CSA issue with firewall rule

Similar Messages

• Issues with update rule

  Hi All,
  I am having a problem with update rule
  My object
  A
  B
  C
  D(Seller phase) (complex table)
  Q1(Question)
  A1(Answer) (complex table)
  Q2(Question)
  A2(Answer) (complex table)
  Q3(Question)
  A3(Answer) (complex table)
  E(Collection object)
  D(seller Phase)
  Q(Question)
  A(Answer)
  My transaction during Add
  A
  B
  C
  D(Seller phase)(complex table)
  Q1(Question)
  A1(Answer)(complex table)
  Q2(Question)
  A2(Answer)(complex table)
  Q3(Question)
  A3(Answer)(complex table)
  E(Collection object)
  D(seller Phase)
  Q(Question)
  A(Answer)
  here is my requirement:
  During Activity create/Edit upon choosing seller phase i bring questions based on update rules of q1 q2 and q3 from complex table.
  Possible answers are also fetched from complex table based on selection of phase for each question. I have a update rules for answers to check the object collection(E) and determine if this phase exist or not, If exist previously selected Answers will bulled from collection for the corresponding question if not it has to empty.
  All rule are working with out any problem.
  Issue.
  During create or edit if some one chooses phase P1 and answers for the questions and with out saving if they change phase then answers which are been selected earlier still exist.
  This is happening in IPAD but not in ATE. I have checked the log for rules all the rules are returning values as expected.
  So i tried the below options to test
  1) with special value option in field level
  2) I created a dummy field with update rule with value test. On creation i have modified the dummy field value X then changed the phase the value is not getting updated as per update rule.
  Is it the real behavior of update rule? Is there any work around for this problem
  Regards,
  Gupta

  Gupta,
  So based on your comments above I have the workarounds I gave you.
  1) A button that refreshes "resets" to make the screen repaint (in essence a button that just re-navigates to the same screen will make all the system reset) if you just want one screen.
  2)Or the multiple screen approach. Let phase 1 be in one screen and the other questions and answers on others.
  Not sure if you can just do 1 screen with multi-tiles - If this is better approach where the phase selection is on 1 tile (top tile) and the questions and answers are on a different tile (bottom tile).
  The trick is to make the screen repaint. As long as you present to the customers a flawless flow you will be okay. The one that you don't want to happen is when your rules are buggy then it may be just a good idea to sell a more controlled flow that works than debugging what went down the wrong during UAT (User Acceptance Test).
  Regards,
  Mark

• Group Security Issue with Business Rules

  Hopefully you experts out there can follow this. We have about 200 users in our Planning application split into 3 categories (Admins, Interactive Users and Planners) via groups setup in Shared services. We also have an email group list setup in Outlook that has all 200 users in it that we use to send out emails to all users regarding the application. So in Shared Services we have the email group list as an assigned group in the Planners group. So as new people are added to the group list in email they are automatically included as a user in the Planning application. People that are Admins or Interactive Users are manually added to those groups in Shared Services. Everything seemed to be working fine until we tried blocking the Planners groups from running certain business rules in the application. We have clusters setup in Essbase to control access to the business rules. I went into the cluster and set the Planners group to cannot validate or launch on certain rules but found that I now could not run the business rules either even though I am an Admin and the Admin group has vaildate and launch privledges in the cluster. I believe the issue has to do with the fact that I am by default in the Planners group because I am in the email group list which is assigned to the Planners group in Shared Services. Other than setting up and managing 3 seperate email group lists and assigning them individually in Shared Services, does anyone know how I can manage business rules security using the 3 groups i have setup? I hope this makes sense. If not I can provide more detail. Thanks.

  Have you tried using Business Rules projects? Create a project for the admin Shared Services group and assign all rules to that group. Create a Planning project for planners and assign only rules that you want them to run. Any rule that planners should not have access to would be removed from the Planner business rules project, but still in the admin project for you to run.

