Domain over IP routed subnets - getting network browsing to work?

Similar Messages

• How to get Network Printing to work with Brother!!

  So i have my BROTHER DCP-7020 printer connected to my Windows machine and i've been sharing the printer on the network with my old iMac 24' which prints perfectly. Now i have the 27' imac and i have no idea why it won't do printing via network, plugging in USB works fine, i've installed the driver but it doesn't look like it did anything. It just worked on my 24' without any hassle, it gets detected in the "Printer Settings" automatically and i dont recall doing anything to get it to work before.
  Can anyone give me some tips of why it won't print and what I need to do in order to get network printing to work on my new Mac?
  By the way BOTH MACHINE runs SNOW LEOPARD.
  Thanks in advance.

  Here's the troubleshoot: http://support.apple.com/kb/HT1404
  And here is the manual method: http://support.apple.com/kb/HT3049
  Hope this helps!

• [svn] 3256: More changes to get remote browser functionality working for MXUnit.

  Revision: 3256
  Author: [email protected]
  Date: 2008-09-18 09:14:24 -0700 (Thu, 18 Sep 2008)
  Log Message:
  More changes to get remote browser functionality working for MXUnit.
  Need to copy http client jars from trunk/lib to trunk/qa/lib as part of the build. The http client jars are used by MXUnit when the remote browser, browser factory is being used.
  Also need to copy xalan.jar from trunk/lib to trunk/qa/lib now as William recently made changes to MXUnit that added a dependency on xalan.jar.
  In mxunit/build.xml made the browserFactory class for the MXUnit task use a property called mxunitBrowserFactory so different browser factories can now be passed in.
  Modified Paths:
  blazeds/trunk/qa/apps/qa-regress/build.xml
  blazeds/trunk/qa/apps/qa-regress/testsuites/mxunit/build.xml
  blazeds/trunk/qa/build.properties
  blazeds/trunk/qa/resources/frameworks/qa-frameworks.zip

  Ah, interesting. Here's what I get when I boot with the old GeForce 7300 plugged in.
  System Profiler shows no extensions with "ATI" in the name. I'm not sure if this is to be expected though. Does System Profiler -> Software -> Extensions display the kexts installed on the system, or only those that the kernel decided to load at boot time? If the latter, I guess I wouldn't expect to see them. If the former, then might there be some registration step I need to do to tell the system that the ATI kexts are present and able to be loaded?
  As for the presence of the extensions, if I look in /System/Library/Extensions, I find the following files when I do an 'ls -lF | grep ATI'...
  ATI1300Controller.kext
  ATI1600Controller.kext
  ATI1900Controller.kext
  ATI2400Controller.kext
  ATI2600Controller.kext
  ATI3800Controller.kext
  ATI4500Controller.kext
  ATI4600Controller.kext
  ATI4800Controller.kext
  ATI5000Controller.kext
  ATIFramebuffer.kext
  ATIRadeonX1000.kext
  ATIRadeonX1000GA.plugin
  ATIRadeonX1000GLDriver.bundle
  ATIRadeonX1000VADriver.bundle
  ATIRadeonX2000.kext
  ATIRadeonX2000GA.plugin
  ATIRadeonX2000GLDriver.bundle
  ATIRadeonX2000VADriver.bundle
  ATIRadeonX3000.kext
  ATIRadeonX3000GA.plugin
  ATIRadeonX3000GLDriver.bundle
  ATIRadeonX3000VADriver.bundle
  ATISupport.kext
  So lots of ATI-related goodies. The dates are all either Aug 2 or Aug 6, so I'm guessing they came with the Snow Leopard Graphics Update, which I think was released just after those dates.
  I'm getting ready to return the card and try another, but will hold off another day or two, since it still seems plausible that there might be a software issue lurking...
  Thanks again for your help,
  Jerry

• How do you get the browser to work offline. It stays connected even if you click on Work Offline option and there is a check mark beside it.

