Crypto map has incomplete entries message
I'm working on building a configuration on a 5540 running 9.1.2 for L2L VPN. When I reload the device, I get this message:
.WARNING: crypto map has incomplete entries
*** Output from config line 10665, "crypto map L2LVPN interf..."
I seems it's giving me the error on the line where the crypto map is assigned to the outside interface. Unfortunately this message really is not very helpful. I do not have this in production yet. Is there any way I can find out where my problem may be?
Thanks.
Jason
Hi,
This usually indicates that one L2L VPN connection Crypto Map configuration is missing some essential parameter to make it complete.
So issue the command
show run crypto map
Then make sure that the following lines exists
crypto map match address
crypto map set peer
crypto map set ikev1 transform-set
If any of the 3 things mentioned above are missing then the crypto map configuration is deemed incomplete and doesnt have the information needed for that L2L VPN to function.
Atleast this is what it seems to me.
Hope it helps
- Jouni
Similar Messages
-
[ERR]crypto map WARNING: This crypto map is incomplete
i have PIX 501 ver6.3(5) when i setup VPN i get this error message
WARNING:This crypto map is incomplete to remedy the situation add a peer and a valid access-list to this crypto map.
although it seems fine in sh conf command
but tunnel is not started
when i review log i found
sa_request,ISAKMP Phase 1 exchange startedi could successfully establish VPN with another FW cisco 501 6.3
but still can't fix my dilemma which i connect to Huawei Eudemon 500â
sh isakmp
PIX Version 6.3(5)â
interface ethernet0 10full
interface ethernet1 100full
nameif ethernet0 outside security0â
nameif ethernet1 inside security100 â
access-list inside_outbound_nat0_acl permit ip host internal IP host name remote internal IP1â
access-list inside_outbound_nat0_acl permit ip host internal IP host name remote internal IP2â
access-list outside_cryptomap_100 permit ip host internal IP host remote internal IP1â
access-list outside_cryptomap_100 permit ip host internal IP host remote internal IP2 â
global (outside) 1 interfaceâ
nat (inside) 0 access-list inside_outbound_nat0_acl
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac â
crypto ipsec security-association lifetime seconds 3600â
crypto map outside_map 100 ipsec-isakmp
crypto map outside_map 100 match address outside_cryptomap_100â
crypto map outside_map 100 set peer remote peer
crypto map outside_map 100 set transform-set ESP-3DES-SHA
crypto map outside_map 100 set security-association lifetime seconds 3600 kilobytes 1843200â
crypto map outside_map interface outside
isakmp enable outside
â â
isakmp key ******** address remote peer netmask 255.255.255.255 no-xauth no-config-mode â
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash shaâ
isakmp policy 20 group 2â
isakmp policy 20 lifetime 86400â
sh crypto map
Crypto Map: "outside_map" interfaces: { outside }â
Crypto Map "outside_map" 100 ipsec-isakmp
Peer = remote peer
access-list outside_cryptomap_100; 2 elementsâ
access-list outside_cryptomap_100 line 1 permit ip host 10.102.0.11 host remote internal IP1 ââ(hitcnt=14) â
access-list outside_cryptomap_100 line 2 permit ip host 10.102.0.11 host remote internal IP2 ââ(hitcnt=6) â
Current peer: remote peer
Security association lifetime: 1843200 kilobytes/3600 secondsâ
PFS (Y/N): N
Transform sets={ ESP-3DES-SHA, }â
Crypto Map: "set" interfaces: { }â -
WARNING: This crypto map is incomplete
Hi ,
i have ASA with 4 l2l vpn configured. as now am trying to configure new VPN tunnel; while configuring of crypto map set match add its giving me
error like ... WARNING: This crypto map is incomplete
as i have read all the discussion from forms its not effecting ; request you to please help
Thanks
GajendraHi,
This is a normal message and just tells you that you have not yet entered all the "crypto map" commands related to this new connection to make the configuration complete
You will essentially have to make sure that you have ATLEAST the following lines configured
crypto map match address
crypto map set peer
crypto map set ikev1 transform-set
The "transform-set" part might NOT need the "ikev1" depending on your ASAs software level.
- Jouni -
Converting crypto map to unnumbered VTI
I'm trying to convert a crypto map VPN to a ip unnumbered VTI. The crypto map has been working for months. The VTI... no so much. Here are the applicable config entries.
