I cannot access my output volume!!
When i go to system prefrences the whole output volume is gray, it only works with speakers. please help im very frustrated! Mac.OS.X version 10.6.8 it stopped working after i went on a plane ride and listened to music though headphones for 2 hours...please help and tell me how to fix it
This might help - http://support.apple.com/kb/ts1574
Similar Messages
-
[solved] Filesystem check fail - Cannot access LVM Logical Volumes
I am getting a "File System Check Failed"on startup, I recently did a full system upgrade but I'm not entirely sure that the cause of the issue as I don't reboot very often.
I get the error right before this line is echo'ed out:
/dev/mapper/Arch_LVM-Root:
The super block could not be read or does not describe a correct ext2 filesystem...
this is odd because the only ext2 filesystem I have is on an non-LVM boot partition...
I can log-in and mount / as read/write and I can activate LVM with
modprobe dm-mod
and
vgchange -ay Arch_LVM
and they show up in lvdisplay but their status is "NOT available"
I just need to mount these logical volumes so I can retrieve some personal data in my home directory, I am also hesitant to use LVM again if I can't retrieve my data.
any suggestions?
Last edited by action_owl (2010-08-15 02:15:58)I just popped in the install disk and was able to mount and access the LVM groups as expected, something must have been wonky with my filesystem
-
Cannot Access Shortcut Menu for Adding Input/Output in Formula Node
This is a wierd problem. I cannot access the shortcut menu in formula node. I right click the border, nothing happens. Anyone run into this before? Is there any other way to add inputs and outputs?
I am running Vision Builder AI and want to use a formula node in my calculator tool.
Solved!
Go to Solution.As the saying goes, "when you hear hoofbeats, think horses and not zebras". Let's get a few things out of the way.
Is the VI in edit mode?
Is autotool on?
Drop a fresh FN on a New VI and try it again.
The only other way I know to add/remove inputs is scripting, let's not go there.
I have had a few issues with context menus, very few which persisted past a LV and/or computer restart, so I won't rule out a zebra just yet. -
Content generation
[Error: Unable to access the output directory. The directory is not writable, so the folio cannot be saved.]
This means?
This is fun BTW. Two days and two different silly errors applying themselves arbitrarily. Yesterday was the network, today its this.heres the fix i used for on a Mac
1. While in the Finder, select the menu command Finder > Preferences.
2. In the General panel, ensure the option "Connected Servers" is selected under the heading "Show these items on the desktop:", then close the preferences dialog box.
3. Choose the menu command Finder > Hide Others.
4. Close all open Finder windows to ensure you can see all items on your desktop.
5. If you locate what appears to be a mounted volume with the name "Users", Control + Click on its icon and choose the contextual menu command Eject "Users".
6. Add or update your article(s).
7. Cross fingers
8. If doesn't work ask for a refund -
Cannot access file from JApplet
I have used the swingall.jar file with my JApplet for any
version of IE. It gives one error
i.e
Cannot access file c:\prog\project
I want to create a directory within c:\prog and also i want
to write some files there. Pls help me.try this my friend!
1. Compile the applet
2. Create a JAR file
3. Generate Keys
4. Sign the JAR file
5. Export the Public Key Certificate
6. Import the Certificate as a Trusted Certificate
7. Create the policy file
8. Run the applet
Susan
Susan bundles the applet executable in a JAR file, signs the JAR file, and exports the public key certificate.
1. Compile the Applet
In her working directory, Susan uses the javac command to compile the SignedAppletDemo.java class. The output from the javac command is the SignedAppletDemo.class.
javac SignedAppletDemo.java
2. Make a JAR File
Susan then makes the compiled SignedAppletDemo.class file into a JAR file. The -cvf option to the jar command creates a new archive (c), using verbose mode (v), and specifies the archive file name (f). The archive file name is SignedApplet.jar.
jar cvf SignedApplet.jar SignedAppletDemo.class
3. Generate Keys
Susan creates a keystore database named susanstore that has an entry for a newly generated public and private key pair with the public key in a certificate. A JAR file is signed with the private key of the creator of the JAR file and the signature is verified by the recipient of the JAR file with the public key in the pair. The certificate is a statement from the owner of the private key that the public key in the pair has a particular value so the person using the public key can be assured the public key is authentic. Public and private keys must already exist in the keystore database before jarsigner can be used to sign or verify the signature on a JAR file.
In her working directory, Susan creates a keystore database and generates the keys:
keytool -genkey -alias signFiles -keystore susanstore -keypass kpi135 -dname "cn=jones" -storepass ab987c
This keytool -genkey command invocation generates a key pair that is identified by the alias signFiles. Subsequent keytool command invocations use this alias and the key password (-keypass kpi135) to access the private key in the generated pair.
The generated key pair is stored in a keystore database called susanstore (-keystore susanstore) in the current directory, and accessed with the susanstore password (-storepass ab987c).
The -dname "cn=jones" option specifies an X.500 Distinguished Name with a commonName (cn) value. X.500 Distinguished Names identify entities for X.509 certificates.
