Creating NAT for multiple subnets

Hello I want to create a 1 NAT for 5 sub networks on a windows 2008 machine the sub networks are; 192.168.224.0/27 192.168.224.32/27 192.168.224.64/27 192.168.224.96/27 192.168.224.128/27 I intend to have a server on the 192.168.224.0/27 sub network. After
installing 2 network cards on the server, 1 for the private addressing scheme and 1 for the external network address and installing RRAS I am wondering how nodes on the other sub networks will find their way out to the external network, will RRAS take care
of that? or is it not possible to have only 1 NAT for several sub networks?

  It is possible, but I would think that you would need six NICs in the server - one for the public connection and one for each private subnet.
  It sounds as if you want to implement VLANs. If you do, RRAS does not so that.
Bill

Similar Messages

  • Create Invoice for multiple deliveries

    Hi ,
    I want to create Invoice for multiple deliveries thru my prog.
    I tried using RV_INVOICE_CREATE but it creates multiple invoices if I enter multiple deliveries.
    I tried searching the forum but cud not get any solution for this.

    Hi,
    U can create single invoice for multiple deliveries if the following conditions are met
    1)payment terms are same
    2)billing dates are all same
    3)and Payer
    Go to VF01 and enter all the delivery document numbers and it will create a single invoice.
    Or else goto VF04 and search all delivery documents,select it and click on collective billing document button. One single invoice will be created
    regards.

  • Create confirmation for multiple cost objects PO in SUS

    Hi,
    Is it possible to create confirmation for multiple cost objects PO ( order type 'MA') in SUS ?
    We are going to implement SRM 7.
    Thanks & regards,
    Afandi-

    Hi All,
    First of all, thanks for your responses..
    Right, about the issue, what I explained here was that I am indeed assigning only one cost object: the WBS element. The issue was that even though I am assigning only the WBS element, it was also assigning the cost to the cost center by default. I did some R&D and found the solution to the issue (I was also asked to look for OSS notes but was not satisfied that this issue needs an OSS note to be applied so tried my solution). The issue was in table: T788M (allocate costs to variable account assignment). Here, I created an entry and called it USERGROUP_2 (just a random name) and assigned the variable cost objects (only the WBS and the Cost center) to be displayed. In the next step, I assigned this usergroup to the country in quesion feature (TRVCO). By doing this, I tell the system that only these cost objects are to be considered when an employee wants to assign the cost object. If the system sees that there is no value from the drop down to choose from, it picks up the default cost object (cost center). This was a simple issue that I had to rattle my brains on... but the solution I mention above worked like a hot knife going through butter...
    If you guys face this issue, please try this else feel free to get in touch with me on my number below.
    Once again, thanks for your responses.
    Best regards,
    Tanmay Dhingra
    +91 880 6666 606

  • Creating Authorization for multiple plants

    Hi,
    I have one requirement that, Creating Authorization for multiple plants
    SELECT-OPTIONS:    s_werks FOR mseg-werks.
        AUTHORITY-CHECK OBJECT 'M_MSEG_WMB' 
               ID 'ACTVT' FIELD '03'
               ID 'WERKS' FIELD s_werks.
    1. If have no of plants in s_werks then how to authorize the plants?
    2.if i dont enter any plant in my selection screen how to authorize that?
    3. if i have 5 plant only then how i can authorize those perticular plants only?
    Thanks in advance,
    Thanks,
    DP.

    S_WERKS is not a field; it's a set of fields.  Use simple ABAP to select your plants and loop at the selection(s) to check...

  • RV320: Need to use as gateway for multiple subnets

    We just purchased an RV320 as a replacement/upgrade to an RV042. Our Internet connection was upgraded to 200Mbps and the RV042 wouldn't handle that throughput.
    Our internal network has 4 subnets, all connected via a layer 3 switch. The RV320 is connected to one of those subnets and is the default gateway for the entire network.
    The RV042 had a "multiple subnets" setting that allowed it to perform NAT for the directly connected subnet and the other 3 subnets in our network. We would just add the other networks to the list in the RV042 and everything was fine.
    The RV320 doesn't seem to have the same functionality (or am I missing something?). It looks like there is some sort of multiple subnet support, but when we try to add another subnet the interface seems to be asking us to define a single IP address in that subnet (an IP address for the router?) as if all subnets will be directly attached to the router using VLANs (which is not the case in our network).
    We can set up the "advanced routing" option to define the other 3 internal subnets and how to route to them, etc. but will the RV320 perform NAT for the other subnets without any adidtional configuration?
    Can anyone shed any light on this?
    Many thanks!