### original config
crypto isakmp policy 30
encr 3des
authentication pre-share
group 2
crypto isakmp key xxxxxxxx address 10.1.1.10
crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
crypto map CRYPTO 50 ipsec-isakmp
set peer 10.1.1.10
set transform-set 3DES-SHA
set pfs group2
match address VPN1
ip access-list extended VPN1
permit ip host 172.16.16.10 host 10.5.5.1
permit ip host 172.16.16.10 host 10.5.5.4
I only removed the crypto map and added the following.
### New Config
crypto ipsec profile V1
set security-association lifetime seconds 28800
set transform-set 3DES-SHA
set pfs group2
interface Tunnel0
ip unnumbered FastEthernet0/0
ip nat outside
ip virtual-reassembly
tunnel source 172.16.8.1
tunnel destination 10.1.1.10
tunnel mode ipsec ipv4
tunnel protection ipsec profile V1
I keep getting this ISAKMP error now.
ISAKMP:(0:54:HW:2):deleting SA reason "Recevied fatal informational" state (I) QM_IDLE (peer 10.1.1.10)
Any help would be greatly appreciated. Also... I have no idea what is running on the other end (it's a partner network), but I suspect it's a crypto map on IOS.
Thank you!Access-lists, FW (ZBF, CBAC) and all other features work on SVTI same way they would work on a physical or other logical interfaces (with very few exceptions).
-
Crypto map entry is incomplete
Hi
This is my config below. The error i am recieving is crypto map entry is incomplete. Can someone please take a look and let me know. Thank you
ASA(config)# crypto map outside_map 1 match address outside_1_cryptomap
WARNING: The crypto map entry is incomplete!
ASA(config)# show run
: Saved
ASA Version 8.4(4)1
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.10.10.2 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
ftp mode passive
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network net-local
subnet 10.10.10.20 255.255.255.0
object network net-remote
subnet 10.10.3.0 255.255.255.0
access-list outside_1_cryptomap extended permit ip 10.10.10.20 255.255.255.0 10.
10.3.0 255.255.255.0
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (any,any) source static net-local net-local destination static net-remote ne
t-remote
object network obj_any
nat (inside,outside) dynamic interface
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs group1
crypto map outside_map 1 set peer 96.145.68.82
crypto map outside_map interface outside
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
dhcpd auto_config outside
dhcpd address 10.10.10.22-10.10.10.231 inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
tunnel-group 81.141.29.69 type ipsec-l2l
tunnel-group 81.141.29.69 ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:c2b7cdae5eb0961d822f634f2b36d3dc
: end
ASA(config)#Hi,
You lack a "transform-set" configuration from the "crypto map" line.
For example
Create the IKEv1 Transform set
crypto ipsec ikev1 transform-set AES esp-aes esp-sha-hmac
and
Use it in the VPN configuration
crypto map outside_map 1 set ikev1 transform-set AES
The values ofcourse depend on the your own preference
Hope this helps
- Jouni -
I have PIX 515 and trying to add a gateway to gateway VPN tunnel with dynamic IP. I already have two other VPN tunnels configured with static IP. I enter the access-list 110 than the crypto map mymap 20 ipsec-isakmp no problem. than the crypto map mymap 20 match address 101 I get error message Crypto map incomplete. Why am I getting this error and how do I get around it. Thanks.
Yes I have an Incomplete.
crypto ipsec transform-set tr-set esp-des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set tr-set
crypto dynamic-map dynmap 15 set transform-set tr-set
crypto dynamic-map dynmap 15 set security-association lifetime seconds 3600 kilo
bytes 4608000
crypto map mymap 10 ipsec-isakmp
crypto map mymap 10 match address 101
crypto map mymap 10 set peer 70.106.123.11
crypto map mymap 10 set transform-set tr-set
crypto map mymap 15 ipsec-isakmp
crypto map mymap 15 match address 105
crypto map mymap 15 set peer 67.100.146.217
crypto map mymap 15 set transform-set tr-set
crypto map mymap 20 ipsec-isakmp
! Incomplete
crypto map mymap 6335 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside -
"Message number: FI311: Any commitment item has been entried in the positio
Hello,
when I try to post a customer invoice with fb70 tx , and I have created a derivation rule : cost center-->fund center, and also the G/L account that I am using in the posting has a commmitment item assigned , but the system shows the next error:
"Message number: FI311: Any commitment item has been entried in the position 00001 1000(Cocd)
6001000200(G/L account).