You can view all keytool options and parameters by typing:
keytool -help
4. Sign the JAR File
JAR Signer is a command line tool for signing and verifying the signature on JAR files. In her working directory, Susan uses jarsigner to make a signed copy of the SignedApplet.jar file.
jarsigner -keystore susanstore -storepass ab987c -keypass kpi135 -signedjar SSignedApplet.jar SignedApplet.jar signFiles
The -storepass ab987c and -keystore susanstore options specify the keystore database and password where the private key for signing the JAR file is stored. The -keypass kpi135 option is the password to the private key, SSignedApplet.jar is the name of the signed JAR file, and signFiles is the alias to the private key. jarsigner extracts the certificate from the keystore whose entry is signFiles and attaches it to the generated signature of the signed JAR file.
5. Export the Public Key Certificate
The public key certificate is sent with the JAR file to the whoever is going to use the applet. That person uses the certificate to authenticate the signature on the JAR file. To send a certificate, you have to first export it.
The -storepass ab987c and -keystore susanstore options specify the keystore database and password where the private key for signing the JAR file is stored. The -keypass kpi135 option is the password to the private key, SSignedApplet.jar is the name of the signed JAR file, and signFiles is the alias to the private key. jarsigner extracts the certificate from the keystore whose entry is signFiles and attaches it to the generated signature of the signed JAR file.
5: Export the Public Key Certificate
The public key certificate is sent with the JAR file to the whoever is going to use the applet. That person uses the certificate to authenticate the signature on the JAR file. To send a certificate, you have to first export it.
In her working directory, Susan uses keytool to copy the certificate from susanstore to a file named SusanJones.cer as follows:
keytool -export -keystore susanstore -storepass ab987c -alias signFiles -file SusanJones.cer
Ray
Ray receives the JAR file from Susan, imports the certificate, creates a policy file granting the applet access, and runs the applet.
6. Import Certificate as a Trusted Certificate
Ray has received SSignedApplet.jar and SusanJones.cer from Susan. He puts them in his home directory. Ray must now create a keystore database (raystore) and import the certificate into it. Ray uses keytool in his home directory /home/ray to import the certificate:
keytool -import -alias susan -file SusanJones.cer -keystore raystore -storepass abcdefgh
7. Create the Policy File
The policy file grants the SSignedApplet.jar file signed by the alias susan permission to create newfile (and no other file) in the user's home directory.
Ray creates the policy file in his home directory using either policytool or an ASCII editor.
keystore "/home/ray/raystore";
// A sample policy file that lets a JavaTM program
// create newfile in user's home directory
// Satya N Dodda
grant SignedBy "susan"
permission java.security.AllPermission;
8. Run the Applet in Applet Viewer
Applet Viewer connects to the HTML documents and resources specified in the call to appletviewer, and displays the applet in its own window. To run the example, Ray copies the signed JAR file and HTML file to /home/aURL/public_html and invokes Applet viewer from his home directory as follows:
Html code :
</body>
</html>
<OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
width="600" height="400" align="middle"
codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,1,2">
<PARAM NAME="code" VALUE="SignedAppletDemo.class">
<PARAM NAME="archive" VALUE="SSignedApplet.jar">
<PARAM NAME="type" VALUE="application/x-java-applet;version=1.3">
</OBJECT>
</body>
</html>
appletviewer -J-Djava.security.policy=Write.jp
http://aURL.com/SignedApplet.html
Note: Type everything on one line and put a space after Write.jp
The -J-Djava.security.policy=Write.jp option tells Applet Viewer to run the applet referenced in the SignedApplet.html file with the Write.jp policy file.
Note: The Policy file can be stored on a server and specified in the appletviewer invocation as a URL.
9. Run the Applet in Browser
Download JRE 1.3 from Javasoft
save this to write.jp
keystore "/home/ray/raystore";
// A sample policy file that lets a JavaTM program
// create newfile in user's home directory
// Satya N Dodda
grant {
permission java.security.AllPermission;
save this to signedAppletDemo.java
* File: @(#)SignedAppletDemo.java 1.1
* Comment: Signed Applet Demo
* @(#)author: Satya Dodda
* @(#)version: 1.1
* @(#)date: 98/10/01
import java.applet.Applet;
import java.awt.Graphics;
import java.io.*;
import java.awt.Color;
* A simple Signed Applet Demo
public class SignedAppletDemo extends Applet {
public String test() {
setBackground(Color.white);
System.out.println(System.getProperty("user.home"));
String fileName = System.getProperty("user.home") +
System.getProperty("file.separator") +
"newfile";
String msg = "This message was written by a signed applet!!!\n";
String s ;
try {
FileWriter fos = new FileWriter(fileName);
fos.write(msg, 0, msg.length());
fos.close();
s = new String("Successfully created file :" + fileName);
} catch (Exception e) {
System.out.println("Exception e = " + e);
e.printStackTrace();
s = new String("Unable to create file : " + fileName);
return s;
public void paint(Graphics g) {
g.setColor(Color.blue);
g.drawString("Signed Applet Demo", 120, 50);
g.setColor(Color.magenta);
g.drawString(test(), 50, 100); -
ASA 5505 Static hosts cannot access outside
I'm replacing an old PIX with a second hand ASA firewall.
I have configured the ASA in a very similar manner to how the PIX was set up but I'm having trouble with some hosts on the inside accessing the Internet. Any inside hosts which use DHCP work fine. Any inside hosts with a static IP (and configured on the ASA with a "static" rule) cannot access the Internet. For example, in the config below the server daviker-dialler cannot access the Internet.
I've spent a few days working on this now and have started from scratch several times but I'm not getting anywhere.
Apologies for all the X's everywhere, didn't like to post anything sensitive on the Internet. If I've obscured something pertinent let me know.
