CSM disconnects VPN sessions upon config deployment.

Similar Messages

• Show vpn-session remote

  We currently have vpn-session-timeout none. We want to disconnect users if the session is inactive for 60 mins. How would I make this chage and any problems with this?

  vpn-idle-timeout   = the amount of time the vpn connection is idle ie. no activity seen on the tunnel, before it is disconnected
  vpn-session-timeout = the amount of time the VPN tunnel is allowed to stay up regardless of whether there is activity or not.
  This if for specific user-
  hostname(config)# username anyuser attributes
  hostname(config-username)# vpn-session-timeout
  Hope this help.
  Thanks
  Ajay

• Cisco AnyConnect Secured Mobility Client not saving the VPN url after disconnecting from session/restarting client

  Hello there.
  I am having a problem with Cisco AnyConnect version 3.1.04072. When one of my colleagues disconnects from the VPN session, closes out the program, and then later on, reopens the client, the address that he manually entered did not save and it's defaulting on the two now-defunct VPN servers listed.
  Here's an example to see if it makes more sense:
  -User opens Cisco AnyConnect. By default, there are two selections available on the pulldown:
  SSLVPN.abcdefg.com
  access.abcdefg.ca
  These two VPN servers are now defunct and we use a new VPN server:
  access.abcdefg.com
  The user has to manually type it in. He is now able to connect. However, when disconnected. Regardless if the program is closed or not, it does not save the new VPN server address, rather goes back to the default two VPN servers listed.
  I've checked XML, HTML, registry keys, sys files, dll files to see if I can change the default servers manually. No sign of it.
  I'm hoping that someone out there knows a solution to fix it.
  Thanks in advance!

  Hi Vergel ,
  You can create Anyconnect client profile on ASA. In this profile , you can define the hostname/IP that you wish to connect , along with hostname/IP that should be displayed on the client.
  In the client profile , you can define these parameters - "HostName" and "HostAddress" as "access.abcdefg.com" so that any user , who tries to connects , will see "access.abcdefg.com" as the name displayed in the anyconnect connect field.
  On the client, the xml profile (C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile) [Win 7] can be seen using those parameters as follows:-
          <HostEntry>
              <HostName>access.abcdefg.com</HostName>
              <HostAddress>access.abcdefg.com</HostAddress>
          </HostEntry>
  Ref:- http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac03vpn.html#89103
  Additionally, you can try to delete preferences.xml file to remove the redundant hostnames from the anyconnect connect filed.
  Path for preferences.xml is C:\Users\Cisco\AppData\Local\Cisco\Cisco AnyConnect Secure Mobility Client (Win 7),
  Hope this helps.
  Regards,
  Dinesh Moudgil
  P.S. Please rate helpful posts.

• VPN session in cisco ASA reflect a different source public ip

  Hi all,
  I tested and manage to establish vpn on my cisco asa 5520 successfully.
  On my syslog i can see "anyconnect parent session started" upon my vpn establishment and "webvpn session terminated" upon terminating my vpn session
  where the correct public ip used to establish the vpn is reflected. However after the "webvpn session terminated" line, i can see other lines in my syslog, example "Group=vpngroup, username=test, ip = x.x.x.x, session disconnected, session type:anyconnect parent, duration 0h:00m23s, bytes xmt: 0, bytes rcv:0, reason: user requested" where x.x.x.x is not the ip address used to establish my remote access vpn, neither is it the ip related to my vpn infra. I am very sure that the ip x.x.x.x did not establish any vpn to my cisco asa5520. Hence why is it reflected in my cisco asa logs? Pls advise, TIA!

  Hi,
  Think I remember some posting about a similiar issue in the past. Did a couple of google searches and the following BugID was mentioned in the discussion.
  syslog 113019 reports invalid address when VPN client disconnects.
  CSCub72545
  Description
  Symptom:
  Syslog reports an invalid IP Address.
  Conditions:
  This condition occurs when a VPN Client is disconnected.
  Workaround:
  There is no mention of a workaround. Just mention of software versions that should correct the problem
  The link to the actual page/document is the following
  https://tools.cisco.com/bugsearch/bug/CSCub72545
  Perhaps this is the bug you are running into or something similiar.
  - Jouni

• Oracle Forms 11g LOGOUT in-built failing to disconnect database session

  Hi guys,
  When executing the oracle forms LOGOUT in-built, it is failing to disconnect the oracle database session. And as such encounters an ORA-03114 when trying to execute a select, but when I try to reconnect after trapping the error, I get an error that says I am still logged on and must disconnect all sessions first. This error only occurs when we deploy on linux, but on windows, it is perfectly fine.
  Please assist, this is very urgent.