    Precept,
    My name is Ismael, iam with Small Business Support Center. I like to start by asking is there a  particular reason that the switch is handling Layer 3/or DHCP? Normally when an RV042 is implemented you would need a Layer 3 switch as the RV042 only supports one DHCP scope.In addition all The RV0XX series does not support 802.1q VLAN.
    With RV320 you can setup multiple subnets under advance routing and still allow for it to pass DHCP for all of your 4 subnets and create 801.2q Vlan subinterfaces . Setting RV320 in this manner can create an ease in managing the network.
    If you are considering the RV320 to do Layer 3 / DHCP simply create your 4 Vlans or subnets. Add them to the DHCP scope and enable DHCP server for all subnets. Switch would have to be configured to Layer 2 for this to work.  The link below is a knowledge portal that could assist in creating DHCP and Vlans. Hope this helps you.
    http://sbkb.cisco.com/

  • Auto-create delivery for multiple sales orders

    I would like to ask how to create auto-create 'single' delivery
    for multiple sales order during release sales order in R11i.
    It is found in my example during release sales order, multiple
    sales orders fulfill release sales order criteria, a single pick
    slip is generated but it is found that each sales order have
    individual delivery with it. It will casue multiple pack slips
    for a singles pick slip. Is it normal feature for auto-create
    delivery, or any setup to solve it?
    Thanks in advance.

    Am not able to do Single Delivery for Muktiple sales orders
    Have you searched the forum for this question as to why you were not able to generate ??  It could be due to multiple reasons.  Please search the forum and update here what steps you have taken after taking the inputs from here, if the problem is still not resolved.
    thanks
    G. Lakshmipathi

  • ASA Transparent Mode For Multiple Subnets

    I am looking to replace a FortiGate firewall which is currently working in transparent mode handling mutiple subnets with ASA 5515.  Currently, I am testing transparent mode configuration on ASA 5505, and it will not forward any traffic that is not in the same subnet as IP address assigned to BV interface.
    For example, the following configuration works.
    10.0.0.3/24 (computer) ---> 10.0.0.2/24 (firewall) ---> 10.0.0.1/24 (computer)
    However, the following does not work
    10.0.0.3/24 (computer) ---> 10.10.0.2/24 (firewall) ---> 10.0.0.1/24 (computer)
    I thought that transparent mode is just a bump in the wire, so why does the IP address/subnet assigned to BV interface affects the traffic?  Is the ASA capable of handling other/multiple subnets in transparent mode other than the subnet assigned to BV interface?
    By the way, I used to run PIX 515E 7.2(2) transparent mode filtering multiple subnets.  The current ASA 5505 is on 9.0(1).  Is it the limitation on the ASA 5505 model but not on the more powerful ASA model?
    Thank you

