Go Daddy - Traffic Blazer

Hi.
I am using Go Daddy's Traffic Blazer to try to optimize my site for search engines. From my keywords it generates a 'keyword metatags' code and I am supposed to copy that into a no-viewable section of my iweb site. is this possible? I feel like Im missing something here. Please help.
Thank you.
Seth Shapiro
www.dieselfilmsinc.com

Just to add to that, it creates an html page like this:
<title>www.dieselfilmsinc.com</title>
<meta name="description" content="Diesel Films is a full service production company, specializing in taking projects from conception through completion. From network opens and commercials to corporate video presentations, we handle it all. We are located in sunny Santa Monica, CA.">
<meta name="keywords" content="Los Angeles, Film, Production, Video,">

Similar Messages

  • Ran traffic blazer and was told I have no internal hyperlinks? unspiderable

    I just ran Traffic Blazer on my site and was told it has no internal or external hyperlinks (which it does) and that there is a robot.txt file that disallows spidering. How do I fix this so I am searchable?

    This is not entirely true.
    Search engine optimization refers to changing your website so that it has the best possible chance to rank high in search engines for your targeted keywords. Nobody knows the internals of a search engine so it is impossible to guarantee top rankings. HOWEVER, you can still make your website search engine friendly and this is VERY important especially for iWeb sites that are not made to be search engine friendly.
    In fact, Google provides a PDF Beginners SEO Guide to help people learn how they can better optimize their sites for search engines. You can get it at this link and our tools let you do almost everything they recommend;
    http://googlewebmastercentral.blogspot.com/2008/11/googles-seo-starter-guide.htm l
    There are sites that are search engine friendly and those that are not. You want to make sure your site is search engine friendly and the links that I provided will help you do this. We provide SEO tools specifically made for iWeb that are completely free to use because we want iWeb users to have a chance of ranking high. Basically we have tried to take the advice provided by Google and apply it easily to iWeb sites.
    Search engines are open about how they rank pages to an extent. HOWEVER their algorithms are made in such a way that it is almost impossible to manipulate them easily. For example, Google will recommend you have lots of high quality links. The problem is that getting high quality links is not easy.
    That's why you may think SEO is "voodoo". Its certainly NOT "voodoo" as all search engines, even Google, recommend you do it and even provide the resources for you to do so.
    If you have any questions feel free to visit the above website I posted and send me an email. I will be happy to help.

  • Anyone use Traffic Blazer?

    I am thinking of using Traffic Blazer to improve my website in search engine results. Has anyone used this before? I am sure there are other ways to do it but I dont really have the know-how so I just need something that works really simply.
    Thanks
    Ryan

    Before you commit yourself read this...
    http://www.google.com/support/webmasters/bin/answer.py?answer=35291
    Its not just a question of pushing your site up the rankings. You have to look at your site design and content in relation to how the spiders crawl through it......
    http://www.google.com/support/webmasters/bin/answer.py?answer=35769

  • Links not found by traffic blazer

    Hi,
    I am trying to use godaddy's "traffic blazer" to get more hits on my site. The automated site analyzer is not finding my internal or external links. When I called their support I was told that I probably placed the links incorrectly. All I did was copy and paste into the "hyperlink" area in "inspector" or in the case of internal link, used the drop down menu in inspector to find the appropriate page to link to. What am I doing wrong? The links work on the site but the support guy at godaddy said I may to to correct this to be accepted by the search engines.
    <Edited by Moderator>

    Just a wild guess on my part, but the links on your www.spavienna.com site are only accessible through image maps, rather than direct plain old anchor tags. Perhaps traffic blazer doesn't understand how to navigate those maps? Perhaps it finds them confusing? What happens if you simply include plain old links to the sub pages? Does it manage to crawl the site then?

  • Spiderability problem related to iWeb/Google/Go Daddy

    I've read through a similar thread already, but I'm not sure how relevant it was.
    First, here's my site (Go Daddy domain forwarded to .mac domain) www.riyvideo.com
    Anyway, my site's links function fine in iWeb and on different browsers. However, Go Daddy's Traffic Blazer program is telling me that my site is not spiderable by Google because all seven of my internal links on the home page are broken. Traffic Blazer's report lists the seven broken links (in html), and indeed, when I click on each one listed, it takes me to .mac's "Page not Found" page on the Internet
    Go Daddy support has been virtually worthless. The best they've come up with is that it's a code issue, which it may be, but I'm totally illiterate in html.
    Bottom line: I want to maximize my Google accesibility, but I don't know how to repair or replace these broken links.
    Thanks in advance for your input.

    I'm curious. I'm not familiar with GoDaddy's traffic blazer product. But what links does it say are broken? Are they real links? I have seen some spidering anomalies that lead to endless loops and result in nonfunctional and incorrect URLs.
    Example...Suppose you have a site that has 4 pages called One, Two, Three, and Four. In iWeb, you have the navigation menu turned on for each page. These are the only links. So the only links that should be needed for your site are as follows...
    http://web.mac.com/username/iWeb/sitename/One.html
    http://web.mac.com/username/iWeb/sitename/Two.html
    http://web.mac.com/username/iWeb/sitename/Three.html
    http://web.mac.com/username/iWeb/sitename/Four.html
    But the spidering process can also pick up the incorrect navigation links on any given page. For example, for the page "Two", the following are incorrect links...
    http://web.mac.com/username/iWeb/sitename/Two/One.html
    http://web.mac.com/username/iWeb/sitename/Two/Three.html
    http://web.mac.com/username/iWeb/sitename/Two/Four.html
    I think these are the "internal" links that the spidering process is picking up incorrectly. This may be a result of how iWeb codes the links as 'href="../sitename/One.html". But in any case, these links can be disregarded. Just make sure that they are getting the real links.

