Dynamic or static?
in trying to get this netflix thing working their support team said i needed to change my static isp (?) to dynamic isp (?) which of course is gibberish to me. wouldn't know an isp if it stopped by for dinner. he also said it might mess up my internet connection. Any thoughts? first time i seemed to have stumped the genius department...say it ain't so
thanks
I think you mean +IP address+. An "ISP" is your Internet Service Provider (your phone or cable or whatever company that provides the broadband connection).
The default setting in System Preferences Network pane TCP/IP tab is
Configure *Using DHCP*
I don't know if that is the setting being referred to by the NetFlix folks, or if it is some setting that your ISP uses for your broadband connection.
Similar Messages
-
Having trouble with Dynamic-to-static
Having an issue with traffic passing over a dynamic-to-static VPN. Phase 1 and Phase 2 both complete. sh cry ips sa on the ASA shows 0 #pkts encaps. From the 861 it shows 0 #pkts decaps
I know its a lot to look at but hopefully someone will see something obvious that I messed up.
The second tunnel is working. It is coming from a CradlePoint MBR1400 so I am unable to apply the config from that.
ciscoasa# sh crypto isakmp sa
Active SA: 2
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 2
1 IKE Peer: 107.46.57.189
Type : L2L Role : responder
Rekey : no State : MM_ACTIVE
2 IKE Peer: xxx.xxx.xxx.xxx
Type : L2L Role : responder
Rekey : no State : MM_ACTIVE
ciscoasa# sh crypto ipsec sa
interface: outside
Crypto map tag: SYSTEM_DEFAULT_CRYPTO_MAP, seq num: 65535, local addr:
local ident (addr/mask/prot/port): (10.10.0.0/255.255.0.0/0/0)
remote ident (addr/mask/prot/port): (192.168.101.0/255.255.255.0/0/0)
current_peer: 107.46.57.189
#pkts encaps: 3166, #pkts encrypt: 3166, #pkts digest: 3166
#pkts decaps: 2828, #pkts decrypt: 2828, #pkts verify: 2828
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 3166, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: xxx.xxx.xxx.98, remote crypto endpt.: 107.46.57.189
path mtu 1500, ipsec overhead 74, media mtu 1500
current outbound spi: 0D67A97D
current inbound spi : B59B6F50
inbound esp sas:
spi: 0xB59B6F50 (3046862672)
transform: esp-aes esp-sha-hmac no compression
in use settings ={L2L, Tunnel, }
slot: 0, conn_id: 5472256, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 3020
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0xFFFFFFFF 0xFFF7FFFF
outbound esp sas:
spi: 0x0D67A97D (224897405)
transform: esp-aes esp-sha-hmac no compression
in use settings ={L2L, Tunnel, }
slot: 0, conn_id: 5472256, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 3020
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
Crypto map tag: SYSTEM_DEFAULT_CRYPTO_MAP, seq num: 65535, local addr: xxx.xxx.xxx.98
local ident (addr/mask/prot/port): (10.10.0.0/255.255.0.0/0/0)
remote ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)
current_peer: xxx.xxx.xxx.xxx
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 1041, #pkts decrypt: 1044, #pkts verify: 1044
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: xxx.xxx.xxx.xxx/4500, remote crypto endpt.: xxx.xxx.xxx.xxx/2944
path mtu 1500, ipsec overhead 82, media mtu 1500
current outbound spi: 9613FEAC
current inbound spi : 186C9E40
inbound esp sas:
spi: 0x186C9E40 (409771584)
transform: esp-aes esp-sha-hmac no compression
in use settings ={L2L, Tunnel, NAT-T-Encaps, }
slot: 0, conn_id: 5476352, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (kB/sec): (3914991/3199)
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0xFFFFFFFF 0xFFFFFFFF
outbound esp sas:
spi: 0x9613FEAC (2517892780)
transform: esp-aes esp-sha-hmac no compression
in use settings ={L2L, Tunnel, NAT-T-Encaps, }
slot: 0, conn_id: 5476352, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (kB/sec): (3915000/3198)
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
REMOTE Config Cisco 861
Current configuration : 3112 bytes
! Last configuration change at 13:07:07 UTC Mon Jan 2 2006 by jwright
! NVRAM config last updated at 12:10:49 UTC Mon Jan 2 2006 by jwright
version 15.0
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service sequence-numbers
hostname Corvid
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
logging console critical
no aaa new-model
memory-size iomem 10
crypto pki trustpoint TP-self-signed-3769564853
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3769564853
revocation-check none
rsakeypair TP-self-signed-3769564853
crypto pki certificate chain TP-self-signed-3769564853
certificate self-signed 02
ip source-route
ip dhcp excluded-address 10.10.10.1
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
ip cef
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
license udi pid CISCO861-K9 sn
username xxxxx privilege 15 secret 5 $1$SI.
