Configuring inbound NAT for an IP protocol
Hi
How do we configure an inbound NAT for IP protocol 41 from the outside interface to a DMZ host within ASA v9.1? A 1:1 translation is due to the sparse IPs not an option.
ASA v9.1 refuses to configure a service translation when it's not a TCP nor UDP.
Greetings
Roberto
Hello Roberto,
Yeah man, sorry to inform you that it's just not possible...
You cannot do that, all you can do is a one to one mapping or at least the tcp/udp port-forwarding. As your protocol does not have any port, option one is the only option.
The only thing that I have seen like this is the PPTP inspection starting on 8.3 and you will need to enable the inspection for the protocol so you can dynamically allocate the GRE traffic.This without the need for an IP protocol but for what you are looking for there is config,
Sorry!
Regards,
Similar Messages
-
NAT overload is not working when i configure Double NAT for VPN
I have Cisco 2921 router with OS version 15.1(4)M1.
the router is configured for NAT overload and working fine, i have site to site VPN tunnel with peer with normal NAT translation. now we need to configure Double NAT on the VPN tunnel as we need to free the subnet on peer network. for double nat i use 3.2.21.x - 3.2.23.x / 24 network and apply following command
Double NAT translation
ip nat inside source static network 192.168.10.0 3.2.21.0 /24 no-alias
ip nat inside source static network 192.168.20.0 3.2.22.0/24 no-alias
ip nat inside source static network 192.168.30.0 3.2.23.0 /24 no-alias
Nonat
access-list 101 deny ip 3.2.21.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 deny ip 3.2.22.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 deny ip 3.2.23.0 0.0.0.255 3.2.1.0 0.0.0.255
VPN encrypted traffic over the tunnel
access-list 115 permit ip 3.2.21.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 115 permit ip 3.2.22.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 115 permit ip 3.2.23.0 0.0.0.255 3.2.1.0 0.0.0.255
Problem:
as soon as i apply Double NAT translation command the NAT overload stop working and client cannot reach to the internet
the router partial configuration is as below
REACH-R01(config)#do sh run
Building configuration...
Current configuration : 19233 bytes
! Last configuration change at 09:56:45 MST Tue Jan 29 2013 by admin
! NVRAM config last updated at 13:57:54 MST Wed Jan 30 2013
! NVRAM config last updated at 13:57:54 MST Wed Jan 30 2013
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname REACH-R01
boot-start-marker
boot-end-marker
card type t1 0 0
logging buffered 51200 warnings
no aaa new-model
clock timezone MST -7 0
clock summer-time MST recurring
network-clock-participate wic 0
network-clock-select 1 T1 0/0/0
no ipv6 cef
ip source-route
ip cef
ip dhcp excluded-address 192.168.20.1 192.168.20.99
ip dhcp excluded-address 192.168.20.250 192.168.20.255
ip dhcp pool CISCO_PHONES
network 192.168.20.0 255.255.255.0
default-router 192.168.20.254
option 150 ip 192.168.20.254
no ip domain lookup
ip domain name reach.local
ip inspect name ethernetin ftp timeout 3600
ip inspect name ethernetin h323 timeout 3600
ip inspect name ethernetin http timeout 3600
ip inspect name ethernetin rcmd timeout 3600
ip inspect name ethernetin realaudio timeout 3600
ip inspect name ethernetin smtp timeout 3600
ip inspect name ethernetin sqlnet timeout 3600
ip inspect name ethernetin streamworks timeout 3600
ip inspect name ethernetin tcp timeout 3600
ip inspect name ethernetin tftp timeout 30
ip inspect name ethernetin udp timeout 15
ip inspect name ethernetin vdolive timeout 3600
multilink bundle-name authenticated
isdn switch-type primary-ni
trunk group PRI
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-3180627716
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3180627716
revocation-check none
rsakeypair TP-self-signed-3180627716
voice-card 0
dsp services dspfarm
voice service voip
allow-connections sip to sip