  • Cannot create title tag, meta tags for iWeb site, per Google requirements.

    I created simple website in iWeb to meet art show deadline
    www.barbaraturnertigrett.com
    but when I tried to submit to search engines (via GoDaddy "Traffic Blazer" product), several issues or errors noted...no title tag, meta tags, keywords, too little text, etc. Was told by Apple, there is no fix at this time...no way to access to actual HTML code, to add title tag or meta tags, etc...since iWeb is merely a consumer, not professional enterprise, product. Researching further, I even tried to submit to Google directly, not via GoDaddy "Traffic Blazer", but could not "verify" my url site (because meta tag missing and/or could not upload entire html file, as required. I'd produced client websites in past on Adobe GoLive and was learning Dreamweaver, when someone alerted me to simplicity of iWeb. It is clean and simple, but wish I'd anticipated these other issues. Is there a solution to this with iWeb or should I finish learning Dreamweaver and start over? Thanks for any advice you can share.

    Both these last postings were helpful. THANKS. I could not open home.html file with "text edit", but when using Taco HTML Edit, it would open...so I dusted off (novice) HTML skills and entered the appropriate title tag and meta tag, per Google's requirements. Then, went to my GoDaddy hosting control center and (I think) I uploaded new file with new tags. Seems to be major lag time with any changes, so not sure my site is now successfully "verified", on Google. Hope I did not mess anything up, in the process. There seems to be various lag times before any changes take effect (right??).
    So now...I'm very glad to find out about iMap and will buy it and watch the tutorial video, as instructed...since I am unsure if last 'fix'...fixed the problem, etc...and always eager to learn more. This is my first Apple discussion post, and certainly impressed/grateful for expert help. THX again.

  • Godaddy meta text copy/paste to iweb html

    How do I copy, rather paste the meta texts from the godaddy.com traffic blazer onto my iweb/html.... ? I will be doing it on my new macbook...

    <head>
    <title>Your Page Title Goes Here</title>
    <META name="description" content="Your Page Summary Goes Here"><META name="keywords" content="Your Meta-Tag Keywords Go Here Separated By Commas">
    </head>
    Try the above format when copying and pasting your meta-tag information. Just paste it before the </head> tag. Keep in mind that you will have to do this everytime iWeb or you make changes to your web pages. You might want to learn how to use something like MassReplaceIt to help you automate the process. Good luck!

  • Using OHS to redirect traffic based on intranet or internet URL

    Hello,
    we have a requirement where we have to launch our application on internet. Application is working fine on local intranet URL or internet URL but not working on both at same time.we have application developed with ADF and other fusion components.
    This is the topology we are using here :-
    SPS(secured proxy server to configure internet URL) --> OHS -> Managed server(1,2,3,4)
    We have to setup a URL redirect rule at OHS level where
    ---> if the incoming traffic is from intranet URL application work based on intranet URL's BUT
    -->if the traffic is coming from internet URL, OHS internally take care of URL redirect and work for external users too..
    Summery is, application should work for both internet and intranet URL, but pls note both the URL are different
    like
    intranet- https:\\abcd.intranet.xxx.com\abs\login
    internet - https:\\abcd.xxx.com\abs\login
    could someone pls help me on this and provide your valuable suggestion on how we can achieve this at OHS level...

    Thanks AMN,
    I was able to successfully get the redirect to work with the following Javascript code.
    In the folder: C:\OracleBI\oc4j_bi\j2ee\home\default-web-app
    I created the following OBIEE.html file
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html lang="en,us">
    <HEAD>
    <TITLE>Test OBIEE Redirect Page<TITLE>
    </HEAD>
    <BODY>
    <script type="text/javascript">
    var agent = (navigator.userAgent).toLowerCase();
    var weburl = './analytics/';
    var moburl = './analyticsMobile/';
    var reg_exp = /(ipod|iphone|android|opera mini|blackberry|palm os|palm|hiptop|avantgo|plucker|xiino|blazer|elaine|windows ce; ppc;|windows ce; smartphone;|windows ce; iemobile|up.browser|up.link|mmp|symbian|smartphone|midp|wap|vodafone|o2|pocket|kindle|mobile|pda|psp|treo)/;
    if( reg_exp.test(agent) ) {
         window.location = moburl;
    else {
         window.location = weburl;
    </script>
    </BODY></HTML>
    The javascript gets the USER agent and does a regular expression match to see if its any popular handheld device. If so, it redirects them to the mobile address. Otherwise the user is directed to the standard site.
    All I need to do is pass around the URL:
    http://localhost:9704/OBIEE.html
    And users will be dynamically sent to the correct location.
    Thanks!
    -Joe