• GATP - Issue with substitution rules with validity dates

  Hi,
  We are using GATP with RBA. Our condition table has plant as a field.
  We are planning to have a substitution procedure (rules) defined at plant level.
  Our rule control for product substitution list is "Start from top of list"
  The issue we are facing is explained below.
  The first item in the substitution procedure (rule) cannot have validity dates.
  So it will always be balnk. And validity dates can be maintained for other items in the procedure (rule).
  What happens in our scenario is when there is a requirement on an item in the substitution procedure (rule) which has  a validity date, the first item in the procedure (which can never have validity dates) is never considerd for substituions.
  If I remove the validity dates, then the first item in the procedure (rule) is considered for substitutions.
  We find this strange and against our business requirement. We want the first item in the procedure (rule) to be considered for substitution ireespective of the validity date for the requested product.
  It would be great if you could suggest a method to achieve this.
  Thanks & regards,
  Arvind.S

  Hi Mohan,
  Thanks for the response.
  We are using back order processing (BOP) for allocation.
  We observed that the first item was not getting considered for substitution in the BOP results and also in product view after the BOP run. No stock of that item was allocated for the order taken up in the BOP run.
  However, we tried rule evaluation also. It shows the first item also, but in actual allocation the issue exists.
  We are not using "start immediately" in check instructions.
  Thanks & regards,
  Ashok

• VRF issue with Firewall in transparent Mode.

  Hi Guys,
  I have 7609 Router and 6513 L3 Switch connected Through ASA 5545.
  I am running Multiple VRF between router and Switch and BGP routing Protocol. When they are connected directly to each other everything is normal, however, when I have connected them via ASA 5545 then everything fails. I am using ASA in transparent Mode.
  My question is: Do ASA require different setting in case of VRF? If yes, then please give me sample config.

  I have taken following output from Firewall will this be any help?
  sh interface ouTSIDE
  Interface GigabitEthernet0/1 "OUTSIDE", is up, line protocol is up
    Hardware is i82574L rev00, BW 1000 Mbps, DLY 10 usec
          Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps)
          Input flow control is unsupported, output flow control is off
          MAC address 7c69.f68f.df78, MTU 1500
          IP address 175.4.8.35, subnet mask 255.255.255.248
          8435 packets input, 680680 bytes, 0 no buffer
          Received 8135 broadcasts, 0 runts, 0 giants
          0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
          0 pause input, 0 resume input
          8138 L2 decode drops
          0 packets output, 0 bytes, 0 underruns
          0 pause output, 0 resume output
          0 output errors, 0 collisions, 1 interface resets
          0 late collisions, 0 deferred
          0 input reset drops, 0 output reset drops
          input queue (blocks free curr/low): hardware (476/461)
          output queue (blocks free curr/low): hardware (511/511)
    Traffic Statistics for "OUTSIDE":
          297 packets input, 118503 bytes
          0 packets output, 0 bytes
          297 packets dropped
        1 minute input rate 0 pkts/sec,  13 bytes/sec
        1 minute output rate 0 pkts/sec,  0 bytes/sec
        1 minute drop rate, 0 pkts/sec
        5 minute input rate 0 pkts/sec,  6 bytes/sec
        5 minute output rate 0 pkts/sec,  0 bytes/sec
        5 minute drop rate, 0 pkts/sec
  ciscoasa# show asp drop
  Frame drop:
    FP L2 rule drop (l2_acl)                                                   297
  ASA Version 9.0(1)
  firewall transparent
  ciscoasa# show module all
  Mod Card Type                                    Model              Serial No.
    0 ASA 5545-X with SW, 8 GE Data, 1 GE Mgmt     ASA5545           
  ips ASA 5545-X IPS Security Services Processor   ASA5545-IPS       
  Mod MAC Address Range                 Hw Version   Fw Version   Sw Version
    0 7c69.f68f.df77 to 7c69.f68f.df80  1.0          2.1(9)8      9.0(1)
  ips 7c69.f68f.df75 to 7c69.f68f.df75  N/A          N/A          7.1(4)E4
  Mod SSM Application Name           Status           SSM Application Version
  ips IPS                            Up               7.1(4)E4
  Mod Status             Data Plane Status     Compatibility
    0 Up Sys             Not Applicable
  ips Up                 Up
  Mod License Name   License Status  Time Remaining
  ips IPS Module     Enabled         perpetual
  ciscoasa#
  I have create Ehtertype ACL and permit any traffic.
  cdp traffic has passed through but I am still not able to ping :(