But in the tx Fb01, the system run correctly and make the derivation
Which is the problem , some note to implement ?
Best Regards
OlgaHi,
When you post a document, all lines have to receive FM assignment. I believe, you are receiving this message on the line of the customer. Go to FMDERIVE, activate a trace and you will see if you have rules missing to derive FM object.
Regards,
Eli -
my itunes on my laptop (not a mac) has an error message that reads "the procedure entry point_objc_load_image could not be located in the dynamic link library.objc.dll" then another window will come up telling to to uninstall the apple mobile and itunes and reinstall them? will this delete everythin in the itunes account? please help
This might help https://discussions.apple.com/thread/5821701
-
Rejecting IPSec tunnel: no matching crypto map entry for remote proxy
Hi!
I have already search for this but didn't get an exact answer I'm looking for so I try asking it again (if there is the same question).
I'm in process of migrating some VPN tunnels with from a Cisco router to an ASA, everything will keep the same but just the peering IP address. However, some of the tunnel was being torn down since it request for a proxy doesn't match the one configured on our side. And the remote peer said there is no such issue on the previous platform, but now they need to reset the tunnel from time to time.
Apr 18 2013 07:29:10 asa002 : %ASA-3-713061: Group = 192.168.1.226, IP = 192.168.1.226, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 192.168.1.226/255.255.255.255/0/0 local proxy 10.10.9.81/255.255.255.255/0/0 on interface outside
Apr 18 2013 07:29:10 asa002 : %ASA-3-713902: Group = 192.168.1.226, IP = 192.168.1.226, QM FSM error (P2 struct &0x745e9150, mess id 0x8d7ad777)!
Apr 18 2013 07:29:10 asa002 : %ASA-3-713902: Group = 192.168.1.226, IP = 192.168.1.226, Removing peer from correlator table failed, no match!
The remote peer said they did not change the proxy id on their side so it is possibly the old platform will just not setting up the SA without torn down the tunnel while the ASA on the new platform will torn down if there is any mismatch.
Anyway I have requested the remote side to remove those unmatched entried to avoid the tunnel being torn down, but if there any configuration that is related to this issue? i.e. Just bring up the SA with matched addresses and ignore others, instead of torn down the tunnel.
Thanks!!
//CodyAre you trying to send traffic destined towards the internet from 172.16.0.0/20 via this ASA as well? why? are you inspecting those traffic before being sent out to the internet?
If so, this end also needs to be configured with "any" as well --> crypto ACL needs to mirror image.
access-list outside_1_cryptomap extended permit ip any 172.16.0.0 255.255.240.0
Then you also need NAT on the outside interface, otherwise, traffic from 172.16.0.0/20 is not PATed to a public IP, and won't be able to reach the internet:
nat (outside) 1 172.16.0.0 255.255.240.0 -
Hi,
I have read a problem where the VPN between an ISP and ourselves started dropping sessions. I have rebuilt the crypto map and tried to dig deeper into my config and some basic troubleshooting while I await the ISP to respond.
Any ideas?
Thanks Steve
https://supportforums.cisco.com/thread/255085
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#solution10
5 Jun 13 15:46:25 713904 IP = 209.183.xxx.xxx, Received encrypted packet with no matching SA, dropping
4 Jun 13 15:46:25 113019 Group = 209.183.xxx.xxx, Username = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Session disconnected. Session Type: IKE, Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: crypto map policy not found
3 Jun 13 15:46:25 713902 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Removing peer from correlator table failed, no match!
3 Jun 13 15:46:25 713902 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, QM FSM error (P2 struct &0xda90f540, mess id 0x76c09eb7)!
3 Jun 13 15:46:25 713061 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 172.16.0.0/255.255.240.0/0/0 local proxy 0.0.0.0/0.0.0.0/0/0 on interface outside
5 Jun 13 15:46:25 713119 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, PHASE 1 COMPLETED
6 Jun 13 15:46:25 113009 AAA retrieved default group policy (DfltGrpPolicy) for user = 209.183.xxx.xxx
6 Jun 13 15:46:25 713172 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT deviceAre you trying to send traffic destined towards the internet from 172.16.0.0/20 via this ASA as well? why? are you inspecting those traffic before being sent out to the internet?
