Help needed in ASA 5540 Cluster/Failover setup

Similar Messages

• Help needed with Wireless ADSL2+Modem Router setup

  I have a iMac 1GHz PowerPC G4 running 10.3.9 with all of the latest software updates and have just purchased a Netgear DG834G. I am currently using an USB modem and now need wireless internet access for remote working via an IBM Thinkpad.
  I have tried to follow the Netgear manual but to no avail. Unfortunately, my ISP was unwilling to help with setup as they didn't supply the router! Typical! Anyway they gave me some settings which might as well be in a foreign language ....
  Virtual Path Identifier VPI = 0
  Virtual Channel Indentifier (VCI) parameters = 38
  ISP Domain Name Server (DNS) Addresses apparently will be automatic
  Fixed or Static IP Address is automatic
  Protocol = PPOA - is this correct?
  Encapsulation =VCMUX
  Any advice and screenshots would be greatly appreciated as I am absolutely stuck.
  iMac 15 G4   Mac OS X (10.3.9)   Lacie Triple D2 160GB + 5G 30gb iPod

  Fixed - told myself to RTFM!

• [SOLVED] Help needed with iptables rule with unusual setup

  Hi I recently setup hostapd on my netbook so I could share a wireless network with my phone and I'm having trouble because my netbook is also hosting a Jetty sever (Subsonic media streamer).
  My setup is as follows
  [CABLE MODEM]===[WIRED ROUTER]=====[NETBOOK] ))))) [PHONE]
  The wired router provides the DHCP server.
  On my netbook I created a (br0) bridge between eth0 and wlan0 and started hostapd. That all works fine when I'm not trying to host my Jetty server on my netbook.
  The netbook has the IP 192.168.0.8
  The phone has the IP 192.168.0.6
  I do not want to give the Jetty server root permissions just so it can run on port 80. So instead I start it instead on port 4040 and then use a iptables rule to redirect connections to port 80 to port 4040.
  Before I setup hostapd on machine I used to use the following.
  iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 4040
  However when I'm using hostapd and try to access websites on my phone its web browser is ALWAYS REDIRECTED to my jetty server. I'm not really surprised at this as the rule I mentioned above is for any destination or any source.
  I tried this rule:
  iptables -t nat -A PREROUTING -d localhost -p tcp --dport 80 -j REDIRECT --to-ports 4040
  This didn't work. On my phone I could access websites as expected but nobody (tried external from network and internally) could access the jetty server on port 80. Does anyone know why this rule doesn't work?
  I tried this rule:
  iptables -t nat -A PREROUTING \! -s 192.168.0.6 -p tcp --dport 80 -j REDIRECT --to-ports 4040
  This rule worked (Redirect port 4040 connections to port 80 if the connection isn't from my phone). But this is NOT very good at all as it means I would need a separate rule for every wireless device that connected to my netbook (via hostapd). Also if the IP address of my phone ever changes this rule becomes useless too!
  Does anyone have any ideas?
  Any help would be greatly appreciated.
  Thanks.
  Last edited by delcypher (2010-07-24 20:17:35)

  Well looks like I fixed my own problem.
  I added a LOG target in the PREROUTING chain like so
  iptables -t nat -A PREROUTING -p tcp --dport 80 -j LOG --log-prefix 'cheesy-redirect'
  iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 80
  When I looked at /var/logs/everything I noticed this.
  dan-netbook kernel: cheesy-redirectIN=br0 OUT= PHYSIN=eth0 MAC=00:26:18:73:ea:28:00:09:5b:5d:0a:33:08:00 SRC=178.102.41.92 DST=192.168.0.3 LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=51411 DF PROTO=TCP SPT=48219 DPT=80 WINDOW=49640 RES=0x00 SYN URGP=0
  The destination is 192.168.0.3 ! Which is very very weird. This the IP address I had told my router to give my eth0 card in the past when I wasn't using a network bridge (br0). I was connected to the network using 192.168.0.8 on br0. The eth0 interface wasn't assigned an IP address.
  192.168.0.3 was also the IP address I setup for static port forwarding (which I forgot about) so when I accessed my jetty server from outside my network all packets would of been forwarded to 192.168.0.3
  I should never of received those packets as I was 192.168.0.8 not 192.168.0.3 at the time of logging so how I even received these packets is a mystery to me. Maybe the router software is buggy
  Fixing was pretty straight forward I changed the port forward to go to 192.168.0.8 and then tried connecting to the jetty server externally and noted in the log
  cheesy-redirectIN=br0 OUT= PHYSIN=eth0 MAC=00:25:d3:46:4d:0d:00:09:5b:5d:0a:33:08:00 SRC=178.102.41.92 DST=192.168.0.8 LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=65326 DF PROTO=TCP SPT=33597 DPT=80 WINDOW=49640 RES=0x00 SYN URGP=0
  So the correct redirect rule is
  iptables -t nat -A PREROUTING -p tcp --dport 80 -d 192.168.0.8 -j REDIRECT --to-ports 80
  which works nicely
  One last question though. Does anyone know how I can use a hostname rather than 192.168.0.8 which points to whatever the IP address of br0 is set to? localhost points to 127.0.0.1 so that doesn't work.