Any advice would be greatly appreciated! Thanks.
: Saved
ASA Version 7.2(3)
hostname fw-1
domain-name XXXX
enable password XXXX encrypted
names
name 92.X.X.61 bb-office
name 92.X.X.128 gl-office
name 10.0.0.117 daviker-dialler_in
name 77.X.X.117 daviker-dialler_out
name 10.0.0.112 data-2_in
name 77.X.X.112 data-2_out
name 10.0.0.81 corp-1_in
name 77.X.X.81 corp-1_out
name 10.0.0.111 data-1_in
name 77.X.X.210 user_75
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 77.X.X.66 255.255.255.192
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
passwd XXXX encrypted
ftp mode passive
dns server-group DefaultDNS
domain-name XXXX
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq 5900
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq 4040
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq 9876
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq sip
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq www
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq https
access-list inbound extended permit udp host bb-office host daviker-dialler_out eq sip
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq 1433
access-list inbound extended permit udp host bb-office host daviker-dialler_out eq netbios-ns
access-list inbound extended permit udp host bb-office host daviker-dialler_out eq netbios-dgm
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq netbios-ssn
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq 445
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq 4040
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq 9876
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq sip
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq www
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq https
access-list inbound extended permit udp host gl-office host daviker-dialler_out eq sip
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq 1433
access-list inbound extended permit udp host gl-office host daviker-dialler_out eq netbios-ns
access-list inbound extended permit udp host gl-office host daviker-dialler_out eq netbios-dgm
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq netbios-ssn
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq 445
access-list inbound extended permit tcp host gl-office host daviker-dialler_out eq 5900
access-list inbound extended permit tcp any host data-2_out eq ssh
access-list inbound extended permit tcp any host corp-1_out eq ssh
access-list inbound extended permit tcp any host corp-1_out eq www
access-list inbound extended permit tcp any host corp-1_out eq pop3
access-list inbound extended permit tcp any host corp-1_out eq imap4
access-list inbound extended permit tcp any host corp-1_out eq smtp
access-list inbound extended permit tcp any host corp-1_out eq 995
access-list inbound extended permit tcp any host corp-1_out eq 465
access-list inbound extended permit tcp any host corp-1_out eq 993
access-list inbound extended permit tcp any host corp-1_out eq 8008
access-list inbound extended permit udp 77.X.X.64 255.255.255.192 host 77.X.X.113 eq netbios-ns
access-list inbound extended permit udp 77.X.X.64 255.255.255.192 host 77.X.X.113 eq netbios-dgm
access-list inbound extended permit tcp 77.X.X.64 255.255.255.192 host 77.X.X.113 eq netbios-ssn
access-list inbound extended permit tcp 77.X.X.64 255.255.255.192 host 77.X.X.113 eq 445
access-list inbound extended permit udp any host 77.X.X.113 eq netbios-ns
access-list inbound extended permit udp any host 77.X.X.113 eq netbios-dgm
access-list inbound extended permit tcp any host 77.X.X.113 eq netbios-ssn
access-list inbound extended permit tcp any host 77.X.X.113 eq 445
access-list inbound extended permit tcp host bb-office host data-2_out eq 5901
access-list inbound extended permit tcp host bb-office host data-2_out eq 3690
access-list inbound extended permit tcp host bb-office host data-2_out eq www
access-list inbound extended permit tcp host bb-office host daviker-dialler_out eq 3389
access-list inbound extended permit tcp host 2.X.X.18 host data-2_out eq 3306
access-list inbound extended permit tcp any host data-2_out eq 3306
access-list inbound extended permit tcp host 212.X.X.7 host daviker-dialler_out eq 5900
access-list inbound extended permit tcp host bb-office host data-2_out eq 3306
access-list inbound extended permit tcp host user_75 host daviker-dialler_out eq 1433
access-list inbound extended permit tcp host user_75 host daviker-dialler_out eq 5900
access-list inbound extended permit tcp host user_75 host data-2_out eq 3690
access-list inbound extended permit tcp host user_75 host data-2_out eq www
access-list inbound extended permit tcp host user_75 host data-2_out eq 3306
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-523.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) daviker-dialler_out daviker-dialler_in netmask 255.255.255.255
static (inside,outside) corp-1_out corp-1_in netmask 255.255.255.255
static (inside,outside) data-2_out data-2_in netmask 255.255.255.255
static (inside,outside) 77.X.X.113 data-1_in netmask 255.255.255.255
access-group inbound in interface outside
route outside 0.0.0.0 0.0.0.0 77.X.X.65 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
aaa authorization command LOCAL
http server enable
http 10.0.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
console timeout 0
dhcpd dns 77.X.X.91 8.8.8.8
dhcpd domain cagltd.net
dhcpd auto_config outside
dhcpd address 10.0.0.20-10.0.0.40 inside
dhcpd enable inside
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
username matt password XXXX encrypted
prompt hostname context
Cryptochecksum:00af76f23831b8c828fc6677c9069072
: endHi Jouni,
Thanks for the info.
I didn't have icmp traffic allowed, so I knew ping wouldn't be working. I was testing using http.
I have enabled icmp and dhcp clients can ping outside. Static nat clients can't ping outside. Static clients also cannot use outbound http.
As suggested, I have run some packet traces.
