How to configure inbound ruleset in dynamic nat.

Similar Messages

• How to configure inbound EDI invoice

  Hi all,
  Can any one provide me the steps to configure inbound edi invoice.
  Regards,
  Marella.

  Hi Arif, yes I did read that one.
  after reading that I got those doubts.
  In general, please help me to have a clear understanding in the following points.
  We have 4.6c.
  Please see my quries below and help me.
  SAP Tax codes
  Can an inbound MM invoice contain items belonging to different POs?
  Can the tax codes be different for different items in the same invoice?
  How to get tax codes for invoice items? Do we take these from the corresponding item in the PO? or from material master or from vendor master or some where else?
  What will be the tax code at the invoice header level?
  Regards,
  Marella.

• How to configure the schema name dynamically based on user input.

  configure the schema name dynamically based on user input.
  For ex:
  We have two schemas:
  Schema1  - base schema having 15 tables.
  Schema2 -  tables which is specific to modules. Having only 10 tables which is also available in Schema1
  Login to application using Schema 1
  Access a particlular module and select the country. Here country selection is identified.
  Based on the country selection, we need to connect the schema respectively.
  If the user selects France --> It should connect Schema1
  If the user selects Germeny --> It should connect schema2.
  Used: Eclipselink

  You may want to have a different persistence unit for each country, then you just need to switch persistence units, and can put the schema in your orm.xml file.
  You may also want to investigate EclipseLink multi-tenant support,
  http://www.eclipse.org/eclipselink/documentation/2.5/jpa/extensions/a_multitenant.htm
  You can the schema in a persistence unit in code using a SessionCustomizer and the tableQualifier.

• Steps on how to configure inbound e-mail to SAP

  Good Day!
       Is there anyone who can give me the procedure on how to configure SAP e-mail going to e-mail server(exhange server). Actually from SAP GUI e-mail going to external e-mail like exchange....
  thanks..

  Dear Dwight,
  Kindly refer to the Base note 455140 for configuration details.
  Following notes might also be helpful :
  607108     Problem analysis when you send or receive e-mails
  601806     Checklist Extended E-mail Inbox Setup
  546147     SMTP plug-in: MS Exchange sends only to port 25
  Regards
  Amit

• How to configure the server 2012 with NAT settings & 3 public IP addresses

  Hi everybody,
  I received this from my ISP:
  Here's your IP informationMain IP: 70.164.1.165Subnet
  Mask: 255.255.255.0
  Gateway: 70.164.1.1
  DNS1: 68.4.16.30
  DNS2: 68.6.16.30
  2 additional usable IP's Natted to 70.164.1.165
  Usable IP's 70.182.178.97 & 98
  Subnet Mask if needed: 255.255.255.252
  If you are using one server use 70.164.1.165 as the main IP then add/bind 70.182.178.97 & 98 to the NIC.
  For Linux Servers
  Network 70.182.178.96
  Broadcast 70.182.178.99
  If you are using a firewall or router, please make sure you are using 70.164.1.165 on the WAN interface, you can use / NAT 70.182.178.97 & 98 to your server(s).
  Main IP can also be natted to your server. 
  Please make sure shared IP hosting is utilized to conserve IP addresses per ARIN requirements.
  I have a Dell server, setup with Server 2012 DataCenter.
  I plan to run two VM's running ASP.NET web applications connected using the two additional IP addresses.
  I assume I should setup the VM Host to the base address .165 - simple enough no problem and I know how to setup the VM's on their own separate network and I can access the internet - no issues with that.
  How do I setup the additional public addresses since they have to pass through the Main address to the correct VM?
  I have googled for a few days and my ISP tech people look at me like I want to extract their teeth.  Their answer is to sell me a router and set it up.  This really does not seem that hard a task.