If so, this end also needs to be configured with "any" as well --> crypto ACL needs to mirror image.
access-list outside_1_cryptomap extended permit ip any 172.16.0.0 255.255.240.0
Then you also need NAT on the outside interface, otherwise, traffic from 172.16.0.0/20 is not PATed to a public IP, and won't be able to reach the internet:
nat (outside) 1 172.16.0.0 255.255.240.0 -
Multiple Crypto Maps on Single Outside Interface
Hi, I had the following crypto map configured on my ASA5505 to allow Cisco IPSec VPN clients to connect from the outside:
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
I'm trying now to set up an additional crypto map - a static configuration to establish a tunnel with Windows Azure services. The configuration they gave me is:
crypto map azure-crypto-map 10 match address azure-vpn-acl
crypto map azure-crypto-map 10 set peer XXX.XXX.XXX.XXX (obfuscated)
crypto map azure-crypto-map 10 set transform-set azure-ipsec-proposal-set
crypto map azure-crypto-map interface outside
However, when I apply that configuration, my Cisco IPSec clients can no longer connect. I believe my problem is that last line:
crypto map azure-crypto-map interface outside
which blows away my original line:
crypto map outside_map interface outside
It seems I'm stuck with picking just one of the maps to apply to the outside interface. Is there a way to apply both of these maps to the outside interface to allow both IPSec tunnels to be created? We're running ASA version 8.4(7)3.Hi,
You can use the same "crypto map"
Just add
crypto map outside_map 10 match address azure-vpn-acl
crypto map outside_map 10 set peer XXX.XXX.XXX.XXX (obfuscated)
crypto map outside_map 10 set transform-set azure-ipsec-proposal-set
Your dynamic VPN Clients will continue to work just fine as their "crypto map" statements are with the lowest priority/order in the "crypto map" configurations (65535) and the L2L VPN is higher (10)
And what I mean with the above is that when a L2L VPN connections is formed from the remote end it will naturally match the L2L VPN configurations you have with "crypto map" configurations using the number "10". Then when a VPN Client connects it will naturally not match the number "10" specific configurations and will move to the next entry and will match it (65535)
If you would happen to configure a new L2L VPN connection then you could give it the number "11" for example and everything would still be fine.
Hope this helps
- Jouni -
An error has occurred. Message on launch of FB4.5
I own a license for FB 4 Standard and I own CS5 Production Premium. I did an upgrade to Web Premium 5.5 to get FB 4.5 Premium. I'm on a Mac Intel i7 with 10.6.7.
I'm able to install all the software, but when I launch FB 4.5 I get "An error has occurred." message. The message says to "See the log file ... path to log" but I'm not sure what I'm looking for or how to fix it. The last section of output in the .log file says:
!ENTRY org.eclipse.osgi 4 0 2011-05-29 08:36:20.840
!MESSAGE Application error
!STACK 1
org.osgi.service.application.ApplicationException: No application id has been found.
at org.eclipse.equinox.internal.app.EclipseAppContainer.startDefaultApp(EclipseAppContainer. java:262)
at org.eclipse.equinox.internal.app.MainApplicationLauncher.run(MainApplicationLauncher.java :29)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLau ncher.java:110)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.jav a:79)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:369)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:619)
at org.eclipse.equinox.launcher.Main.basicRun(Main.java:574)
at org.eclipse.equinox.launcher.Main.run(Main.java:1407)
I tried uninstalling the FB 4.5 that I did with the CS5.5 Installer and reinstalling it, but the same thing happens. My next plan was to download the FB 4.5 trial and try entering my serial number.
Any advice or guidance would be appreciated. Thanks!
DaveSo I tried the trial version but my serial number didn't work I guess because it's for a CS5.5 Web Premium product. I also tried uninstalling my current version of FB4 Standard, uninstalling CS5.5 and starting from scratch without any copies of FlashBuilder in my Applications folder and that didn't work, same error log message. I ended up reinstalling my original copy of FB4 Standard so I could continue working.
The odd thing is when I went to my MacBook Pro and uninstalled the copy of FB4 Standard I have on there and installed the CS5.5 FlashBuilder 4.5 Premium it works and started up fine. So I'm guessing there's something specific about my iMac setup that's preventing launch.
