, but it looks like our webservers are using 192.x.x.x with NAT in place. Please someone help.
Thanks,
Jeff Mateo
PIX Version 6.3(4)
interface ethernet0 100full
interface ethernet1 100full
interface ethernet2 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 DMZ security50
enable password GFO9OSBnaXE.n8af encrypted
passwd GFO9OSBnaXE.n8af encrypted
hostname morrow-pix-ct
domain-name morrowco.com
clock timezone EST -5
clock summer-time EDT recurring
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
no fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name 12.42.47.27 LI-PIX
name 172.20.0.0 CT-NET
name 172.23.0.0 LI-NET
name 172.22.0.0 TX-NET
name 172.25.0.0 NY-NET
name 192.168.10.0 CT-DMZ-NET
name 1.1.1.1 DHEC_339849.ATI__LEC_HCS722567SN
name 1.1.1.2 DHEC_339946.ATI__LEC_HCS722632SN
name 199.191.128.105 web-dns-1
name 12.127.16.69 web-dns-2
name 12.3.125.178 NY-PIX
name 64.208.123.130 TX-PIX
name 24.38.31.80 CT-PIX
object-group network morrow-net
network-object 12.42.47.24 255.255.255.248
network-object NY-PIX 255.255.255.255
network-object 64.208.123.128 255.255.255.224
network-object 24.38.31.64 255.255.255.224
network-object 24.38.35.192 255.255.255.248
object-group service morrow-mgmt tcp
port-object eq 3389
port-object eq telnet
port-object eq ssh
object-group network web-dns
network-object web-dns-1 255.255.255.255
network-object web-dns-2 255.255.255.255
access-list out1 permit icmp any any echo-reply
access-list out1 permit icmp object-group morrow-net any
access-list out1 permit tcp any host 12.193.192.132 eq ssh
access-list out1 permit tcp any host CT-PIX eq ssh
access-list out1 permit tcp any host 24.38.31.72 eq smtp
access-list out1 permit tcp any host 24.38.31.72 eq https
access-list out1 permit tcp any host 24.38.31.72 eq www
access-list out1 permit tcp any host 24.38.31.70 eq www
access-list out1 permit tcp any host 24.38.31.93 eq www
access-list out1 permit tcp any host 24.38.31.93 eq https
access-list out1 permit tcp any host 24.38.31.93 eq smtp
access-list out1 permit tcp any host 24.38.31.93 eq ftp
access-list out1 permit tcp any host 24.38.31.93 eq domain
access-list out1 permit tcp any host 24.38.31.94 eq www
access-list out1 permit tcp any host 24.38.31.94 eq https
access-list out1 permit tcp any host 24.38.31.71 eq www
access-list out1 permit tcp any host 24.38.31.71 eq 8080
access-list out1 permit tcp any host 24.38.31.71 eq 8081
access-list out1 permit tcp any host 24.38.31.71 eq 8090
access-list out1 permit tcp any host 24.38.31.69 eq ssh
access-list out1 permit tcp any host 24.38.31.94 eq ftp
access-list out1 permit tcp any host 24.38.31.92 eq 8080
access-list out1 permit tcp any host 24.38.31.92 eq www
access-list out1 permit tcp any host 24.38.31.92 eq 8081
access-list out1 permit tcp any host 24.38.31.92 eq 8090
access-list out1 permit tcp any host 24.38.31.93 eq 3389
access-list out1 permit tcp any host 24.38.31.92 eq https
access-list out1 permit tcp any host 24.38.31.70 eq https
access-list out1 permit tcp any host 24.38.31.74 eq www
access-list out1 permit tcp any host 24.38.31.74 eq https
access-list out1 permit tcp any host 24.38.31.74 eq smtp
access-list out1 permit tcp any host 24.38.31.75 eq https
access-list out1 permit tcp any host 24.38.31.75 eq www
access-list out1 permit tcp any host 24.38.31.75 eq smtp
access-list out1 permit tcp any host 24.38.31.70 eq smtp
access-list out1 permit tcp any host 24.38.31.94 eq smtp
access-list dmz1 permit icmp any any echo-reply
access-list dmz1 deny ip any 10.0.0.0 255.0.0.0
access-list dmz1 deny ip any 172.16.0.0 255.240.0.0
access-list dmz1 deny ip any 192.168.0.0 255.255.0.0
access-list dmz1 permit ip any any