• Issue with load rule

  Hi - this is quite a basic issue but its driving me mad !
  I have a simple load rule which is loading records made of Accounts, Entities, a few other ignored columns and 13 periods of data, and I know that some of the accounts will get rejected. I believed that essbase would just handle this, report the rejected records in the .err file, and load the remainder of the records successfully.
  Thing is that one or 2 of the accounts are not quite reconciling to the input file - in fact essbase reports a HIGHER total than in the file. Yes, i am clearing all data before I start the load, but I am using "add to existing values" because the records in the load file are non-unique
  Any ideas ?
  Thanks
  M

  I'm guessing it is the ignored rows that are making certain accounts have multiple rows of data that are being added together to cause your problem. I've seen it multiple times. That is why I try to restrict columns to be only the ones I need and to sum the data before bringing it into the load rule (whenever possible) Where you able to sum the data with only the columns needed, you could do an overwrite of vaiues instead of an additive load. If you can't do that, then look at the ignored columns to figure out what causes the duplication of data nd reject those rows.

• An issue with mail rules

  I've set up a number of rules to deal with spam, and they all work fine except for one particular spam offender.
  Each time I set up a rule to move mail from this source into trash and it seems to work. The next day I've find another message from these people (some organisation that mails out deals from supermarkets et cetera) and the rule I set up has disappeared. I've no idea why this happens, and why it's only with messages from this particular address.
  I'd be really happy to hear from anyone who might have a solution to this.
  Thanks,
  Chidi

  I think I figured this out.
  Initially, one of my rules would include the action "Mark as read" and then "Move to Exchange Trash" (move to Exchange Deleted Items). In this case, it would move it but not mark it as read. Also, after creating the rule, when I viewed it the Delete action was listed before the Mark Read action.
  As others suggested in this thread:
  https://discussions.apple.com/message/11651385#11651385
  I created two rules. I did this by duplicating the existing rule. I modified the original rule to only mark as read and I modified the second rule to only delete it (and stop processing rules).
  In that thread, someone suggested separating the rules becuase of a possible timing issue. That did not work for me.
  I viewed the Rules plist (~/Library/Mail/V2/MailData/SyncedRules.plist). When I check the rule to mark as read, it still have the move to trash action. In the Mail rule preferences, I could not see the action, but it was still in the plist.
  The simple fix is this:
  1. Use two rules
  2. Make sure the Mark as Read rule is created from scratch
  3. Convert the old rule to only delete it (or move to Exchange Trash)
  4. Make sure the Mark as Read rule is above the delete rule

• An issue with Data rules

  Hi
  Im using 3 data rules viz., Is_number, is_foreign_key and Is_not_null.
  I have applied these rules to around 30 columns. When i deploy this mapping it is taking very long time to deploy as long as 48 hours. When i deploy the same mapping without the data rules its getting deployed in less than a minute.
  I tried to see the generated code it is around 18k lines of code.
  I donot know why it is taking such a long time to deploy. Im afraid what will happen if i test the mapping with data.
  Please suggest me on how to improve the performance.
  Regards
  Vibhuti

  Hi Venkat,
  If u do selective deletion for the month of August the data will get flushed from the active table only so from the next delta load the data will get updated from the change log table.
  First thing make sure what is the incorrrect data? And then create seperated infopackage and perfrom repair full request for the month of Aug only.Nothing to worry yours delta's wont get any affected.
  Your data is getting loaded from PSA and then to the Data targets?
  You know na how perform repair full request?
  Assign points if it helps.
  Urs,
  BI