  Try maybe below configuration.
  VMHOST
  NIC1 - 70.164.1.165
  NIC2 - 192.168.0.1
  255.255.255.0
  NIC3 - 192.168.1.1
  255.255.255.0
  VM1:
  Bind VM NIC1 to VMHOST NIC2
  NIC1 - IP1:192.168.0.2 255.255.255.0
    IP2:70.182.178.97
  VM2: 
  Bind VM NIC1 to VMHOST NIC3
  NIC1 - IP1:192.168.1.2 255.255.255.0
    IP2:70.182.178.98
  On VMHOST set static traces (use Command Line):
  ROUTE ADD 70.182.178.97 MASK 255.255.255.255 192.168.0.2 
  ROUTE ADD 70.182.178.98 MASK 255.255.255.255 192.168.1.2

• How to Configure bootpd to Perform Dynamic DNS Updates

  I have been able to get bootpd configured to function as a basic DHCP server. I would now like to configure it to dynamically update DNS forward and reverse zones when leases are assigned, released, or expired.
  Does anyone have an example of a bootpd.plist file to configure bootpd for dynamic DNS updates?

  Hi,
  I am not sure what you are attempting to configure here.
  But what the NAT configuration above does is do a Dynamic PAT for all the servers on the "firewall-dmz" to a single IP address towards the "firewall-outbound"
  This Dynamic translation doesnt however enable connections to be initiated from behind the "firewall-outbound" interface. When your hosting a server which needs a NAT towards the users then the NAT type has to be Static NAT or Static PAT.
  Static NAT will essentially use up one public IP address for just the single local host/server.
  Static PAT will do a Port Forward from the public IP address and public port to the local IP and local port. And this is most commonly used with environments which only public IP address is the one that the ASA holds in its WAN interface.
  A typical Static NAT configuration is this
  static (inside,outside) 1.1.1.1 10.10.10.10 netmask 255.255.255.255
  Where
  inside = is the interface behind which the host is
  outside = is the interface towards which the host is NATed
  1.1.1.1 = is the public NAT IP address for the host
  10.10.10.10 = is the local IP address of the host
  A typical Static PAT configuration is this
  static (inside,outside) tcp interface 80 10.10.10.10 80 netmask 255.255.255.255
  Where
  tcp = specifies the protocol for which the Static PAT configured
  interface = specifies that we will be using the public IP address of the destination interface "outside" as the public IP address for this single Port Forward.
  80 = first "80" specifies the public port visible to users behind the destination interface
  80 = second "80" specifies the actual local port on which the local host is listening on
  Hope this helps
  - Jouni

• Configuring Inbound Profile in BW system for putting IDOCs?

  Hello,
  we send IDOCs to BW system form XI for POS analitics.
  But we confused how to configure Inbound Partner Profile in BW system (t-code WE20).
  The main question is :
  What must be as Inbound Partner in WE20 ? The name of DataSource(InfoSource) or something else? And what the type of Partner should it be?
  Thank You!

  hi,
  In BW, check in tx SXMB_ADM, option Integration Engine configuration, if you have in category RUNTIME, parameter IS_URL something like that "dest://<NameOfYourRfcDestination>".
  and in SM59 (of BW), check that you have the same RFC destination (type H).
  or maybe you use a Java proxy, instead of an abap proxy.
  regards.
  Mickael

• How to configure BODS in network environment with NAT ?

  Hi Team,
  Now we are working on POC of BO Data Services 4.0 with SI partner and they reported us that  a communication error (error code:BODI-1241023) occurred when they started a job from Designer. 
  They can do it without any problems in the following two cases.
  1. from Designer which is installed in the CMS/JobServer machine
  2. from Designer which is installed in local PC within internal network (without firewall / NAT) 
  That is, the cause is Firewall with NAT(Network Address Translation) between Designer and JobServer/CMS.
  And, they can log on to CMS/JobServer with NAT environment, however, cann't start a job from Designer.
  The port #3500 for JobServer is open. They confirmed that they could log on to the JobServer in the event log
  of the JobServer.
  That is,  Designer -> CMS/JobServer communication is OK, but JobServer -> Designer communication must be NG.
  Could you advise us how to configure BODS both client and server sides in the network environment with NAT ?
  Thanks and best regards,

  HI Buddy,
  You can achieve this by $FLEX$, create first value set, and assign it to first field. Create second value set based on first value set using $FLEX$.
  follow steps mentioned in the bellow link
  http://erpschools.com/articles/usage-of-flex

• How to configure drop-down that change dynamically in Call Scripts

  Hi,
  Would like to know as how to configure drop-down choices that change dynamically based on customer response in Call Scripts / Assessment Scripts of type "Service Request - Survey".
  I've read the following from CRM OnDemand pdf but was not able to figure out how to do that.
  Call Scripting:
  • Reduces agent training time
  • Provides drop-down choices that change dynamically based on customer response
  • Supports personalized interactions based on existing record data
  • Facilitates up-selling and cross-selling
  • Does not require third-party software
  I don't have a concrete requirement as of now, but was trying to check as how it works. Please guide me if any one has implemented the same.
  Thanks in Advance,
  Cheers!!!
  Deepak Veeravalli.

