Denying traffic for unknown routers/WAPS

Similar Messages

• No ACL deny logs for Traffic not matched by Static Object NATs and ACL. Need Help.

  I start noticing that I do not see any denied traffic coming in on my ACL.  To better explain, lets say I have this config.
  ### Sample Config ###
  object network webserver
  host 192.168.1.50
  nat (dmz, outside) static X.X.X.X service tcp www www
  access-list inbound extended permit ip any4 object webserver eq www
  If I generate a traffic from the outside let's say a traffic that is trying to access X.X.X.X via TCP Port 8080 which obviously does not have any NAT entry to it going to my DMZ, I don't see the ACL denies it anymore but instead comes back with a Drop Reason: (nat-no-xlate-to-pat-pool) . On the packet trace I got this. (Below) it seems that does not even hit the ACL as there is no xlate found for it, at least to what the drop reason says.
  Phase: 1
  Type: CAPTURE
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  MAC Access list
  Phase: 2
  Type: ACCESS-LIST
  Subtype:
  Result: ALLOW
  Config:
  Implicit Rule
  Additional Information:
  MAC Access list
  Phase: 3
  Type: ROUTE-LOOKUP
  Subtype: input
  Result: ALLOW
  Config:
  Additional Information:
  in   0.0.0.0         0.0.0.0         Outside
  Result:
  input-interface: Outside
  input-status: up
  input-line-status: up
  output-interface: Outside
  output-status: up
  output-line-status: up
  Action: drop
  Drop-reason: (nat-no-xlate-to-pat-pool) Connection to PAT address without pre-existing xlate
  Before, using a regular Static PAT on ASA Versions 8.2(5) below, I could get the deny logs (ASA-4-106023). Generally, I use these logs, and are quite important for us specially during auditing.
  My question is how can I generate logs for these type of dropped traffic on the ASA 9.1 Version? 
  Any comments/suggestions are gladly appreciated :)
  Regards,
  John

  I believe, but am not 100% sure, that the reason you are not seeing the ACL drop but a no NAT matched is because of the changes from 8.2 to 8.3 in the order of how things are done.  In 8.3 and later you need to secify the real IP address when allowing packets in, and this is because NAT happens before the ACL is matched.  So since there is no match on the NAT the packet is dropped then and there, never reaching the stage where ACLs are checked.
  As to seeing drops in the ACL log...You might want to try adding an ACL that matches the NATed IP...but I don't think you will have much success with that either.  My guess is that there is no way around this...at least no way I know of.
  Please remember to select a correct answer and rate helpful posts

• Firefox crashes for unknown reason lately, so I removed it and reinstalled it. How can I put my Favorites (bookmarks) back into the newly installed FireFox???

  Firefox crashes a few times when I was on Facebook and with email, also watching dramas online. Most of the time due to Adobe Flash and I did submit crash report. Later it crashes for unknown reason while I have email and Facebook on different tabs -- when I was on the tab of email, it looks system hang and not responding. This happened to my laptop that uses Windows Vista as I noticed. I don't remember it ever happens to my desktop that uses Windows XP.
  It's pretty annoying of such known crash, but before removing Firefox, I did try to update all add-ons or plugins and it looks like doesn't work out. After updating for couple times and it still crashed like that, I removed Firefox and reinstall it.
  '''Now I want to know how to put the shortcuts from my Favorite folder into the newly installed FireFox's bookmarks.''' I didn't backup the bookmarks by using Firefox. I even went to Firefox help for instructions, but it only mentions how to merge/input the bookmarks from other browsers. Please note the version I've removed and inrestalled is the same -- 3.6.13.

  It is possible that there is a problem with the files sessionstore.js and sessionstore.bak in the Firefox Profile Folder.
  Delete the sessionstore.js file and possible sessionstore-##.js files with a number and sessionstore.bak in the Firefox Profile Folder.
  *Help > Troubleshooting Information > Profile Directory: Open Containing Folder
  *http://kb.mozillazine.org/Profile_folder_-_Firefox
  Deleting sessionstore.js will cause App Tabs and Tab Groups and open and closed (undo) tabs to get lost, so you will have to create them again (make a note or bookmark them).
  *http://kb.mozillazine.org/Multiple_profile_files_created
  You can use this button to go to the Firefox profile folder:
  *Help > Troubleshooting Information > Profile Directory: Open Containing Folder

• Transaction failed for unknown reason (100) Unable to complete backup at this time. Does anyone know how to solve this issue?