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
sip
voice translation-rule 1
rule 5 /^7804981231/ /401/
voice translation-rule 2
rule 5 // /7804981231/
voice translation-profile DID_INBOUND
translate called 1
voice translation-profile DID_OUTBOUND
translate calling 2
license udi pid CISCO2911/K9 sn FGL1540114P
license accept end user agreement
license boot module c2900 technology-package securityk9
hw-module ism 0
hw-module pvdm 0/0
username test test
redundancy
controller T1 0/0/0
cablelength long 0db
pri-group timeslots 1-6,24
no ip ftp passive
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
crypto isakmp key P@ssw0rd address 33.33.33.33 no-xauth
crypto ipsec transform-set ESP-AES256-SHA esp-aes 256 esp-sha-hmac
crypto map VPN-TUNNEL 1 ipsec-isakmp
description COMPUGEN
set peer 33.33.33.33
set transform-set ESP-AES256-SHA
match address 115
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description Outside Interface To the Internet
ip address dhcp
ip access-group outside_access_in in
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map VPN-TUNNEL
interface ISM0/0
ip unnumbered GigabitEthernet0/1.20
service-module ip address 192.168.20.2 255.255.255.0
!Application: CUE Running on ISM
service-module ip default-gateway 192.168.20.254
interface GigabitEthernet0/1
no ip address
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1.10
description VLAN 10 DATA VLAN
encapsulation dot1Q 10
ip address 192.168.10.254 255.255.255.0
ip nat inside
ip inspect ethernetin in
ip virtual-reassembly in
interface GigabitEthernet0/1.20
description VLAN 20 VOICE VLAN
encapsulation dot1Q 20
ip address 192.168.20.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/1.30
description VLAN 30 WIRELESS VLAN
encapsulation dot1Q 30
ip address 192.168.30.254 255.255.255.0
ip nat inside
ip inspect ethernetin in
ip virtual-reassembly in
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
interface ISM0/1
description Internal switch interface connected to Internal Service Module
no ip address
interface Serial0/0/0:23
no ip address
encapsulation hdlc
isdn switch-type primary-ni
isdn incoming-voice voice
trunk-group PRI
no cdp enable
interface Vlan1
no ip address
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http path flash:CME8.6/GUI
ip nat inside source static tcp 192.168.10.10 443 interface GigabitEthernet0/0 443
ip nat inside source static tcp 192.168.10.10 25 interface GigabitEthernet0/0 25
ip nat inside source static tcp 192.168.10.10 1723 interface GigabitEthernet0/0 1723
ip nat inside source static tcp 192.168.10.10 3389 interface GigabitEthernet0/0 3389
ip nat inside source static tcp 192.168.10.10 123 interface GigabitEthernet0/0 123
ip nat inside source static tcp 192.168.10.10 987 interface GigabitEthernet0/0 987
ip nat inside source list 101 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 75.152.248.1
ip route 0.0.0.0 0.0.0.0 75.152.248.1 254
ip route 0.0.0.0 0.0.0.0 205.206.0.1 254
ip route 192.168.20.2 255.255.255.255 ISM0/0
ip access-list extended outside_access_in
permit udp any any eq bootps
permit udp any any eq bootpc
permit tcp any host 22.22.22.22 eq 1723
permit tcp any host 22.22.22.22 eq 3389
permit tcp any host 22.22.22.22 eq smtp
permit tcp any host 22.22.22.22 eq 443
permit tcp any host 22.22.22.22 eq domain
permit udp any host 22.22.22.22 eq domain
permit tcp any host 22.22.22.22 eq 123
permit icmp any host 22.22.22.22 unreachable
permit icmp any host 22.22.22.22 echo-reply
permit icmp any host 22.22.22.22 packet-too-big
permit icmp any host 22.22.22.22 time-exceeded
permit icmp any host 22.22.22.22 traceroute
permit icmp any host 22.22.22.22 administratively-prohibited
permit icmp any host 22.22.22.22 echo
permit tcp any host 22.22.22.22 eq 987
permit tcp any host 22.22.22.22 eq 47
permit gre any host 22.22.22.22
permit udp any host 22.22.22.22 eq isakmp
permit esp any host 22.22.22.22
access-list 23 permit any