username xxxxx privilege 15 secret 5 $1$y1
ip tcp synwait-time 10
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key ************ address xxx.xxx.xxx.xxx
crypto ipsec transform-set RTPSET esp-aes esp-sha-hmac
crypto map RTP 1 ipsec-isakmp
set peer xxx.xxx.xxx.xxx
set transform-set RTPSET
match address 100
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map RTP
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map nonat interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 dhcp
logging trap debugging
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 24 permit 192.168.0.0 0.0.0.255
access-list 100 permit ip 10.10.10.0 0.0.0.255 10.10.0.0 0.0.255.255
access-list 100 deny ip 10.10.10.0 0.0.0.255 any
access-list 120 deny ip 10.10.10.0 0.0.0.255 10.10.0.0 0.0.255.255
access-list 120 permit ip 10.10.10.0 0.0.0.255 any
no cdp run
route-map nonat permit 10
match ip address 120
control-plane
line con 0
logging synchronous
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
ASA5510
ciscoasa# sh run
: Saved
ASA Version 8.2(1)11
hostname ciscoasa
domain-name pme.local
enable password xxx encrypted
passwd xxx encrypted
names
interface Ethernet0/0
nameif backup
security-level 1
ip address xxx.xxx.xxx.xxx 255.255.255.248
interface Ethernet0/1
nameif inside
security-level 100
ip address 10.10.1.1 255.255.0.0
interface Ethernet0/2
shutdown
nameif outside2
security-level 0
no ip address
interface Ethernet0/3
nameif outside
security-level 0
ip address xxx.xxx.xxx.xxx 255.255.255.224
interface Management0/0
nameif management
security-level 100
ip address 172.17.0.199 255.255.255.0
management-only
banner motd **************************** NOTICE ******************************
banner motd * Unauthorized access to this network device is FORBIDDEN! *
banner motd * All connection attempts and sessions are logged and AUDITED! *
banner motd ******************************************************************
banner motd **************************** NOTICE ******************************
banner motd * Unauthorized access to this network device is FORBIDDEN! *
banner motd * All connection attempts and sessions are logged and AUDITED! *
banner motd ******************************************************************
boot system disk0:/asa821-11-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup inside
dns domain-lookup outside2
dns domain-lookup outside
dns domain-lookup management
dns server-group DefaultDNS
name-server HOMESTEAD-INT
name-server SEBRING-INT
domain-name pme.local
object-group service SQLTEST udp
description SQLTEST for VES
port-object eq 1434
object-group service SQLTEST_TCP tcp
description SQLTEST For VES
port-object eq 1433
object-group service DM_INLINE_TCP_1 tcp
port-object eq ftp
port-object eq ftp-data
access-list nonat extended permit ip any 10.10.11.0 255.255.255.0
access-list nonat extended permit ip 10.10.0.0 255.255.0.0 10.10.11.0 255.255.255.0
access-list nonat extended permit ip 10.10.0.0 255.255.0.0 192.168.101.0 255.255.255.0
access-list nonat extended permit ip 10.10.0.0 255.255.0.0 10.10.10.0 255.255.255.248
access-list outside_access_in extended permit tcp any host DAYTONA-EXT-BAK eq smtp
access-list outside_access_in extended permit tcp any host DAYTONA-EXT-BAK eq https
access-list outside_access_in extended permit tcp any host DAYTONA-EXT-BAK eq www
access-list outside_access_in extended permit tcp any host SonomaBullsEye eq https inactive
access-list outside_access_in extended permit tcp any host AUTHENTICA-EXT-BAK eq www
access-list outside_access_in extended permit tcp any host AUTHENTICA-EXT-BAK eq https
access-list outside_access_in extended permit udp any host xxx.xxx.xxx.xxx eq 1434
access-list outside_access_in extended permit tcp any host xxx.xxx.xxx.xxx eq 1433 inactive
access-list outside_access_in extended permit tcp any host FILETRANSFER-EXT-BAK eq www
access-list outside_access_in extended permit tcp any host FILETRANSFER-EXT-BAK eq https
access-list outside_access_in remark HTTP for TeamWeb
access-list outside_access_in extended permit tcp any host ALEXSYS-EXT-BAK eq www
access-list outside_access_in remark HTTPS for TeamWeb
access-list outside_access_in extended permit tcp any host ALEXSYS-EXT-BAK eq https
access-list outside_access_in extended deny icmp any any
access-list Split_Tunnel_List standard permit 10.10.0.0 255.255.0.0
access-list outside_access_in_1 extended permit tcp any host DAYTONA-EXT-OUT eq smtp
access-list outside_access_in_1 extended permit tcp any host DAYTONA-EXT-OUT eq https
access-list outside_access_in_1 extended permit tcp any host DAYTONA-EXT-OUT eq www
access-list outside_access_in_1 extended permit tcp any host Sonoma eq https inactive
access-list outside_access_in_1 extended permit tcp any host PMEUPDATE-EXT-OUT eq www
access-list outside_access_in_1 extended permit tcp any host FILETRANSFER-EXT-OUT eq www
access-list outside_access_in_1 extended permit tcp any host FILETRANSFER-EXT-OUT eq ssh inactive
access-list outside_access_in_1 extended permit tcp any host FILETRANSFER-EXT-OUT eq https
access-list outside_access_in_1 remark FTPS
access-list outside_access_in_1 extended permit tcp any host FTP-EXT-OUT object-group DM_INLINE_TCP_1