    Thank you @ttemirgaliyev, I tried but multiple context is not supported by ASA 5505.
    I have an example of PIX configuration in transparent mode filtering multiple subnets.  I was using this configuration in production environment in the past.  I am wondering if ASA 5510 or higher can handle this setup.
    : Saved
    : Written by enable_15 at 10:57:25.766 UTC Wed Jul 16 xxxx
    PIX Version 7.2(2)
    firewall transparent
    hostname pixfirewall
    enable password xxxxxxxxxx encrypted
    names
    interface Ethernet0
    nameif outside
    security-level 0
    interface Ethernet0.1
    vlan 1
    no nameif
    no security-level
    interface Ethernet1
    nameif inside
    security-level 100
    interface Ethernet1.1
    no vlan
    no nameif
    no security-level
    passwd xxxxxxxxxx encrypted
    ftp mode passive
    access-list outside extended permit udp any host 10.0.0.210
    access-list outside extended permit udp any host 10.0.0.3
    access-list outside extended permit tcp any host 10.0.0.110 eq smtp
    access-list outside extended permit tcp any host 10.0.0.110 eq www
    access-list outside extended permit tcp any host 10.0.0.57 eq smtp
    access-list outside extended permit tcp any host 10.0.0.57 eq www
    access-list outside extended permit tcp any host 10.0.0.75 eq www
    access-list outside extended permit tcp any host 10.0.0.75 eq ftp
    access-list outside extended permit tcp any host 10.0.0.75 eq 5003
    access-list outside extended permit tcp any host 10.0.0.75 eq 403
    access-list outside extended permit tcp any host 10.0.0.75 eq 407
    access-list outside extended permit tcp any host 10.0.0.76 eq ftp
    access-list outside extended permit tcp any host 10.0.0.2 eq pcanywhere-data
    access-list outside extended permit udp any host 10.0.0.2 eq pcanywhere-status
    access-list outside extended permit tcp any host 10.0.10.61
    access-list outside extended permit tcp any host 10.0.10.62
    access-list outside extended permit tcp any host 10.0.10.63
    access-list outside extended permit tcp any host 10.0.10.64
    access-list outside extended permit tcp any host 10.0.13.225 eq ftp
    access-list outside extended permit tcp host 192.168.4.30 host 10.0.17.254 eq telnet
    access-list outside extended permit tcp any host 10.0.13.225 eq telnet
    access-list outside extended permit tcp any host 10.0.10.61 eq 50
    access-list outside extended permit udp any host 10.0.10.61 eq isakmp
    access-list outside extended permit tcp any host 10.0.10.62 eq 50
    access-list outside extended permit udp any host 10.0.10.62 eq isakmp
    access-list outside extended permit tcp any host 10.0.10.63 eq 50
    access-list outside extended permit udp any host 10.0.10.63 eq isakmp
    access-list outside extended permit tcp any host 10.0.10.64 eq 50
    access-list outside extended permit udp any host 10.0.10.64 eq isakmp
    access-list outside extended permit tcp any host 10.0.0.219
    access-list outside extended permit udp any host 10.0.0.219
    access-list outside extended permit udp any host 10.0.10.61
    access-list outside extended permit udp any host 10.0.10.62
    access-list outside extended permit udp any host 10.0.10.63
    access-list outside extended permit udp any host 10.0.10.64
    access-list outside extended permit icmp any host 10.0.10.29
    access-list outside extended permit tcp any host 10.0.10.29 eq ftp
    access-list outside extended permit tcp any gt 1023 host 10.0.10.29 eq ftp-data
    access-list outside extended permit tcp any host 10.0.0.110 eq pop3
    access-list outside extended permit tcp any host 10.0.0.57 eq pop3
    access-list outside extended permit tcp any host 10.0.10.27 eq pcanywhere-data
    access-list outside extended permit udp any host 10.0.10.27 eq pcanywhere-status
    access-list outside extended permit tcp any host 10.0.10.31 eq pcanywhere-data
    access-list outside extended permit udp any host 10.0.10.31 eq pcanywhere-status
    access-list outside extended permit tcp any host 10.0.0.222 eq pcanywhere-data
    access-list outside extended permit udp any host 10.0.0.222 eq pcanywhere-status
    access-list outside extended permit icmp any host 10.0.10.28
    access-list outside extended permit tcp any host 10.0.10.28 eq pptp
    access-list outside extended permit gre any host 10.0.10.28
    access-list outside extended permit ip any host 10.0.10.28
    access-list outside extended permit ip any host 10.0.10.29
    access-list outside extended permit tcp any host 10.0.10.25 eq 8234
    access-list outside extended permit tcp any host 10.0.17.217 eq 8234
    access-list outside extended permit tcp any host 10.0.17.217 eq 8235
    access-list outside extended permit tcp any host 10.0.17.217 eq www
    access-list outside extended permit ip any host 10.0.10.36
    access-list outside extended permit ip any host 10.0.10.37
    access-list outside extended permit ip any host 10.0.10.38
    access-list outside extended permit ip any host 10.0.10.39
    access-list outside extended permit ip any host 10.0.10.40
    access-list outside extended permit ip any host 10.0.10.41
    access-list outside extended permit tcp any host 10.0.0.235 eq www