• Help needed on SRVCTL importance in RAC Setup.

  Hi gurus,
  We are using 11GR2 database with RAC on AIX machines also we are using oracle clusterware only. It was implemented by some body else and we are supporting this environment. We observed that we are not able to start the Database/listerners using srvctl. it is throughing the error. We just like to know if this is acceptable. i am trying to say that SRVCTL is critical in RAC setup and we should be in a position to start the DB using srvctl else we need to start DB manually when any problem happens due to cluster level problem.
  My requirement is
  1) Is my point is valid. i.e SRVCTL is compulsary for cluster or not?
  2) if SRVCTL is compulsary then i need to have metalink note saying SRVCTL is compulsary with out that cluster will not start the DB automatically.
  REgards
  DBA.

  Yes ... you are right .
  You can use SRVCTL to start and stop the database and instances, manage configuration information, and to move or remove instances and services. You can also use SRVCTL to add services. SRVCTL also manages configuration information.
  Some SRVCTL operations store configuration information in the Oracle Cluster Registry (OCR). SRVCTL performs other operations, such as starting and stopping instances, by sending requests to the Oracle Clusterware process (CRSD), which then starts or stops the Oracle Clusterware resources.
  You should be able to perform operations using srvctl.
  Check out the trace files for any errors ?
  Also srvctl is kind of mandatory thing and without this you wont be able to make change to configurations.
  So find the root cause and you can also raise SR to oracle support.
  Regards
  Rajesh

• Help NEEDED!! WSVR4400N VPN & QuickVPN setup

  I have the 4400n router. I want to connect to my office using the VPN & QuickVPN setup. Office: Small Biz server 2003 set to a "workgroup" network setup only. WSVR4400N router and Comcast internet Router: I setup the VPN Client Name and password. It is active. Home computer or laptop from work: I downloaded the latest QuickVPN software. Put in info and logged in. Results: Enter required info & connect. It starts but hangs at "Verifying Network". No connection is ever made. The office router states I am "online" but I can't do anything and the box at the lower right has a red line thru it. No port forwarding setup. I have tried setting the port forwarding to the server and to the router as well with no luck. What the heck do I do??? Thanks in advance. Chris

  Do you have two routers? You wrote something about a comcast router. Can you please describe the exact setup of the routers you have, starting from the modem including the IP addresses. In particular: does the WRVS have a public IP address?
  Moreover, please check the log on the WRVS. It should contain information about VPN connection attempts.
  Which port forwardings did you try exactly?
  Did you have the "online" status without any port forwardings?
  It would definitively help to know whether it works while the client is not behind a router, i.e. the client computer has a public IP address. NAT is a killer for IPSec. IPSec makes sure IP packet are not modified. NAT must modify packets.
  Message Edited by gv on 04-18-2008 11:56 PM

• Help Needed with ASA 8.3+ NAT

  Hi,
  I'm having an issue configuring NAT on an ASA running 8.3. Hopefully someone can point me in the right direction.
  I've managed to configure NAT from the Inside interface to the DMZ, using PAT, so that the traffic is hidden behind the IP of the DMZ interface. This seems to work ok.
  object network obj_any-18
  subnet 0.0.0.0 0.0.0.0
  object network obj_any-18
  nat (inside,dmz1.005) dynamic interface
  The problem I have is when I try to configure a rule for traffic that originates in the DMZ back to the Inside. I can't seem to get any traffic to flow from the DMZ to the Inside, and sometimes I manage to stop traffic flowing in both directions!
  What would be the best way to configure the return traffic from the DMZ to the Inside.
  Thanks,
  Paul