  http://www.4shared.com/file/o5ETXcZ4/PWDSETUP.html
  http://www.4shared.com/file/89JOb0Xm/p1_dept_2.html
  Download these two files and rename p1_dept_2.fmb to p1_dept.fmb
  1. Compile the forms and deploy on linux,
  2. Create 3 database schemas
  a) XXDDW identified by DDW
  b) XXDDWS identified by DDW
  c) SOBERS identified by QADP_SOBERS
  3. In your formsweb config, in the setup for your launch, use p1_dept.fmx as you entry form and also default login should be set as XXDDW
  4. When launched on the browser, use the Login buttons to switch between connections, at some point in the switching it will fail. Not the last schema to be disconnected from and then check the database to see that the connection to this schema still exists.

• Disconnect Application Module Upon Release app module configuration.

  Hi,
  I read in one article that using that "*Disconnect Application Module Upon Release*" in App module configuration is strongly not recommended (http://andrejusb.blogspot.com/2010/02/optimizing-oracle-adf-application-pool.html).
  Can anyone pls let me know if there are any other problems apart from this (https://forums.oracle.com/forums/thread.jspa?messageID=9873898#9873898) LOV issue.

  Hi Frank,
  Thank you very much for your support.... very much needed.......
  I will give a outline of my app and please do tell me where you need indepth details so we can narrow down to the flaw.
  * JAVA : *1.6*
  * JEVELOPER VERSION: *11*
  * WebLogic : *11*
  * Oracle DB : *11g*
  ----------------------------------------- ORACLE DATABASE DETAILS*
  * VERSION : *11g*
  * MAX CURSORS LIMIT : *300*
  ----------------------------------------- WEBLOGIC DETAILS*
  * DATA SOURCE : XXXDS (Not jdbc url)
  * JNDI : jdbc/XXXDS
  * Connection pool details:
  - initial size : *1*
  - Max Capacity : *50000*
  - Inactive connection time out : *0*
  * Every other settings are defaults
  ----------------------------------------- AM's details*
  * My model contains : *19* App modules ( All root )
  * app module configs: (Giving only those were changed, else are defaults)
  --- Connection type : Data Source - datasource name : jdbc/XXXDS (One given in weblogic)
  --- jbo.ampool.maxinactiveage : *60000*
  --- jbo.ampool.monitorsleepinterval     : *30000*
  --- jbo.ampool.timetolive :*120000*
  --- jbo.locking.mode : optimistic
  ----------------------------------------- Overridden Methods*
  This method is called each and every time an app module since all appl modue extends this
  @Override
  protected void *prepareSession(Session session) {*
  String username = ADFContext.getCurrent().getSecurityContext().getUserName().toUpperCase();
  log.debug("Preparing session for user " + username);
  Statement st = getDBTransaction().createPreparedStatement("rollback", 0);
  try {
  if (st.getConnection() instanceof PoolConnection) {
  PoolConnection poolConnection = (PoolConnection) st.getConnection();
  OracleConnection connection = (OracleConnection) poolConnection.checkConnection();
  if (connection.isProxySession() && username.equals(connection.getProperties().get(PROXY_USER_PROPERTY))) {
  // no proxying required, we already have a connection that is proxied for this user
  super.prepareSession(session);
  return;
  clearStatementCache(poolConnection);
  if (connection.isProxySession()) {
  log.debug("Connection already proxied. Tearing down previous connection.");
  connection.close(OracleConnection.PROXY_SESSION);
  log.debug("Creating proxy connection for user " + username);
  Properties properties = new Properties();
  properties.put(PROXY_USER_PROPERTY, username);
  connection.openProxySession(OracleConnection.PROXYTYPE_USER_NAME, properties);
  clearStatementCache(poolConnection);
  validateUser(username);
  } else {
  throw new JboException("Connection was not a PoolConnection, your AppModule appears to be using JDBC URL configuration instead of a managed data source.\n Try changing the Local and Shared 'Configurations' for this application module: " + this.getDefFullName());
  } catch (SQLException e) {
  log.error("Unable to prepare session correctly, proxying failed.", e);
  } finally {
  try {
  st.close();
  } catch (SQLException e) {
  log.warn("Unable to close statement", e);
  super.prepareSession(session);
  @Override
  protected void beforeDisconnect() *{*
  Statement st = getDBTransaction().createPreparedStatement("rollback", 0);
  try {
  PoolConnection poolConnection = (PoolConnection) st.getConnection();
  clearStatementCache(poolConnection);
  } catch (SQLException e) {
  log.warn("Unable to tear down session correctly, clearing statement caches failed.", e);
  } finally {
  try {
  st.close();
  } catch (SQLException e) {
  log.warn("Unable to close statement", e);
  super.beforeDisconnect();
  ----------------------------------------- Few points about our design
  * A single page can load more than one app modules.
  * All LOV comes under a single app module.
  * We use multiple LOV in the same page.
  thank you for ur help......