From a static nat client on the ASA:
fw-1# packet-tracer input inside tcp 10.0.0.81 80 173.203.209.67 80
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
MAC Access list
Phase: 2
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow
Phase: 3
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: NAT
Subtype:
Result: ALLOW
Config:
static (inside,outside) corp-1_out corp-1_in netmask 255.255.255.255
match ip inside host corp-1_in outside any
static translation to corp-1_out
translate_hits = 668, untranslate_hits = 2
Additional Information:
Static translate corp-1_in/0 to corp-1_out/0 using netmask 255.255.255.255
Phase: 6
Type: NAT
Subtype: host-limits
Result: ALLOW
Config:
static (inside,outside) corp-1_out corp-1_in netmask 255.255.255.255
match ip inside host corp-1_in outside any
static translation to corp-1_out
translate_hits = 668, untranslate_hits = 2
Additional Information:
Phase: 7
Type: HOST-LIMIT
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 8
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 9
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 1759, packet dispatched to next module
Phase: 10
Type: ROUTE-LOOKUP
Subtype: output and adjacency
Result: ALLOW
Config:
Additional Information:
found next-hop 77.X.X.65 using egress ifc outside
adjacency Active
next-hop mac address 0017.0f13.5000 hits 1
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow
This looks fine to me, but as I say, an outbound tcp port 80 connection from the actual machine on 10.0.0.81 fails.
Here is a similar trace from a dhcp client to the same destination:
fw-1# packet-tracer input inside tcp 10.0.0.20 80 173.203.209.67 80
Phase: 1
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow
Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside
Phase: 3
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 4
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (inside) 1 0.0.0.0 0.0.0.0
match ip inside any outside any
dynamic translation to pool 1 (77.74.111.66 [Interface PAT])
translate_hits = 990, untranslate_hits = 226
Additional Information:
Dynamic translate 10.0.0.20/80 to 77.74.111.66/1 using netmask 255.255.255.255
Phase: 5
Type: NAT
Subtype: host-limits
Result: ALLOW
Config:
nat (inside) 1 0.0.0.0 0.0.0.0
match ip inside any inside any
dynamic translation to pool 1 (No matching global)
translate_hits = 0, untranslate_hits = 0
Additional Information:
Phase: 6
Type: HOST-LIMIT
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 7
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 8
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 1771, packet dispatched to next module
Phase: 9
Type: ROUTE-LOOKUP
Subtype: output and adjacency
Result: ALLOW
Config:
Additional Information:
found next-hop 77.X.X.65 using egress ifc outside
adjacency Active
next-hop mac address 0017.0f13.5000 hits 5
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow
I can see the difference in the NAT translation section. A real outbound tcp port 80 connection from the actual machine on 10.0.0.20 works fine.
Finally, for the sake of comparison, I ran a similar packet trace using a static nat IP on the old PIX firewall:
old-fw-1# packet-tracer input inside tcp 10.0.0.117 80 173.203.209.67 80
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
MAC Access list
Phase: 2
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow
Phase: 3
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect http
service-policy global_policy global
Additional Information:
Phase: 6
Type: NAT
Subtype:
Result: ALLOW
Config:
static (inside,outside) daviker-dialler_out daviker-dialler_in netmask 255.255.255.255
nat-control
match ip inside host daviker-dialler_in outside any
static translation to daviker-dialler_out
translate_hits = 17132, untranslate_hits = 1277850
Additional Information:
Static translate daviker-dialler_in/0 to daviker-dialler_out/0 using netmask 255.255.255.255
Phase: 7
Type: NAT
Subtype: host-limits
Result: ALLOW
Config:
static (inside,outside) daviker-dialler_out daviker-dialler_in netmask 255.255.255.255
nat-control
match ip inside host daviker-dialler_in outside any
static translation to daviker-dialler_out
translate_hits = 17132, untranslate_hits = 1277850
Additional Information:
Phase: 8
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 9
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 1006075, packet dispatched to next module
Phase: 10
Type: ROUTE-LOOKUP
Subtype: output and adjacency
Result: ALLOW
Config:
Additional Information:
found next-hop 78.X.X.69 using egress ifc outside
adjacency Active
next-hop mac address 0017.0f13.5000 hits 572133
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow
Outbound traffic from static nat hosts on the old PIX firewall works fine. One glaring difference is that the PIX is inspecting http traffic, but surely this is a red herring. Another difference is that the old and new firewalls have different gateways / default routes & different outside IP addresses. As the new ASA firewall (and its dhcp hosts) can talk to the outside world quite happily I don't think this is relevant.
I wondered whether it might be down to the difference in the inside (255.255.255.0) and outside (255.255.255.192) subnets. The set up is the same on the PIX, but I wondered whether some other line of config might be required on the ASA to handle it. I adjusted the subnet of the inside interface on the ASA to match the outside one (both 255.255.255.192) but it didn't make any difference.
So I'm puzzled! -
VPN Clients cannot access remote site
Hey there,
I am pretty new in configuring Cisco devices and now I need some help.
I have 2 site here:
site A
Cisco 891
external IP: 195.xxx.yyy.zzz
VPN Gateway for Remote users
local IP: VLAN10 10.133.10.0 /23
site B
Cisco 891
external IP: 62.xxx.yyy.zzz
local IP VLAN10 10.133.34.0 /23
Those two sites are linked together with a Site-to-Site VPN. Accessing files or ressources from one site to the other is working fine while connected to the local LAN.