  Hi Varun,
  I have removed the nat statement below from the config;
  nat (dmz1.005_8.3_nat_test,inside) source static net_dmz1.005 net_dmz1.005 destination static grp_dmz1.005_nonat grp_dmz1.005_nonat unidirectional
  And then added;
  nat (dmz1.005_8.3_nat_test,inside) 1 source dynamic any interface
  Traffic doesn't flow in either direction now.
  If I disable the new nat statement, I can ping from the inside to dmz1.005, and the IP is hidden behind the dmz1.005 interface. But I can't ping in the other direction.
  Do you want me to PM you the config?
  Paul

• New ASA 5515x failover setup

  Just an architecture setup question. We have purchased two 5515x ASA firewalls. I will be setting them up in a stateful failover setup. I know this sounds like a basic question but here goes. I am thinking we should get the first one working on my network and then install the failover ASA once the first one is working properly....? Any thoughts?

  Hi,
  Yes, you can just configure the single ASA first with the configurations and after its configurations are finished install the Secondary unit.
  Naturally while you are configuring the Primary unit you should already setup the interfaces with a "standby" IP address under the interface configuration.
  After you have setup the Primary ASA and made sure that for each of its interfaces/subinterfaces you have a L2 connection through the connecting networking devices to the Secondary ASAs corresponding interfaces/subinterfaces, then you are ready to install the Secondary ASA to the network.
  What you could do on the Secondary ASA is that you remove its default factory configuration and then configure "no shutdown" on each physical interface that you are going to use. Then you could configure the required Failover configurations using the multiple different "failover" configuration commands. (You wont need to configure the actual physical port separately, just need to enable it with "no shutdown", the "failover" commands should handle the rest) After the physical interfaces are configured up and the "failover" commands are set up on the Secondary ASA (and naturally the Primary ASA) then you could basically save the configuration on the Secondary ASA, power down the Secondary ASA, connect it to the network and boot it up. It should then sync the configuration from the Primary ASA after it has booted up and noticed the Active unit (Primary ASA) through the Failover link. So you should not really need to configure the Secondary ASA a lot since it syncs majority of the configurations from the Primary ASA. Naturally the above "failover" configurations are required so the Failover link can be formed for the sync.
  I have had to do this a couple of times lately because of broken down ASAs in Failover pairs. Naturally I would suggest that you take backups of the Primary ASAs configurations before you start setting up the Failover environment so that incase of some error in the setup you still have the configuration. Some people have mentioned the other unit wiping the others configuration but it has not happened to me atleast.
  Hope this helps and that I made any sense :)
  - Jouni

• Failover clusterign... How similar do the primary and failover instance need to be in a failover cluster?

  How similar do the primary and failover instance need to be in a failover cluster?
  Does the number of database have to match, naming, general config etc...
  Mr Shaw

  In failover clustering, you use shared storage so the number of databases is irrelevant since only one node can see/access the shared storage at any given point in time. Ideally, the server configuration should be the same on all of the nodes to minimize
  potential issues that may impact downtime. However, you need to consider licensing/# of CPU-cores and implementation cost, especially if you are only using the other nodes as standby. As far as licensing is concerned, the standby has to have the same or fewer
  number of CPU-cores as the primary node to be covered by licensing. Besides, you don't want your standby node to be more powerful than your primary node. This is why the option to have a hybrid deployment of having a physical server as the primary node and
  virtual machine for standby nodes is now supported.
  Edwin Sarmiento SQL Server MVP | Microsoft Certified Master
  Blog |
  Twitter | LinkedIn
  SQL Server High Availability and Disaster Recover Deep Dive Course

• Need Help Entering the Correct Data on Site Setup Window

  [DW CS5 on a Mac OS 10.7.5]
  I get an "FTP Error Message" after entering data on the Site Setup window after pressing Test.
  I want to upload to my host/server's cPanel one of a number of subdirectories that I have on my root directory. My first attempt at uploading the first subdirectory failed. Can someone help me determine which of my Site Setup entries is incorrect and what the correct entry ought to be?
  Perhaps I'm entering incorrect data in the "Root Directory" or Web URL" fields. My host server has given me the correct data, which I've carefully entered. Unfortunately, my testing on the Site Setup window continues to get this message: "An FTP error occurred — cannot open server folder /public_html/alaska/. Access denied. The file may not exist, or there could be a permission problem." Support staff at my host/server cannot determine why the uplaod attempts fail.
  I'll appreciate your guidance. Thanks, very much.