access-list 101 deny ip 192.168.20.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 deny ip 192.168.30.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 deny ip 192.168.10.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 deny ip 3.2.21.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 deny ip 3.2.22.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 deny ip 3.2.23.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 101 permit ip 192.168.10.0 0.0.0.255 any
access-list 101 permit ip 192.168.20.0 0.0.0.255 any
access-list 101 permit ip 192.168.30.0 0.0.0.255 any
access-list 110 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0
access-list 115 permit ip 3.2.21.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 115 permit ip 3.2.22.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 115 permit ip 3.2.23.0 0.0.0.255 3.2.1.0 0.0.0.255
Solution: Support forums teamI have the same problem also. Restarting isn't helping and the auto lock/unlock button is on. Plus a couple of time when I turn it on it is asking if I want to power off. That is when I push the button on the front to wake it up. Not the power button on top. I have an IPAd 2. Worked fine before the update.
-
Configure static NAT for range of ports
Hi,
I have a 2911 with a 3CX IP PBX behind it that needs to have a static NAT to the 3CX server for TCP/UDP 5060 and UDP 9000-9049. Do I have to create a static NAT entry for every single port in order for this to work, or can a range be defined in the NAT entries?
As an example, say my 3CX server has an internal IP of 192.168.1.25 and my external IP is 1.2.3.4. Would I have to create an entry for each port?
ip nat inside source static tcp 192.168.1.25 5060 1.2.3.4 5060
ip nat inside source static udp 192.168.1.25 5060 1.2.3.4 5060
ip nat inside source static udp 192.168.1.25 9000 1.2.3.4 9000
ip nat inside source static udp 192.168.1.25 9001 1.2.3.4 9001
and so on...
Is this the correct way to do it, or is there another better way?
Also, I only have one public IP to work with, and there are multiple other hosts on this network that need to have access to the internet. Right now I have NAT setup with overload so that the other hosts can get to the Internet. Here's my config for that:
ip nat pool PATPOOL 1.2.3.4 1.2.3.4 netmask 255.255.255.252
ip nat inside source list NAT_ACL pool PATPOOL overload
ip access-list standard NAT_ACL
remark PAT to outside
permit 192.168.1.0 0.0.0.255
exit
My question with this is will the static NAT work if I already have NAT overload configured as above?
Thanks for the help in advance.
Austin
PS here is 3CX documentation on this subject http://www.3cx.com/blog/voip-howto/cisco-voip-configuration/I ended up creating a static NAT entry for each individual port mapping. This worked just as it was supposed to.
I have seen examples of people using route maps and ACLs to accomplish forwarding a range ports. I have yet to see official documentation from Cisco on this, and in some cases those examples did not seem to work correctly.
ASAs with the latest code have the ability to forward a range of ports, but based on my research IOS lacks this feature.
In my case, forwarding 50 ports wasn't so bad. However, if you have hundreds or thousands of ports to forward you may want to try the route map/ACL approach.
Hopefully this information useful to others. -
ASA single outside IP address to an inbound NAT pool that round robins request to 2 web servers
How do I create a single outside IP address 1.2.3.4 to an inbound NAT pool that round robins request to 2 web servers?
I have 2 web server 10.0.0.1 and 10.0.0.2. They have the exact same content.
I think I start with defining the pool as an object group which contains 2 server 10.0.0.1 and 10.0.0.2
object-group network appservers
network-object host 10.0.0.1
network-object host 10.0.0.2
What to do next?
object-group network appservers
nat (inside,outside) static 1.2.3.4
gives me an error.No, unfortunately you can't configure round robin static inbound NAT for 2 internal web servers.