  • Unable to capture traffic with Ethanalyzer on N5K-5548

    Version - 5.0(2)N2(1)
    My understanding is that we need
    1) Access-List defined, with statistics configured to get matched traffic onto control plane
    2) Access-List applied to an interface, via command "ip port access-group mycap in"
    3) ethanalyzer command, ex; "ethanalyzer local interface mgmt capture-filter "net 1.1.1.0/24" (also tried interfaces inbound-hi & inbound-low)
    I see matches on the access-list, but not seeing anything captured.
    What am I missing?
    ip access-list mycap
      statistics per-entry
      10 permit ip any 1.1.1.0/24
      20 permit ip 1.1.1.0/24 any
      30 permit ip any any

    just fyi.. on a similar sidenote we are going to enchance the capability of capture filter to collect the necessary statistics via the following enhancement
    CSCsz99277 - ethanalyzer capture filter broken
    http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsz99277

  • How can I permit all traffic from inside-dmz-outside on asa5505

    Scenario :
    Servers are in DMZ, Internal LAN Users should access ports Specified (5000 & 2048). Router 2801 is facing Leased line; from there it’s connected to firewall.
    Router LAN IP: 83.111.X.X - 255.255.255.X
    ASA Version 7.2(4)
    hostname ciscoasa
    domain-name default.domain.invalid
    enable password 2KFQnbNIdI.2KYOU encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.X.X 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address 83.111.X.X 255.255.255.240
    interface Vlan3
    nameif dmz
    security-level 100
    ip address 192.168.100.1 255.255.255.0
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    switchport access vlan 3
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    switchport access vlan 3
    interface Ethernet0/7
    ftp mode passive
    dns server-group DefaultDNS
    domain-name default.domain.invalid
    same-security-traffic permit inter-interface
    same-security-traffic permit intra-interface
    pager lines 24
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu dmz 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-524.bin
    no asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0
    route outside 0.0.0.0 0.0.0.0 83.111.x.x
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    dhcpd auto_config outside
    dhcpd address 192.168.1.2-192.168.1.254 inside
    dhcpd enable inside
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum 512
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
    service-policy global_policy global
    prompt hostname context
    Cryptochecksum:5663409d6ba3ad0bcd163e691f032f76
    : end

    Hi Ben,
    Thank you for the response. I followed the link and tried reading everything you posted on AEs but I'm afraid that I didn't understand it all. It seems that each AE example had a single input and a single output (e.g. a double). Is this the case? 
    What I have is a couple of front panel clusters containing (approximately) 18 control doubles, 8 indicator doubles, 5 boolean radio button constructs and 26 boolean control discretes. I clusterized it to make it readable. In addition I'll eventually have a cluster of task references for hardware handles.
    All I want to do is update the front panel values like I would do in a C, VB or any other language. I've tried referencing the cluster and using the reference from inside the loops. I've tied using local variables. Neither works. I'm experimenting with globals but it seems that I have to construct the front panel in the gloabal and then I wouldn't know how to repoduce that on the front panel of the main VI.  Sometimes it seems that more time is spent getting around Labview constructs than benefitting from them.
    I hope the 'Add Attachment' function actuals puts a copy of the VI here and not a link to it.
    Thanks again for the suggestion,
    Frank 
    Attachments:
    Front Panel Reference.vi ‏33 KB

  • How can I eliminate delays in one NIC when there is traffic on second NIC

    Using LabVIEW TCP/IP VIs, my LV application is  accessing a database though a LAN, and  through a second NIC, it is controlling an instrument.  The instrument is connected directly to the computer NIC with a cross-over cable.  I have made a permanent route for the IP address of the instrument in the IP route table.  The LAN and the instrument have different subnet numbers.  Using a packet sniffer, I don't see any traffic meant for the LAN going to the NIC connected to the instrument.  The OS of the computer is Windows XP and the NICs are PCI cards.
    The message traffic to the instrument suffers from intermittent delays when there is traffic going to the LAN. 
    How can I eliminate the delays?  What could be the cause of the delays?  Thanks in advance for your recommendations and suggestions.

    Hi LabBard,
    Could you tell us a little more about the device that you are connected to? What you could try is to have a VI accessing the LAN, and a separate VI communicating with the instrument, and see how things play out.
    Let us know how it goes!
    Rasheel

  • Possible to segment traffic between 2 interfaces? And other questions...

    I would like to set my G5 up as a server utilizing a second connection and to keep traffic seperated between this server connection and my regular internet connection (would be wireless). I'm pretty sure this alone is fairly straightforward and can be accomplished by setting up the new interface and moving it down to the bottom of the connection list with wireless at the top. That should keep all non-specific traffic from flowing out the ethernet/server connection - I think.
    If the above works the way I stated then I would also want to firewall ONLY the ethernet/server connection (the wireless has it's own hardware firewall). AND - this is the tricky part - I also want to add a fake interface that has a fake IP and bind that to the "real" ethernet/server connection. The reason for that is because I need a static IP to bind the service to. I know if the connection list thing works to flow the traffic that if I had an external router on the server connection, this wouldn't be needed. I'd already have a fake IP to bind to and I wouldn't have to run the firewall on the Mac. But I don't and I'd rather not have to buy one.
    So can this be done through the network/sharing preferance panes? If so, are there any "gotchas" I should be aware of? If not, is there any software tool out there that would make setting this up easier/faster? I'm not opposed to doing it all via command line, but I'm a bit rusty with my linux/unix admin knowledge. Plus I'm not 100% certain how to set all that up command line wise without screwing up OS X!
    Thanks.