  Brett, thanks for your prompt e-reply.
  Unfortunately, removing the entry from DW's Root Directory field enabled a successful test, however, it caused all uploaded files to wind up in my very large root directory.     ( :-(      I had to do a lot of file management and deletions to clean up the root directory.
  My numerous approaches, after receiving your suggestion, appear to have found a successful workaround. Here's what worked:
  -- While in cPanel's File Management window, I selected the "/public_html" folder in the left column and clicked "New Folder" from the top toolbar. Once the new subdirectory folder was created, I went directly to the DW app where I then clicked the icon (atop and to the far right of the Files panel) subtitled "Expand to show local and remote sites".
  -- With DW's expanded window open, I selected the new folder name in the left half of the window. I then dragged and dropped all the files that were in the right-column's subdirectory's folder to the new folder in the left column.
  -- After completing the drag and drop effort, I checked cPanel's File Management window and verified that all files went to the appropriate subdirectory folder.
  -- Finally, I opened the site's pages online to see that all worked as intended.
  Over all, I wish DW were more reliable, such that when testing setups for *subdirectories* that have "/public_html" in the "Root Directory" field, they will *all* test successfully.
  Sadly, Adobe no longer supports CS5.    (  :-(
  Nevertheless, thanks for your assistance, Brett.

• Cisco ASA Active standby failover problem

  We have configured ASA Active standby failover with ASA5505 . When primary unit power off, secondary unit became active. when primary unit power on, then primary unit is becoming active again. i think for active standby setup there is no preemption. The real issue is when primary ASA became active after power on all the external connectivity getting down. Please see the below config,
  ASA01# show run
  ASA01# show running-config 
  : Saved
  ASA Version 8.2(5) 
  hostname ASA01
  enable password PVSASRJovmamnVkD encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  name 192.168.1.1 MPLS_Router description MPLS_Router 
  name 192.168.2.1 SCADA_Router description SCADA_Router
  interface Ethernet0/0
   switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
   switchport access vlan 2
  interface Ethernet0/3
  interface Ethernet0/4
   switchport access vlan 3
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
   nameif inside
   security-level 100
   ip address 192.168.3.8 255.255.255.0 standby 192.168.3.9 
  interface Vlan2
   nameif outside
   security-level 0
   ip address 192.168.1.8 255.255.255.0 standby 192.168.1.9 
  interface Vlan3
   description LAN Failover Interface
  ftp mode passive
  clock timezone AST 3
  access-list inside_access_in extended permit icmp any any 
  access-list inside_access_in extended permit ip any any 
  access-list inside_access_in extended permit ip any host MPLS_Router 
  access-list outside_access_in extended permit icmp any any 
  access-list outside_access_in extended permit ip any any 
  access-list outside_access_in extended permit ip any 192.168.2.0 255.255.255.0 
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  failover
  failover lan unit primary
  failover lan interface FAILOVER Vlan3
  failover key *****
  failover interface ip FAILOVER 10.1.1.1 255.255.255.0 standby 10.1.1.2
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 1 0.0.0.0 0.0.0.0
  access-group inside_access_in in interface inside
  access-group outside_access_in in interface outside
  route-map Route_Out permit 1
   match ip address inside_access_in outside_access_in
   match interface inside
  route outside 0.0.0.0 0.0.0.0 MPLS_Router 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 192.168.1.0 255.255.255.0 inside
  http 192.168.2.0 255.255.255.0 inside
  http authentication-certificate inside
  http authentication-certificate outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  telnet 192.168.2.0 255.255.255.0 inside
  telnet 192.168.1.0 255.255.255.0 outside
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  username admin password eY/fQXw7Ure8Qrz7 encrypted
  prompt hostname context 
  no call-home reporting anonymous
  call-home
   profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:1a8e46a787aa78502ffd881ab62d1c31
  : end

  I suggest removing the failover configuration on both units and then re-add them, and then test.
  Primary
  failover lan interface FAILOVER Vlan3
  failover interface ip FAILOVER 10.1.1.1 255.255.255.0 standby 10.1.1.2
  failover lan unit primary
  failover key KEY
  failover
  Secondary
  failover lan interface FAILOVER Vlan3
  failover interface ip FAILOVER 10.1.1.1 255.255.255.0 standby 10.1.1.2
  failover lan unit secondary
  failover key KEY
  failover
  Please remember to select a correct answer and rate helpful posts