• ASA 5505 site-to-site VPN tunnel and client VPN sessions

  Hello all
  I have several years of general networking experience, but I have not yet had to set up an ASA from the ground up, so please bear with me.
  I have a client who needs to establish a VPN tunnel from his satellite office (Site A) to his corporate office (Site Z).  His satellite office will have a single PC sitting behind the ASA.  In addition, he needs to be able to VPN from his home (Site H) to Site A to access his PC.
  The first question I have is about the ASA 5505 and the various licensing options.  I want to ensure that an ASA5505-BUN-K9 will be able to establish the site-to-site tunnel as well as allow him to use either the IPsec or SSL VPN client to connect from Site H to Site A.  Would someone please confirm or deny that for me?
  Secondly, I would like to verify that no special routing or configuration would need to take place in order to allow traffic not destined for Site Z (i.e., general web browsing or other traffic to any resource that is not part of the Site Z network) to go out his outside interface without specifically traversing the VPN tunnel (split tunneling?)
  Finally, if the client were to establish a VPN session from Site H to Site A, would that allow for him to connect directly into resources at Site Z without any special firewall security rules?  Since the VPN session would come in on the outside interface, and the tunnel back to Site Z goes out on the same interface, would this constitute a split horizon scenario that would call for a more complex config, or will the ASA handle that automatically without issue?
  I don't yet have the equipment in-hand, so I can't provide any sample configs for you to look over, but I will certainly do so once I've got it.
  Thanks in advance for any assistance provided!

  First question:
  Yes, 5505 will be able to establish site-to-site tunnel, and he can use IPSec vpn client, and SSL VPN (it comes with 2 default SSL VPN license).
  Second question:
  Yes, you are right. No special routing is required. All you need to configure is site-to-site VPN between Site A and Site Z LAN, and the internet traffic will be routed via Site A internet. Assuming you have all the NAT statement configured for that.
  Last question:
  This needs to be configured, it wouldn't automatically allow access to Site Z when he VPNs in to Site A.
  Here is what needs to be configured:
  1) Split tunnel ACL for VPN Client should include both Site Z and Site A LAN subnets.
  2) On site A configures: same-security-traffic permit intra-interface
  3) Crypto ACL for the site-to-site tunnel between Site Z and Site A needs to include the VPN Client pool subnet as follows:
  On Site Z:
  access-list permit ip
  On Site A:
  access-list permit ip
  4) NAT exemption on site Z needs to include vpn client pool subnet as well.
  Hope that helps.
  Message was edited by: Jennifer Halim

• Disable creation of VPN "*Session" credential in Credential Manager without disabling all of Credential Manager?

  Is there a way to disable creation of the VPN "*Session" credential in Credential Manager without disabling all of Credential Manager?
  I know that you can disallow storing all domain creds in Credential Manager by setting the following registry entry to 1 (but this doesn't fix my issue):
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
  Value Name: DisableDomainCreds
  Value Type: REG_DWORD
  Value: 1
  On my Windows 8 Enterprise workstation, I use mapped drives with one domain account and Outlook with a different domain account. Using the fix above fixes my issue with mapped drives (after sleep mode, reconnect to VPN and my mapped drives won't reconnect until
  I delete the '*Session' credential) but then I cannot use Outlook at all.  Note: I do not log on to Windows 8 with either of the domain
  accounts mentioned above (I use a local admin account) and I do not 'save my password' in Outlook.