access-list outside_access_in_1 extended permit tcp any host FTP-EXT-OUT range 60200 60400
access-list outside_access_in_1 extended permit tcp any host AUTHENTICA-EXT-OUT eq www
access-list outside_access_in_1 extended permit tcp any host AUTHENTICA-EXT-OUT eq https
access-list outside_access_in_1 extended permit tcp any host OSCODA-EXT-OUT object-group SQLTEST_TCP inactive
access-list outside_access_in_1 extended permit udp any host OSCODA-EXT-OUT object-group SQLTEST inactive
access-list outside_access_in_1 extended permit tcp any host ALEXSYS123-EXT-OUT eq www
access-list outside_access_in_1 extended permit tcp any host ALEXSYS123-EXT-OUT eq https
access-list outside_access_in_1 extended deny icmp any any
access-list inside_access_out extended permit ip any any log
pager lines 24
logging enable
logging timestamp
logging trap notifications
logging asdm notifications
logging from-address [email protected]
logging recipient-address [email protected] level errors
logging host inside 10.10.2.12
logging permit-hostdown
no logging message 302015
no logging message 302014
no logging message 302013
no logging message 302012
no logging message 302017
no logging message 302016
mtu backup 1500
mtu inside 1500
mtu outside2 1500
mtu outside 1500
mtu management 1500
ip local pool IPSECVPN2 10.10.11.76-10.10.11.100
ip local pool SSLVPN 10.10.11.101-10.10.11.200 mask 255.255.0.0
ip local pool IPSECVPN 10.10.11.25-10.10.11.75
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-623.bin
no asdm history enable
arp timeout 14400
global (backup) 1 xxx.xxx.xxx.xxx
global (outside) 1 xxx.xxx.xxx.xxx netmask 255.255.255.224
nat (inside) 0 access-list nonat
nat (inside) 1 10.10.0.0 255.255.0.0
static (inside,outside) DAYTONA-EXT-OUT DAYTONA-INT netmask 255.255.255.255
static (inside,outside) AUTHENTICA-EXT-OUT AUTHENTICA-INT netmask 255.255.255.255
static (inside,outside) ALEXSYS123-EXT-OUT MIDOHIO-INT netmask 255.255.255.255
static (inside,outside) PMEUPDATE-EXT-OUT PMEUPDATE-INT netmask 255.255.255.255
static (inside,outside) FILETRANSFER-EXT-OUT FILETRANSFER-INT netmask 255.255.255.255
static (inside,outside) FTP-EXT-OUT FTP-INT netmask 255.255.255.255
static (inside,backup) FILETRANSFER-EXT-BAK FILETRANSFER-INT netmask 255.255.255.255
static (inside,backup) DAYTONA-EXT-BAK DAYTONA-INT netmask 255.255.255.255
static (inside,backup) AUTHENTICA-EXT-BAK AUTHENTICA-INT netmask 255.255.255.255
static (inside,backup) ALEXSYS-EXT-BAK MIDOHIO-INT netmask 255.255.255.255
access-group outside_access_in in interface backup
access-group inside_access_out in interface inside
access-group outside_access_in_1 in interface outside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1 track 1
route backup 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 254
route backup 62.109.192.0 255.255.240.0 xxx.xxx.xxx.xxx 1
route backup 64.68.96.0 255.255.224.0 xxx.xxx.xxx.xxx 1
route backup 66.114.160.0 255.255.240.0 xxx.xxx.xxx.xxx 1
route backup 66.163.32.0 255.255.240.0 xxx.xxx.xxx.xxx 1
route backup 209.197.192.0 255.255.224.0 xxx.xxx.xxx.xxx 1
route backup 210.4.192.0 255.255.240.0 xxx.xxx.xxx.xxx 1
timeout xlate 3:00:00
timeout conn 24:00:00 half-closed 0:05:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
webvpn
http-proxy enable
aaa-server PMERADIUS protocol radius
aaa-server PMERADIUS (inside) host HOMESTEAD-INT
key ******
radius-common-pw ******
aaa authentication ssh console LOCAL
http server enable
http 10.10.0.0 255.255.0.0 inside
http 172.17.0.0 255.255.255.0 management
http redirect backup 80
http redirect outside 80
snmp-server location Server Room
snmp-server contact Jay
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart
sla monitor 100
type echo protocol ipIcmpEcho xxx.xxx.xxx.xxx interface outside
timeout 3000
frequency 10
sla monitor schedule 100 life forever start-time now
crypto ipsec transform-set PM1 esp-3des esp-md5-hmac
crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dyn1 1 set pfs group1
crypto dynamic-map dyn1 1 set transform-set PM1
crypto dynamic-map dyn1 1 set security-association lifetime seconds 28800
crypto dynamic-map dyn1 1 set security-association lifetime kilobytes 4608000
crypto dynamic-map dyn1 1 set reverse-route
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map cryptomap1 1 ipsec-isakmp dynamic dyn1
crypto map cryptomap1 interface backup
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint xxx.xxx.xxx.xxx
enrollment terminal
fqdn xxx.xxx.xxx.xxx
subject-name CN= xxx.xxx.xxx.xxx, O=xxxx, C=US, St=MI, L=xxxx
keypair xxx.xxx.xxx.xxx
crl configure
crypto ca certificate chain xxx.xxx.xxx.xxx
certificate 041200616c79f4
30820577 3082045f a0030201 02020704 1200616c 79f4300d 06092a86 4886f70d
quit
crypto isakmp identity address
crypto isakmp enable backup
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption aes-256
hash sha
group 5
lifetime 86400
crypto isakmp policy 50
authentication pre-share
encryption aes-256
hash md5
group 5
lifetime 86400
crypto isakmp nat-traversal 33
track 1 rtr 100 reachability
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 15
ssh version 2
console timeout 0
management-access inside
threat-detection basic-threat
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 64.22.86.210 source backup prefer