  Transaction failed for unknown reason (100) Unable to complete backup at this time. Does anyone know how to solve this issue?
  Thanks.

  The system is set up to backup files to the iCloud at the end of the day. This has ot happen for sometime now and the mesaage I get is the back up error.

• TS1363 while updating my IOS to IOS 6 the updating process couldn't be completed for unknown reason and my iphone has nothing but a black screen with an apple and a meter that shows no progess. it completely froze!

  When updating my IOS 5.1.1 to IOS 6 and after the download completed the updating of the iphone couldn't be completed for unknown error and the device froze and all i have now is a black screen with an apple and a meter that shows no progress I can't switch off my iphone or do anything!!!

  Hi,
  I had a similar problem last week with my nice shiny 3 week old iPhone 6. I noticed the Apple logo was on the screen, but it did not progress like a normal boot up. I restarted the phone, and it showed the Apple logo, then a red screen then cycled back to the logo and kept looping. I got the phone to the iTunes connection stage by keeping hold of the power button and the home button until the apple logo appeared then kept holding the home button. iTunes recognised the phone, and wanted to restore, but this was unsuccessful  because the phone would keep looping to the red screen and iTunes failed. After loads of Apple support, I was told it was a hardware failure, and like you I live more than an hour away from the store. None the less, I made an appointment with the Genius bods, and they replaced the phone. They said they had never heard of the problem, but really, take a look at these forums and you will see that it is a common problem and I suspect they are keeping it under wraps...
  My issue is that as a disappointed customer with faulty goods, why should i have to stick to an appointment to get it replaced? What other store would you have to do this?
  The "Genius" didn't even want to see the phone powered up before offering a replacement... Oh, and it turned out they didn't have the exact same model as a replacement so they were going to send me out of the store empty handed.... I kicked off BIG time, and they very reluctantly gave me a phone from the sales stock, rather than the repairs stock..
  Not a happy Apple customer anymore, and I feel the more people who know about the lack of service and customer care the better. They need to get off there high horse and join the real world!

• For unknown reasons iTunes will no longer open.  I have an HP laptop running windows 7 with Kaspersky protection.  It worked fine before but now won't open.  I tried downloading the most recent up-date and it will still not open.  Any suggestions?

  For unknown reasons iTunes will no longer open.  I have an HP laptop running windows 7 with Kaspersky protection.  It worked fine before but now won't open.  I tried downloading the most recent up-date and it will still not open.  Any suggestions?

  thrillhousecody
  Thanks for the reply with additional information.
  Recent history for Premiere Elements points to the program having problems when more than 1 video card/graphics card is
  being used by the computer on which Premiere Elements is running. This observation may seem contra indicated by the fact
  that you say that the program did work well about 2 years ago in the same setup. But other factors may have set in with regard
  to drivers, drivers versions, and driver conflicts. But this factor, does need to be ruled in or out.
  Can you disable one or the other card to determine the impact of this on your problem?
  But, of prime concern with regard to video card/graphics card is the use of a NVIDIA GeForce card with Premiere Elements 10.
  Even if your NVIDIA GeForce were the only card, Premiere Elements 10 will not work properly unless the NVIDIA GeForce driver
  version is rolled back to about May 2013. This may be one of the major factors here.
  a. Device Manager/Display Adapters and find out Driver Version and Driver Date
  b. Read the background information for the Premiere Elements 10/NVIDIA GeForce issue
  ATR Premiere Elements Troubleshooting: PE10: NVIDIA Video Card Driver Roll Back
  Also see the Announcement at the top of this forum regarding the matter - also with full details of the situation and how to fix with the
  driver version roll back.
  Please review and consider and then we can decide what next.
  Thanks.
  ATR
  Add On...This NVIDIA GeForce situation is specific for Premiere Elements 10. You should not expect to see the problem for
  later versions of Premiere Elements.