-
How to configure inbound ruleset in dynamic nat.
Hi ,
I have a doubt on configure the inbound rules for dynamic nat. I want to allow my web server (172.16.101.115) able connect from outside with tcp/443.
How do I configure the inbound ruleset for allow public connect to my webserver with tcp/443 in dynamic nat.
Here I have draw a diagram and some configuration i have configure in my ASA 8.2. Please correct me if I was wrong config it.
Public IP: 10.10.10.28
Private IPs:
172.16.101.115
172.16.101.116
172.16.101.117
172.16.101.118
172.16.101.119
172.16.101.120
access-list Web_nat permit ip host 172.16.101.115 any
access-list Web_nat permit ip host 172.16.101.116 any
access-list Web_nat permit ip host 172.16.101.117 any
access-list Web_nat permit ip host 172.16.101.118 any
access-list Web_nat permit ip host 172.16.101.119 any
access-list Web_nat permit ip host 172.16.101.120 any
nat (firewall-dmz) 1 access-list Web_nat
global (firewall-outbound) 1 10.10.10.28
access-list fw-outbound-access permit tcp any host 10.10.10.28 eq 443 //allow outside connect to my external ip.
access-list fw-dmz-access permit tcp any host 172.16.101.115 eq 443 //allow my translation ip connect to my webserver with tcp/443.Hi,
I am not sure what you are attempting to configure here.
But what the NAT configuration above does is do a Dynamic PAT for all the servers on the "firewall-dmz" to a single IP address towards the "firewall-outbound"
This Dynamic translation doesnt however enable connections to be initiated from behind the "firewall-outbound" interface. When your hosting a server which needs a NAT towards the users then the NAT type has to be Static NAT or Static PAT.
Static NAT will essentially use up one public IP address for just the single local host/server.
Static PAT will do a Port Forward from the public IP address and public port to the local IP and local port. And this is most commonly used with environments which only public IP address is the one that the ASA holds in its WAN interface.
A typical Static NAT configuration is this
static (inside,outside) 1.1.1.1 10.10.10.10 netmask 255.255.255.255
Where
inside = is the interface behind which the host is
outside = is the interface towards which the host is NATed
1.1.1.1 = is the public NAT IP address for the host
10.10.10.10 = is the local IP address of the host
A typical Static PAT configuration is this
static (inside,outside) tcp interface 80 10.10.10.10 80 netmask 255.255.255.255
Where
tcp = specifies the protocol for which the Static PAT configured
interface = specifies that we will be using the public IP address of the destination interface "outside" as the public IP address for this single Port Forward.
80 = first "80" specifies the public port visible to users behind the destination interface
80 = second "80" specifies the actual local port on which the local host is listening on
Hope this helps
- Jouni -
Incoming message size exceeds the configured maximum size for protocol t3
Hi All,
I've encountered an error as follow:
weblogic.socket.MaxMessageSizeExceededException: Incoming message of size 50004000 bytes exceeds the configured maximum of 50000000 bytes of protocol t3.
But the request message is only 3MB, why it is enlarged to over 50M?
There is a For Each loop section in main flow, is it because for one loop, there will be a copy of request message?
How to enlarge message size for protocol t3?
Go to server/protocol and change 'Maximum Message Size' for AdminServer, OSB Servers and SOA servers?
Thanks and Regards,
BruceHi,
1) After setting -Dweblogic.MaxMessageSize to 25000000
<BEA-000403> <IOException occurred on socket: Socket[addr=ac-sync-webserver1/172.24.128.8,port=9040,localport=36285]
weblogic.socket.MaxMessageSizeExceededException: Incoming message of size: '25002240' bytes exceeds the configured maximum of: '25000000' bytes for protocol: 't3'
at weblogic.socket.BaseAbstractMuxableSocket.incrementBufferOffset(BaseAbstractMuxableSocket.java:174)
2) After setting -Dweblogic.MaxMessageSize to 50000000
<BEA-000403> <IOException occurred on socket: Socket[addr=ac-sync-webserver2/172.24.128.9,port=9040,localport=59925]
weblogic.socket.MaxMessageSizeExceededException: Incoming message of size: '50000400' bytes exceeds the configured maximum of: '50000000' bytes for protocol:
't3'.