    I'm not sure I fully understand what you are attempting to accomplish. Lets see if I have the general idea.
    You have a single G5, that you want to use as both your desktop machine and also to provided specific services, such as web, email, etc.
    You have some type of hardware firewall/security appliance.
    You have some type of wireless access point.
    You don't seem to have any type of router or switch in your configuration.
    You want all of your server based traffic to be sent and received on it's own Ethernet port. You want your personal Internet traffic to be sent and received on your wireless connection.
    So my questions are:
    Where is the server traffic going to, coming from? Who is accessing the server, is it users on the Internet, or just computers on your own LAN (which you didn't mention).
    If your server is to allow data from or send to the Internet, then you need to have a way to route the traffic there. Do you have more then one method to access the Internet, or will all traffic, both personal and server being going though the same Internet access pipe?
    If it is all going through the same pipe, and you only have the single computer, I don't understand why you wish to segment the traffic.
    If on the other hand you have multiple computers on your LAN. then segmenting traffic may make sense. This would allow access to your server and keep your LAN well secure.
    Anyway, to get to specifics, you'll need to use the terminal app to bind specific services to specific IP's and ports on your Mac. You will also need to manually configure the firewall to be able to select specific connection ports and bindings. However, while I think it can be done, I'm not sure it makes a great deal of sense.
    I would be more inclined to suggest a router or switch that can provide VLAN support, or a router that provides true DMZ support, would be a good way to go.
    Anyway, a little more info would be helpful.
    Oh and if I have this totally worng in what I think your doing.. My mistake.
    Tom N.

  • Multiple gateways for different Traffic on ASA 5510 firewall

    Hello,
    My network atthe moment is set up as:
    WAN, with three sites
    Site 1
    Site 2
    Site 3
    Site 1 is behind a non-Cisco firewall, which is connected to the internet via a Frame Relay link (using a Cisco 1721 router). We host a number of servers on the Internal network and DMZ's.
    All sites connect to the WAN using Cisco routers or switches.
    All internet traffic (IN and OUT) for all sites goes via the non-Cisco firewall.
    I am interested in the ASA 5510 with six interfaces.
    Using the ASA 5510 is it possible to set up two (2) internet connections, one via the Frame Relay and a second internet connection via an ADSL connection?
    Then, is it possible to direct the outward-bound traffic via specific gateways based upon either:
    (a) the type of traffic, say HTTP from users behind the firewall; or
    (b) the IP addresses of the host (i.e. users' PC versus the servers)
    Any assistance is welcome.
    Kind regards,
    IT@C

    yes you can do this with policy routing on the internet router in front of the firewall assuming that you are connecting both ISPs to that router. Also, remember that you can do vlans on the ASA. This may cut down on the # of interfaces that you use in your config.
    http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_guide_chapter09186a0080636f89.html
    HTH, pls rate!