• My Time Machine will no longer back up to my external disk for unknown reasons.  It would not accept my password and said the disk is read-only and damaged.  How can I copy my files to my Mac so I can repair it?

  My Time Machine will no longer back up to my external drive for unknown reasons.  It began after a series of power outages (my equipment is protected by a surge protector with battery backup), and was shut down correctly.  Then it began by not recognizing my disk and my Time Machine password, although I am positive it was correct. I tried NUMEROUS times to get into it. It says the disk is damaged and needs to be erased and started over.  How can I back up my files on my Mac so I can do that? I have no other disk to back up to.  I found the files in a folder called "Backups.backupdb", and tried to copy them into a folder, but get the message "The volume has the wrong case sensitivity for a backup."  The "lost+found" folder did copy for me. Will I just have to lose 4 years of backups?

  Hi there,
  I have the same issue. Usually hangs after 10K od sometimes after 18MB of backup file.
  Config: iTunes 10.4., Win 7 64bit, iPhone 4 with iOS 4.3.3
  I tried all of these without success:
  - deleted backups via iTunes / Preferences
  - deleted backups from sync folder
  - created a new admin user and tried to sync
  - reinstalled iTunes
  - ran all Windows updates, restarted, reinstalled iTunes
  - ran iTunes / Diagnostics (says everything okay, only info which is strange: diag says I am not a admin user, which is not correct)
  Nothing helped. Who can help. I hope someone from Apple can take care, as I seem not to be the only one. Actually iTunes is the worst part about iPhone. Hope with iOS 5 and Cloud sync to get rid of iTunes.
  Any hints welcome,
  Cheers,
  Miguel-KA

• Error "No status object is available for Unknown Object " in Shopping Cart

  Hi all,
  We are getting error "No status object is available for <Unknown Object>" while creating shopping carts of any type .
  Please suggest if any configuration setting needs to be done.
  Thanks and Regards,
  Navdeep Malik

  Dear Navdeep
  The error is likely caused by one or more entries in table BBP_DOCUMENT_TAB that are without objkey or guid.
  did you delete some entries from SRM transaction tables?
  Check table BBP_DOCUMENT_TAB entries to see any GUID which is not present in the system.
  You can verify this by checking whether there is an entry in CRMD_ORDERADM_H (header) table
  with GUID = <guid stored in bbp_document_tab>
  Regards
  Lauren

• Firefox Displays "Peer's certificate has an invalid signature." SubCA shows "Could not trust this certificate for unknown reasons"

  Using a 2-tier on-premise PKI. Offline Root CA (Standalone Windows 2008 R2 Enterprise) and online SubCA for issuing certificates (Domain-Joined Issuing CA)
  ROOTCA certificate installed in the store and showing trusted (Uses a SHA2 signature and PKCS #1 SHA-256 With RSA Encryption algorithm)
  ISSUINGCA certificate installed in the store and showing "Could not trust for unknown reasons" also has SHA2 signature with RSASSA-PSS algorithm
  Issued certificate is for a Lync Front-End Web Server and when attempts are made to load the secure web connection. I receive the error "Peer's certificate has an invalid signature"
  I've completely de-installed and re-installed Firefox. Removed and re-added the ROOT and SUBCA certs. Note: No issues when using same certs in Internet Explorer 8, 9 or 10 on the same system. Lync client also using same certificates, no issues. Only when accessing the Lync Web Services from Firefox.
  Question: Does Firefox NSS Internal PCKS#11 Module support RSASSA-PSS SHA-256 with different hashes? How can I troubleshoot this further?

  HI khetheri,
  In order to better test the certificate may we request the certificate without the private keys? I have some backup from the security team if this is possible.
  There is a temporary work around as well but I don't recommend turning on all certificates to make sure it is not a compatibility error(ish)
  It is possible to check if it is being detected as a bad certificate in Firefox itself to eliminate compatibility issues.
  # In the [[Location bar autocomplete|Location bar]], type '''about:config''' and press '''Enter'''. The about:config "''This might void your warranty!''" warning page may appear.
  # Click '''I'll be careful, I promise!''', to continue to the about:config page.
  # Search for '''browser.xul.error_pages.expert_bad_cert ''' and set it to true to try the certificate normally.
  Looking forward to your reply!