    access-list outside extended permit tcp any host 10.0.10.2 eq www
    access-list outside extended permit tcp any host 10.0.10.2 eq 3389
    access-list outside extended permit tcp host 192.168.1.234 host 10.0.0.211 eq 4899
    access-list outside extended permit tcp any host 10.0.0.211 eq www
    access-list outside extended permit tcp any host 10.0.10.35 eq www
    access-list outside extended permit tcp any host 10.0.10.36 eq www
    access-list outside extended permit tcp any host 10.0.10.37 eq www
    access-list outside extended permit tcp any host 10.0.10.38 eq www
    access-list outside extended permit tcp any host 10.0.10.39 eq www
    access-list outside extended permit tcp any host 10.0.10.40 eq www
    access-list outside extended permit tcp any host 10.0.10.41 eq www
    access-list outside extended permit tcp any host 10.0.0.110 eq https
    access-list outside extended permit tcp any host 10.0.0.57 eq https
    access-list outside extended permit tcp any host 10.0.0.75 eq https
    access-list outside extended permit tcp any host 10.0.17.217 eq https
    access-list outside extended permit tcp any host 10.0.0.234 eq 220
    access-list outside extended permit tcp any host 10.0.0.235 eq https
    access-list outside extended permit tcp any host 10.0.10.2 eq https
    access-list outside extended permit tcp any host 10.0.0.211 eq https
    access-list outside extended permit tcp any host 10.0.10.35 eq https
    access-list outside extended permit tcp any host 10.0.10.36 eq https
    access-list outside extended permit tcp any host 10.0.10.37 eq https
    access-list outside extended permit tcp any host 10.0.10.38 eq https
    access-list outside extended permit tcp any host 10.0.10.39 eq https
    access-list outside extended permit tcp any host 10.0.10.40 eq https
    access-list outside extended permit tcp any host 10.0.10.41 eq https
    access-list outside extended permit tcp any host 10.0.10.35 eq 8234
    access-list outside extended permit tcp any host 10.0.10.36 eq 8234
    access-list outside extended permit tcp any host 10.0.10.37 eq 8234
    access-list outside extended permit tcp any host 10.0.10.38 eq 8234
    access-list outside extended permit tcp any host 10.0.10.39 eq 8234
    access-list outside extended permit tcp any host 10.0.10.40 eq 8234
    access-list outside extended permit tcp any host 10.0.10.41 eq 8234
    access-list outside extended permit tcp any host 10.0.10.35 eq 8235
    access-list outside extended permit tcp any host 10.0.10.36 eq 8235
    access-list outside extended permit tcp any host 10.0.10.37 eq 8235
    access-list outside extended permit tcp any host 10.0.10.38 eq 8235
    access-list outside extended permit tcp any host 10.0.10.39 eq 8235
    access-list outside extended permit tcp any host 10.0.10.40 eq 8235
    access-list outside extended permit tcp any host 10.0.10.41 eq 8235
    access-list outside extended permit udp any host 10.0.0.222
    access-list outside extended permit gre any any
    access-list outside extended permit ip host 10.0.10.28 any
    access-list outside extended permit ip host 10.0.0.211 any
    access-list outside extended permit ip host 10.0.10.35 any
    access-list outside extended permit ip host 10.0.10.36 any
    access-list outside extended permit ip host 10.0.10.37 any
    access-list outside extended permit ip host 10.0.10.38 any
    access-list outside extended permit ip host 10.0.10.39 any
    access-list outside extended permit ip host 10.0.10.40 any
    access-list outside extended permit ip host 10.0.10.41 any
    access-list outside extended permit ip host 10.0.0.222 any
    access-list outside extended permit ip host 10.0.0.234 any
    access-list outside extended permit icmp host 10.0.0.234 any
    access-list outside extended permit tcp any host 10.0.0.235 eq 3389
    access-list outside extended permit ip host 10.0.0.254 any
    access-list outside extended permit tcp any host 10.0.0.2 eq 3389
    access-list outside extended permit tcp any host 10.0.13.240 eq 5900
    access-list outside extended permit udp any host 10.0.13.240 eq 5900
    access-list outside extended permit tcp any host 10.0.13.240 eq 3283
    access-list outside extended permit udp any host 10.0.13.240 eq 3283
    access-list outside extended permit tcp any host 10.0.13.240 eq ssh
    access-list outside extended permit tcp any host 10.0.10.12 eq www
    access-list outside extended permit tcp any host 10.0.0.212 eq www
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip address 10.0.0.230 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    access-group outside in interface outside
    route outside 0.0.0.0 0.0.0.0 10.0.0.254 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout uauth 0:05:00 absolute
    snmp-server host inside 10.0.0.234 community xxxx
    no snmp-server location
    no snmp-server contact
    snmp-server community xxxx
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    snmp-server enable traps syslog
    telnet timeout 5
    ssh 0.0.0.0 0.0.0.0 outside
    ssh 0.0.0.0 0.0.0.0 inside
    ssh timeout 60
    console timeout 0
    prompt hostname context
    Cryptochecksum:c887f562a196123a335c5ebeba0ad482
    : end