  • Unable to pass traffic for new vpn connection

    Scenario:
    I have three sites all connected ( full mesh) with IPsec/GRE tunnels and these work fine. I attempted to add a satellite office to one our sites. The sat device is a 3rd party device and is behind a rotuer/fw device. The IPSec tunnel  (non-gre) appears to come up but no traffic passes.
    When I ping 192.168.3.1 from the sat device (monitored using tcpdump), it cause the tunnel to come up but I don't see the Cisco side replying back.
    The 192.168.180.0/24 network is at the Sat office and the 192.168.3.0/24 network is at the main office.
    If I initiate a ping from the Cisco side, it doesn't prompt the tunnel to come up. ???? Any ideas?
    Cisco config
    crypto isakmp policy 10
    encr 3des
    hash md5
    authentication pre-share
    group 2
    crypto isakmp key secret address x.x.x.x
    crypto isakmp key secret address x.x.x.x
    crypto isakmp key secret address 7.7.7.7
    crypto isakmp keepalive 10 5 periodic
    crypto ipsec security-association lifetime seconds 86400
    crypto ipsec security-association replay window-size 1024
    crypto ipsec transform-set vpn_set esp-3des esp-md5-hmac
    crypto ipsec transform-set f5_set esp-3des esp-sha-hmac
    crypto map vpnmap 31 ipsec-isakmp
    set peer x.x.x.x
    set transform-set vpn_set
    match address 131
    crypto map vpnmap 32 ipsec-isakmp
    set peer x.x.x.x
    set transform-set vpn_set
    match address 132
    crypto map vpnmap 33 ipsec-isakmp
    set peer 7.7.7.7
    set transform-set f5_set
    match address 133
    interface Tunnel31
    bandwidth 1200000
    ip address 172.16.31.34 255.255.255.252
    ip mtu 1400
    ip tcp adjust-mss 1360
    tunnel source 5.5.5.5
    tunnel destination x.x.x.x
    interface Tunnel32
    bandwidth 1200000
    ip address 172.16.31.57 255.255.255.252
    ip mtu 1400
    ip tcp adjust-mss 1360
    tunnel source 5.5.5.5
    tunnel destination x.x.x.x
    interface FastEthernet0/1
    bandwidth 51200
    ip address 50.50.50.1
    ip access-group 101 in
    ip flow ingress
    ip flow egress
    ip nat outside
    ip inspect ISP2-cbac out
    ip virtual-reassembly
    duplex auto
    speed auto
    crypto map vpnmap
    ip nat inside source route-map nonat interface FastEthernet0/1 overload
    partial acl
    access-list 101 permit udp host 7.7.7.7 any eq isakmp
    access-list 101 permit udp host 7.7.7.7 eq isakmp any
    access-list 101 permit esp host 7.7.7.7 any
    route-map nonat permit 41
    match ip address 175
    access-list 133 permit ip 192.168.3.0 0.0.0.255 192.168.180.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.60.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.180.0 0.0.0.255
    access-list 175 permit ip 192.168.3.0 0.0.0.255 any
    ip route 0.0.0.0 0.0.0.0 50.50.50.x
    ip route 10.1.0.0 255.255.0.0 Tunnel32
    ip route 172.18.1.0 255.255.255.0 192.168.3.254
    ip route 172.18.2.0 255.255.255.0 192.168.3.254
    ip route 172.18.3.2 255.255.255.255 Service-Engine0/0
    ip route 192.168.1.0 255.255.255.0 Tunnel31
    ip route 192.168.2.0 255.255.255.0 Tunnel32
    ip route 192.168.10.0 255.255.255.0 192.168.3.254
    sh cry isa sa
    IPv4 Crypto ISAKMP SA
    dst             src             state          conn-id status
    50.50.50.1     7.7.7.7   QM_IDLE           1003 ACTIVE
    sh crypto isa sa
    protected vrf: (none)
       local  ident (addr/mask/prot/port): (192.168.3.0/255.255.255.0/0/0)
       remote ident (addr/mask/prot/port): (192.168.180.0/255.255.255.0/0/0)
       current_peer 7.7.7.7 port 35381
         PERMIT, flags={origin_is_acl,}
        #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
        #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 0, #pkts compr. failed: 0
        #pkts not decompressed: 0, #pkts decompress failed: 0
        #send errors 0, #recv errors 0
         local crypto endpt.: 50.50.50.1, remote crypto endpt.: 7.7.7.7
         path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1
         current outbound spi: 0xFF024E3E(4278341182)
         PFS (Y/N): Y, DH group: group2
         inbound esp sas:
          spi: 0x8E538667(2387838567)
            transform: esp-3des esp-sha-hmac ,
            in use settings ={Tunnel, }
            conn id: 2007, flow_id: FPGA:7, sibling_flags 80000046, crypto map: vpnmap
            sa timing: remaining key lifetime (k/sec): (4493323/82118)
            IV size: 8 bytes
            replay detection support: Y  replay window size: 1024
            Status: ACTIVE
         inbound ah sas:
         inbound pcp sas:
         outbound esp sas:
          spi: 0xFF024E3E(4278341182)
            transform: esp-3des esp-sha-hmac ,
            in use settings ={Tunnel, }
            conn id: 2008, flow_id: FPGA:8, sibling_flags 80000046, crypto map: vpnmap
            sa timing: remaining key lifetime (k/sec): (4493323/82118)
            IV size: 8 bytes
            replay detection support: Y  replay window size: 1024
            Status: ACTIVE
         outbound ah sas:
         outbound pcp sas:
    DEBUG
    #show debug
    Cryptographic Subsystem:
      Crypto ISAKMP debugging is on
      Crypto ISAKMP Error debugging is on
      Crypto IPSEC debugging is on
      Crypto IPSEC Error debugging is on
    #sh log | inc 7.7.7.7
    000202: *Aug 12 02:20:16.006: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000207: *Aug 12 02:20:16.046: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000211: *Aug 12 02:20:16.046: ISAKMP:(1003): DPD/R_U_THERE_ACK received from peer 7.7.7.7,
    sequence 0x1C6F72FD
    000287: *Aug 12 02:20:25.962: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000292: *Aug 12 02:20:25.998: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000296: *Aug 12 02:20:25.998: ISAKMP:(1003): DPD/R_U_THERE_ACK received from peer 7.7.7.7,
    sequence 0x1C6F72FE
    000389: *Aug 12 02:20:35.542: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000394: *Aug 12 02:20:35.578: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000398: *Aug 12 02:20:35.582: ISAKMP:(1003): DPD/R_U_THERE_ACK received from peer 7.7.7.7,
    sequence 0x1C6F72FF
    000402: *Aug 12 02:20:36.582: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000409: *Aug 12 02:20:36.586: ISAKMP:(1003):DPD/R_U_THERE received from peer 7.7.7.7, sequence
    0x5FF
    000413: *Aug 12 02:20:36.586: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    #sh log | inc 7.7.7.7
    000847: *Aug 12 02:21:24.163: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000852: *Aug 12 02:21:24.203: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    3rd party device:
    #  racoonctl -l show-sa isakmp
    Destination            Cookies                           ST S  V E Created             Phase2
    50.50.50.1.500        e1866e9ee2830764:575a7489971701ad  9 I 10 M 2013-08-11 20:04:57      1
    [root@ltm1:Active:Disconnected] log #  racoonctl -l show-sa isakmp
    Destination            Cookies                           ST S  V E Created             Phase2
    50.50.50.1.500        e1866e9ee2830764:575a7489971701ad  9 I 10 M 2013-08-11 20:04:57      1
    # racoonctl -l show-sa ipsec
    192.168.180.5 50.50.50.1
            esp mode=tunnel spi=2387838567(0x8e538667) reqid=62829(0x0000f56d)
            E: 3des-cbc  74583bf5 4fe29310 07603be7 d52516d6 7269c35f 51b24a52
            A: hmac-sha1  c0d2254c ea2ec11a 6a22bf41 dad35582 00d91a30
            seq=0x00000000 replay=64 flags=0x00000000 state=mature
            created: Aug 11 20:04:59 2013   current: Aug 11 21:18:57 2013
            diff: 4438(s)   hard: 5184000(s)        soft: 4147200(s)
            last: Aug 11 21:18:56 2013      hard: 0(s)      soft: 0(s)
            current: 421660(bytes)  hard: 0(bytes)  soft: 0(bytes)
            allocated: 3635 hard: 0 soft: 0
            sadb_seq=1 pid=8526 refcnt=0
    50.50.50.1 192.168.180.5
            esp mode=tunnel spi=4278341182(0xff024e3e) reqid=62828(0x0000f56c)
            E: 3des-cbc  3bc26d98 0a230000 54c64896 e1a68815 6c696a15 f6779541
            A: hmac-sha1  96de21a0 b5f52539 0616acfa b5a09994 03306e92
            seq=0x00000000 replay=64 flags=0x00000000 state=mature
            created: Aug 11 20:04:59 2013   current: Aug 11 21:18:57 2013
            diff: 4438(s)   hard: 5184000(s)        soft: 4147200(s)
            last:                           hard: 0(s)      soft: 0(s)
            current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
            allocated: 0    hard: 0 soft: 0
            sadb_seq=0 pid=8526 refcnt=0