I configured VPN connection with Radius auth. VPN clients can connect to Site A, get an IP adress from VPN Pool (172.16.100.2-100) and can access files and servers on site A. But for some reason they cannot access ressources on site B. I already added the site B network to the ACL and when connecting with VPN it shows secured routes to 10.133.10.0 and 10.133.34.0 in the statistics. Same thing for other VPN Tunnels to ERP system.
What is missing here to make it possible to reach remote sites when connected through VPN? I had a look at the logs but could not find anything important.
Here is the config of site A
Building configuration...
Current configuration : 24257 bytes
version 15.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Englerstrasse
boot-start-marker
boot config usbflash0:CVO-BOOT.CFG
boot-end-marker
aaa new-model
aaa group server radius Radius-AD
server 10.133.10.5 auth-port 1812 acct-port 1813
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_2 group Radius-AD local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_2 local
aaa session-id common
clock timezone Berlin 1 0
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
crypto pki trustpoint TP-self-signed-27361994
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-27361994
revocation-check none
rsakeypair TP-self-signed-27361994
crypto pki trustpoint test_trustpoint_config_created_for_sdm
subject-name [email protected]
revocation-check crl
crypto pki certificate chain TP-self-signed-27361994
certificate self-signed 01
30820227 30820190 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32373336 31393934 301E170D 31323038 32373038 30343238
5A170D32 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D323733 36313939
3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B709
64CE1874 BF812A9F 0B761522 892373B9 10F0BB52 6263DCDB F9877AA3 7BD34E53
BCFDA45C 2A991777 4DDC7E6B 1FCEE36C B6E35679 C4A18771 9C0F871F 38310234
2D89A4FF 37B616D8 362B3103 A8A319F2 10A72DC7 490A04AC 7955DF68 32EF9615
9E1A3B31 2A1AB243 B3ED3E35 F4AAD029 CDB1F941 5E794300 5C5EF8AE 5C890203
010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304
18301680 14D0F5E7 D3A9311D 1675AA8F 38F064FC 4D04465E F5301D06 03551D0E
04160414 D0F5E7D3 A9311D16 75AA8F38 F064FC4D 04465EF5 300D0609 2A864886
F70D0101 05050003 818100AB 2CD4363A E5ADBFB0 943A38CB AC820801 117B52CC
20216093 79D1F777 2B3C0062 4301CF73 094B9CA5 805F585E 04CF3301 9B839DEB
14A334A2 F5A5316F C65EEF21 0B0DF3B5 F4322440 F28B984B E769876D 6EF94895
C3D5048A A4E2A180 12DF6652 176942F8 58187D7B D37B1F1A 4DDD7AE9 5189F9AF
AF3EF676 26AD3F31 D368F5
quit
crypto pki certificate chain test_trustpoint_config_created_for_sdm
no ip source-route
ip auth-proxy max-login-attempts 5
ip admission max-login-attempts 5
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
ip inspect log drop-pkt
ip inspect name CCP_MEDIUM appfw CCP_MEDIUM
ip inspect name CCP_MEDIUM ftp
ip inspect name CCP_MEDIUM h323
ip inspect name CCP_MEDIUM sip
ip inspect name CCP_MEDIUM https
ip inspect name CCP_MEDIUM icmp
ip inspect name CCP_MEDIUM netshow
ip inspect name CCP_MEDIUM rcmd
ip inspect name CCP_MEDIUM realaudio
ip inspect name CCP_MEDIUM rtsp
ip inspect name CCP_MEDIUM sqlnet
ip inspect name CCP_MEDIUM streamworks
ip inspect name CCP_MEDIUM tftp
ip inspect name CCP_MEDIUM udp
ip inspect name CCP_MEDIUM vdolive
ip inspect name CCP_MEDIUM imap reset
ip inspect name CCP_MEDIUM smtp
ip cef
no ipv6 cef
appfw policy-name CCP_MEDIUM
application im aol
service default action allow alarm
service text-chat action allow alarm
server permit name login.oscar.aol.com
server permit name toc.oscar.aol.com
server permit name oam-d09a.blue.aol.com
audit-trail on
application im msn
service default action allow alarm
service text-chat action allow alarm
server permit name messenger.hotmail.com
server permit name gateway.messenger.hotmail.com
server permit name webmessenger.msn.com
audit-trail on
application http
strict-http action allow alarm
port-misuse im action reset alarm
port-misuse p2p action reset alarm
port-misuse tunneling action allow alarm
application im yahoo
service default action allow alarm
service text-chat action allow alarm
server permit name scs.msg.yahoo.com
server permit name scsa.msg.yahoo.com
server permit name scsb.msg.yahoo.com
server permit name scsc.msg.yahoo.com
server permit name scsd.msg.yahoo.com
server permit name cs16.msg.dcn.yahoo.com
server permit name cs19.msg.dcn.yahoo.com
server permit name cs42.msg.dcn.yahoo.com
server permit name cs53.msg.dcn.yahoo.com
server permit name cs54.msg.dcn.yahoo.com
server permit name ads1.vip.scd.yahoo.com
server permit name radio1.launch.vip.dal.yahoo.com
server permit name in1.msg.vip.re2.yahoo.com
server permit name data1.my.vip.sc5.yahoo.com
server permit name address1.pim.vip.mud.yahoo.com
server permit name edit.messenger.yahoo.com
server permit name messenger.yahoo.com
server permit name http.pager.yahoo.com
server permit name privacy.yahoo.com
server permit name csa.yahoo.com