  Arun,
  If you plan to implement the "Querying the Active Directory" based on my code snippet,
  and if you do not have permission [your account must be the part of domain admin] to do so,
  Then still you can do it in least effort through code,
  string usersInXml = SPContext.Current.Web.AllUsers.Xml;your xml string look like this.
  <Users><User ID="2" Sid="" Name="Administrator"
  LoginName="i:0#.w|murugesan\administrator" Email="" Notes="" IsSiteAdmin="True" IsDomainGroup="False" Flags="0" /><User ID="1" Sid="" Name="Murugesa Pandian" LoginName="i:0#.w|murugesan\murugesan" Email="" Notes="" IsSiteAdmin="True" IsDomainGroup="False" Flags="0" /><User ID="1073741823" Sid="S-1-0-0" Name="System Account" LoginName="SHAREPOINT\system" Email="" Notes="" IsSiteAdmin="False" IsDomainGroup="False" Flags="0" /></Users>
  You can user Linq to XML to filter the "LoginName,Name and Email and then populate your drop down list.
  * User must be logged into the site at least once.
  Murugesa Pandian.,MCTS|App.Devleopment|Configure

• How to configure a RV220W in normal routing mode (No NAT)

  Hi,
  I have been very busy the last few days in trying to configure this router in normal routing mode. I do not want to have double NAT in my network. This is my setup:
  C class IP network connected to the internet via a Fritzbox router. I need this router becasue of the VOIP services it provides. I want to use the RV220W to isolate certain users from the rest of the network. When I configure the router in WAN (NAT) it partially works, e.g. I can browse, send email but cant make a connection to a apple fileserver which is on the base network. When I try to operate in normal routing mode I cant get it to work. I am sure I am doing something wrong with the static routes. 
  Setup: 
  Internet <-> Fritzbox (192.168.12.0/24) network <-> RV220W <-> LAN 1 (192.168.1.0/24) users to be isolated.
  On the 192.168.12..0/24 network the printer, fileserver and PBX are connected. 
  Please help me in configuring this.
  The firmware is the latest 1.0.5.8.
  Thanks in advance!
  Peter

  Hello Peter,
  Sorry for the late reply, but I figured I would post anyone in case anyone else has this question.
  You can put the router in what is called router mode by logging into the admin page and going to Networking >> Routing >> Routing Mode and selecting Router.  
  I am only looking at an emulator, but I believe this will cause a reboot.  Once in router mode NAT and the firewall are disabled, however access rules do still work.  
  You will still need a static route from your Fritzbox to the 192.168.1.0/24 network on the RV220W, and the RV220W should have the Fritzbox as it's default gateway on it's WAN interface.  You may also need to create an ACL to allow traffic from the Fritzbox network through the RV's WAN port.
  Some Apple devices depend on the Bonjour protocol to work properly, which doesn't always traverse subnets well, so if after all of that it still doesn't work you may have an issue with Apple.
  Thank you for choosing Cisco,
  Christopher Ebert
  Network Support Engineer - Cisco Small Business Support Center

• PcAnywhere and dynamic NAT

  I have Bordermanager 3.51 that uses dynamic NAT on the public interface
  connected to DSL with a static IP address. I have followed TID #
  10024898 " Creating filter exception for PCAnywhere".
  I have double checked settings of the filter exceptions but still cannot
  remote access a internal host using PcAnywhere v 11.0. My question is
  should I be using dynamic NAT or static nat or a static/dynamic nat
  configuration ?
  Thanks,
  Karl