  I play an online game which requires me to open and set up several tabs, click on them offline, and then reload all tabs. With this new update, the work offline button does not work. I click on it 'Work Offline', a checkmark appears before the option. But when I click on the confirm button on the tab, it does not show the usual message that I am offline and I should try again after going online.
  I also do a lot of offline reading, which was possible with the previous Firefox versions. I'd load them while I was online, then I could read them when I was offline. Now I can't do this.
  I am not happy with this new version of FF. Is there a way to revert to the old Firefox?

  Does the Live Http Headers extension confirm that there is network traffic?
  *https://addons.mozilla.org/firefox/addon/live-http-headers/
  I notice that you are likely infected by Conduit software (malware) looking a the browser.newtab.url pref in the System Details list.
  Your System Details list shows that you have a user.js file in the profile folder to initialize prefs each time Firefox starts.
  The user.js file is only present if you or other software has created this file and normally it wouldn't be there.
  You can check its content with a plain text editor (right-click: Open with) if you didn't create this file yourself.
  The user.js file is read each time Firefox is started and initializes preferences to the value specified in this file, so preferences set via user.js can only be changed temporarily for the current session.
  *http://kb.mozillazine.org/Preferences_not_saved
  You can also check in "Windows Control Panel > Programs" for recently installed programs to see if anything from Conduit.
  *Control Panel > Programs > Programs and Features > Uninstall or change a program
  *Click the Installed column to sort by this heading

• Can't get widget browser to work

  Hi., I installed the widget browser and its giving me this
  Failed getting Widget Feed. Reload | Show More Information
  Show more information :
  Failed getting Widget Feed. Make sure you are connected to the internet.
  Unknown error.
  Tried signing in :
  The login attempt timed out.  Make sure that you are connected to the internet, and try to log in again.
  I am connected to the internet,. I cleared all cookies, and have it on Accept All Cookies in both Firefox and iExplorer.
  Please someone help me
  Thank You
  Kylie

  Hello,
  In order to see those folders, you may need to enable the "Show hidden folder" option on your pc (Start>Control Panel>Large Icons view>Folder options>View tab>Advanced Settings>Show hidden files, folders, and drives)
  But, it looks like some other user (JudeGr) may have found the solution. Can you try it:
  http://forums.adobe.com/message/3442087
  I hope this does the trick

• After updating to version 3.5.9 all websites send back a URL error. I end up having to do a system restore to before i installed the update to get ithe browser to work again. Any suggestions?

  I've downloaded the update a total of three times now. Each time an error message saying that the webpage can not be found is the only thing that comes up no matter what page i try to access. I've tried to restart my computer, restart firefox, run windows 7 troubleshooter on the wireless connection all to no avail.
  == URL of affected sites ==
  http://

  That is not the problem. When I enstall a new browser or updates for the one i have i temporarily uninstall the security program to ensure that there are no conflicts. Once the updates or new browser is installed i reinstall the security program and double check to make sure it has permission.

• Since upgrading to Firefox 5.0, the screen freezes & have to force quit in order to get the browser to work. This happens every time I try to use it.

  Every time I open Firefox, within several minutes, the screen freezes, and the only way I can make it work is to force quit.
  This works for awhile, and then I go through the whole thing
  again.

  c uses the same profile folder as the Windows and Linux platform.
  You can locate the Firefox Profile Folder via
  *Help > Troubleshooting Information > Profile Directory: Open Containing Folder
  * http://kb.mozillazine.org/Profile_folder_-_Firefox
  Copy and Paste this code in the Code field in the <i>"Tools > Error Console"</i> and click the <i>Evaluate</i> button to see the location of the profile folder.
  <pre><nowiki>alert(Components.classes["@mozilla.org/file/directory_service;1"].getService(Components.interfaces.nsIProperties).get("ProfD", Components.interfaces.nsIFile).path);
  </nowiki></pre>

• How can i get my items to stay in place and not cross over each other when readjusting the browser s

  How can i get my items to stay in place and not cross over each other when readjusting the browser size.
  Basically on my site when i go from a small screen to a big screen everything doesn't adjust to the screen size. I don't know what im missing
  Here's the link to the page all the pages & they all do it
  http://theatricalworkslive.com/
  Thanks in advance