• Issue with Update Rules

  Hi,
      I am working on IM  (Inventory Management), following the steps as in " How to Handle Inventory management Scenario In BW ". I installed all objects from Business Content that are required for IM like Infocube(0IC_C03) and three communication structures related to datasources 03_BX,  03_BF, 03_UM.
     I initailised the material stock using 2lis_03_BX and I compressed the request without marker update(uncheck the check box). I can see the data in infocube.
     When I am trying to load the material movements 2Lis_03_BF, my data is comming into Infocube, In the manage I can see 0 records are added.
     When I check the monitor and details, here I can see upto transfer rules data is coming but in update rules I cant see any data.
     I checked the routines in update rules they are satisfying the condition.
     Any help would be highly appreciated and rewarded.
  Regds
  Dave.

  Thank you all for your replies:
  <b>Narendra</b> - I will continue to debug start routine and update routines.
  <b>Teja</b> - Not all records have stock category 'V' or stock type 'V'. The start routine filters out some records, but the majority of the records are passing through the start routine. In the monitor 'Details' tab the message is Number of records changed from X to (X - Y), and then 0 records added to fact table.
  <b>Nagesh</b> - yes, all records have a process key assigned.
  Thanks in advance for any additional comments,
  Mark

• Issue with business rule. Failed because the fact have not been found .

  Hello
  I'm trying to execute a business rule inside my process to evaluate a service output. I've been created the rules and have used before succesfully. I got a desicion table which evaluate the entry params and in the actions I've made a new Assert to create and return an instance of en.abis.ns.biasxsd.BIASFaultDetail. Sometimes it works perfectly and in other moments fails.
  I got the following exception. I'm so sorry about the spanish but this is the language the server uses.
  <bpelFault><faultType>0</faultType><operationErroredFault xmlns="http://xmlns.oracle.com/brValidateQualityScore/brValidateQualityScore_brValidateQualityScore_DecisionService"><part name="payload"><errorInfo xmlns="http://xmlns.oracle.com/brValidateQualityScore/brValidateQualityScore_brValidateQualityScore_DecisionService"><errorMessage>Error al ejecutar una unidad de trabajo de sesión de reglas, no se ha encontrado el hecho. La sesión de reglas 510027 ha fallado porque no se ha encontrado el hecho ki.abis.ns.biasxsd.BIASFaultDetail o no existe. Compruebe la excepción subyacente y corrija el error. Póngase en contacto con los Servicios de Soporte Oracle si no se puede corregir el error. 510027</errorMessage></errorInfo></part></operationErroredFault></bpelFault>To avoid language problems the error in English is somethiong like this:
  Failed to perform a unit work  of session  rules, not found the fact. The rule session 210027  failed because the fact have not been found ki.abis.ns.biasxsd.BIASFaultDetail, or does not exits. Check the underlying exception and correct the error. Contact Oracle Support Services if you can not correct the error
  Regards,
  isabelbernely

  Have you check if this Variable exist?
  Regards
  Amarnath
  http://amarnath-essbase-blog.blogspot.com

• Issue with firewall

  The firewall doesn't seem to be working properly. When set to “Set access for specific services and applications” Any software that should get added to the list isn't doing so.
  So i added them manually and to test it out had Safari on "block incoming connection" but it is still able to connect.
  Is there something i'm doing wrong?

  MaR13,
  Welcome to the Forums! From what I take on it is if you open Safari then the firewall allows you to use it, what blocking inbound connections does is stop someone outside of your computer from starting Safari and navigating it to a hostile site. Same goes for other such apps.
  Some light reading:
  http://www.macworld.com/article/131116/2007/12/firewall.html
  http://www.macworld.com/article/132558/2008/03/connect2504.html
  Hope that helps,
  Weston

• Error importing composite with business rules into SVN

  Hello,
  When I import a composite with business rules into Tortoise SVN I get below error.
  Error: Commit blocked by pre-commit hook (exit code 1) with output:
  Error: Path
  Error: '/trunk/ProjectName_SCA/.rulesdesigner/jaxb_classes/com/ProjectName/package-info.class'
  Error: is restricted for commit by pattern '\.class$' for the current user.
  I could import other composites(w/o business rules)
  Thanks