ssl trust-point vpn.prattmiller.com outside
ssl trust-point vpn.prattmiller.com backup
ssl trust-point vpn.prattmiller.com outside2
webvpn
enable backup
enable outside2
enable outside
svc image disk0:/anyconnect-win-2.5.3055-k9.pkg 2
svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 3
svc profiles AllowRemoteUsers disk0:/AnyConnectProfile.xml
svc enable
internal-password enable
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
dns-server value 10.10.2.1
vpn-tunnel-protocol IPSec l2tp-ipsec
default-domain none
group-policy DfltGrpPolicy attributes
dns-server value 10.10.2.1 10.10.2.62
vpn-idle-timeout 600
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Split_Tunnel_List
default-domain value pme.local
webvpn
url-list value Book1
svc profiles value AllowRemoteUsers
svc ask enable default webvpn timeout 10
group-policy AnyConnect internal
group-policy AnyConnect attributes
vpn-tunnel-protocol webvpn
webvpn
svc ask enable default webvpn timeout 15
username xxxx password RrjDgdg5BBLrGPnn encrypted privilege 15
username xxxx password qDxllXruMJHEVZji encrypted privilege 15
username xxxx password dGOqWbOOjP0FVxtl encrypted privilege 15
tunnel-group DefaultL2LGroup ipsec-attributes
pre-shared-key *
tunnel-group DefaultRAGroup general-attributes
default-group-policy DefaultRAGroup
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *
tunnel-group DefaultRAGroup ppp-attributes
authentication ms-chap-v2
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool (backup) IPSECVPN2
address-pool (outside2) IPSECVPN2
address-pool (outside) SSLVPN
address-pool SSLVPN
authentication-server-group PMERADIUS
tunnel-group pm_ipsec type remote-access
tunnel-group pm_ipsec general-attributes
address-pool IPSECVPN2
tunnel-group pm_ipsec ipsec-attributes
pre-shared-key *
tunnel-group prattmiller type remote-access
tunnel-group prattmiller general-attributes
address-pool IPSECVPN
tunnel-group prattmiller ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 1024
policy-map global_policy
class inspection_default
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect pptp
class class-default
service-policy global_policy global
smtp-server 10.10.2.6
prompt hostname context
Cryptochecksum:8316029502f6698d4015f5e1b3d40a08
: end
[code] TEST [/code]My question about this is the other Dynamic VPN that is working has no static route.
I added:
route outside 10.10.10.0 255.255.255.248 xxx.xxx.xxx.xxx (where xxx.xxx.xxx.xxx is the IP of the non working remote IKE Peer)
This had no effect.
Looking at the two tunnels. The working tunnel is using IKE IPSEC and the nonworking tunnel is using IKE IPsecOverNatT. What have I entered that tells the VPN to use IPsecOverNatT? -
Dynamic to Static VPN dies after about 4 minutes
Hey everyone, I have an interesting issue with a dynamic to static VPN setup. I currently run a pair of Cisco Pix 515e firewalls in a failover setup. They are running OS 8.0.4 and they run great. I used to have a VPN between these and my office where the remote office had a static IP address. I am moving that to a new connection which uses dynamic IP addresses.
I setup a pre-shared key on the DefaultL2LGroup on the Pix and removed the existing static tunnel-group. I also reconfigured the remote firewall which is a Netgear firewall to connect to the Pix. It is still using main mode and the rest of the setup is pretty much the same.
The VPN connection establishes fine and I can pass traffic through it with no issues. The problem is that every 3 minutes and 50 seconds, the VPN will go down for a few seconds. It looks like it rekeys. My stuff will stop responding and then it will re-establish and it is fine. It happens every 3 minutes and 50 seconds like clockwork.
I have checked everything I could think of and am not sure where the issue is. I know I can do detailed debugs on the IPSec but am not sure what I should be looking there. The basic debug just givs the generic message below that says the tunnel can't communicate with the peer. I have seen that message before but not usually with a VPN that establishes. Generally if this message comes up, the tunnel never works.
Any ideas would be great.
Thanks
Neal
Group = DefaultL2LGroup, IP = X.X.X.X, Removing peer from peer table failed, no match!
Group = DefaultL2LGroup, IP = X.X.X.X, Error: Unable to remove PeerTblEntryI did more testing and it seems that the tunnel sites at the MM_ACTIVE state and doesn't go past that. The information is the same on both ends of the tunnel and traffic passes fine when at this state but then it rekeys after about 4 minutes and starts again.
I tried changing the tunnel to an Aggresive Mode tunnel but using a name for the remote office firewall ID and now it sits at AM_ACTIVE but doesn't go past that point either. -
Dynamic or Static Objects
It seems to me there is a big cliff at the point of deciding to instantiate your class at runtime or static load
on start-up.
My swf apps have a pent-up burst that happens a couple seconds into the run. I think I get this on most
web pages that have flash banners.
Flash apps that have a loader bar can take 60 secs. These ones usually come on with a bang with a lot of
high quality graphics.