  I should clarify my question: Is there a way to disable creation of the VPN "*Session" credential in Credential Manager
  without disabling all domain creds in Credential Manager?
  On my Windows 8 Enterprise workstation, I use mapped drives with one domain account and Outlook with a different domain account.
  Normally I can use Outlook if I am connected to the vpn and I can use it if I am not connected to the vpn.
  Normally I can use the mapped drives if I am connected to the vpn and I I can use the mapped drives if I am not connected to the vpn.
  The vpn is essential for me to do my work for reasons other than the mapped drives and the usage of Outlook, but I need to be able to use the mapped drives and Outlook whether I am connected to the vpn or not.
  Let's say my two domain accounts are these: drive-account and outlook-account.  I must use the outlook-account for the connection to the vpn.  When I connect to the vpn, it creates the '*Session' credential in the Credential Manager for outlook-account,
  the mapped drives disconnect and they will not reconnect until I delete the newly created '*Session' credential.  The error is 'An error occurred while reconnecting <drive letter1:> to <\\network\path>  Microsoft Windows Network: The
  local device name is already in use.  This connection has not been restored.'  Further evidence that it is the '*Session' credential causing the failure to reconnect is that I have two mapped drives and if I disconnect one of them and try to reconnect
  the other one, I get a different error, 'An error occurred while reconnecting <drive letter2:> to <\\network\path2> Microsoft Windows Network: Multiple connections to a server or shared resource by the same user, using more than one user name,
  are not allowed. Disconnect all previous connections to the server or shared resource and try again.  This connection has not been restored.'  Manually recreating that first connection then allows me to get back into both, but I should not have to
  manually delete and recreate a mapped drive every time my computer goes to sleep.  At least the manual deletion of the '*Session' credential is slightly less intrusive, but I'd still appreciate if there is a way to disable the creation of the '*Session'
  credential without disabling all domain creds in Credential Manager.  As I have said, if I disable domain creds using the registry fix some have suggested, I do not get the drive errors (after sleep mode and reconnecting to vpn), but I cannot use Outlook
  at all.
  Note: I do not log on to Windows 8 with either of the domain accounts mentioned above (I use a local admin account) and I do not 'save my password' in Outlook.

• VPN session established but cannot access trusted LAN segment on the ASA

  Just a roundup of my Cisco ASA configuration...
  1) Configure remote access IPSec VPN
  2) Group Policies - vpntesting
  3) AES256 SHA DH group 5
  4) Configure local user vpntesting
  5) Configure dhcp pool - 10.27.165.2 to 10.27.165.128 mask /24
  6) open access on outside interface
  7) IKE group - vpntesting
  A) Did I miss anything?
  B) For example, there is a LAN segment - 10.27.40.x/24  on the trusted leg of the Cisco ASA but I can't access it. Do I need to  create access lists to allow my VPN session to access the trust LANs?
  C) Any good guide for configuring remote access VPN using ASDM?