  • Creating cache for multiple property files run time/dynamically.

    Hi,
    I have a requirement, where in I need to create cache for each property file present in a folder at server side or in the lib or resources directory. Please help me how I can do this?
    Thanks.

    ok thank you.
    I follwed this method implementation:
    static HashMap<String, HashMap<Object, String>> cacheHolder = new HashMap<String, HashMap<Object, String>>();
         static HashMap<Object, String>[] cache = new HashMap[2];
         static Integer fileCount = 0;
         static int incrementSize = 2;
    public method1(Map<Object,String>map){
    File file = new File((new StringBuilder(
                             "ABC/XYZ/")).append(value)
                             .toString()); // where value is the file name returned from the external method
                   int newSize = existingMapLength+incrementSize;
                   if (someVal== null) {                    
                        synchronized (fileCount) {
                             int oldSize = cache.length;
                             if(fileCount==cache.length){
                                  HashMap[] oldData = new HashMap[oldSize];
                                  oldData = cache;                              
                                  cache = new HashMap[newSize];
                                  LOGGER.info("New Size added:==>"+cache.length);
                                  for(int i=0;i<oldSize;i++){                                   
                                       cache[i] = oldData;
                                  cache[fileCount] = readExternalPropertiesFile(file); // external method which returns the properties of the file in hashmap
                                  cacheHolder.put(value, cache[fileCount]);                    
                                  keys = cache[fileCount].keySet();
                             else{                         
                             cache[fileCount] = readPropertiesFile(file);
                             cacheHolder.put(value, cache[fileCount]);                    
                             keys = cache[fileCount].keySet();
                             someVal= cache[fileCount];
    fileCount = fileCount + 1;
    Please let me know if any improvemnets are possible.

  • Actions creating task for multiple partner functions

    Hello Masters,
    Need help in below scenario.
    We are using actions in quotations. Different actions gets triggered as per status of quotation.
    ex: Status: manger approval request: Task to be create with action for manager
        Status: Manger approved: Task to be created with action for Sales employee.
    I have configured action profile. My actions are partner function dependent.
    Partner functions are different for manager and sales employee.
    But when action is getting triggered it is creating task for both partner functions.
    How can I avoid this? Does though we say action is pertner function dependent is it true or it is actually partner function catagory dependant. In my case partner function category is same for manager and sales employee. The partner function category is "Employee"
    looking for your guidence
    Thanks
    Kushal  

    Hi Kushal,
    The partner function category is same - employee and hence it is triggering actions at the same time.
    You may have to see if you can assign a separate partner function category to meet your requirement.
    Hope this will be useful
    Thanks and Regards
    DJ