Therer is a big processor spike at start-up with the browser loading http page. Flash seems to want a big spike
with its initial load. The javascript embed doesn't help either.
How to get a smooth start-up? Me English good.
This seems like a matter of correctness, only indirectly relating to speed.
The speed that a SWF loads from a web page is determined by many things, like server connection speed, client connection speed, browser cache size, client RAM, etc. Having static vs. dynamic classes would not impact this very much.
First of all, "static objects" is kind of an oxymoron because you can't instantiate (create an object) of a static class. I would say that having static variables/methods in a class is usually when you want some shared values/functionality without requiring an actual object (taking up memory) -- although static practices certainly extend beyond just this. I always try to think of a Math class. You wouldn't have to have to say m = new Math() just to use some common methods (square, sin, cos, etc.) or values (pi, e, etc.). They become kind of like "global constants/methods" in a sense (not to invoke the debate over correctness of that wording).
In short, it's more of a memory issue, which will like not have much influence over loading speed. If you want to improve your loading speed, you can try to delay the creation of your objects based on certain events instead of having them all load at startup.
How to get a smooth start-up? Me English good. -
Dynamic to Static URL's
what is the best program to use to do this? Because I dont'
want to make hundreds of static pages, is there a easy way to show
this properly and get better indexing at the same time. I have
heard of wordpress, but don't know if it is automated and I think I
need htaccess file.
ie:
FROM:
www.mysite.com/products.php?store=27
TO:
www.mysite.com/products/nike.htm
thanksI did this for a client by simply modifying the 404 error
page. You do not have to install any special renaming software onto
your server whatsoever.
First create a custom 404 error page outputting the
cgi.query_string of the error page. In that you will see the
incorrectly called url, which in your case will include the unique
username.
Ex:
404;https://www.yourdomain.com:443/username/
Extract the username using a combination of your list
functions...
Ex:
<cfset username = listdeleteat(listgetat(CGI.QUERY_STRING,
3, ":"), 1, "/") />
Remove the trailing slash if needed...
Ex:
<cfset username = listgetat(username, 1, "/") />
Then cfquery the username. If found, cfinclude the relevant
index page (if you want the url to stay the same), or cflocation to
the actually page assigning the username as a url variable. If the
username is not found, just goto home page.
Remember to disallow any special characters or top level
directory names in your usernames.
<cfloop condition='findoneof("\/:*?""<>|",
form.urlname)'>
<cfset form.urlname = removechars(form.urlname,
findoneof("\/:*?""<>|", form.urlname), 1) />
</cfloop>
<cfdirectory action="list" name="alldirs"
directory="#expandpath('/')#" />
<cfquery dbtype="query" name="dirs">
SELECT name
FROM alldirs
WHERE type = "Dir"
AND name = #lcase(form.urlname)#
</cfquery> -
Any tricks to 'fussy' editing in NavEd (converting dynamic to static)?
I have been spending a lot of time in Navigation Editor recently and have had a number of problems converting request strings back from dynamic to static.
I have a number of examples where the tool has identified a large section of a request as dynamic, yet I know it should remain static. Nornally it's a simple job to go through the script, highlight the section in question and select 'make static'. However, there are certain sections where a large section containing '=' is involved. Even if you highlight only the part of the string PRECEEDING the '=', when you select 'make static' the WHOLE string is converted.
(edited) e.g.
PostData:
status=<?xml version="1.0" encoding="UTF-8"?>
<portalApacsAPIRes xmlns="http://www.url-here-but-edited-out/portal-
api" scemaVersion="All">
<header>
<sessionID>kckngenjniiub555h0edjw55
</sessionID>
... further XML but you get the idea ...
I could edit the first line ("status=") but only because the tool HASN'T flagged that particular '=' as dynamic. However attempting to select the remainder of the string up to the start of the sessionID (the intention being to leave the value as dynamic) would end up with converting the whole request to static.
Has anyone else encountered problems like this?
Any suggestions how to approach this?Thanks for the feedback.
It has been suggested that I try to do similar using OpenScript, but as I'm really waiting for webservices to be supported before 'getting my hands dirty' with OpenScript I may have to wait for the new release.
Is there any ETA for OATS9.0 (or is it just "sometime in June")? -
Barcoded Form - Save as Dynamic or Static?
Hello,
this might be a very dump question, but I was asking myself how I have to save my Designer 7 form with a barcode in it, so that it is working properly: as Dynamic or Static form?
I was playing a bit around with both versions, because I want to dynamically highlight some fields, and therefore need a dynamic form.
My barcode encoding is working in both versions, however if I have a dynamic form, my barcode has a kind of subtitle: the small numbers below the barcode are duplicated (the second line with a bigger font). And the barcode itself is increased in size when the data doesn't fit in the actual size. Can I switch off this behavior (the subtitle and the increase) and still save it dynamically?
Regards, KarinHello Lee,
thanks for your quick answer. As I said in the previous posting, I would like to save it as dynamic, otherwise the highlighting of mandatory fields is not working properly. So I had a look at the XML code of my barcode, however was not able to identify anything that is not also in the static version.
Here is the extract of the XML data of one of the barcodes:
a6970cef-3781-45eb-80ae-551d99d734ef
Can you identify the tags I have to remove? I couldn't find anything with 'inside'. The other barcode contains almost the same, except that the caption tag comes three times and have different values.