  > In article <HmmFc.236$[email protected]>, wrote:
  > > . My question is
  > > should I be using dynamic NAT or static nat or a static/dynamic nat
  > > configuration ?
  > >
  > If you want inbound pcAW traffic, you have two choices when NAT is
  > involved: static NAT, or generic proxies. (Both are described in my
  > BMgr / Filtering books at the URL below).
  >
  > You will not be able to get to an internal PC with just dynamic NAT
  > enabled. There is no way to route the packets in then.
  >
  > Craig Johnson
  > Novell Support Connection SysOp
  > *** For a current patch list, tips, handy files and books on
  > BorderManager, go to http://www.craigjconsulting.com ***
  Thanks Craig for your direction. I will check out the URL
  Happy 4th !
  >

• Help with dynamic NAT and CSM 4.4 and ASA 8.3

  Hello
  I currently try to add a dynamic NAT rule into CSM 4.4 for a ASA 8.3 device, but I fails at the deployment with the error message:
  Failed to generate delta config
  The following commands have not been recognized by the Configuration Parser:
  ==========================
  (inside,outside) source dynamic range-192.168.0.0_24 range-100.0.0.1_32 destination static any any
  So let's asume we use the internal IP Range for the users is 192.168.0.0/24 and we received the public IP Address 100.0.0.1/32 from our ISP.
  How do I have to do a normal dynamic NAT in CSM 4.4 for this case?
  Traffic comes from inside and has to leave the outside with the changed source IP.
  I would really appreciate a screenshot from CSM 4.4 which shows the correctly filled fields.
  Thanks
  Patrick

  Matty
  Not familiar with SIP so can't say for sure about that in terms of ports but some comments -
  1) you don't show other interfaces but presumably the LAN interface(s) has "ip nat inside" enabled
  2) the PBX subnet is 10.1.1.0/24 yet your static NATs are referring to 10.18.21.2 ?
  3) following on from 2) your PBX_SUBNET acl is wrong, it should be -
  ip access-list extended PBX_SUBNET
  permit ip 10.1.1.0 0.0.0.255 any      <-- note the last octet of the wildcard mask is 255.
  Edit - also assuming that any internal subnets not directy connected to the router have routes setup for them so you router knows how to get to them.
  Jon

• IAS 10.1.2-how to configure different oc4j listen to different virtualhost?

  Hi
  I have requirement,
  we have oracle portal based web site that can be used by outside users over the internet.
  And then we have are deploying few new apps/webservices/ear files on a oc4j called core_ws. These web services should not be accessed outside.
  I have created a virtaul host in apache on a different port(7799) which was not exposed to public world.
  But, how to configure core_ws to inform Apache to listen on only port 7799 but not on port 80?
  I tried a diffent route to attack the problem(as mentioned below) which managmenet did not like:
  created location directive, worked in dev but not in production as there ISA sitting front of apache.
  We could apply filter on the URLs of these web services in ISA but my director did not like the idea as each time there is additional web service we have mess with it.
  So, he prefers running these web services on a different port that will not have access to public.
  Appreciate your help if have acheived the same earlier.

  By your description, it sounds like you want to do what is in this My Oracle Support document:
  How To Create Virtual Host Specific OC4J Applications (Doc ID 389819.1)
  https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=389819.1
  (requires login)
  You said you were using 10.1.2, so that will work, its a method of creating separate virtualhosts and using rewrites to direct to error pages if an incorrect request is made. For 10.1.3, but there is a dynamic method which is a better approach.
  ...Ken

• ASA 5505 8.4. How to configure the switch to the backup channel to the primary with a delay (ex., 5 min) using the SLA?