    Scenario:
    I have three sites all connected ( full mesh) with IPsec/GRE tunnels and these work fine. I attempted to add a satellite office to one our sites. The sat device is a 3rd party device and is behind a rotuer/fw device. The IPSec tunnel  (non-gre) appears to come up but no traffic passes.
    When I ping 192.168.3.1 from the sat device (monitored using tcpdump), it cause the tunnel to come up but I don't see the Cisco side replying back.
    The 192.168.180.0/24 network is at the Sat office and the 192.168.3.0/24 network is at the main office.
    If I initiate a ping from the Cisco side, it doesn't prompt the tunnel to come up. ???? Any ideas?
    Cisco config
    crypto isakmp policy 10
    encr 3des
    hash md5
    authentication pre-share
    group 2
    crypto isakmp key secret address x.x.x.x
    crypto isakmp key secret address x.x.x.x
    crypto isakmp key secret address 7.7.7.7
    crypto isakmp keepalive 10 5 periodic
    crypto ipsec security-association lifetime seconds 86400
    crypto ipsec security-association replay window-size 1024
    crypto ipsec transform-set vpn_set esp-3des esp-md5-hmac
    crypto ipsec transform-set f5_set esp-3des esp-sha-hmac
    crypto map vpnmap 31 ipsec-isakmp
    set peer x.x.x.x
    set transform-set vpn_set
    match address 131
    crypto map vpnmap 32 ipsec-isakmp
    set peer x.x.x.x
    set transform-set vpn_set
    match address 132
    crypto map vpnmap 33 ipsec-isakmp
    set peer 7.7.7.7
    set transform-set f5_set
    match address 133
    interface Tunnel31
    bandwidth 1200000
    ip address 172.16.31.34 255.255.255.252
    ip mtu 1400
    ip tcp adjust-mss 1360
    tunnel source 5.5.5.5
    tunnel destination x.x.x.x
    interface Tunnel32
    bandwidth 1200000
    ip address 172.16.31.57 255.255.255.252
    ip mtu 1400
    ip tcp adjust-mss 1360
    tunnel source 5.5.5.5
    tunnel destination x.x.x.x
    interface FastEthernet0/1
    bandwidth 51200
    ip address 50.50.50.1
    ip access-group 101 in
    ip flow ingress
    ip flow egress
    ip nat outside
    ip inspect ISP2-cbac out
    ip virtual-reassembly
    duplex auto
    speed auto
    crypto map vpnmap
    ip nat inside source route-map nonat interface FastEthernet0/1 overload
    partial acl
    access-list 101 permit udp host 7.7.7.7 any eq isakmp
    access-list 101 permit udp host 7.7.7.7 eq isakmp any
    access-list 101 permit esp host 7.7.7.7 any
    route-map nonat permit 41
    match ip address 175
    access-list 133 permit ip 192.168.3.0 0.0.0.255 192.168.180.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.60.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255
    access-list 175 deny   ip 192.168.3.0 0.0.0.255 192.168.180.0 0.0.0.255
    access-list 175 permit ip 192.168.3.0 0.0.0.255 any
    ip route 0.0.0.0 0.0.0.0 50.50.50.x
    ip route 10.1.0.0 255.255.0.0 Tunnel32
    ip route 172.18.1.0 255.255.255.0 192.168.3.254
    ip route 172.18.2.0 255.255.255.0 192.168.3.254
    ip route 172.18.3.2 255.255.255.255 Service-Engine0/0
    ip route 192.168.1.0 255.255.255.0 Tunnel31
    ip route 192.168.2.0 255.255.255.0 Tunnel32
    ip route 192.168.10.0 255.255.255.0 192.168.3.254
    sh cry isa sa
    IPv4 Crypto ISAKMP SA
    dst             src             state          conn-id status
    50.50.50.1     7.7.7.7   QM_IDLE           1003 ACTIVE
    sh crypto isa sa
    protected vrf: (none)
       local  ident (addr/mask/prot/port): (192.168.3.0/255.255.255.0/0/0)
       remote ident (addr/mask/prot/port): (192.168.180.0/255.255.255.0/0/0)
       current_peer 7.7.7.7 port 35381
         PERMIT, flags={origin_is_acl,}
        #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
        #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 0, #pkts compr. failed: 0
        #pkts not decompressed: 0, #pkts decompress failed: 0
        #send errors 0, #recv errors 0
         local crypto endpt.: 50.50.50.1, remote crypto endpt.: 7.7.7.7
         path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1
         current outbound spi: 0xFF024E3E(4278341182)
         PFS (Y/N): Y, DH group: group2
         inbound esp sas:
          spi: 0x8E538667(2387838567)
            transform: esp-3des esp-sha-hmac ,
            in use settings ={Tunnel, }
            conn id: 2007, flow_id: FPGA:7, sibling_flags 80000046, crypto map: vpnmap