  • GRE Tunnel/NAT with multiple subnets and interfaces

    So, I am not sure if we are trying to accomplish too many things at once and what we are attempting to do is not possible or if we are missing something in our configurations...
    Here is the situation...
    We are migrating some equipment between datacenters.  The equipment only a has a /27 worth of IP space assigned to it so we cannot simply "move" the IP space to the new datacenter.  Further because we have several VPNs terminated in the old IP space that originate from devices we do not directly control and are essential in continuing to provide service, it was/is difficult to magically update some DNS entries and change IP addresses overnight.  The last twist in this puzzle is that at the new datacenter, we will deploying some new equipment that will be in a separate subnet (with a separate Windows AD structure) but sharing the new public IP space we have in the new datacenter.
    We thought using a GRE tunnel, some trunks, and a bunch of NATs would make the whole process easy and we tested ti in a lab and everything SEEMED to work.  However, when we performed the move we ran into an odd issue that we were unable to figure out and had to go back to a failsafe configuration that has the essentials up and running, but the environment is not running in an ideal way for us to gradually transition as we would like.
    Essentially what we had/have and how it was configured is as follows:
    Site A
    Edge Router - x.x.x.x /24 BGP announcement
    x.x.x.y/27 that is within the /24 that we need at site b
    GRE tunnel configuration
    interface tunnel0
      ip address 10.x.x.1 255.255.255.252
      tunnel source <router edge IP>
      tunnel destination <site b router edge ip>
      keepalive 10 3
    static route for site a public ip to bring it to site b via GRE tunnel
    ip route x.x.x.y 255.255.255.224 10.x.x.2
    Site B
    Edge Router - y.y.y.y /24 BGP announcement
    Similar GRE tunnel configuration (tunnel comes out and works so don't think issue is here)
    2 Vlans (1 for site a ip space, 1 for site b ip space)
    int vlan 50
    ip address x.x.x.1 /27
    int vlan 51
    ip address y.y.y.129 /25
    Trunk port for the VLANs going down to an ASA
    int g1/1
      swi mode trunk
      swi trunk native vlan 51
      swi tru all vlan 50,51
      swi tru en dot1q
    Then on the ASA, I have 2 physical interfaces for 4 logical interfaces (outside, outsideold, inside, insideold)
    int e0/0
     nameif outside
     sec 0
     ip address y.y.y.130 /25
    int e0/0.50
     nameif outsideold
     sec 0
     ip address x.x.x.2 /27
     vlan 51
    int e0/1
      nameif inside
      sec 100
      ip address 192.168.y.1 /24
    int e0/1.60
      nameif insideold
      sec 100
      ip address 192.168.x.1 /24
      vlan 60
    A static route using the new ip space on the native outside interface...
    route 0 0 y.y.y.129
    And then I have some nat rules which is where I think things go a little haywire...
    object network obj-y.y.y.0-24
      subnet y.y.y.0 255.255.255.0
     nat (inside,outside) dynamic interface
    object network obj-x.x.x.0-24
      subnet x.x.x.0 255.255.255.0
     nat (insideold,outside) dynamic interface
    object network obj-y.y.y.135-160
      range y.y.y.135 y.y.y.160
    object network obj-192.168.y.135-160
      range 192.168.y.135 192.168.y.160
      nat (inside,outside) static obj-y.y.y.135-160
    object network obj-x.x.x.10-20
      range x.x.x.10 x.x.x.20
    object network obj-192.168.x.10-20
      range 192.168.x.10 192.168.x.20
      nat (insideold,outsideold) static obj-x.x.x.10-20
    From some debugging and looking at packet-tracer, I found out I left out the below which was needed to properly nat traffic as it leaves the outside interface (when the default sends the traffic)
    object network obj-192.168.x.10-20-2
      range 192.168.x.10 192.168.x.20
      nat (insideold,outside) static obj-x.x.x.10-20
    There are / were a bunch of other nat exemptions for the VPNs and specific external routes to ensure all vpn traffic exited the "outsideold" interface which is where all the existing tunnels were terminated.
    Everything appeared to be working great as all the VPN tunnels came up perfectly as expected and traffic appeared to be flowing, except for some of the most important traffic.  The following was what was observed:
    1.  Any traffic using the dynamic NAT (ie...a machine with IP x.x.x.200 or y.y.y.20) would connect to the internet perfectly and work fine using the "new interface ip".
    2.  Any traffic in the "new range" using a one to one nat worked perfectly (ie y.y.y.140).  Internet would work etc and nat translation would properly occur and everything could connect fine as expected.
    3.  ICMP packets to "old ip range" flowed perfectly fine to one to one nat IP (ie I could ping x.x.x.20 from outside) and likelise I could ping anywhere on the internet from a machine with a static natted ip.
    4.  Heres the butt...no traffic other than ICMP would reach these machines with static ips.  Same range, same subnet as ones using the dynamic port translation that worked perfectly.  Do not understand why this was / is the case and this is what I am seeking a solution to.  I have attempted the following troubleshooting steps without success:
    A. Confirmed MTU size was not an issue with the GRE tunnel.  2 methods, one plugging to edge router and using the "outsideold" ip space works perfectly and 2 if I assign outsideold ip space to "outside" interface, everything nats fine.
    B. Ran packet-tracer, all results show "allow" as if I should be seeing the packets.
    C. Confirmed local windows machine firewall was off and not blocking anything.
    D. Reviewed logs and observed SYN timeouts and TCP teardowns as if the firewall is not getting a response and this is where I am stumped.  There is no path around the firewall so asymmetric routing should not be an issue and if that was the problem it should not work when the "outsideold" ip space is assigned and natted from the "outside" interface, but it does.  Packet-tracer shows proper nat translations occurring and there is definitely proper routing along the path for stuff to return to the network or ICMP would not work (IE I can ping www.google.com but not open the web page).
    So what simple piece of the nat configuration am I overlooking because I cannot possible wrap my head around it being anything else.
    Any suggestions / lessons would be greatly appreciated.

    is this still a problem?

  • Create Snapshot for Multiple Images

    How would you like the feature to work?:
    To have the ability to select more than one photo and create a snapshot that would apply to all selected images.
    Why is this feature important to you?:
    When using Sync.. to synchronize work such as spot removal on several similar images (such as bracketed exposures), it would be a great time saver to be able to select these several images and create the snapshot to apply to all of them at once... For example, this would be a benefit when removing dust spots. It would just save time.