Thanks for your help in advance!
Regards, Karin -
Hi,
Is there any dynamic view or any way in 10g by that we can track it out which are the parameters dynamic or static.
I mean which are the parameter can take in effect immediately or which are required to restart the database to take in effect.
Regards,SQL> desc v$parameter
Name Null? Type
NUM NUMBER
NAME VARCHAR2(80)
TYPE NUMBER
VALUE VARCHAR2(512)
DISPLAY_VALUE VARCHAR2(512)
ISDEFAULT VARCHAR2(9)
ISSES_MODIFIABLE VARCHAR2(5)
ISSYS_MODIFIABLE VARCHAR2(9)
ISINSTANCE_MODIFIABLE VARCHAR2(5)
ISMODIFIED VARCHAR2(10)
ISADJUSTED VARCHAR2(5)
ISDEPRECATED VARCHAR2(5)
DESCRIPTION VARCHAR2(255)
UPDATE_COMMENT VARCHAR2(255)
HASH NUMBER -
JavaScript works when saving file as Dynamic or Static but not 6.0 compatible
I need to be make required fields not required when a form is submitted from a specific button. This gives the user the ability to save the form without having to complete it. I have this working using the following script when the form is saved as Dynamic or Static.
for (var i = 0; i < xfa.host.numPages; i++)
var fields = xfa.layout.pageContent(i, "field");
for (var j = 0; j < fields.length; j++)
var field = fields.item(j);
field.mandatory = "disabled";
But when the form is saved as Adobe 6.0 Compatible, it does not work. Can anybody explain to me why this is? And possibly help me convert this so it will work with Adobe 6.0 forms.
Thanks
NateBut if I run that in terminal I get this:
anthony-computer:~ anthonyjk$ java -version
java version "1.5.0_13"Yes - commandline/Terminal, that's what I meant.
So long as the program doesn't use any 1.6-only features, then will it will compile OK both at school (using1.6) and at home (using 1.5). Eclipse can be told to produce .class files that are compatible with a particular runtime. In your case the school compiler was producing 1.6 class files that are no good when you take them home. Hence the need to recompile, telling Eclipse you want 1.5 compatible .class files.
Or - as I mentioned - download and install the most recent JDK for use at home. There'll be less confusion that way -
Setting up a PIX-PIX VPN with Dynamic and Static IP's
Hey everyone..
I'm recently working to deploy two PIx-506E devices at a remote site and at my home.
I want to be able to connect these together and eventually create a spoke and hub method of deployment to keep several of the places I manage separate but accessible.
The only problem is almost every example I've seem has two static WAN IP's. I cannot have a static WAN at my home, but it will be available for every remote.
How could I go about this? Any articles you can shoot my way and modify so it would work will help me.
Thank you.
Michael Jankowski
Computer Systems ConsultantHi
In addition to what has been said.
If you are looking to set up site to site VPN's and you don't have a static IP at youe home you can use dynamic crypto maps which allow you to use dynamic ip addressing. You can mix and match so you can use a fixed ip for your remote site and a dynamic ip at home. Attached is a link which explains dynamic crypto maps
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093f86.shtml
HTH -
Using both Dynamic and Static NAT with two Different Internet facing Subnets
We have two Class C Public Address subnets. We started with Subnet (A) and have many of our Internet accessible devices on it. It is running on a Cisco PIX 515R. We bought a new ASA 5510 8.3(2) and started Migrating the Users and new servers to it so I started with our second Class C Subnet (B). Later on down the road I found out that if the Firewalls Default Gateway is is set to a (B) Interface subnet, then the servers that are statically mapped to a (A) Address will have a (B) address when they communicate out to the internet. So they are receiving packets on their (A) Address, though replying to them with a (B) address.
It was mentioned that I should be able to combine static and dynamic NAT mapping to allow devices behind the firewall to have a fixed external Address when communicating outbound as well as inbound.
So For instance I want the Following: when the Internal Replies I want the reply to come from the mapped IP, not a IP from the Dynamic Pool.
Public IP: 192.168.1.100/24
Internal IP: 10.0.0.100/16
Public IP: 192.168.5.101/24
Internal IP: 10.0.0.101/16
interface Ethernet0/0
description 192.168.1.0/24 Network Outside IP
nameif outside-1
security-level 0
ip address 192.168.1.1 255.255.255.0
interface Ethernet0/1
description 192.168.5.0/24 Network Outside IP
nameif outside-5
security-level 0
ip address 192.168.5.1 255.255.255.0
interface Ethernet0/2
description inside 10.0.0.0/16
nameif inside
security-level 100
ip address 10.0.0.1 255.255.0.0
object network serverA_o
host 192.168.1.100
object network serverA_i
host 10.0.0.100
object network serverB_o
host 192.168.5.101
object network serverB_i
host 10.0.0.101
object network 192-168-1-NAT-POOL
range 192.168.1.50 192.168.1.239
nat (inside,outside-1) source static serverA_i serverA_o
nat (inside,outside-5) source static serverB_i serverB_o
nat (inside,outside-1) source dynamic any 192-168-1-NAT-POOL interface
object network serverA_i
nat (inside,outside-1) static serverA_o
object network serverB_i
nat (inside,outside-5) static serverB_o
route outside-1 0.0.0.0 0.0.0.0 192.168.1.1 1
route outside-5 0.0.0.0 0.0.0.0 192.168.5.1 2
When I set this up my serverB shows a Public IP of something in the 192-168-1-NAT-POOL Not 192.168.5.101
Any Suggestions?