access-list dmz1 deny ip any any
access-list nat0 permit ip CT-NET 255.255.0.0 192.168.220.0 255.255.255.0
access-list nat0 permit ip host 172.20.8.2 host 172.23.0.2
access-list nat0 permit ip CT-NET 255.255.0.0 LI-NET 255.255.0.0
access-list nat0 permit ip CT-NET 255.255.0.0 NY-NET 255.255.0.0
access-list nat0 permit ip CT-NET 255.255.0.0 TX-NET 255.255.0.0
access-list vpn-split-tun permit ip CT-NET 255.255.0.0 192.168.220.0 255.255.255
.0
access-list vpn-split-tun permit ip CT-DMZ-NET 255.255.255.0 192.168.220.0 255.2
55.255.0
access-list vpn-dyn-match permit ip any 192.168.220.0 255.255.255.0
access-list vpn-ct-li-gre permit gre host 172.20.8.2 host 172.23.0.2
access-list vpn-ct-ny permit ip CT-NET 255.255.0.0 NY-NET 255.255.0.0
access-list vpn-ct-ny permit ip CT-DMZ-NET 255.255.255.0 NY-NET 255.255.0.0
access-list vpn-ct-tx permit ip CT-NET 255.255.0.0 TX-NET 255.255.0.0
access-list vpn-ct-tx permit ip CT-DMZ-NET 255.255.255.0 TX-NET 255.255.0.0
access-list static-dmz-to-ct-2 permit ip host 192.168.10.141 CT-NET 255.255.248.
0
access-list nat0-dmz permit ip CT-DMZ-NET 255.255.255.0 192.168.220.0 255.255.25
5.0
access-list nat0-dmz permit ip CT-DMZ-NET 255.255.255.0 LI-NET 255.255.0.0
access-list nat0-dmz permit ip CT-DMZ-NET 255.255.255.0 NY-NET 255.255.0.0
access-list nat0-dmz permit ip CT-DMZ-NET 255.255.255.0 TX-NET 255.255.0.0
access-list static-dmz-to-ct-1 permit ip host 192.168.10.140 CT-NET 255.255.248.
0
access-list static-dmz-to-li-1 permit ip CT-DMZ-NET 255.255.255.0 CT-NET 255.255
.248.0
access-list vpn-ct-li permit ip CT-NET 255.255.0.0 LI-NET 255.255.0.0
access-list vpn-ct-li permit ip CT-DMZ-NET 255.255.255.0 LI-NET 255.255.0.0
access-list vpn-ct-li permit ip host 10.10.2.2 host 10.10.1.1
access-list in1 permit tcp host 172.20.1.21 any eq smtp
access-list in1 permit tcp host 172.20.1.20 any eq smtp
access-list in1 deny tcp any any eq smtp
access-list in1 permit ip any any
access-list in1 permit tcp any any eq smtp
access-list cap4 permit ip host 172.20.1.82 host 192.168.220.201
access-list cap2 permit ip host 172.20.1.82 192.168.220.0 255.255.255.0
access-list in2 deny ip host 172.20.1.82 any
access-list in2 deny ip host 172.20.1.83 any
access-list in2 permit ip any any
pager lines 43
logging on
logging timestamp
logging buffered notifications
logging trap notifications
logging device-id hostname
logging host inside 172.20.1.22
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
ip address outside CT-PIX 255.255.255.224
ip address inside 172.20.8.1 255.255.255.0
ip address DMZ 192.168.10.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool ctpool 192.168.220.100-192.168.220.200
ip local pool ct-thomson-pool-201 192.168.220.201 mask 255.255.255.255
pdm history enable
arp timeout 14400
global (outside) 1 24.38.31.81
nat (inside) 0 access-list nat0
nat (inside) 1 CT-NET 255.255.0.0 2000 10
nat (DMZ) 0 access-list nat0-dmz
static (inside,DMZ) CT-NET CT-NET netmask 255.255.0.0 0 0
static (inside,outside) 24.38.31.69 172.20.8.2 netmask 255.255.255.255 0 0
static (DMZ,outside) 24.38.31.94 192.168.10.141 netmask 255.255.255.255 0 0
static (inside,outside) 24.38.31.71 172.20.1.11 dns netmask 255.255.255.255 0 0
static (DMZ,outside) 24.38.31.93 192.168.10.140 netmask 255.255.255.255 0 0
static (DMZ,inside) 24.38.31.93 access-list static-dmz-to-ct-1 0 0
static (DMZ,inside) 24.38.31.94 access-list static-dmz-to-ct-2 0 0
static (inside,outside) 24.38.31.92 172.20.1.56 netmask 255.255.255.255 0 0
static (DMZ,outside) 24.38.31.91 192.168.10.138 netmask 255.255.255.255 0 0
static (DMZ,outside) 24.38.31.90 192.168.10.139 netmask 255.255.255.255 0 0