server permit name csb.yahoo.com
server permit name csc.yahoo.com
audit-trail on
parameter-map type inspect global
log dropped-packets enable
multilink bundle-name authenticated
redundancy
ip tcp synwait-time 10
class-map match-any CCP-Transactional-1
match dscp af21
match dscp af22
match dscp af23
class-map match-any CCP-Voice-1
match dscp ef
class-map match-any sdm_p2p_kazaa
match protocol fasttrack
match protocol kazaa2
class-map match-any CCP-Routing-1
match dscp cs6
class-map match-any sdm_p2p_edonkey
match protocol edonkey
class-map match-any CCP-Signaling-1
match dscp cs3
match dscp af31
class-map match-any sdm_p2p_gnutella
match protocol gnutella
class-map match-any CCP-Management-1
match dscp cs2
class-map match-any sdm_p2p_bittorrent
match protocol bittorrent
policy-map sdm-qos-test-123
class class-default
policy-map sdmappfwp2p_CCP_MEDIUM
class sdm_p2p_edonkey
class sdm_p2p_gnutella
class sdm_p2p_kazaa
class sdm_p2p_bittorrent
policy-map CCP-QoS-Policy-1
class sdm_p2p_edonkey
class sdm_p2p_gnutella
class sdm_p2p_kazaa
class sdm_p2p_bittorrent
class CCP-Voice-1
priority percent 33
class CCP-Signaling-1
bandwidth percent 5
class CCP-Routing-1
bandwidth percent 5
class CCP-Management-1
bandwidth percent 5
class CCP-Transactional-1
bandwidth percent 5
class class-default
fair-queue
random-detect
crypto ctcp port 10000
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key REMOVED address 62.20.xxx.yyy
crypto isakmp key REMOVED address 195.243.xxx.yyy
crypto isakmp key REMOVED address 195.243.xxx.yyy
crypto isakmp key REMOVED address 83.140.xxx.yyy
crypto isakmp client configuration group VPN_local
key REMOVED
dns 10.133.10.5 10.133.10.7
wins 10.133.10.7
domain domain.de
pool SDM_POOL_2
acl 115
crypto isakmp profile ciscocp-ike-profile-1
match identity group VPN_local
client authentication list ciscocp_vpn_xauth_ml_2
isakmp authorization list ciscocp_vpn_group_ml_2
client configuration address respond
virtual-template 1
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA4 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA11 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA5 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-SHA1 esp-des esp-sha-hmac
crypto ipsec profile CiscoCP_Profile1
set transform-set ESP-3DES-SHA11
set isakmp-profile ciscocp-ike-profile-1
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to62.20.xxx.xxx
set peer 62.20.xxx.xxx
set transform-set ESP-3DES-SHA
match address 105
crypto map SDM_CMAP_1 2 ipsec-isakmp
description Tunnel to195.243.xxx.xxx
set peer 195.243.xxx.xxx
set transform-set ESP-3DES-SHA4
match address 107
crypto map SDM_CMAP_1 3 ipsec-isakmp
description Tunnel to83.140.xxx.xxx
set peer 83.140.xxx.xxx
set transform-set ESP-DES-SHA1
match address 118
interface Loopback2
ip address 192.168.10.1 255.255.254.0
interface Null0
no ip unreachables
interface FastEthernet0
switchport mode trunk
no ip address
spanning-tree portfast
interface FastEthernet1
no ip address
spanning-tree portfast
interface FastEthernet2
no ip address
spanning-tree portfast
interface FastEthernet3
no ip address
spanning-tree portfast
interface FastEthernet4
description Internal LAN
switchport access vlan 10
switchport trunk native vlan 10
no ip address
spanning-tree portfast
interface FastEthernet5
no ip address
spanning-tree portfast
interface FastEthernet6
no ip address
spanning-tree portfast
interface FastEthernet7
no ip address
spanning-tree portfast
interface FastEthernet8
description $FW_OUTSIDE$$ETH-WAN$
ip address 62.153.xxx.xxx 255.255.255.248
ip access-group 113 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect CCP_MEDIUM out
no ip virtual-reassembly in
ip verify unicast reverse-path
duplex auto
speed auto
crypto map SDM_CMAP_1
service-policy input sdmappfwp2p_CCP_MEDIUM
service-policy output CCP-QoS-Policy-1
interface Virtual-Template1 type tunnel
ip unnumbered FastEthernet8
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
interface GigabitEthernet0
no ip address
shutdown
duplex auto
speed auto
interface Vlan1
no ip address
interface Vlan10
description $FW_INSIDE$
ip address 10.133.10.1 255.255.254.0
ip access-group 112 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation slip
ip local pool SDM_POOL_1 192.168.10.101 192.168.10.200
ip local pool VPN_Pool 192.168.20.2 192.168.20.100
ip local pool SDM_POOL_2 172.16.100.2 172.16.100.100
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip forward-protocol nd
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet8 overload
ip route 0.0.0.0 0.0.0.0 62.153.xxx.xxx
ip access-list extended VPN1
remark VPN_Haberstrasse
remark CCP_ACL Category=4
permit ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
ip radius source-interface Vlan10
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 23 remark CCP_ACL Category=17
access-list 23 permit 195.243.xxx.xxx
access-list 23 permit 10.133.10.0 0.0.1.255
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 remark CCP_ACL Category=4
access-list 100 permit ip 10.133.10.0 0.0.1.255 any