  Please read this whole message before doing anything.
  This procedure is a diagnostic test. It’s unlikely to solve your problem. Don’t be disappointed when you find that nothing has changed after you complete it.
  The purpose of the test is to determine whether the problem is caused by third-party software that loads automatically at startup or login, or by a peripheral device. 
  Disconnect all wired peripherals except those needed for the test, and remove all aftermarket expansion cards. Boot in safe mode and log in to the account with the problem.  Note: If FileVault is enabled, or if a firmware password is set, or if the boot volume is a software RAID, you can’t do this. Post for further instructions.
  Safe mode is much slower to boot and run than normal, and some things won’t work at all, including wireless networking on certain Macs. The next normal boot may also be somewhat slow.
  The login screen appears even if you usually log in automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin. Test while in safe mode. Same problem? After testing, reboot as usual (i.e., not in safe mode) and verify that you still have the problem. Post the results of the test.

• Help required network configuration - Gateway route settings get erased on reboot.

  Oracle Linux 7
  Linux myhostname 3.8.13-35.3.1.el7uek.x86_64 #2 SMP Wed Jun 25 15:27:43 PDT 2014 x86_64 x86_64 x86_64 GNU/Linux
  #cat /etc/sysconfig/network-scripts/ifcfg-eno16780032
  TYPE="Ethernet"
  BOOTPROTO="none"
  DEFROUTE="yes"
  IPV4_FAILURE_FATAL="no"
  IPV6INIT="yes"
  IPV6_AUTOCONF="yes"
  IPV6_DEFROUTE="yes"
  IPV6_FAILURE_FATAL="no"
  NAME="eno16780032"
  UUID="2d1107e3-8bd9-49b1-b726-701c56dc368b"
  ONBOOT="yes"
  IPADDR0="34.36.140.86"
  PREFIX0="22"
  GATEWAY0="34.36.143.254"
  DNS1="34.36.132.1"
  DNS2="34.34.132.1"
  DOMAIN="corp.halliburton.com"
  HWADDR="00:50:56:AC:3F:F9"
  IPV6_PEERDNS="yes"
  IPV6_PEERROUTES="yes"
  NM_CONTROLLED="no"
  #route -n
  Kernel IP routing table
  Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
  0.0.0.0         34.36.143.254   0.0.0.0         UG    0      0        0 eno16780032
  34.36.140.0     0.0.0.0         255.255.252.0   U     0      0        0 eno16780032
  169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eno16780032
  When I reboot the machine, the first line in route table gets erased, I then run:
  #route add default gw 34.36.143.254
  After which network works fine.
  Help required. I don't want to use NetworkManager.

  The following might be useful:
  https://access.redhat.com/solutions/783533
  "When transitioning from NetworkManager to using the network initscript, the default gateway parameter in the interface's ifcfg file will be depicted as 'GATEWAY0'. In order for the ifcfg file to be compatible with the network initscript, this parameter must be renamed to 'GATEWAY'. This limitation will be addressed in an upcoming release of RHEL7."
  NetworkManager is now the default mechanism for RHEL 7. Personally I don't quite understand this, because as far as I can gather it is a program for systems to automatically detect and connect to known networks. I think such functionality can be useful when switching between wireless and wired networks, but for a server platform, I wonder.

• I'm trying to read some XML data from temperature logger over my network. I'm using LabView version 2009 sp1. I'm using the URL Get Document Vi. It works fine when using Internet sites like google or foxnews etc...

  I'm trying to read some XML data from temperature logger over my network.  I'm using LabView version 2009 sp1.  I'm using the URL Get Document Vi.  It works fine when using Internet sites like google or foxnews etc...
  When I use it with my temperature logger most of the time I get an Error 66...but some times it does work and actually retrieves the document. 
  I can use the same address "http://172.22.21.68/XMLfeed.rb" (Internet Explorer or Google Chrome) in my browser and get a response every time.  When accessing from my browser the server in the temperature logger does take around 6 seconds to respond, but it does respond every time. 
  Is the URL Get Document Vi exceeding a timeout?  If so, where can I set it to wait longer?
  Attachments:
  Error 66.jpg ‏183 KB