static (inside,outside) 24.38.31.72 172.20.1.20 netmask 255.255.255.255 0 0
static (inside,outside) 24.38.31.73 172.20.1.21 netmask 255.255.255.255 0 0
static (inside,outside) 24.38.31.70 172.20.1.91 netmask 255.255.255.255 0 0
static (DMZ,outside) 24.38.31.88 192.168.10.136 netmask 255.255.255.255 0 0
static (DMZ,outside) 24.38.31.89 192.168.10.137 netmask 255.255.255.255 0 0
static (inside,outside) 24.38.31.74 172.20.1.18 netmask 255.255.255.255 0 0
static (inside,outside) 24.38.31.75 172.20.1.92 netmask 255.255.255.255 0 0
access-group out1 in interface outside
access-group dmz1 in interface DMZ
route outside 0.0.0.0 0.0.0.0 24.38.31.65 1
route inside 10.10.2.2 255.255.255.255 172.20.8.2 1
route inside CT-NET 255.255.248.0 172.20.8.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
aaa-server ct-rad protocol radius
aaa-server ct-rad max-failed-attempts 2
aaa-server ct-rad deadtime 10
aaa-server ct-rad (inside) host 172.20.1.22 morrow123 timeout 7
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
http server enable
http 173.220.252.56 255.255.255.248 outside
http 65.51.181.80 255.255.255.248 outside
http 208.65.108.176 255.255.255.240 outside
http CT-NET 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server community m0rroW(0
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
sysopt connection permit-pptp
crypto ipsec transform-set 3des-sha esp-3des esp-sha-hmac
crypto ipsec transform-set 3des-md5 esp-3des esp-md5-hmac
crypto dynamic-map dyn_map 20 match address vpn-dyn-match
crypto dynamic-map dyn_map 20 set transform-set 3des-sha
crypto map ct-crypto 10 ipsec-isakmp
crypto map ct-crypto 10 match address vpn-ct-li-gre
crypto map ct-crypto 10 set peer LI-PIX
crypto map ct-crypto 10 set transform-set 3des-sha
crypto map ct-crypto 15 ipsec-isakmp
crypto map ct-crypto 15 match address vpn-ct-li
crypto map ct-crypto 15 set peer LI-PIX
crypto map ct-crypto 15 set transform-set 3des-sha
crypto map ct-crypto 20 ipsec-isakmp
crypto map ct-crypto 20 match address vpn-ct-ny
crypto map ct-crypto 20 set peer NY-PIX
crypto map ct-crypto 20 set transform-set 3des-sha
crypto map ct-crypto 30 ipsec-isakmp
crypto map ct-crypto 30 match address vpn-ct-tx
crypto map ct-crypto 30 set peer TX-PIX
crypto map ct-crypto 30 set transform-set 3des-sha
crypto map ct-crypto 65535 ipsec-isakmp dynamic dyn_map
crypto map ct-crypto client authentication ct-rad
crypto map ct-crypto interface outside
isakmp enable outside
isakmp key ******** address LI-PIX netmask 255.255.255.255 no-xauth no-config-mo
de
isakmp key ******** address 216.138.83.138 netmask 255.255.255.255 no-xauth no-c
onfig-mode
isakmp key ******** address NY-PIX netmask 255.255.255.255 no-xauth no-config-mo
de
isakmp key ******** address TX-PIX netmask 255.255.255.255 no-xauth no-config-mo
de
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
isakmp policy 30 authentication pre-share
isakmp policy 30 encryption 3des
isakmp policy 30 hash md5
isakmp policy 30 group 1
isakmp policy 30 lifetime 86400
vpngroup remotectusers address-pool ctpool
vpngroup remotectusers dns-server 172.20.1.5
vpngroup remotectusers wins-server 172.20.1.5
vpngroup remotectusers default-domain morrowny.comAmit,
I applaud your creativity in seeking to solve your problem, however, this sounds like a real mess in the making. There are two things I don't like about your approach. One, cron -> calling Java -> calling PHP -> accessing database, it's just too many layers, in my opinion, where things can go wrong. Two it seems to me that you are exposing data one your website (with the PHP) that you may not want expose and this is an important consideration when you are dealing with emails and privacy and so on.