access-list 101 remark CCP_ACL Category=16
access-list 101 permit udp any eq bootps any eq bootpc
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip any any
access-list 102 remark auto generated by CCP firewall configuration
access-list 102 remark CCP_ACL Category=1
access-list 102 deny ip 10.10.10.0 0.0.0.7 any
access-list 102 permit icmp any host 62.153.xxx.xxx echo-reply
access-list 102 permit icmp any host 62.153.xxx.xxx time-exceeded
access-list 102 permit icmp any host 62.153.xxx.xxx unreachable
access-list 102 deny ip 10.0.0.0 0.255.255.255 any
access-list 102 deny ip 172.16.0.0 0.15.255.255 any
access-list 102 deny ip 192.168.0.0 0.0.255.255 any
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 deny ip host 255.255.255.255 any
access-list 102 deny ip host 0.0.0.0 any
access-list 102 deny ip any any log
access-list 103 remark auto generated by CCP firewall configuration
access-list 103 remark CCP_ACL Category=1
access-list 103 remark IPSec Rule
access-list 103 permit ip 10.133.34.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 103 remark IPSec Rule
access-list 103 permit ip 10.133.34.0 0.0.1.255 192.168.10.0 0.0.1.255
access-list 103 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 103 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 103 permit esp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 103 permit ahp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 103 remark IPSec Rule
access-list 103 permit ip 10.133.20.0 0.0.0.255 10.133.10.0 0.0.1.255
access-list 103 remark IPSec Rule
access-list 103 permit ip 192.168.10.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 103 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 103 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 103 permit esp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 103 permit ahp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 103 permit udp any host 62.153.xxx.xxx eq non500-isakmp
access-list 103 permit udp any host 62.153.xxx.xxx eq isakmp
access-list 103 permit esp any host 62.153.xxx.xxx
access-list 103 permit ahp any host 62.153.xxx.xxx
access-list 103 permit udp host 194.25.0.60 eq domain any
access-list 103 permit udp host 194.25.0.68 eq domain any
access-list 103 permit udp host 194.25.0.68 eq domain host 62.153.xxx.xxx
access-list 103 deny ip 10.10.10.0 0.0.0.7 any
access-list 103 permit icmp any host 62.153.xxx.xxx echo-reply
access-list 103 permit icmp any host 62.153.xxx.xxx time-exceeded
access-list 103 permit icmp any host 62.153.xxx.xxx unreachable
access-list 103 deny ip 10.0.0.0 0.255.255.255 any
access-list 103 deny ip 172.16.0.0 0.15.255.255 any
access-list 103 deny ip 192.168.0.0 0.0.255.255 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 deny ip host 255.255.255.255 any
access-list 103 deny ip host 0.0.0.0 any
access-list 103 deny ip any any log
access-list 104 remark CCP_ACL Category=4
access-list 104 permit ip 10.133.10.0 0.0.1.255 any
access-list 105 remark CCP_ACL Category=4
access-list 105 remark IPSec Rule
access-list 105 permit ip 10.133.10.0 0.0.1.255 10.133.20.0 0.0.0.255
access-list 106 remark CCP_ACL Category=2
access-list 106 remark IPSec Rule
access-list 106 deny ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 192.168.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 10.133.10.0 0.0.1.255 10.133.20.0 0.0.0.255
access-list 106 permit ip 10.10.10.0 0.0.0.7 any
access-list 106 permit ip 10.133.10.0 0.0.1.255 any
access-list 107 remark CCP_ACL Category=4
access-list 107 remark IPSec Rule
access-list 107 permit ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 107 remark IPSec Rule
access-list 107 permit ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 108 remark Auto generated by SDM Management Access feature
access-list 108 remark CCP_ACL Category=1
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq telnet
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq 22
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq www
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq 443
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq cmd
access-list 108 deny tcp any host 10.133.10.1 eq telnet
access-list 108 deny tcp any host 10.133.10.1 eq 22
access-list 108 deny tcp any host 10.133.10.1 eq www
access-list 108 deny tcp any host 10.133.10.1 eq 443
access-list 108 deny tcp any host 10.133.10.1 eq cmd
access-list 108 deny udp any host 10.133.10.1 eq snmp
access-list 108 permit ip any any
access-list 109 remark CCP_ACL Category=1
access-list 109 permit ip 10.133.10.0 0.0.1.255 any
access-list 109 permit ip 10.10.10.0 0.0.0.7 any
access-list 109 permit ip 192.168.10.0 0.0.1.255 any
access-list 110 remark CCP_ACL Category=1
access-list 110 permit ip host 195.243.xxx.xxx any
access-list 110 permit ip host 84.44.xxx.xxx any
access-list 110 permit ip 10.133.10.0 0.0.1.255 any
access-list 110 permit ip 10.10.10.0 0.0.0.7 any
access-list 110 permit ip 192.168.10.0 0.0.1.255 any
access-list 111 remark CCP_ACL Category=4