  Further invesitgation bears this problem out.
  Oracle support recommend wrapping the SimpleType in a ComplexType. This does work, but now I have an extra wrapper element to deal with. I either have to use the wrapped type in my other complex, composed Types and/or add an external wrapping element when trying to create Business Services in BPM to call the BusinessRules I've created.
  This is a bit messy.
  To be clear, this does not seem to be an issue with Business Rules; the BR editor and generation of Facts (including simple restricted types -> JAXB 2.0/Java Enumerations) seems to work correctly. There seems to be an issue exposing DFs as Services. The code which generated the WSDL and its supporting types seems to choke on restricted SimpleTypes.
  As a side note, it seems that HumanTasks have a similar limitation
  Edited by: wylderbeast on May 31, 2011 3:27 PM

• RV320 Firewall rules, VLAN, and IP Aliasing

  I have purchased and RV320 to replace our SA520W Router.  I have 2 SBS servers that are on seperate VLANS.
  The RV 320 is set with WAN 1 IP of XX.XX.XX.43
  SBS1 has internal IP of XX.XX.16.2 on VLAN 1 port 1 on router
  SBS2 has internal IP of XX.XX.2.2 on VLAN 5 port 2 on router
  On the older SA520W I was able to setup an IP alias of XX.XX.XX.47 and XX.XX.XX.46 with firewall rules so 47 pointed to SBS1 and 46 pointed to SBS2 for their respective ports.
  How do I do that on the RV320 so I can have 2 IPs server from the isp than go through WAN1 to their respective VLANs?

  SBaalman1,
  The feature you are looking for is called One-to-One NAT on most of the Cisco SMB routers. You can find it under Setup.
  - Marty

• Problems with Firewall settings

  Hello,
  I'm having some odd issues with Firewall. Clicking on "Security", causes me to get the pinwheel. It eventually loads, but it's very slow. I also have issues when I turn on the Firewall, I allow connections for screen sharing, but Back to My Mac shows Orange and that it may have issues. I also have issues with DVD sharing when I have also allowed CD/DVD sharing in the options. Everything revolved around Security/Firewall. Is there anything I can do to diagnose these issues? I have a Time Capsule as my router.
  Thanks.
  I did look and Console and I do see this error sometimes when I click on the Security preferences tab:
  2/4/10 3:24:17 PM System Preferences[91476] Could not connect the action resetLocationWarningsSheetOk: to target of class AppleSecurity_Pref
  2/4/10 3:24:17 PM System Preferences[91476] Could not connect the action resetLocationWarningsSheetCancel: to target of class AppleSecurity_Pref
  Message was edited by: theBigD23

  I have a Time Capsule. I don't think that has anything turned on. I have the default settings. I know of other uses with Time Capsule with the exact same problem.