• Interprocess Communication on same machine (Help needed)

  Hello everyone, I have a question that I thought you guys could help. Actually I have multiple processes running on a same machine and I want to put messages from one process to the queue of other process what is the best way to achieve this functionality in Java?
  Currently I'm working on C++(linux). I have a webservice and some TCP listener processes running on the same machine, and there is another process (i call it processing engine) running one the same machine. So everytime I receive the message from webservice or from TCP socket, I write those messages to the Queue of Processing Engine, and after processing that message my processing engine writes the reply to the queue of webservice/TCP (from wherever it received the message).
  I want to achive the same functionality in java. My messages are simple literals/string and I'll write all my processes (webservice/tcp/proc. engine etc) in java aswel.
  Secondly I want to process the messages according to FIFO.
  Your help will be appreciated.
  Thank you.
  Edited by: Nafri on Dec 3, 2009 11:02 AM

  Rahil.Ali wrote:
  What we are trying to accomplish is implement a transaction processing system...
  There will several processes working independently, but these processes will be sending messages to one another.. for example
  - a TCP process will read the message and translate it into our internal message format and send that formatted message to Processing engine..
  - TCP process will then wait for other message from the network..
  - Processing Engine will do its job and reply back to TCP process...
  We cannot incorporate all the business logic in one process .. since its too big...
  Why not? The first server should not involve that much processing. So only the second is the problem. And that is one server.
  And what is the actual performance metrics for a single server?
  For comparisons I usually use max 2000 txns a second. If you have a server that handles 100 txns a second then you need between 25-40 servers depending on the target box load and back up servers. That really isn't a lot of servers if you really are doing 2000 txns a second (and getting a reasonable per txn fee.)
  And I speak from some experience since I have been working on txn processing systems for years.
  But I can see the allure of thinking that the front end and back end make more sense. One real advantage is adding another front end (different protocol) without touching the current systems.
  Communications options that do work that way would normally be
  - messages via sockets
  - message queues.
  Remember JMS is an API not a solution so you for the second above you need to investigate solutions.
  I consider message queues more complex than sockets (message queues of course use sockets and provide more functionality so that is probably a reasonable view.) There have however been some impressive processing speeds reported for them. And getting that same throughput using sockets takes some work.
  For either solution spend some time building some non-trivial test setups to gauge real speed paying attention to what you expect your real production needs to be. Experience speaking there since what they claim and what one can actually do for a particular situation can vary.
  Keep in mind that a two server solution where you anticipate that the second server might be doing more work might suggest that you need to consider a cluster of second servers servicing the front end server. Either solution requires thought about that before implemetation proceeds.

• Help needed in PS module on CJ9ECP/CJ20N for revaluating CCR??

  help needed in PS module on CJ9ECP/CJ20N for revaluating CCR??
  How to handle method on_costing_component_to_outtab which belongs to badi gui_itemization_ck. This is to revaluate CCR in CJ20N.
  From sale transaction(va01/va02) i need to call cj20n/cj9ecp for revaluating cost estimates. Can anyone say how to proceed with this thing.
  Can any one say how to handle pop up window in CJ20N/CJ9ECP when clicked edit ecp button. Later how to revaluate cost estimates. For this should i need to go for call transaction or is there any method available. If so how to handle method for revaluating cost estimates for ECP of WBS elements

  Thanks Amol for the advice.
  My friend doesn't belong to an engineering background and had not worked in a manufacturing environment.
  He holds an MBA degree specialised in systems and has worked in software companies supporting software projects and the functions(like HR,Procurement in the same setup) as a software quality guy.
  Moreover the modules mentioned by you requires engineering background with manufacturing exposure.
  He had enquired for the course at siemens and they said that he may not be suitable for any of the modules offered by them as per the above reasons.They also mentioned that they have to check with SAP Labs for expert opinion.
  Please provide your inputs.
  regards,
  Zubair.

• Help needed for using BASIC authentication through JDBCRealm

  Help needed.
  Hello,
  I am doing a degree project, so far it works fine in my local machine, I need to try it on my virtual hosting (as it is a live server).
  My project requires JDBCRealm, that is BASIC authentication loading access data from mysql database. Normally this setup can be done in Server.xml file, because my Tomcat hosting is a virtual one, I only have permission to access the web.xml file.
  My question is: is it possible to get it done in an alternative way? In web.xml? Some properties file maybe?
  Thank you very much.