And even after setting various values for -Dweblogic.MaxMessageSize , issue weblogic.socket.MaxMessageSizeExceededException was observed.
To overcome the issue set Manual Service Migration Only as after several experiments and replicating the issue it was found out that in case of no available pinned services, must set the migration policies of the migratable targets on "Manual Service Migration Only".
And once it is corrected; it was noticed that weblogic.socket.MaxMessageSizeExceededException issue also resolved.
WebLogic Server can fail over most services transparently, but it's unable to do the same when dealing with pinned services.
Pinned Services : JMS and JTA are considered as pinned services. They're hosted on individual members of a cluster and not on all server instances.
You can have high availability only if the cluster can ensure that these pinned services are always running somewhere in the cluster.
When a WebLogic Server instance hosting these critical pinned services fails, WebLogic Server can't support their continuous availability and uses migration instead of failover to ensure that they are always available.
Regards,
Kal -
Configuring Inbound Profile in BW system for putting IDOCs?
Hello,
we send IDOCs to BW system form XI for POS analitics.
But we confused how to configure Inbound Partner Profile in BW system (t-code WE20).
The main question is :
What must be as Inbound Partner in WE20 ? The name of DataSource(InfoSource) or something else? And what the type of Partner should it be?
Thank You!hi,
In BW, check in tx SXMB_ADM, option Integration Engine configuration, if you have in category RUNTIME, parameter IS_URL something like that "dest://<NameOfYourRfcDestination>".
and in SM59 (of BW), check that you have the same RFC destination (type H).
or maybe you use a Java proxy, instead of an abap proxy.
regards.
Mickael -
How to configure 2 PS3 for NAT 2 connected to WRT350N
Okay so 1 of the PS3 is wireless and another is wired and both are connected to my WRT350N. Is there anyway to configure WRT350N so that the 2 PS3 that I have will have NAT 2? Right now 1 of them is NAT2 and the other is NAT3. I tried to configure them both for NAT2 but it just doesn't work. Am I missing something? PLease help!
NAT 3 = Restricted voice communication and other features
NAT 2 = Correct ports fowarded for your PS3 or it's DMZ'd
NAT 1 = No router, it goes straight through the modem (normally)
So like I was saying, I want the 2 PS3 that I have to be on NAT 2 and with the WRT350N, I can't seem to configure them to NAT 2 at the same time. -
SCM Inbound Interfaces for 11i
Is there any SCM Inbound Interface for 11i for external non-Oracle systems to place a requsition or purchase order? if so, what protocol does it use and is this protocol standard for a 11i install?
This interface would be from PeopleSoft 8.47 not currently setup up to use BPEL.
Thanks in AdvanceHi,
As I understand, you have to map incoming message to same message structure of outbound side and then send it to two different receivers.
If this is correct, then you need not perform two message mappings. You need to design the scenario like a normal scenario in Integration Repository. However, in Integration Directory, you would need additional configuration to have two receivers for same message. This would be as follows:
1. Business System for receiver
2. CC for receiver
3. One Receiver Determination with two receivers configured. However, no condition specified for them.
4. Two interface determinations, one for each receiver.
5. Receiver agreements.
This configuration should solve your problem.
Thanks,
Bhavish -
How does B2B Adapter for Inbound operation for SOA Composite works
Hai,
I am new to B2B. can any one share samples or links or doc's on B2B Adapter for inbound operation (receive)?
Can any one share B2B inbound channel configuration ?1. How does the above can be achieved using JMS protocol?Where would you like to pitch-in JMS? You want to receive inbound message at B2B over JMS or between SOA and B2B, you want to use JMS?