• Dimension values for Unknowns and Invalids

  I've created a mapping for loading a particular dimension table which includes a sequence operator for populating my surrogate key values. I need the first record in the table to act as my "UNKNOWN" values placeholder but cannot seem to figure out the best way of populating the table with the values for UNKNOWN prior to loading the source dimensional data. I've tried the Pre-Mapping Process operator with no success.

  We are used to add two dummy records in each dimension.
  We add the following data:
  We use '-1' (surr-key) for Invalids and '-2' for Unknown.
  Easy way to populate these dimensions is to add a script together with all objects when you release new functionality. Beware you use the same descriptions.
  Even better is to think of a more general solution (more easy to maintain) and store these values in a support table. In such a table you will be able to add more columns to get more details per row. Use this reference table when you load youre dimension. Also you will find the opportunity to add more error handling cases. Especially when you add the dimension in this support table.
  Regards
  Moscowic

• How can you set a ringtone for unknown numbers

  How can you set a ringtone for unknown numbers?

  You can set up each one of your contacts with a ringtone and use the default for all other unknown numbers. There is no way to set up a ringtone for unknown numbers.

• Reset password for Wireless routers

  How to reset the password for wireless routers? Do I re-setup again? I lost my CD and manual, what can i do?

  Hold the reset button on the router for 15 seconds and the router will be restored to factory defaults setting.
  Then type the router's IP 192.168.1.1 in your IE address bar and hit the Enter key, you will receive a login promot, you will leave the username field blank and type admin in the password field to gain entry. 

• Ihave pavilion g6 2006tx with win 8.1 pro ineed driver for unknown device

  driver for unknown device
  This question was solved.
  View Solution.

  Hi:
  You may need to reinstall the graphics driver, but I think it is the same one you have now.  It is from 2012 and so all they did was say it was good for W8.1 too.
  http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?softwareitem=ob-113258-1&cc=us&dlc=en&lc=en...
  If that doesn't work, then unfortunately I don't know what the issue could be.

• How to reduce the video traffic for the recipient

  I want to reduce Skype video traffic for myself and the other end.I am using Mac and Network Link Conditioner to limit the bandwidth to ~300kbps. It effectively reduce the Skype traffic to under 30KB per second. I am thinking if it will have the same positive effect on the other end, although that end is on a xMbps internet.

  Hi techfreak, I am wondering if my bandwidth limitation will have traffic saving effect on the other end. Let's say, a video call without me applying bandwidth limit on my computer generated 30M data received/30M data sent. After I applied the bandwidth limit, the same call on my computer reduced to 10M data received/10M data sent. Will the other end see similar reduction?

• New server make many broadcast traffic for NetBIOS wpad

  From 1 month ago I finished transferred from old server 2003 to new server 2012 with new machine all role , DHCP and sharing file are transferred successfully and I use netdom computername to keep the name for the new server as a same name for the old server 
  and all thing in my network is good  but I feel that there are some slow in the network and some router in my network frozen from time to time a need to restart 
  I use Wireshark to monitor my network and I found that my new server make many broadcast traffic for NetBIOS wpad , the server make more than 500 nbns broadcost per second .
  No.
             Time
                          Source
  Destination            
  Protocol    Length             
  Info
  384       134.075102           
  192.168.15.100        192.168.15.255            
  nbns         92         
  name query nb wpad<00>
  Where 192.168.15.100 is my server IP.
  all server and workstation have a antivirus and latest update  of windows and the server not connect to internet
  Can anyone help me to solve this problem.

  I found the problem and i would like to share it with other
  the problem from my antivirus Kaspersky Endpoint security 10 when i close the program the broadcast stop and all traffic return to normal
  i open antivirus again and disable the using of proxy from it and now its work good.
  Thanks