• Appending Firewall Rules to vShield Edge with PowerCLI Script

  Hi,
  I have a script which enables us to upload 4k worth of firewall rules, but every time it executes, all existing rules are over written.
  Is this something to do with the API or just a scripting issue - if so, can anyone suggest how to append on to the existing set?
  Update:
  So obviously the following line seems to create a new instance of the firewall:
  $fwService = New-Object vmware.vimautomation.cloud.views.firewallservice
  Because the next 3 lines after are setting the main firewall parameters again - something you wouldn't need to do if we were just adding new rules to the existing firewall.
  $fwService.DefaultAction = "drop"
  $fwService.LogDefaultAction = $false
  $fwService.IsEnabled = $true
  Is there a way to use a PowerShell command such as add-member rather than new-object?
  param (
  [parameter(Mandatory = $true, HelpMessage="vCD Server")][alias("-server","s")][ValidateNotNullOrEmpty()][string[]]$CIServer,
  [parameter(Mandatory = $true, HelpMessage="Org")][alias("-vOrg","o")][ValidateNotNullOrEmpty()][string[]]$orgName,
  [parameter(Mandatory = $true, HelpMessage="OrgNet")][alias("-orgNet","n")][ValidateNotNullOrEmpty()][string[]]$orgNet,
  [parameter(Mandatory = $true, HelpMessage="CSV Path")][alias("-file","f")][ValidateNotNullOrEmpty()][string[]]$csvFile
  # Add in the VI Toolkit
  if ( (Get-PSSnapin -Name VMware.VimAutomation.Core -ErrorAction SilentlyContinue) -eq $null ) {
  Add-PSsnapin VMware.VimAutomation.Core
  if ( (Get-PSSnapin -Name VMware.VimAutomation.Cloud -ErrorAction SilentlyContinue) -eq $null ) {
  Add-PSsnapin VMware.VimAutomation.Cloud
  try {
  Connect-CIServer -Server $CIServer 2>&1 | out-null
  } catch {
  Exit
  #Search EdgeGW
  try {
    $myOrgNet = Get-Org -Name $orgName | Get-OrgNetwork -Name $orgNet
    $edgeHREF = $myOrgNet.ExtensionData.EdgeGateway.Href
    $edgeView = Search-Cloud -QueryType EdgeGateway -ErrorAction Stop | Get-CIView | where {$_.href -eq $edgeHREF}
  } catch {
  [System.Windows.Forms.MessageBox]::Show("Exception: " + $_.Exception.Message + " - Failed item:" + $_.Exception.ItemName ,"Error.",0,[System.Windows.Forms.MessageBoxIcon]::Exclamation)
    Exit
  #Item to Configure Services
  $edgeView.Configuration.EdgeGatewayServiceConfiguration
  $fwService = New-Object vmware.vimautomation.cloud.views.firewallservice
  $fwService.DefaultAction = "drop"
  $fwService.LogDefaultAction = $false
  $fwService.IsEnabled = $true
  $fwService.FirewallRule = @()
  Ipcsv -path $csvFile |
  foreach-object
  $fwService.FirewallRule += New-Object vmware.vimautomation.cloud.views.firewallrule
  $rowNum = $_.Num -as [int]
  $fwService.FirewallRule[$rowNum].description = $_.Descr
  $fwService.FirewallRule[$rowNum].protocols = New-Object vmware.vimautomation.cloud.views.firewallRuleTypeProtocols
  switch ($_.Proto)
  "tcp" { $fwService.FirewallRule[$rowNum].protocols.tcp = $true }
  "udp" { $fwService.FirewallRule[$rowNum].protocols.udp = $true }
  "any" { $fwService.FirewallRule[$rowNum].protocols.any = $true }
  default { $fwService.FirewallRule[$rowNum].protocols.any = $true }
  $fwService.FirewallRule[$rowNum].sourceip = $_.SrcIP
  if ($_.SrcPort -eq "any" ) { $srcPort = "-1" } else { $srcPort = $_.SrcPort }
  $fwService.FirewallRule[$rowNum].sourceport = $srcPort
  $fwService.FirewallRule[$rowNum].destinationip = $_.DstIP
  $fwService.FirewallRule[$rowNum].destinationportrange = $_.DstPortRange
  $fwService.FirewallRule[$rowNum].policy = $_.Policy
  #$fwService.FirewallRule[$rowNum].direction = $_.Direction
  #$fwService.FirewallRule[$rowNum].MatchOnTranslate = [System.Convert]::ToBoolean($_.MatchOnTranslate)
  $fwService.FirewallRule[$rowNum].isenabled = [System.Convert]::ToBoolean($_.isEnabled)
  $fwService.FirewallRule[$rowNum].enablelogging = [System.Convert]::ToBoolean($_.EnableLogging)
  #configure Edge
  $edgeView.ConfigureServices($fwService)
  Thanks,
  Scott.

  Hi,
  Agree with Ed, you can publish CAS array VIP to internet, and use it to configure Federated Delegation.
  Thanks.
  Niko Cheng
  TechNet Community Support