Thanks!Not sure why I have Multiple Entries. )-: I did think it was Odd. I think it might be because I looking at examples of the new and old styles of NAT.
We have a Single ISP, though have 2 separate non-Contiguous Class C Addresses from them. We host some Servers on one subnet and some on the other.
I'm looking for a way to use both Subnets on the same ASA.
The Connection to the net looks like this:
Internet -> Edge Router Layer3 VLAN Switch
GE0/1.2 - 192.168.1.1 VLAN Tagged --> GE0 - VLAN Tagged
GE0/1.2 - 192.168.5.1 VLAN Tagged -^
Layer3 VLAN Switch Firewall
GE1 192.168.1.0/24 Untagged -> ASA Outside-1
GE2 192.168.5.0/24 Untagged -> ASA Outside-5
Firewall
ASA inside 10.0.0.0/16 -> Switch -> 10.0.0.100
Hope that helps clarify.
I could try to post some sanitized Configs of my PIX and ASA if needed. But the end result I'm trying to do is have the ASA do NAT for multiple Public Subnets. -
VM NIC keeps changing from Dynamic to Static IP (from a static IP pool)
Back ground:
Having migrated our VM's from 2008R2 and 2012SP1 servers into one 4 node 2012R2 Hyper V Cluster we have a problem with NIC's being changed to Static IP, this in turn gives a range of warning and errors when
moving VM's between the nodes (example during a live migrate or when we put a node in maintenance mode).
The cluster share a Logical Switch, this switch has 1 Uplink. The uplink is a Port Profile called "TrunkPort" and it contains lots of network sites. Each network site links to a Logical Network, each Logical Network is basically a VLAN on our Cisco
router/switch.
We don't have any IP Pools configured since we assign all VM's a static IP manually or they use DHCP provided by our AD servers.
When we change a NIC to from Static IP to Dynamic (there might be power shell to do this), bit in the GUI its painfull as you have to shutdown the VM remove the adapter and create a new one. I does not last long as the system after a few minutes changes
the NIC configuration back to Static IP again. Any idea why and how to stop it?
example of errors after a migration that completed w/ Info :
Error (23801)
No available connection to selected VM Network can be found.
Recommended Action
Ensure host NICs have connection to the fabric network on which VM Network is created.
Error (23810)
There is no host NIC with required classification.
Recommended Action
Ensure that there NICs with required classification on a host.
Error (23806)
All available ports on switch extension has been used.
Recommended Action
Ensure there are free ports available on a switch extension.
Error (23808)
All available ports on port profile has been used.
Recommended Action
Ensure that there are free ports available on a port profile.
Error (23807)
The switch extension has reached maximum supported ports on this host.
Recommended Action
Ensure there are free ports available on a switch extension per host.
Error (23809)
The port profile has reached maximum supported ports on this host.
Recommended Action
Ensure that there are free ports available on a port profile per host.
Error (23825)
The virtual machine requires a logical switch connection and the host network adapter is not attached to a logical switch or operating system doesn't support logical switch.
Recommended Action
Ensure operating system supports logical switch and there is a logical switch connection for the host or remove the network interface card from the virtual machine and try the operation again.
Error (23753)
The virtual machine or tier load balancer configuration requires an IP pool and there are no appropriate IP pools accessible from the host.
Recommended Action
Select a host with access to an appropriate IP pool and try the operation again.
Warning (23830)
Unable to find compliant logical switch.
Recommended Action
Fix logical switch compliance state.
Note: a server configured with Dynamic NIC will move between nodes without any errors (nice green tick box icon), our problem is that SCVMM or the servers deside to reconfigure the NIC's to Static IP when ever they see fit!!I feel like some issue with the Fabric configuration.
If you are create a new VM through SCVMM, do you face this issue? (While creating the new VM, on the hardware configuration page, use dynamic IP and Dynamic MAC)
The first event which you listed says about missing VM Network.
No available connection to selected VM Network can be found.
Please check the VM Network to where the VM is connected through SCVMM. And check if all the nodes have the same VM Network.
If thats missing, fixing it might fix few other errors which you mentioned.
Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.
InsideVirtualization.com -
How to use the dynamical or static variable for ESSBASE cube name?
Hi Experts,
When I import ESSBASE Cube into physical layer, the cube name from ESSBASE is created automatically, such as H_Sales.
I want to use the the static or dynamical variable for replacing the external name. So I try to create the static variable in RPD,such as cubeName, and use the following code
'VALUEOF(cubeName)' into the textbox of external name.
However, when I view the report in answer, it will generate the error message: Database VALUEOF(cubeName) does not exist.
Is it possible to implement this functionality?
Thanks..Hi,
use <%=odiRef.getSchemaName("D")%>
D as parameter if it is the Data Schema or W if you need the schema from Work Schema
Your command will be like:
select <%=odiRef.getSchemaName("D")%>.GER_LOT_EXEC_ODI('Fluxo', 1, 'C') FROM DUAL
Works?