  It looks like the TCP Buffered Read has a 2.5 sec timeout, I believe that is where I had trouble as well.  Try creating your own URL Get HTTP Doc vi in which you call URL Get Document in normal mode, with an appropriate number of characters to fetch (enough characters so that you capture all the important data in the XML file).
  Attachments:
  ex1.PNG ‏33 KB

• Dear Sirs , my I phone 4 is limited to some network so i wanna make my I phone free to all networkes all over , how can i get the code to unblock it

  Dear Sirs ,
  my I phone 4 is limited to some network so i wanna make my I phone free to all networkes all over , how can i get the code to unblock it

  There is no "code to unblock it". It can only be unlocked by the carrier it's locked to. Contact them and see if they offer that service and if you qualify.

• A desktop is failing to join in Domain over a VSAT link. Error: Network path not found.

  Dear Friends,
        Facing an issue for adding a desktop in Domain over VSAT. When I say enter after typing the domain name which i want to join. I am asked for User name and Password. After User name and password is entered it waits for a long
  time and then it gives an error as Network Path not Found. I am pretty surprised why is it happening like that.
  In hosts file too I am mentioning the IP of the DC at my Data Center.
  I have another site over VSAT which has worst latency and more RTO's than this one, but on that site I am able to add a desktop in Domain. I don't have domain controller at the remote site which is connected by VSAT.

  Please do not hardcode the domain IP address in your HOSTS file. That will just create issues.
  Please make sure that your client computer points only to internal DNS servers for DNS resolutions.
  You can use NSlookup to make sure that DNS resolution for your DCs A and SRV records are working properly:
  http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx
  https://support.microsoft.com/en-us/kb/241515?wa=wsignin1.0
  Also, make sure that you have no connectivity failures between your remote site and the one having your DCs using
  ping: http://social.technet.microsoft.com/wiki/contents/articles/30110.ping-for-beginners.aspx
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Whenever I try to open Network browser it gets an error.

  I was trying to open Network Browser and I got this error: "Network Browser is unable to launch because your system software is not configured properly.".
  I really want to start this,
  My computer is a iBook Clamshell g3 Blue-Berry,
  running Mac OS 9.2.2.
  I have 64 MB of RAM,
  and a 6 GB hard drive,
  Thanks.

  I really need Help! Please.
  I was trying to open Network Browser and I got this error: "Network Browser is unable to launch because your system software is not configured properly.".
  I really want to start this,
  My computer is a iBook Clamshell g3 Blue-Berry,
  running Mac OS 9.2.2.
  I have 64 MB of RAM,
  and a 6 GB hard drive,
  Thanks.