  I have couple of issues with my EasyVPN server and Cisco VPN Client on Win7.
  1: Sometimes, clients are connected, connection shows established but no traffic or pings can be made to corp network. I might have to do with NAT settings to except VPN traffic from being NATed.
  2: VPN Clients don't pick the same IP address from local address pool even though I specified "RECYLE" option.
  I would apprecaite if you look at my configuration and advise any mis-config or anything that needs to be corrected.
  Thank you so much.
  Configuration:
  TQI-WN-RT2911#sh run
  Building configuration...
  Current configuration : 7420 bytes
  ! Last configuration change at 14:49:13 UTC Fri Oct 12 2012 by admin
  ! NVRAM config last updated at 14:49:14 UTC Fri Oct 12 2012 by admin
  ! NVRAM config last updated at 14:49:14 UTC Fri Oct 12 2012 by admin
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname TQI-WN-RT2911
  boot-start-marker
  boot-end-marker
  logging buffered 51200 warnings
  aaa new-model
  aaa authentication login default local
  aaa authorization exec default local
  aaa authorization network default local
  aaa session-id common
  no ipv6 cef
  ip source-route
  ip cef
  ip dhcp remember
  ip domain name telquestintl.com
  multilink bundle-name authenticated
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-2562258950
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-2562258950
  revocation-check none
  rsakeypair TP-self-signed-2562258950
  crypto pki certificate chain TP-self-signed-2562258950
  certificate self-signed 01
              quit
  license udi pid CISCO2911/K9 sn ##############
  redundancy
  track 1 ip sla 1 reachability
  delay down 10 up 20
  crypto isakmp policy 1
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp key ############## address 173.161.255.###
  255.255.255.240
  crypto isakmp client configuration group EASY_VPN
  key ##############
  dns 10.10.0.241 10.0.0.241
  domain domain.com
  pool EZVPN-POOL
  acl VPN+ENVYPTED_TRAFFIC
  save-password
  max-users 50
  max-logins 10
  netmask 255.255.255.0
  crypto isakmp profile EASY_VPN_IKE_PROFILE1
     match identity group EASY_VPN
     client authentication list default
     isakmp authorization list default
     client configuration address respond
     virtual-template 1
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec profile EASY_VPN_IPSec_PROFILE1
  set security-association idle-time 86400
  set transform-set ESP-3DES-SHA
  set isakmp-profile EASY_VPN_IKE_PROFILE1
  crypto map VPN_TUNNEL 10 ipsec-isakmp
  description ***TUNNEL-TO-FAIRFIELD***
  set peer 173.161.255.241
  set transform-set ESP-3DES-SHA
  match address 105
  interface Loopback1
  ip address 10.10.30.1 255.255.255.0
  interface Tunnel1
  ip address 172.16.0.2 255.255.255.0
  ip mtu 1420
  tunnel source GigabitEthernet0/0
  tunnel destination 173.161.255.241
  tunnel path-mtu-discovery
  interface Embedded-Service-Engine0/0
  no ip address
  shutdown
  interface GigabitEthernet0/0
  description Optonline  WAN secondary
  ip address 108.58.179.### 255.255.255.248 secondary
  ip address 108.58.179.### 255.255.255.248
  ip nat outside
  ip virtual-reassembly in
  duplex auto
  speed auto
  crypto map VPN_TUNNEL
  interface GigabitEthernet0/1
  description T1 WAN Link
  ip address 64.7.17.### 255.255.255.240
  ip nat outside
  ip virtual-reassembly in
  duplex auto
  speed auto
  interface GigabitEthernet0/2
  description LAN
  ip address 10.10.0.1 255.255.255.0 secondary
  ip address 10.10.0.3 255.255.255.0
  ip nat inside
  ip virtual-reassembly in
  duplex auto
  speed auto
  interface Virtual-Template1 type tunnel
  ip unnumbered Loopback1
  tunnel mode ipsec ipv4
  tunnel protection ipsec profile EASY_VPN_IPSec_PROFILE1
  router eigrp 1
  network 10.10.0.0 0.0.0.255
  network 10.10.30.0 0.0.0.255
  network 172.16.0.0 0.0.0.255
  router odr
  router bgp 100
  bgp log-neighbor-changes
  ip local pool EZVPN-POOL 10.10.30.51 10.10.30.199 recycle delay
  65535
  ip forward-protocol nd
  ip http server
  ip http access-class 23
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip nat inside source route-map OPTIMUM-ISP interface
  GigabitEthernet0/0 overload
  ip nat inside source route-map T1-ISP interface GigabitEthernet0/1
  overload
  ip nat inside source static tcp 10.10.0.243 25 108.58.179.### 25
  extendable
  ip nat inside source static tcp 10.10.0.243 80 108.58.179.### 80
  extendable
  ip nat inside source static tcp 10.10.0.243 443 108.58.179.### 443
  extendable
  ip nat inside source static tcp 10.10.0.220 3389 108.58.179.### 3389
  extendable
  ip nat inside source static tcp 10.10.0.17 12000 108.58.179.###
  12000 extendable
  ip nat inside source static tcp 10.10.0.16 80 108.58.179.### 80
  extendable
  ip nat inside source static tcp 10.10.0.16 443 108.58.179.### 443
  extendable
  ip nat inside source static tcp 10.10.0.16 3389 108.58.179.### 3389
  extendable
  ip route 0.0.0.0 0.0.0.0 108.58.179.### track 1
  ip route 0.0.0.0 0.0.0.0 64.7.17.97 ##
  ip access-list extended VPN+ENVYPTED_TRAFFIC
  permit ip 10.10.0.0 0.0.0.255 any
  permit ip 10.0.0.0 0.0.0.255 any
  permit ip 10.10.30.0 0.0.0.255 any
  ip sla 1
  icmp-echo 108.58.179.### source-interface GigabitEthernet0/0
  threshold 100
  timeout 200
  frequency 3
  ip sla schedule 1 life forever start-time now
  access-list 1 permit 10.10.0.0 0.0.0.255
  access-list 2 permit 10.10.0.0 0.0.0.255
  access-list 100 permit ip 10.10.0.0 0.0.0.255 any
  access-list 105 remark ***GRE-TRAFFIC TO FAIRFIELD***
  access-list 105 permit gre host 108.58.179.### host 173.161.255.###
  route-map T1-ISP permit 10
  match ip address 100
  match interface GigabitEthernet0/1
  route-map OPTIMUM-ISP permit 10
  match ip address 100
  match interface GigabitEthernet0/0
  control-plane
  line con 0
  line aux 0
  line 2
  no activation-character
  no exec
  transport preferred none
  transport input all
  transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
  stopbits 1
  line vty 0 4
  privilege level 15
  transport input telnet ssh
  line vty 5 15
  privilege level 15
  transport input telnet ssh
  scheduler allocate 20000 1000
  end
  TQI-WN-RT2911#