Cezar Santos
http://odiexperts.com -
VM NICs keep reverting from dynamic to static IP pool on reboot
I have a 2012 R2 System Center deployment that has been working perfectly for six months. This past week, we added another Hyper-V host into the cluster, and the networking has become problematic for us.
VMs that were configured to be "Dynamic" IP address assigned, have changed to "Static IP Pool". I can delete the NIC, create a new NIC and set it to "Dynamic" again. Then, I reconfigure the IP address that we need assigned in
the LAN properties of the VM and it is good until the next reboot. When we look at VMM again, the new NIC that we created is now back to "Static IP Pool". All of our VMs appear to have had this happen, and we are afraid to reboot anything at this
point.
We even tried configuring the NICs manually from static to dynamic via powershell, which means we don't have to remove/add a NIC, but also works only until the next reboot.
We are using the same virtual switch, same port profiles, same port classifications and same uplink profiles.
Any ideas?I feel like some issue with the Fabric configuration.
If you are create a new VM through SCVMM, do you face this issue? (While creating the new VM, on the hardware configuration page, use dynamic IP and Dynamic MAC)
The first event which you listed says about missing VM Network.
No available connection to selected VM Network can be found.
Please check the VM Network to where the VM is connected through SCVMM. And check if all the nodes have the same VM Network.
If thats missing, fixing it might fix few other errors which you mentioned.
Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.
InsideVirtualization.com -
How to dynamically load static (inner) class
I have an urgnent question, any comments would be appricated.
I have a static inner class definition.
Class myObject
public static class innerObject
I want to dynamically load the static innerObject class such as
Class c = Class.forName ( "myObject.innerObject" );
innerObject t = ( innerObject ) c.newInstance();
I can't do this as it give me ClassNotFound Exception, Do I need to load myObject first? any comments?
The other alternative is that to define my myObject as having a static variable referencing the static class.
Class myObject
staic innerObject m_inner = new innerObject();
public static class innerObject
Is there any option in java allowing me to load a static variable?
Many thanks
JayI can't do this as it give me ClassNotFound Exception,Use "myObject$innerObject" instead of "myObject.innerObject".
Is there any option in java allowing me to load a
static variable?What do you mean by that? -
DBA_* tables - is it a dynamic or static?
Hi,
We have RAC database in which we have 10 instances.(Host 1,Host2 ...Host10)
I would like to clarify that if i need to check locks using the below query in all the host.
select from dba_dml_locks where name like '%$obj%';*
select from dba_ddl_locks where name like '%$obj%';*
Please clarify dba_dml_locks and dba_ddl_locks are dynamic view or static table as we are executing in all the instances.DBA_VIEWS view has column "text" to show the view source.
For instance,
UKJA@ukja102> set long 10000
UKJA@ukja102> select text from dba_views where view_name = 'DBA_DDL_LOCKS';
TEXT
select s.sid session_id,
substr(ob.kglnaown,1,30) owner,
substr(ob.kglnaobj,1,30) name,
decode(ob.kglhdnsp, 0, 'Cursor', 1, 'Table/Procedure/Type', 2, 'Body',
3, 'Trigger', 4, 'Index', 5, 'Cluster', 13, 'Java Source',
14, 'Java Resource', 32, 'Java Data', to_char(ob.kglhdnsp)) type,
decode(lk.kgllkmod, 0, 'None', 1, 'Null', 2, 'Share', 3, 'Exclusive',
'Unknown') mode_held,
decode(lk.kgllkreq, 0, 'None', 1, 'Null', 2, 'Share', 3, 'Exclusive',
'Unknown') mode_requested
from v$session s, x$kglob ob, x$kgllk lk
where lk.kgllkhdl = ob.kglhdadr
and lk.kgllkuse = s.saddr
and ob.kglhdnsp != 0Well, the view source clearly says that DBA_DDL_LOCKS view is based on other dynamic views and fixed tables.
================================
Dion Cho - Oracle Performance Storyteller
http://dioncho.wordpress.com (english)
http://ukja.tistory.com (korean)
================================
Maybe you are looking for
-
IPad 2 AND iphone 4 battery draining FAST since IOS 6 update!
I have done EVERYTHING I can think of and that has been suggested all over the World Wide Web to improve the battery life of both my iPad 2 and iPhone 4 since the IOS 6 software update. Nothing works!!!! I am leaving town in a week, and I would like
-
Problem in populating the new field from the extract structure. Kindly help
my requirement a new text field is added on R/3 side and I have to populate the same field into BW. In the R/3 a new customization table 'AAA' is created which will have code - char 3 and text - char 30. The code field is added to a table BBB. The SA
-
AIR-CAP1602i cannot join a WLC 5508 controller
Hello, I'm managing a large number of access points on a Cisco wlc 5508 controller. We've recently purchased a bunch of new AIR-CAP1602I-E-K9. note that we already have AIR-CAP1602I-E-K9 and other models in production. These A.P are not able to join
-
Missing Inbound Interface under Edit Service for Business System
Hello All, I have to configure a Scenario at Integration Directory. Import from IR already done. When i try to configure a Service under Party\Service\Business System I am not able to find the special IDoc type (here) PROJECT:PROJECT01 under register
-
Reestableci el ipod touch en ajustes y ahora se queda en el logotipo
Dejar sus soluciones en español