            sa timing: remaining key lifetime (k/sec): (4493323/82118)
            IV size: 8 bytes
            replay detection support: Y  replay window size: 1024
            Status: ACTIVE
         inbound ah sas:
         inbound pcp sas:
         outbound esp sas:
          spi: 0xFF024E3E(4278341182)
            transform: esp-3des esp-sha-hmac ,
            in use settings ={Tunnel, }
            conn id: 2008, flow_id: FPGA:8, sibling_flags 80000046, crypto map: vpnmap
            sa timing: remaining key lifetime (k/sec): (4493323/82118)
            IV size: 8 bytes
            replay detection support: Y  replay window size: 1024
            Status: ACTIVE
         outbound ah sas:
         outbound pcp sas:
    DEBUG
    #show debug
    Cryptographic Subsystem:
      Crypto ISAKMP debugging is on
      Crypto ISAKMP Error debugging is on
      Crypto IPSEC debugging is on
      Crypto IPSEC Error debugging is on
    #sh log | inc 7.7.7.7
    000202: *Aug 12 02:20:16.006: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000207: *Aug 12 02:20:16.046: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000211: *Aug 12 02:20:16.046: ISAKMP:(1003): DPD/R_U_THERE_ACK received from peer 7.7.7.7,
    sequence 0x1C6F72FD
    000287: *Aug 12 02:20:25.962: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000292: *Aug 12 02:20:25.998: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000296: *Aug 12 02:20:25.998: ISAKMP:(1003): DPD/R_U_THERE_ACK received from peer 7.7.7.7,
    sequence 0x1C6F72FE
    000389: *Aug 12 02:20:35.542: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000394: *Aug 12 02:20:35.578: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000398: *Aug 12 02:20:35.582: ISAKMP:(1003): DPD/R_U_THERE_ACK received from peer 7.7.7.7,
    sequence 0x1C6F72FF
    000402: *Aug 12 02:20:36.582: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    000409: *Aug 12 02:20:36.586: ISAKMP:(1003):DPD/R_U_THERE received from peer 7.7.7.7, sequence
    0x5FF
    000413: *Aug 12 02:20:36.586: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    #sh log | inc 7.7.7.7
    000847: *Aug 12 02:21:24.163: ISAKMP:(1003): sending packet to 7.7.7.7 my_port 500 peer_port 35381
    (R) QM_IDLE
    000852: *Aug 12 02:21:24.203: ISAKMP (1003): received packet from 7.7.7.7 dport 500 sport 35381
    Global (R) QM_IDLE
    3rd party device:
    #  racoonctl -l show-sa isakmp
    Destination            Cookies                           ST S  V E Created             Phase2
    50.50.50.1.500        e1866e9ee2830764:575a7489971701ad  9 I 10 M 2013-08-11 20:04:57      1
    [root@ltm1:Active:Disconnected] log #  racoonctl -l show-sa isakmp
    Destination            Cookies                           ST S  V E Created             Phase2
    50.50.50.1.500        e1866e9ee2830764:575a7489971701ad  9 I 10 M 2013-08-11 20:04:57      1
    # racoonctl -l show-sa ipsec
    192.168.180.5 50.50.50.1
            esp mode=tunnel spi=2387838567(0x8e538667) reqid=62829(0x0000f56d)
            E: 3des-cbc  74583bf5 4fe29310 07603be7 d52516d6 7269c35f 51b24a52
            A: hmac-sha1  c0d2254c ea2ec11a 6a22bf41 dad35582 00d91a30
            seq=0x00000000 replay=64 flags=0x00000000 state=mature
            created: Aug 11 20:04:59 2013   current: Aug 11 21:18:57 2013
            diff: 4438(s)   hard: 5184000(s)        soft: 4147200(s)
            last: Aug 11 21:18:56 2013      hard: 0(s)      soft: 0(s)
            current: 421660(bytes)  hard: 0(bytes)  soft: 0(bytes)
            allocated: 3635 hard: 0 soft: 0
            sadb_seq=1 pid=8526 refcnt=0
    50.50.50.1 192.168.180.5
            esp mode=tunnel spi=4278341182(0xff024e3e) reqid=62828(0x0000f56c)
            E: 3des-cbc  3bc26d98 0a230000 54c64896 e1a68815 6c696a15 f6779541
            A: hmac-sha1  96de21a0 b5f52539 0616acfa b5a09994 03306e92
            seq=0x00000000 replay=64 flags=0x00000000 state=mature
            created: Aug 11 20:04:59 2013   current: Aug 11 21:18:57 2013
            diff: 4438(s)   hard: 5184000(s)        soft: 4147200(s)
            last:                           hard: 0(s)      soft: 0(s)
            current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
            allocated: 0    hard: 0 soft: 0
            sadb_seq=0 pid=8526 refcnt=0