  I have ASA 5505 8.4.  How to configure the switch to the backup channel to the primary with a delay (for example 5 min.) using the SLA monitor?
  Or as something else to implement it?
  My configuration for SLA monitor:
  sla monitor 123
   type echo protocol ipIcmpEcho IP_GATEWAY_MAIN interface outside_cifra
   num-packets 3
   timeout 3000
   frequency 10
  sla monitor schedule 123 life forever start-time now
  track 1 rtr 123 reachability

  Hey cadet alain,
  thank you for your answer :-)
  I have deleted all such attempts not working, so a packet-trace will be not very useful conent...
  Here is the LogLine when i try to browse port 80 from outside (80.xxx.xxx.180:80) without VPN connection:
  3
  Nov 21 2011
  18:29:56
  77.xxx.xxx.99
  59068
  80.xxx.xxx.180
  80
  TCP access denied by ACL from 77.xxx.xxx.99/59068 to outside:80.xxx.xxx.180/80
  The attached file is only the show running-config
  Now i can with my AnyConnect Clients, too, but after connection is up, my vpnclients can't surf the web any longer because anyconnect serves as default route on 0.0.0.0 ... that's bad, too
  Actually the AnyConnect and Nat/ACL Problem are my last two open Problems until i setup the second ASA on the right ;-)
  Regards.
  Chris

• Don't know which technology to utilize or how to configure ASA5505

  I have an ASA5505.  Currently, it is using static NAT on several ports to forward traffic to several devices inside my network.  It is a pain not only to configure but from the end user side.
  The issue I am having is the applicatoins I am using to access the devices become a mess with dual configurations, one for when I am connected to the internal network and one for when I am away from the office and accessing from the internet.  For example, I have 2 Cisco VC240 IP Cameras behind the ASA5505.  One is set use port 9091 and the other 9092.  When I am inside the office, I access them via http://10.1.2.215:9091 and http://10.1.2.216:9092.  But when I am away from the office, I have to have another configuration in an Android app to use them, http://external_ASA_IP:9091 and 9092 and then NAT 9091 to the object for Camera1 and 9092 for Camera2.  This is only one scenario.  I also have a UC320W that I would like to put an IP phone at home and it sounds like AnyConnect is the only way to do this.
  It sounds like to me that if I use some type of VPN, I can access the same devices using the same IP whether internal or external with the external connection using the VPN to tunnel the IP to the local network.  There seems to be quite a few ways to do this with an ASA 5505.
  AnyConnect seems like the way to go but after reading Cisco documentation, it requires your Android device to be root'd if it is not a particular Samsung model.  If I understand correctly, root'ing your phone voids the warranty.  I know it is common practice but would think Cisco would have a better solution as I am sure Cisco would not want another manufacturer telling their customers to void the warranty on their Cisco equipment in order to get it to work.
  I believe I can just use IPSEC and use the native VPN of the Android OS and also tunnel L2TP as the Android supports IPSEC-PSK/L2TP or IPSEC-CRT/L2TP.  But will either of these will support the IP phone to the UC320W?
  A friend also told me to use NginX to proxy URL's so the URL http://www.fqdn.com/camera1 gets proxy'd to the internal IP of Camera1 and http://www.fqdn.com/camera2 gets proxy'd to Camera2.  He says I should be able to store a cookie on the phone and let the phone authenticate to the camera and if the phone cannot, the proxy can authenticate internally to the IP camera over SSL.
  I don't know anymore, I am so confused and just want to simplify my life as I am just a small business with me and a couple other employees but I have full-time job and it is not IT/Network Technician, it is only CTO/CEO/CIO/CFO.  I don't have hours upon hours to set this up and test and I don't have hours upon hours to manage it.  I just need to simplify this and have so that it is a set-it-and-forget-it for 6 months to 1 year and re-evaluate or update.  So, if someone suggests IPSEC, I would not know how to configure anyway and you should expect another post.  The same for AnyConnect or any of the other suggestions.
  Thanks in advance for any advice.

  Hi!
  1. Set Calculation Mode property of ITEM_5 to Formula.
  Formula property:
  nvl(:Block_Name.ITEM_1, 0) + nvl(:Block_Name.ITEM_2, 0) + nvl(:Block_Name.ITEM_3, 0) + nvl(:Block_Name.ITEM_4, 0)
  OR
  Function_Name(Param_1,... Param_N);
  Have in view of, that the ITEM_5 data will not be saved in DataBase.
  2. When-Validate-Item trigger is usfull when is necessary to store calculated item data in DataBase.
  Rename you Post-Query trigger to When-Validate-Item.
  Modify trigger: Store calculation result in the variable.
  (Don't forget to round variable value!)
  Then compare it with ITEM_5. If they are different - :ITEM_5 := var_name.
  I prefer the first method.