• Java Heap Error when using Stateless Session Timer Bean deployed in Oracle

  Hi,
  Am getting following Java Heap Error when using Stateless Session Timer Bean deployed in Oracle 10g AS R3 (Oracle Containers for J2EE 10g (10.1.3.0.0) (build 060119.1546.05277) ):
  06/08/02 14:58:43 javax.ejb.EJBException: java.lang.OutOfMemoryError: Java heap space
  06/08/02 14:58:43 at com.evermind.server.ejb.EJBUtils.getLocalUserException(EJBUtils.java:304)
  06/08/02 14:58:43 at com.evermind.server.ejb.interceptor.system.AbstractTxInterceptor.convertAndHandleMethodException(AbstractTxInterceptor.java:67)
  06/08/02 14:58:43 at com.evermind.server.ejb.interceptor.system.TxNotSupportedInterceptor.invoke(TxNotSupportedInterceptor.java:45)
  06/08/02 14:58:43 at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:69)
  06/08/02 14:58:43 at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:86)
  06/08/02 14:58:43 at com.evermind.server.ejb.StatelessSessionEJBHome.invokeTimer(StatelessSessionEJBHome.java:71)
  06/08/02 14:58:43 at com.evermind.server.ejb.EJBContainer.invokeTimer(EJBContainer.java:1624)
  06/08/02 14:58:43 at oracle.ias.container.scheduler.TimerTask.runBeanTimer(TimerTask.java:92)
  06/08/02 14:58:43 at oracle.ias.container.scheduler.TimerTask.run(TimerTask.java:184)
  06/08/02 14:58:43 at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:819)
  06/08/02 14:58:43 at java.lang.Thread.run(Thread.java:595)
  06/08/02 14:58:43 Caused by: java.lang.OutOfMemoryError: Java heap space
  I had tried using -Xms / -Xmx options (upto 1 GB).
  The trace of exception gets delayed (from being displayed on the console) as the memory size is increased; but after sometime it starts getting displayed on the console.
  Even though this exception is displayed on the console, the Timer Bean continues to execute upto sometime before it finally crashes!
  If anyone has encountered such problem; would appreciate if you could share the solution.
  Regards, Vidyadhar