  • Unable to allow traffic from remote office - Cisco RV220W

    Hi there,
    I have just bought the RV220W Cisco router firewall because my DLINK-1600 got broken and now I am unable to allow access to the machines located behind this router from the machines located at a remote office. Any help would be much appreciated!!
    This is the situation:
    1. Two remote offices A and B connected by a VPN tunnel (this connection is managed by an external provider and it is properly functioning)
    2. IP range A office: 192.168.236.0/24
    3. IP range B office: 192.168.237.0/24
    4. Office A: CISCO RV220W router/firewall (the one that I´ve just bought as the old dlink has broken). This RV220W is connected to a cisco router (managed by provider) that is the one with the VPN tunnel to the other office. The CISCO router does not do NAT. On the other end (Office B) there is another CISCO router managed by the provider.
    5. Everything was working smoothly until our old router/firewall got broken and that is when I bought the rv220w. I have set up the CISCO RV220W at office A and the machines can ping the machines located at office B and can browse the internet, i.e., the traffic going out is OK and in that sense everything works smoothly.
    6. The problem is that the machines located at office B cannot access the machines located behind the CISCO RV220W and I know it is a problem of the firewall as if I capture traffic coming from office B, I can see that it is dropped by the CISCO RV220W.
    7. I have tried to enable an access rule in the firewall to allow traffic from office B (see picture below) but it does not seem to work. In the field, Send to Local Server (DNAT IP) I have entered the WAN IP of my router (you cannot leave it blank) … this rule does not work at all. I think that is not properly configured but I don´t know how to do it.
    8. As you see, the problem is that I don´t know how to set up a rule to allow specific traffic coming from the WAN (traffic from remote office – 192.168.237.0/24) to the LAN at office A - 192.168.236.0/24.
    In the old router/firewall I just had to create a rule specifying the source interface (WAN) and network (Office B) and the destination interdace (LANOfficeA) and network (Office A). It does not seem that here I can do the same. i mean, you always have to point to a server ip inside the LAN??
    I know it has to be a very easy thing to do but at this moment I am completely stuck. If anyone can give me some advice would be great.
    Thanks a lot for your help in advanced!
    Eva

    Hi Eva, the default inbound policy cannot be changed. It will block all inbound traffic. To my knowledge there is not a way around this. Access rules are the only way to 'poke' a hole through the firewall but as you note, it is for a specific host. Values such as .0 and .255 do not work.
    -Tom
    Please mark answered for helpful posts

Maybe you are looking for

  • Unable to find database up in OEM 10g

    Dear ones i installed oracle 10g realease 2 and every thing was working fine. but now unable to find it up when i open the oracle enterprise manager . when i connect through sqlplus i find the database is up and running as i can connect through diffe

  • Fbl3n_line item disply

    I am using ecc 6.00 when i am using fbl3n for a GL line item disply in vendor column is not showing anything. it is not getting updated. Please tell me how to do it

  • Writeback to SAP BW cubes

    Hi, We are sourcing our data from SAP BW in OBIEE 11g. We have a requirement to use writeback functionality of OBIEE 11g to write back to the SAB BW cubes. As far as I know, OBIEE does not support writeback to multidimensional database. Does anyone h

  • Alpha channel showing black background

    Hello... I'm importing a logo from Photoshop that is on a transparent alpha channel. It looks fine in Photoshop... no background (other than the checkerboard). When I bring it into Final Cut there is a black box around the logo image. I have tried re

  • ME22N - How to scroll down the purchase order items

    Hi, I have to make a function with call transaction (ME22N) and when I use the SHDB transaction to build the script, I can´t find the scroll down command for the items list. I have to use because we will have many items to edit / exclude / finalize i