    Hello Bud,
    See below In answer to your question for clarification of my new feature request in September or 2009.
    The dynamic implementation of Lightroom has its upside and its downside. Its upside is that through the ability to reset edits and virtual copies, and create snapshots of edited images it is not necessary to do multiple saves to recover different editing effects. The downside is that if snapshots are not created before new edits are made on photos or photo sets it is time consuming and sometimes difficult recreate an exact set of previous edits.
    I am a travel and event photographer. I normally edit large final sets (50 to 200 images) out of a shoot that may have thousands of images. Normally I do not do a final snapshot of each image until the entire set is edited. This is because on final review of the set I will frequently tweek individual images to bring them into balance with the set. When I am done with the full set I must return to each image and creat a snapshot that I title "Final Edit dd/mm/yyyy" Then if I return in the future and intentionally or unintentionally make a change to one of the images I do not lose the set edits.
    It is time consuming to go back through the full set and make a snapshot of each image in the set and sometimes I forget or simply run out of time and never get back. For this reason It would be very valuable to select the entire set and click on snapshot, create the snapshot name indicated above or some creative set ID and automatically create a snapshot preserving the individual edits of each of the selected images with the same snapshot name.
    Another benefit of this feature is that if the images in a set Included images from multiple directories and were not in a collection  they could all be located by their snapshot name.
    I believe that if this feature was implemented it would be used by many if not all professional photographers that use Lightroom to do the majority of their editing.
    Jim

  • Creating Help for multiple modules, multiple versions and multiple locales

    I need to put together a new help solution for a suite of applications. The problem I have is working out how to manage and publish the content. Would someone be able to offer any advice?
    The software has:
    Multiple modules
    Head office and site versions
    UK and US locales
    Multiple software versions to be supported
    Previously I used WinHelp, regenerating the project 6 times per software version to provide all possible permutations.
    I’d like to create a single hosted help solution with a simple home/landing page that allows users to enter a natural search term – the results provided would be drawn from the database or collection of available help topics and ranked for relevance to application/version/locale etc.
    Obviously the right help must be displayed, and I don’t want every topic to be prefixed with: [uk | head office | Module name | v3.5].
    I have RH9 (for html and word), but would upgrade if I needed to.
    I have looked into using Webhelp, Airhelp and even Wordpress but still haven’t worked out the best way to do this. I understand that this is not a normal posting, but if anyone can point me towards any information that may help me I’d very much appreciate it.

    I think build expressions are what I am looking for, but if I need to create a new conditional build tag for every variation (Locale/Installation/Version) it will be become rather unwieldy and since new software versions are released almost quarterly it will soon become challenging to manage.
    OK, I am happy you picked up on that point. It will be challenging.
    Sorry but your requirement is a complex output so too will be the solution.
    Also, can I apply a build tag to an entire topic to include or exclude it from a build for whole topics that are UK or US specific?
    Yes. Whole topics or content can be tagged. You can apply a topic tag to exclude it entirely from some categories and you can have content tags so that variants of the topic can be generated so that a topic could be excluded from US but for UK it could then vary according to version, for example.
    From an authoring perspective I want to create a single help file, but I can’t have users scrolling through hundreds of possible help permutations to find the one they are looking for. Creating one help file will simplify the hosting of the webhelp too.
    You cannot have sub categories so you would create a category for each permutation. I don't think that would amount to hundreds though.
    Another approach would be similar tagging but using multiple layouts. With categories, your output would have a folder for each category and when a user selects what they want, the system goes to the chosen folder. If you created multiple layouts, you would have much the same folders but each one would be a standalone help system. It would be for your developers to install the right help for each user. Not as difficult as it might sound. For a start, the versions would be simple to hook up.
    A lot of places stop updating help once either a new version is released or goes out of support.
    The best advice I can give is cut down the permutations as much as you can.
    See www.grainge.org for RoboHelp and Authoring tips
    @petergrainge

  • Creating process for multiple Date fields for update or insert in APEX

    hello there,
    could someone please help me?
    i have a form on Apex based on view that is based on three tables and updating and inserting ok using trigger instead of.
    i have a problem now as in my form i have around 75 fileds (items) incuding 30 or more date fields which could be populated or left blank or update later.
    so for each date field i have two boxs; one for date, input as dd/mm/yyyy (text field) and second for time, input as 23:45. All dates will be insert or update manually by user. so as i mentioned not all date fields could be poulated at one stage.
    so i have created some process and validations and all of them work fine but i came accross if date left blank then (:) giving me problem so i have done following further process for each date field. In real table all the date fields have data type date.
    declare
    v_my_var date; -- for first date field
    str_dy VARCHAR2(10);
    dt_indx date;
    str_tm VARCHAR2(20);
    tm_indx date;
    begin
    str_dy := :p4_first_date
    str_tm := str_dy||' '||substr(:p8_first_date_hh,1,2)||':'||substr(:p8_first_date_HH,4,2);
    dt_indx := to_date(str_tm,'DD/MM/YYYY HH24:MI');
    IF str_dy is not null then
    v_my_var :=dt_indx;
    ELSE
    v_my_var := NULL;
    END IF;
    update table 1 set my_date = v_my_var where d_id= :p4_d_id;
    end;
    above code work fine but one date field of course therefore i have to do same code for each date field with changes and initialise variable again and again for each field.
    so i like to ask is there any easy way that is more professional. i was thinking about the procedure and using collection or similar but honestly not much experience on that so could some one please help me?
    I will be very thankful.
    KRgds