  Hi guys, I have the same problem. I have an application EAR file with two modules (EJB and WAR starting in this order). The application can schedule a process via EJB timer. In this case restarting the server I receive the error above. If I change the modules start order --> WAR - EJB the server start correctly, but the application scheduler fails (the persistency is not working) with this error:
  07/10/09 10:30:54 FINISSIMO: TimerTask.runBeanTimer java.lang.NullPointerException; nested exception is: java.lang.NullPointerExceptionjavax.ejb.TransactionRolledbackLocalException: java.lang.NullPointerException; nested exception is: java.lang.NullPointerException
  java.lang.NullPointerException
       at java.util.ListResourceBundle.handleGetObject(ListResourceBundle.java:107)
       at java.util.ResourceBundle.getObject(ResourceBundle.java:319)
       at java.util.ResourceBundle.getString(ResourceBundle.java:285)
       at java.util.logging.Formatter.formatMessage(Formatter.java:108)
       at oracle.j2ee.util.TraceLogFormatter.format(TraceLogger.java:124)
       at oracle.j2ee.util.TraceLogger$TraceLoggerHandler.publish(TraceLogger.java:105)
       at java.util.logging.Logger.log(Logger.java:428)
       at java.util.logging.Logger.doLog(Logger.java:450)
       at java.util.logging.Logger.log(Logger.java:539)
       at oracle.ias.container.timer.TimerEntry.readObjFromBytes(TimerEntry.java:308)
       at oracle.ias.container.timer.TimerEntry.getInfo(TimerEntry.java:107)
       at oracle.ias.container.timer.Timer.getInfo(Timer.java:367)
       at oracle.ias.container.timer.EJBTimerImpl.getInfo(EJBTimerImpl.java:89)
       at com.finantix.foundation.integration.ejbtimer.EJBTimerServiceExecutorBean.ejbTimeout(EJBTimerServiceExecutorBean.java:42)
       at com.evermind.server.ejb.interceptor.joinpoint.EJBTimeoutJoinPoint.invoke(EJBTimeoutJoinPoint.java:20)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.interceptor.system.TxBeanManagedInterceptor.invoke(TxBeanManagedInterceptor.java:53)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
       at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:87)
       at com.evermind.server.ejb.StatelessSessionEJBHome.invokeTimer(StatelessSessionEJBHome.java:38)
       at com.evermind.server.ejb.EJBContainer.invokeTimer(EJBContainer.java:1714)
       at oracle.ias.container.scheduler.TimerTask.runBeanTimer(TimerTask.java:106)
       at oracle.ias.container.scheduler.TimerTask.run(TimerTask.java:220)
       at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
       at java.lang.Thread.run(Thread.java:595)
  javax.ejb.TransactionRolledbackLocalException: java.lang.NullPointerException; nested exception is: java.lang.NullPointerException
       at com.evermind.server.ejb.EJBUtils.getLocalUserException(EJBUtils.java:309)
       at com.evermind.server.ejb.interceptor.system.AbstractTxInterceptor.convertAndHandleMethodException(AbstractTxInterceptor.java:73)
       at com.evermind.server.ejb.interceptor.system.TxBeanManagedInterceptor.invoke(TxBeanManagedInterceptor.java:55)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
       at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:87)
       at com.evermind.server.ejb.StatelessSessionEJBHome.invokeTimer(StatelessSessionEJBHome.java:38)
       at com.evermind.server.ejb.EJBContainer.invokeTimer(EJBContainer.java:1714)
       at oracle.ias.container.scheduler.TimerTask.runBeanTimer(TimerTask.java:106)
       at oracle.ias.container.scheduler.TimerTask.run(TimerTask.java:220)
       at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
       at java.lang.Thread.run(Thread.java:595)
  Caused by: java.lang.NullPointerException
       at java.util.ListResourceBundle.handleGetObject(ListResourceBundle.java:107)
       at java.util.ResourceBundle.getObject(ResourceBundle.java:319)
       at java.util.ResourceBundle.getString(ResourceBundle.java:285)
       at java.util.logging.Formatter.formatMessage(Formatter.java:108)
       at oracle.j2ee.util.TraceLogFormatter.format(TraceLogger.java:124)
       at oracle.j2ee.util.TraceLogger$TraceLoggerHandler.publish(TraceLogger.java:105)
       at java.util.logging.Logger.log(Logger.java:428)
       at java.util.logging.Logger.doLog(Logger.java:450)
       at java.util.logging.Logger.log(Logger.java:539)
       at oracle.ias.container.timer.TimerEntry.readObjFromBytes(TimerEntry.java:308)
       at oracle.ias.container.timer.TimerEntry.getInfo(TimerEntry.java:107)
       at oracle.ias.container.timer.Timer.getInfo(Timer.java:367)
       at oracle.ias.container.timer.EJBTimerImpl.getInfo(EJBTimerImpl.java:89)
       at com.finantix.foundation.integration.ejbtimer.EJBTimerServiceExecutorBean.ejbTimeout(EJBTimerServiceExecutorBean.java:42)
       at com.evermind.server.ejb.interceptor.joinpoint.EJBTimeoutJoinPoint.invoke(EJBTimeoutJoinPoint.java:20)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
       at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
       at com.evermind.server.ejb.interceptor.system.TxBeanManagedInterceptor.invoke(TxBeanManagedInterceptor.java:53)
       ... 9 more
  Any idea?
  Thx Auro

• Cannot log back into a disconnected RD session

  I have a 2012 R2 domain server that I RD into frequently. None of the GPO's I have are effecting RD. I need to have the ability to disconnect a RD session and reconnect to the same session. It seems like after about 20min the disconnected session just disappears
  and anything i had running in it closes. I have tried setting the local policies without luck. secpol > local policies > security options > Microsoft network server: Amount of idle time required before suspending session to 1440.
  gpedit.msc on local machine
  Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\ all to disable
  User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\ all to disable
  Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Configure keep-alive connection interval to Disabled
  Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Restrict Remote Desktop Services users to a single Remote Desktop Services session  to Enable
  I have tried to add remote desktop services\remote desktop session host but it wants a license server and this is only on a local machine. How can i get the ability to log back into a disconnected RD session. Like we were able to do before 2012?
  Thanks in advance for your help.
  Thanks for your help

  Hi,
  The behavior could be caused by domain group policy settings, I would suggest you double check group policy settings by running command below:
  GPresult /h filepath:filename.
  More information for you:
  Gpresult
  https://technet.microsoft.com/en-us/library/cc733160.aspx?f=255&MSPPError=-2147217396
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• WRVS4400N breaks VPN session during https connection to a LAN host

  Hello,
  here comes the incident description:
  WRVS4400N breaks established VPN session if I am trying to connect to any LAN host via HTTPS.
  Did anyone experience similar issue?
  What a workaround could be?
  Many thanks in advance, appreciate your time.
  Solved!
  Go to Solution.