• Cisco ASA 5505 Routing between internal networks

  Hi,
  I am new to Cisco ASA and have been configuring my new firewall but one thing have been bothering. I cannot get internal networks and routing between them to work as I would like to. Goal is to set four networks and control access with ACL:s between those.
  1. Outside
  2. DMZ
  3. ServerNet1
  4. Inside
  ASA version is 9.1 and i have been reading on two different ways on handling IP routing with this. NAT Exempt and not configuring NAT at all and letting normal IP routing to handle internal networks. No matter how I configure, with or without NAT I cannot get access from inside network to DMZ or from ServerNet1 to DMZ. Strange thing is that I can access services from DMZ to Inside and ServerNet1 if access list allows it. For instance DNS server is on Inside network and DMZ works great using it.
  Here is the running conf:
  interface Ethernet0/0
  switchport access vlan 20
  interface Ethernet0/1
  switchport access vlan 20
  interface Ethernet0/2
  switchport access vlan 19
  interface Ethernet0/3
  switchport access vlan 10
  switchport trunk allowed vlan 10,19-20
  switchport trunk native vlan 1
  interface Ethernet0/4
  switchport access vlan 10
  interface Ethernet0/5
  switchport access vlan 10
  switchport trunk allowed vlan 10-11,19-20
  switchport trunk native vlan 1
  switchport mode trunk
  interface Ethernet0/6
  switchport access vlan 10
  switchport trunk allowed vlan 10-11,19-20
  switchport trunk native vlan 1
  switchport mode trunk
  interface Ethernet0/7
  switchport access vlan 10
  interface Vlan10
  nameif inside
  security-level 90
  ip address 192.168.2.1 255.255.255.0
  interface Vlan11
  nameif ServerNet1
  security-level 100
  ip address 192.168.4.1 255.255.255.0
  interface Vlan19
  nameif DMZ
  security-level 10
  ip address 192.168.3.1 255.255.255.0
  interface Vlan20
  nameif outside
  security-level 0
  ip address dhcp setroute
  ftp mode passive
  clock timezone EEST 2
  clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 4:00
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network obj-192.168.2.0
  subnet 192.168.2.0 255.255.255.0
  object network obj-192.168.3.0
  subnet 192.168.3.0 255.255.255.0
  object network DNS
  host 192.168.2.10
  description DNS Liikenne
  object network Srv2
  host 192.168.2.10
  description DC, DNS, DNCP
  object network obj-192.168.4.0
  subnet 192.168.4.0 255.255.255.0
  object network ServerNet1
  subnet 192.168.4.0 255.255.255.0
  object-group protocol TCPUDP
  protocol-object udp
  protocol-object tcp
  object-group network RFC1918
  object-group network InternalNetworks
  network-object 192.168.2.0 255.255.255.0
  network-object 192.168.3.0 255.255.255.0
  object-group service DM_INLINE_SERVICE_1
  service-object tcp destination eq domain
  service-object udp destination eq domain
  service-object udp destination eq nameserver
  service-object udp destination eq ntp
  object-group service DM_INLINE_TCP_1 tcp
  port-object eq www
  port-object eq https
  port-object eq ftp
  port-object eq ftp-data
  object-group service rdp tcp-udp
  description Microsoft RDP
  port-object eq 3389
  object-group service DM_INLINE_TCP_2 tcp
  port-object eq ftp
  port-object eq ftp-data
  port-object eq www
  port-object eq https
  object-group service DM_INLINE_SERVICE_2
  service-object tcp destination eq domain
  service-object udp destination eq domain
  object-group network DM_INLINE_NETWORK_1
  network-object object obj-192.168.2.0
  network-object object obj-192.168.4.0
  access-list dmz_access_in extended permit ip object obj-192.168.3.0 object obj_any
  access-list dmz_access_in extended deny ip any object-group InternalNetworks
  access-list DMZ_access_in extended permit object-group TCPUDP object obj-192.168.3.0 object DNS eq domain
  access-list DMZ_access_in extended permit object-group TCPUDP object obj-192.168.3.0 object-group DM_INLINE_NETWORK_1 object-group rdp
  access-list DMZ_access_in extended deny ip any object-group InternalNetworks
  access-list DMZ_access_in extended permit tcp object obj-192.168.3.0 object obj_any object-group DM_INLINE_TCP_2
  access-list inside_access_in extended permit ip object obj-192.168.2.0 object-group InternalNetworks
  access-list inside_access_in extended permit object-group TCPUDP object obj-192.168.2.0 object obj_any object-group rdp
  access-list inside_access_in extended permit tcp object obj-192.168.2.0 object obj_any object-group DM_INLINE_TCP_1
  access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_1 object Srv2 object obj_any
  access-list inside_access_in extended permit object-group TCPUDP object obj-192.168.2.0 object obj-192.168.3.0 object-group rdp
  access-list ServerNet1_access_in extended permit object-group DM_INLINE_SERVICE_2 any object DNS
  access-list ServerNet1_access_in extended permit ip any any
  pager lines 24
  logging enable
  logging asdm informational
  mtu ServerNet1 1500
  mtu inside 1500
  mtu DMZ 1500
  mtu outside 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-711-52.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (inside,DMZ) source static obj-192.168.2.0 obj-192.168.2.0 destination static obj-192.168.2.0 obj-192.168.2.0 no-proxy-arp
  object network obj_any
  nat (inside,outside) dynamic interface
  nat (DMZ,outside) after-auto source dynamic obj_any interface destination static obj_any obj_any
  nat (ServerNet1,outside) after-auto source dynamic obj-192.168.4.0 interface
  access-group ServerNet1_access_in in interface ServerNet1
  access-group inside_access_in in interface inside
  access-group DMZ_access_in in interface DMZ
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  http server enable
  http 192.168.2.0 255.255.255.0 inside
  http 192.168.4.0 255.255.255.0 ServerNet1
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec security-association pmtu-aging infinite
  crypto ca trustpool policy
  telnet timeout 5
  ssh 192.168.4.0 255.255.255.0 ServerNet1
  ssh 192.168.2.0 255.255.255.0 inside
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect icmp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous

  Hi Jouni,
  Yep, Finnish would be good also =)
  In front of ASA is DSL modem, on the trunk ports is Hyper-V host that uses the trunk ports so that every VM has their VLAN ID defined in the VM level. Everything is working good on that end. Also there is WLAN Access Pois on one of the ASA ports, on the WLAN AP there is the management portal address on DMZ that i have been testing agains (192.168.3.4)
  If i configure Dynamic PAT from inside to the DMZ then the traffic starts to work from inside to all hosts on DMZ but thats not the right way to do it so no shortcuts =)
  Here is the conf now, still doesnt work:
  interface Ethernet0/0
  switchport access vlan 20
  interface Ethernet0/1
  switchport access vlan 20
  interface Ethernet0/2
  switchport access vlan 19
  interface Ethernet0/3
  switchport access vlan 10
  switchport trunk allowed vlan 10,19-20
  switchport trunk native vlan 1
  interface Ethernet0/4
  switchport access vlan 10
  interface Ethernet0/5
  switchport access vlan 10
  switchport trunk allowed vlan 10-11,19-20
  switchport trunk native vlan 1
  switchport mode trunk
  interface Ethernet0/6
  switchport access vlan 10
  switchport trunk allowed vlan 10-11,19-20
  switchport trunk native vlan 1
  switchport mode trunk
  interface Ethernet0/7
  switchport access vlan 10
  interface Vlan10
  nameif inside
  security-level 90
  ip address 192.168.2.1 255.255.255.0
  interface Vlan11
  nameif ServerNet1
  security-level 100
  ip address 192.168.4.1 255.255.255.0
  interface Vlan19
  nameif DMZ
  security-level 10
  ip address 192.168.3.1 255.255.255.0
  interface Vlan20
  nameif outside
  security-level 0
  ip address dhcp setroute
  ftp mode passive
  clock timezone EEST 2
  clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 4:00
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network obj-192.168.2.0
  subnet 192.168.2.0 255.255.255.0
  object network obj-192.168.3.0
  subnet 192.168.3.0 255.255.255.0
  object network DNS
  host 192.168.2.10
  description DNS Liikenne
  object network Srv2
  host 192.168.2.10
  description DC, DNS, DNCP
  object network obj-192.168.4.0
  subnet 192.168.4.0 255.255.255.0
  object network ServerNet1
  subnet 192.168.4.0 255.255.255.0
  object-group protocol TCPUDP
  protocol-object udp
  protocol-object tcp
  object-group network RFC1918
  object-group network InternalNetworks
  network-object 192.168.2.0 255.255.255.0
  network-object 192.168.3.0 255.255.255.0
  object-group service DM_INLINE_SERVICE_1
  service-object tcp destination eq domain
  service-object udp destination eq domain
  service-object udp destination eq nameserver
  service-object udp destination eq ntp
  object-group service DM_INLINE_TCP_1 tcp
  port-object eq www
  port-object eq https
  port-object eq ftp
  port-object eq ftp-data
  object-group service rdp tcp-udp
  description Microsoft RDP
  port-object eq 3389
  object-group service DM_INLINE_TCP_2 tcp
  port-object eq ftp
  port-object eq ftp-data
  port-object eq www
  port-object eq https
  object-group service DM_INLINE_SERVICE_2
  service-object tcp destination eq domain
  service-object udp destination eq domain
  object-group network DM_INLINE_NETWORK_1
  network-object object obj-192.168.2.0
  network-object object obj-192.168.4.0
  object-group network DEFAULT-PAT-SOURCE
  description Default PAT source networks
  network-object 192.168.2.0 255.255.255.0
  network-object 192.168.3.0 255.255.255.0
  network-object 192.168.4.0 255.255.255.0
  access-list dmz_access_in extended permit ip object obj-192.168.3.0 object obj_any
  access-list dmz_access_in extended deny ip any object-group InternalNetworks
  access-list DMZ_access_in extended permit object-group TCPUDP object obj-192.168.3.0 object DNS eq domain
  access-list DMZ_access_in extended permit object-group TCPUDP object obj-192.168.3.0 object-group DM_INLINE_NETWORK_1 object-group rdp
  access-list DMZ_access_in extended deny ip any object-group InternalNetworks
  access-list DMZ_access_in extended permit tcp object obj-192.168.3.0 object obj_any object-group DM_INLINE_TCP_2
  access-list inside_access_in extended permit ip object obj-192.168.2.0 object-group InternalNetworks
  access-list inside_access_in extended permit object-group TCPUDP object obj-192.168.2.0 object obj_any object-group rdp
  access-list inside_access_in extended permit tcp object obj-192.168.2.0 object obj_any object-group DM_INLINE_TCP_1
  access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_1 object Srv2 object obj_any
  access-list inside_access_in extended permit object-group TCPUDP object obj-192.168.2.0 object obj-192.168.3.0 object-group rdp
  access-list ServerNet1_access_in extended permit object-group DM_INLINE_SERVICE_2 any object DNS
  access-list ServerNet1_access_in extended permit ip any any
  pager lines 24
  logging enable
  logging asdm informational
  mtu ServerNet1 1500
  mtu inside 1500
  mtu DMZ 1500
  mtu outside 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-711-52.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (any,outside) after-auto source dynamic DEFAULT-PAT-SOURCE interface
  access-group ServerNet1_access_in in interface ServerNet1
  access-group inside_access_in in interface inside
  access-group DMZ_access_in in interface DMZ
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  http server enable
  http 192.168.2.0 255.255.255.0 inside
  http 192.168.4.0 255.255.255.0 ServerNet1
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec security-association pmtu-aging infinite
  crypto ca trustpool policy
  telnet timeout 5
  ssh 192.168.4.0 255.255.255.0 ServerNet1
  ssh 192.168.2.0 255.255.255.0 inside
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect icmp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous

• Path Selection for Routes Across MPLS Network

  Customer hub site has two CE routers with two links connected to two seperate PE routers in the Carrier's MPLS network. At the customer's remote site one CE router on a single link is connected to PE router in MPLS network.
  How can I configure the CE routers at the hub site to advertised the same network across the MPLS network to the CE router at the remote site? Also, how can I configure the CE router at the remote site to select on of the router as the primary and the other as secondary? Can I use local-preference on the CE router at the remote site to selected on path over the other.
  I'm not sure if this makes any sense. Any help will be appreciated. Thanks

  Even with multiple RDs for VRFs belonging to the same VPN, you still need IBGP multipath, correct? Multiple RDs is just to get around the RR restriction.
  Also, you posted this message a while back:
  "If you have many VPN customers all using the same addresses (most likely rfc1918), the fact that they have different RDs and that the PE prepends the RD to the prefixes exchanged between PEs will make the same prefixes different in the MPLS VPN core
  cust1 advertises 192.168.1.0/24 with RD 1:1 therefore
  VPNv4 prefix is 1:1:192.168.1.0
  cust2 advertises 192.168.1.0/24 with RD 1:2 therefore
  VPNv4 prefix is 1:2:192.168.1.0"
  My test lab does not support the IBGP multipath command, and thus even with different RDs, it still only installs one best path.
  I understand that RD = make unique VPNv4 routes in SP space, and that RT = what to import into the VRF. However, I am having a hard time visualizing the scenario with mutiple RDs for the same VPN for load balancing purposes. I am trying to understand the logic behind it.
  Per your example, if both 1:1 and 1:2 are received by the remote PE, assuming IBGP multipath is enabled, why would the remote PE load balance between the two links? Why would it assume that the hub subnets are reachable via two different PEs, and that it's not two different, isolated VPNs altogether?
  Is it b/c you imported both 1:1 and 1:2 into a VRF at the remote PE?