    Hi,
    You can do the needful by re-using the code if you can give the item names as P8_DATE1, P8_DATE_hh1, P8_DATE2, P8_DATEhh2 etc..So your item name just differs by a sequence.
    Now you write function which will return desired date value taking above items as input. Pass item names to this function, get session state using APEX_UTIL.GET_SESSION_STATE('item_name') API.
    Now modify you code as
    FOR i IN 1..30
    LOOP
    v_date_array[i] = f_get_date('P8_DATE'||i, 'P8_DATEhh'||i);
    END LOOP;
    ....Now you have all date valus in array. Just write one update as follows
    UPDATE  TABLE1
    SET date1 = my_date_array[1], date2 = my_date_array[2]..
    WHERE ....Hope it helps :)
    Cheers,
    Hari

  • How to create template for multiple users and proper variables for DesktopDNA

    Here's the scenario:
    25 WXPSP2 laptops with only ZENworks Desktop Management agent installed.
    Laptops have at least 4 user profiles each. All laptops have same
    configuration. I want to create just one image for all laptops and am
    using personality migration to handle the different user profiles on each
    laptop.
    We are using ZENworks 7 on a NetWare server.
    Using the DNA Template Editor, I create a template by selecting All local
    user profiles on source machine, selecting User Accounts Settings under
    System, and name the template DNAusers.dtf.
    I then create an application object, CollectDNA, to collect the
    personality following the instructions in guide. I associate CollectDNA
    with a workstation and select Force Run and App Launcher. This is the
    parameter setting: (There is no VOL1 on this server)
    /D \\Server1\SYS\ddna\data\%CN%\X-REMOTE1 /T \\Server1
    \SYS\ddna\templates\DNAusers.dtf /X
    I go to X-REMOTE1 laptop and login as an administrator but nothing
    happens. I then click on Application Explorer and double-click on
    CollectDNA object and get: could not launch CollectDNA. The network
    path was not found. Checking My Network Places, I see no NetWare
    Services listed. And, although the ZENworks Desktop Management Agent
    policy says to display the ZENworks authentication dialog, the login
    screen never appears.
    Any suggestions?

    OK so I changed %CN% to "Admin" in the application object and restarted
    laptop and logged in as Admin in the ZENworks Desktop Management
    authentication screen. Nothing happened until I clicked on the
    application windows and then it tried to launch CollectDNA but then I get
    the Application Launcher status: the network path was not found.
    I saw an earlier response you gave to someone else who had the same
    message and did the same but still get this error message.
    Do you see anything else that I'm doing incorrectly?
    > On Mon, 17 Jul 2006 22:59:30 GMT, [email protected] wrote:
    >
    > > /D \\Server1\SYS\ddna\data\%CN%\X-REMOTE1
    >
    > if you do a force run with wks associatione (perhaps even selected)
    secure
    > system the %CN% can not be resolved..
    > --
    >
    >
    > Marcus Breiden
    >
    > If you are asked to email me information please change -- to - in my e-
    mail
    > address.
    > The content of this mail is my private and personal opinion.
    > http://www.edu-magic.net

  • LRT224 Support for multiple subnets

    I am considering purchasing an LRT224, but need help with one thing.
    The network I manage has about 200 devices currently, with mixed brands and types of switches, access points, etc, scattered about. It is a small school that has had many different people running IT at it, some not so good, others better. Now I manage it.
    We would like to add more devices, but currently we are limited to 254 devices. In the LRT224 manual, it -looks- like you can manually specify the subnet mask, and DHCP server range. For example, could I change the subnet mask to 255.255.252.0, or a /22 subnet, and then specify the DHCP range to be, for example only, 192.168.1.2 through 192.168.4.254, for 1024 total addresses? I want to do this without using VLANs, because I'm unsure if any of out switches support VLAN tagging, and I have zero experience with VLANs.
    Please let me know, thanks!
    Solved!
    Go to Solution.

    For site-to-site IPsec VPN tunnels, LRT224 supports subnet masks larger than 255.255.255.0. However the local subnets on the LAN side of LRT224 are limited to a class C subnet per VLAN.

Maybe you are looking for