  You can set this up for your context using META-INF/context.xml instead of working with server.xml.
  Make a directory called META-INF under your webapp ( it'll be at the same level as WEB-INF ). Under this, add a context.xml with all your context specific configuration including the realm. A sample is below
  <?xml version="1.0" encoding="UTF-8"?>
  <Context path="/myApp" reloadable="true">
      <Realm
          className="org.apache.catalina.realm.JDBCRealm"            
          driverName="com.microsoft.jdbc.sqlserver.SQLServerDriver"         
          connectionURL="jdbc:microsoft:sqlserver://127.0.0.1:1433;DatabaseName=myDB;SelectMethod=Cursor;"
          connectionName="username" connectionPassword="password"
          digest="MD5" userTable="users" userNameCol="userid" userCredCol="userpassword"
          userRoleTable="user_roles" roleNameCol="rolename"
      />
  </Context>Hope this helps.
  People on the forum help others voluntarily, it's not their job.
  Help them help you.
  Learn how to ask questions first: http://faq.javaranch.com/java/HowToAskQuestionsOnJavaRanch
  ----------------------------------------------------------------

• Urgent help needed on deployment facts

  Hi
  I had completed a Java Web based application using JApplet, which in turn uses Java Media Framework and Java Communications APIs. So when i deploy this application and let the clients use this application. I need to dump some jar files and properties files into the clients JRE so that all the APIs will work properly. Without any installations. I tried doing this manually by copying these files into client machines So is there a direct method for performing the task. Or i need to add some additional code to my applet so as to find the clients current JRE version and place the required files under using FTP? Can i write a setup routine or something which does all these operations once the client access the applet?
  Help needed in the above issues
  Thanks in advance
  Swaraj

  What you will want to do is look into JNLP and Java WebStart. They allow you to write a setup for your product that makes installation as easy as InstallShield&trade; does for the Windows&trade; platform (ie: it allows customers who cannot tell Java from Perl to install your product).

• HELP NEEDED PLEASE

  Hi everyone
  Programming help needed here. Any advice would be greatly appreciated!!!
  I have been assigned some work for a program called Processing 1.0 availale at http://processing.org/download
  I was give the 9 individual programs I needed to make however they were converted to Java files from .pde files. The program is based on Java but only runs .pde files and NOTHING else!
  I decompiled the files and got the source code, but it is a slight variation of the original someone made in processing, and needs some tidying to get it to run.
  I think the programs are very simple for a programmer, although I AM NOT.
  CODE is BELOW
  // Decompiled by DJ v3.10.10.93 Copyright 2007 Atanas Neshkov Date: 02/05/2009 13:15:00
  // Home Page: http://members.fortunecity.com/neshkov/dj.html http://www.neshkov.com/dj.html - Check often for new version!
  // Decompiler options: packimports(3)
  // Source File Name: Assign2_1.java
  import processing.core.PApplet;
  public class Assign2_1 extends PApplet
  public Assign2_1()
  SquareSide = 20;
  Rank = Nums.length;
  Side = SquareSide * Rank;
  Green = color(0, 255, 0);
  Yellow = color(255, 255, 0);
  BG = Yellow;
  public void setup()
  size(Side, Side);
  background(BG);
  fill(Green);
  for(int i = 0; i < Rank; i++)
  rect(i * SquareSide, 0.0F, SquareSide, SquareSide * Nums);
  public static void main(String args[])
  PApplet.main(new String[] {
  "--bgcolor=#ece9d8", "Assign2_1"
  int Nums[] = {
  6, 14, 8, 9, 2, 3, 4, 2, 8, 3,
  9, 2, 0, 5
  int SquareSide;
  int Rank;
  int Side;
  int Green;
  int Yellow;
  int BG;
  Edited by: chevy1 on May 2, 2009 7:32 AM

  HELP NEEDED PLEASEShouting is a good way ensure you don't get help. Also you should give a meaningful subject.
  Any advice would be greatly appreciated!!!I suggest you ask a question after providing enough information to be able to answer it.
  Also use CODE tags when posting code as it make the code more readable.
  We are more likely to help people who are trying to learn Java rather than someone who might be looking for an easy way out of doing an assignment.