I think the path of least resistance would be to get a new user account added to the MySQL database that you can access remotely with your Java program. This account can be locked down for read only access and be locked down to the specific IP or IP range that your Java program will be connecting from.
Again I applaud your creativity but truly this seems like a hack because of the complexity and security concerns you are introducing and I think is a path to the land of trouble. Hopefully you will be able to get a remote account set up. -
Wireless Communication Problems
Hi Everyone!
I have to mention a problem I face with my brand new OfficeJet AllinOne 8500 wireless.
First of all, I use a laptop HP Pavilion and I have a wirelss network at home with other 2 PCs connected that run XP. Installing the printer software on these 2 xp PCs all run excellent.
In contrast, I tried to install the software on the Vista HP Laptop and the problem is that the printer works just like printer. It cannot fax, scan or use it throught the HP Solution Center. When I click on the HP Solution Center icon I get the message that says the printer is not connected. Actually, during installation, the software locates the printer in the wireless network but it fails installing it. Then, opening the printers' window I see the icon of the HP 8500 wireless just like printer and not the icon of the scanner and the icon of the fax. What I get is not a both way communication, since I can send documents to be printed but I cannot gat any information from the printer to my laptop.
Needless to say that I have disabled every firewall and every antivirus program.
Important thing to add is that running the HP Network Diagnostic Tool the software sees that the Windows Firewall as Disabled, but clicking on the icon "Done with Firewall" I get the message "Your printer still seems to be blocked by a firewall. Are you sure you want to exit?".
I do not know what else to disable or to do!
Can you help me out?I had a similar problem with my OfficeJet L7680 and here's how I fixed it. I'll probably post as a separate thread. I hope this works:
18APR10 - from Dan
I lost my L7680 network link to my hard-wired router and could not print to it over the network. I think I have a viable solution for anyone with the same problem. First of all, I went to the HP site and downloaded the program for the L7680, Critical Update to Enhance Reliability of Network and USB Connectivity and Improve System Responsive.... This worked wonders until my modem and/or router went down. Then I lost my network connection. When I checked the network settings on the printer panel, I noticed a different IP address than the original 192.168.1.100. Once I figured out how to reset it to that one, it worked as it should. Here's how I reset it: 1. Power down all devices (wired and wireless) to the router; 2. Power down the modem and router - wait a minute or so before powering back up; 3. Power up the modem and give it a minute or so to go through system checks, which will normally acquire a new IP address from your ISP; 4. Power up the router and let it go through its system checks; 5. Connect the CAT5 cable from the printer to the router and power it up before you power up and connect any other computers. This should assign the printer the first IP address from the router, which should be 192.168.1.100. Once the printer goes through its start-up checks, you can check its assigned IP address from its panel. 6. Power up any other PCs or devices to the router. They should be assigned successive IP address numbers. You can check these using a browser in the PC after typing in 192.168.1.1, logging in to the router, and checking the appropriate place in the router driver/software displayed in the browser. I was not able to reassign IP addresses in my router's driver/software, but this method did the trick. I did not try to change the IP address of the printer from its panel to match what had been inadvertently reassigned to it. That might be another option to synchronize the printer and router with the same IP address.
Maybe you are looking for
-
How do I recover voice memos on my iPhone 4s without a backup
I accidently synced my voice memos to a new itunes library....not realising it treats memos like music and so it wiped out all my voice memos on my iphone. I dont have the backup file since the recent back up is the same file after a ssecond re-sync
-
Windows 8.1 hangs on signing out when updates need installed
I'm hoping somebody can offer a viable solution here because I'm tearing my hair out. I have 30 computers all randomly doing this...once in a while a standard user will log out and the system will sit for hours showing "signing out". Once I'm made a
-
When my iTunes offers to download the 10.6.3 software, I click "Download iTunes" and it still doesn't download. What do I do?
-
Upload and download file in jdev adf
hi, i'm still looking for upload and downlaod files in jdev adf any idea sir TQ
-
Remove xml parser from the database
I am deinstalling a version of xml and putting a newer version of it. how do i do that? I know that there is something like dropjava , but still there are other packages which are loaded into the schema. I want to clean out the earlier version and in