I was looking at my FB installation details, don't know if this matters but I'm running the standalone version:
Adobe Flash Builder Localized Standalone Feature 4.0.1.277662 com.adobe.flexbuilder.feature.standalone.nl1.feature.group
eclipse.application=com.adobe.flexbuilder.standalone.FlexBuilderApplication
Unfortunately it's the weekend (holiday in US too). I like the weekend for trying to get these things setup but I'm on my own and feel I'm out of luck until the work week starts.
If anyone from Adobe is reading this with a beer in one hand and hotdog in the other (or burger or veggie burger or bbq chicken leg) on a hot memorial day and have an idea on how to fix this I'd really appreciate your advice. Thanks! -
Multiple mapping steps in the message monitor
All,
I have an interface that has several different mapping steps for the one interface (first one is a java mapping, and then the second an XSLT) and XI only shows one mapping step in the message monitor (which encompasses all of the mapping steps). The payload before is the payload before any of the mapping steps, and the payload after is the payload after all the mapping steps.
I would like to be able to see the payload at each separate mapping stage. This would make it a lot easier when debugging problems in the later stages of the mappings. Does anyone know if this is possible?
Regards,
JasonHi Jason,
Even I have tried to see the results of multiple mappings in SXMB_MONI. But I couldnt find a way till now.
I believe there is no way to see the results of multiple mappings. The only possible way is to test your mapping locally in IR.
Regards,
Divija. -
Overflow Map has received an inexplicable event from the front map
Hello, I am posting this to ask if someone can shed additional light on this error. Is it due to incorrect usage of the SafeNamedCache or an internal error?
2006-12-07 20:33:59.190 Tangosol Coherence 3.1/339 <Warning> (thread=RMI TCP Connection(3)-127.0.0.2, member=1): Overflow Map has received an inexplicable event from the front map; such an event should not have been possible to occur. The Overflow Map will arbitrarily interpret the event in order to maintain its own internal consistency. The likely origin of the event is direct modification of the front and/or back maps managed by the Overflow Map, a MapListener making re-entrant modifications to its source map, or an ObservableMap implementation that reacts to the Map API in a manner inconsistent with the specification (e.g. actively modifying its contents in a manner that differs from the sequence of API calls made against it). This Overflow Map instance will not repeat this warning, and will attempt to silently compensate for subsequent similar event irregularities.
Event: MapEvent{ObservableHashMap added: key=CalypsoCache|22845412, value=Lease: CalypsoCache|22845412 (Cache=TangosolLock._locks, Size=Unknown, Version=0/0, IssuerId=0, HolderId=0, Status=LEASE_UNISSUED, Last locked at Wed Dec 31 16:00:00 PST 1969)}
Stack trace follows:
at com.tangosol.net.cache.OverflowMap.warnUnfathomable(OverflowMap.java:2947)
at com.tangosol.net.cache.OverflowMap.putInternal(OverflowMap.java:1001)
at com.tangosol.net.cache.OverflowMap.put(OverflowMap.java:360)
at com.tangosol.coherence.component.util.CacheHandler.ensureLease(CacheHandler.CDB:15)
at com.tangosol.coherence.component.util.daemon.queueProcessor.service.ReplicatedCache.lockResource(ReplicatedCache.CDB:29)
at com.tangosol.coherence.component.util.CacheHandler.lock(CacheHandler.CDB:3)
at com.tangosol.coherence.component.util.SafeNamedCache.lock(SafeNamedCache.CDB:1)
at com.calypso.tk.lock.TangosolLock.acquire(TangosolLock.java:24)
at com.calypso.tk.lock.DistributedReentrantLock.acquire(DistributedReentrantLock.java:50)
at com.calypso.tk.util.cache.CalypsoCache.lock(CalypsoCache.java:1772)
at com.calypso.tk.util.cache.CalypsoCache.getImpl(CalypsoCache.java:1325)
at com.calypso.tk.util.cache.CalypsoCache.peekImpl(CalypsoCache.java:1320)
at com.calypso.tk.util.cache.CalypsoCache.peek(CalypsoCache.java:244)
at com.calypso.tk.util.cache.CalypsoCache.put(CalypsoCache.java:314)
at com.calypso.tk.core.sql.BookSQL.putInCache(BookSQL.java:314)
at com.calypso.tk.core.sql.BookSQL.loadAll(BookSQL.java:1494)
at com.calypso.tk.core.sql.BookSQL.loadAll(BookSQL.java:1158)
at com.calypso.tk.core.sql.BookSQL.load(BookSQL.java:1186)
at com.calypso.tk.core.sql.BookSQL.getBook(BookSQL.java:545)
at com.calypso.tk.core.sql.BookSQL.get(BookSQL.java:237)
at com.calypso.tk.refdata.sql.UserDefaultsSQL$UserDefaultsLoader.buildObjectFromResultSet(UserDefaultsSQL.java:307)
at com.calypso.tk.core.sql.SQLObjectPersistor.executeSQL(SQLObjectPersistor.java:399)It is quite strange, of course, to have confusion with which config is being used, which is why there is now a log message telling you which config was loaded. I think that the log message was introduced in version 3.1 or 3.2.