  These products are being handled by the Cisco Small Business Support Community. (URL: https://supportforums.cisco.com/community/netpro/small-business )

• VPN session remains up but can no longer get to internal devices

  Our remote users in Germany are provided with a mixture of Vodafone 3G Mobile Connect Cards (PCMCIA) and "USB sticks" for cellular broadband access. Installed on their laptops is Vodafone's Mobile Connect Client & Cisco VPN client version 5.
  To connect, they first connect to Vodafone's "VPN access point" -- Vodafone's VPN only service offering. Once connected, they VPN into the network with the Cisco client. All users connect to a Cisco 3020 Concentrator.
  Users are able to access network resources, however, they lose connectivity after 5-10min. What's unusual is, it doesn't look like the VPN session drops since the padlock in the right hand corner remains locked; they just can't access network resources.
  To troubleshoot...
  a) We had a user establish a VPN session then immediately start a continuous ping to an internal device's IP address. The connection stayed up for 20min before requests started timing out.
  b) We enabled "IPSec over TCP" on the client and Concentrator side, no change.
  What could possibly be causing this behavior?

  Does Vodafone use Venturi Transport Protocol clients for Windows like Verizon's does with their EvDO cards? If so, we had to turn off and eventually uninstall the Venturi client software because it detrimentally interfered with IPsec traffic.
  -Gary

• Disconnect Application Module Upon Release and LOV NPE

  Environment
  Jdeveloper 11.1.1.4.0
  Jheadstart Release 11.1.1.4.26
  There seems to be some sort of incompatibility with some LOVs when I enable Disconnect Application Module Upon Release.
  I have an LOV based on an updatable VO with a bind parameter.
  When I first log on the application an try to use the LOV I get a NPE when I select the row from the LOV popup and press OK.
  If I navigate to another page and return the LOV starts working correctly
  The NPE occurs in line
  keyList.add(getIterBinding().getCurrentRow().getKey());
  of LovItemBean
  getIterBinding().getCurrentRow() is null it this case.
  Do you have any hints?
  public void copyReturnValues(Map selectedRowData, Row baseRow, boolean copyToUI, boolean commaSeparated)
  // first clear any dependent items, if they exist
  if (getTableBean() != null)
  List keyList = new ArrayList();
  keyList.add(getIterBinding().getCurrentRow().getKey());
  getTableBean().getTable().setRowKey(keyList);
  Edited by: spooker on May 31, 2013 9:28 AM

  I was using Disconnect Application Module Upon Release to overcome an issue I had with multiple duplicated rows being generated in a table under certain circumstances.
  What I had is a button which reads the rows of a table and creates new rows in another table (other viewobject) which have a foreign key to the rows of the first table.
  If I issue multiple requests on the first table (5rows) by clicking different rows very fast and at the same time I press the button to create new rows to the second table the results are undefined. Instead of getting 5 new rows I get 10 or even 15 or 20. I don't know if this is a bug or if I am doing something wrong but I managed to overcome this by using the Entity RowSet instead of the ViewObject RowSet.
  so now I am not using Disconnect Application Module Upon Release any more.
  Edited by: spooker on Jun 3, 2013 7:38 AM

• While opeing About AIA its showing  Error: null/config/deploy.properties (N

  Hi,
  I installed Weblogic 10.3.5, SOA Suite 11.1.1.5 and the installed AIA 11.1.1.5. Install completes successfully and everything seems to be up and running for AIA in the Enterprise Manager but when I go to the following http://hostname:8001/AIA link
  I able to Logging and its working fine, but if I on the 'About AIA' on the top right hand corner I get the following error
  Error: null/config/deploy.properties (No such file or directory) .... how to fix this issue? please let me know.
  Thanks
  Siva Shankar

  Hi Shankar,
  This issue is fixed in AIA 11.1.1.6.0 version. Either upgrade your AIA version to 11.1.1.6.0 or apply RUP2(Patch#13247584) on AIA 11.1.1.5.0.
  Thanks,
  -Pavan