For receiving inbound message at B2B over JMS, please create a non-internal listening channel at B2B. Make sure to set JMS headers -
http://docs.oracle.com/cd/E23943_01/user.1111/e10229/app_interface.htm#CACDFEAE
For using JMS between, SOA and B2B, create a JMS channel in Host TP profile and add it in the inbound agreement (for inbound scenario). For outbound scenario, create an internal listening channel and make sure that from back-end, headers mentioned on above link, are being set.
2. Will SOA Composite having B2B Adapter receive operation has first operation can get triggered automatically or not as soon as EDI----->XML message is found?Yes, it can be triggered. Provided the steps in your another thread.
3. will B2B Adapter receive operation in SOA Composite will take EDI--------> xml msg as opaque?No, if while modelling B2B adapter, you selected a doc-def otherwise yes.
Regards,
Anuj -
How to create one inbound delivery for multiple purchase order?
Hi Experts,
Please let me know how can I create one inbound delivery for multiple purchasing documents(PO or SA)?
Is there a configuration needed for this? If yes, please let me know the configuration to make this happen.
Appreciate your help on this. Right answers will be rewarded.
Thank you.
with regards,
Muthu Ganapathy.Hi,
my situation is:
- a WM managed warehouse, society A;
- a HU managed warehouse (without WM), society B;
- a purchasing process of HU from society A towards society B.
Society B have a scheduling agreement; when a delivery schedule appears, in society A born a sales order and a delivery. After the registration of the delivery good issue, an idoc transfer information for inbound delivery creation.
This process is ok without WM, but with a WM managed warehouse the idoc has the following problem:
"V51VP - item was not found - process cancelled".
Can you help me to transfer these HU? -
What is the standard inbound idoc for substation management?
Hello Experts,
Can anybody help me to find out the standard inbound idoc for substation management?
The following field are requied to be filled in idoc.
1)Power_Produced(STAGR)
2) Reduction_Power_Consumed(STAGR)
3)Ancillary_Power_Consumed (STAGR)
4)Unit (MEINB)
5) UOM and Date (BUDAT)
If possible please tell me the standard BAPI for these fileds.
Thanks in advance for your help.
Thanks and Regards,
Suresh.Hi Debo,
What is your exact requirement?
Are you trying to find the standard configurations available for a webdynpro application? then, use t-code SE15 and open the application name and use the tree structure to find out the available configurations under WD application.
sample:
Regards,
Rama -
How to configure inbound EDI invoice
Hi all,
Can any one provide me the steps to configure inbound edi invoice.
Regards,
Marella.Hi Arif, yes I did read that one.
after reading that I got those doubts.
In general, please help me to have a clear understanding in the following points.
We have 4.6c.
Please see my quries below and help me.
SAP Tax codes
Can an inbound MM invoice contain items belonging to different POs?
Can the tax codes be different for different items in the same invoice?
How to get tax codes for invoice items? Do we take these from the corresponding item in the PO? or from material master or from vendor master or some where else?
What will be the tax code at the invoice header level?
Regards,
Marella. -
Inbound delivery for a STO ??
Hi
What are the steps to do a Inbound delivery for a STO so that I can do Goods Receipt using that Inbound delivery in receiving plant.??
Pls tell me the configuration steps involved and other relevant steps involved.
Also give me any SAP help link too.
Thanks
Maruthi RamHi,
You have to do Replenishment delivery (Outbound) at the issuing plant and goods receipt in the receiving plant with respect to the same.
Process Flow (Stock Transport Order with Delivery and Billing Document/Invoice ):
Creating a stock transport order in the receiving plant
Purchasing also determines the price for the materials.
Posting a delivery in the issuing plant
The issuing plant enters a replenishment delivery in Sales and Distribution. Unlike a stock transfer without a billing document, no stock in transit is created.