The other thing that I do (at least when testing something) is specify the config on the command line, e.g.
java -server -Xms128m -Xmx128m -Dtangosol.coherence.cacheconfig=C:\java\dev\test-cache-config.xml -cp coherence.jar;tangosol.jar;...
BTW, I have downloaded 3.2.1 and will be using that for my tests. So presumably the warning/error will no longer occur? That is our expectation, since it would be a bug (unless you were doing one of the weird things mentioned in the message).
Keep in mind that even with the message, the Overflow Map keeps going; it is just a warning (albeit a complicated sounding one) that indicates that some internal state (or event stream or lack thereof) is not what was expected as the result of one or more actions.
I apologize for the inconvenience, and thank you for taking your time to clarify it. We do work hard to avoid this type of issue (or any related confusion), and we have continued to increase our unit and regression test coverage with each release, including with respect to this issue. With that in mind, please do not hesitate to contact us (on this forum if you would like) with suggestions and other feedback; we do want to be aware of the things that our customers are looking for and would like to see improved.
Peace,
Cameron Purdy
Tangosol Coherence: The Java Data Grid -
Lower limit can only be changed during initial entry, Message no. NR651
Hi Experts,
As per the number ranges limit values defined in the system for the planned orders, there is a need to increase the number ranges.
System is not allowing us to change the limit values of the Planned orders in MD91 and showing the Message no. NR651.
We have also searched for the available threads in SCN and other sites, but didn't find the root cuase link for this error.
System message:
Lower limit can only be changed during initial entry
Message no. NR651
Diagnosis
You have tried to change the lower limit of an interval which has a non-initial number status.
System Response
The change was not executed.
Please guide us how can we increase the number ranges for planned orders.
Thanks in advance.Hi,
You can create a new number range or change in transaction OMi2 or in MD91.
Assign the 02 by clicking number range in OMi2
or in transaction OPPQ click on number range & select the 02.
Do the changes as described and analyse the results. Ensure that while testing no body is creating the planned orders.
Regards,
Narresh
Maybe you are looking for
-
How do I configure the Airport utility to allow more than one rule per port?
How do I configure the Airport Utility (AU) to allow more than one rule per port? I am on a home network, with broadband cable modem. I have my airport extreme connected to the broadband modem. I have 2 servers in my home that need to be accessed r
-
Unable to Stream Video on Demand files from NAS on latest version of AMS 5.0.3
Hi, I was hoping that someone could assist me. Our organisation has recently purchased Adobe Media Server Standard to deploy to two Windows 2008 R2 servers (core edition) to stream flash content (video on demand only) which is resident on NAS storage
-
How to map a resource-ref in Jdev11 deployment plan editor
Hi all, I have a ADF/BC web application where the BC4J application module does connect to a JNDI data source. The ViewController project does declare the Datasource as needed resource in its web.xml: <resource-ref> <res-ref-name>jdbc/wlogDS</res-ref-
-
Locking multiple records in a database table at a time
Hi Experts, I have a requirement to lock multiple records in the database table for writing. I have created lock object in SE11. But with this we have only 2 possibilities either lock entire table or lock a single record at a time. My requireme
-
USB Hard Drive that Disk Utility says it can't unmount
I have a 93.2 Gb Hard Drive (from an old G4 PowerBook) inside an enclosure with USB connection. While trying to recover data from it using Data Rescue (on a G4 PowerBook), Data Rescue II hung. After restart, the USB Hard Drive can not be read at all.