Creating a billing document in the issuing plant
The issuing plant creates the billing document for the delivery. SD also determines the price for the delivery
Posting a goods receipt in the receiving plant
The receiving plant posts a goods receipt for the delivery. The goods are posted to unrestricted-use stock
Posting an invoice in the receiving plant
The invoice referring to the billing document is entered in the receiving plant.
Please refer to link: http://help.sap.com/saphelp_47x200/helpdata/en/4d/4b9036dfe4b703e10000009b38f889/frameset.htm
for further details.
Regards,
Narayana. -
Configuring RFC connections for load balancing.
Hi ,
We have the following landscape for our systems.
The database is installed on z/os , db2 (mainframe). The central services( SCS and ASCS) are also on the mainframe. So the message server is on mainframe.
The CI is on AIX and The DI is on AIX.
We have Logon groups configured and load balancing Configured and is RFC enabled.
1) When we connect to SAP using the SAPGUI and the portal connection is made to either CI or DI depending upon the best response times. Now recently we are running the mercury load testing, all the users are connecting to DI. Why are the users connecting to DI even though we have load balancing?
2) I have a system with SID BP0, with one CI and one DI. The logon group is BP0 and the message server name is cyrix. Now I have other another system EP0. I have created a RFC connection from EP0 to BP0. In SM59 I have selected the load balancing option, and provide the message server name, SID and logon group name. The connection does not work. If I connect directly to the CI or DI the connection works. Please tell me how can I configure load balancing for RFC connections.
Thanks
Manmath.Dear 917996,
There are two types of load balancing:
- Client-side load balancing (setting up the tnsnames.ora on client side). More information here (http://ggsig.blogspot.co.uk/2012/04/client-side-
load-balancing-in-oracle.html). Very good video produced my friend Igor Melnikov is here (http://www.dsvolk.ru/oracle/racdd4d/demos/video/loadbalance/client/clientloadbalance_viewlet_swf.html)
-Server-side load balancing (remote_listener and setting service parameter clb_goal). Very good Igor Melnikov's video is here (http://www.dsvolk.ru/oracle/racdd4d/demos/video/loadbalance/server/serverloadbalance_viewlet_swf.html).
I have read about client side and server side load balancing. By editing tnsnames.ora I have enabled client side load balancing which is suppose to select listeners at random. then why does it only go to second node?Could you please show your tnsnames.ora on client?
Please can anyone help me to configure server side load balancing with SCAN. I have read many many post but couldn't find a clear answer.Based on your output (remote_listener string cmbtrnrac-scan:1521) you have already configured the server side load balancing.
SQL> show parameter listener
NAME TYPE VALUE
listener_networks string
local_listener string (DESCRIPTION=(ADDRESS_LIST=(AD
DRESS=(PROTOCOL=TCP)(HOST=10.1
7.67.214)(PORT=1521))))
remote_listener string cmbtrnrac-scan:1521How many SCANs do you use? Do you use DNS?
regards,
Gennady
Maybe you are looking for
-
iTunes update 11.0.2. (loaded automatically in the background and signaled in the App Store symbol is delivering failure 103 if I try to install it - any experience how to fix it?
-
Privileged Exec password works for telnet but not web interface on Cisco AP 1242
I recently configured a Cisco AP 1242, software version 12.4, via the web interface using the default Cisco credentials. At that time I setup an administrator account with read/write access and changed the Cisco to a read only access. Now went I atte
-
Dropped phone in water and it still works.
I dropped my phone in water for 2 seconds and it still works but should i keep it in rice just in case or can i continue using it
-
My built in isight isn't working with imovie!!
hello, i have the black macbook, and i was trying to use the built-in isight on imovie although it does allow me to do so, in fact it's not even found, when i search for the option, please reply with help it will be greatly appreciated
-
Repeated requests to "Sign In" to create a Ring Tone
In trying to create a ring tone in iTunes, I am asked to "Sign in to create ring tones from the iTunes store". I am already signed in, but I type in my password anyway. After clicking the "Sign In" button, I am asked again to sign in. iTunes never ac