access-list 111 permit ip 10.133.10.0 0.0.1.255 any
access-list 112 remark CCP_ACL Category=1
access-list 112 permit udp host 10.133.10.5 eq 1812 any
access-list 112 permit udp host 10.133.10.5 eq 1813 any
access-list 112 permit udp any host 10.133.10.1 eq non500-isakmp
access-list 112 permit udp any host 10.133.10.1 eq isakmp
access-list 112 permit esp any host 10.133.10.1
access-list 112 permit ahp any host 10.133.10.1
access-list 112 permit udp host 10.133.10.5 eq 1645 host 10.133.10.1
access-list 112 permit udp host 10.133.10.5 eq 1646 host 10.133.10.1
access-list 112 remark auto generated by CCP firewall configuration
access-list 112 permit udp host 10.133.10.5 eq 1812 host 10.133.10.1
access-list 112 permit udp host 10.133.10.5 eq 1813 host 10.133.10.1
access-list 112 permit udp host 10.133.10.7 eq domain any
access-list 112 permit udp host 10.133.10.5 eq domain any
access-list 112 deny ip 62.153.xxx.xxx 0.0.0.7 any
access-list 112 deny ip 10.10.10.0 0.0.0.7 any
access-list 112 deny ip host 255.255.255.255 any
access-list 112 deny ip 127.0.0.0 0.255.255.255 any
access-list 112 permit ip any any
access-list 113 remark CCP_ACL Category=1
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.133.34.0 0.0.1.255 192.168.10.0 0.0.1.255
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.60.16.0 0.0.0.255 192.168.10.0 0.0.1.255
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.60.16.0 0.0.0.255 10.133.10.0 0.0.1.255
access-list 113 permit udp host 83.140.100.4 host 62.153.xxx.xxx eq non500-isakmp
access-list 113 permit udp host 83.140.100.4 host 62.153.xxx.xxx eq isakmp
access-list 113 permit esp host 83.140.100.4 host 62.153.xxx.xxx
access-list 113 permit ahp host 83.140.100.4 host 62.153.xxx.xxx
access-list 113 permit ip host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit ip host 84.44.xxx.xxx host 62.153.xxx.xxx
access-list 113 remark auto generated by CCP firewall configuration
access-list 113 permit udp host 194.25.0.60 eq domain any
access-list 113 permit udp host 194.25.0.68 eq domain any
access-list 113 permit udp host 194.25.0.68 eq domain host 62.153.xxx.xxx
access-list 113 permit udp host 194.25.0.60 eq domain host 62.153.xxx.xxx
access-list 113 permit udp any host 62.153.xxx.xxx eq non500-isakmp
access-list 113 permit udp any host 62.153.xxx.xxx eq isakmp
access-list 113 permit esp any host 62.153.xxx.xxx
access-list 113 permit ahp any host 62.153.xxx.xxx
access-list 113 permit ahp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit esp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 113 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.133.34.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 113 permit ahp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 113 remark IPSec Rule
access-list 113 permit ip 192.168.10.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 113 permit esp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 113 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.133.20.0 0.0.0.255 10.133.10.0 0.0.1.255
access-list 113 remark Pop3
access-list 113 permit tcp host 82.127.xxx.xxx eq 8080 host 62.153.xxx.xxx
access-list 113 remark Pop3
access-list 113 permit tcp any eq pop3 host 62.153.xxx.xxx
access-list 113 remark SMTP
access-list 113 permit tcp any eq 465 host 62.153.xxx.xxx
access-list 113 remark IMAP
access-list 113 permit tcp any eq 587 host 62.153.xxx.xxx
access-list 113 deny ip 10.133.10.0 0.0.1.255 any
access-list 113 deny ip 10.10.10.0 0.0.0.7 any
access-list 113 permit icmp any host 62.153.xxx.xxx echo-reply
access-list 113 permit icmp any host 62.153.xxx.xxx time-exceeded
access-list 113 permit icmp any host 62.153.xxx.xxx unreachable
access-list 113 deny ip 10.0.0.0 0.255.255.255 any
access-list 113 deny ip 172.16.0.0 0.15.255.255 any
access-list 113 deny ip 192.168.0.0 0.0.255.255 any
access-list 113 deny ip 127.0.0.0 0.255.255.255 any
access-list 113 deny ip host 255.255.255.255 any
access-list 113 deny ip host 0.0.0.0 any
access-list 113 deny ip any any log
access-list 114 remark auto generated by CCP firewall configuration
access-list 114 remark CCP_ACL Category=1
access-list 114 deny ip 10.133.10.0 0.0.1.255 any
access-list 114 deny ip 10.10.10.0 0.0.0.7 any
access-list 114 permit icmp any any echo-reply
access-list 114 permit icmp any any time-exceeded
access-list 114 permit icmp any any unreachable
access-list 114 deny ip 10.0.0.0 0.255.255.255 any
access-list 114 deny ip 172.16.0.0 0.15.255.255 any
access-list 114 deny ip 192.168.0.0 0.0.255.255 any
access-list 114 deny ip 127.0.0.0 0.255.255.255 any
access-list 114 deny ip host 255.255.255.255 any
access-list 114 deny ip host 0.0.0.0 any
access-list 114 deny ip any any log
access-list 115 remark VPN_Sub
access-list 115 remark CCP_ACL Category=5
access-list 115 permit ip 10.133.10.0 0.0.1.255 172.16.0.0 0.0.255.255
access-list 115 permit ip 10.133.34.0 0.0.1.255 172.16.0.0 0.0.255.255
access-list 115 permit ip 10.133.20.0 0.0.0.255 any
access-list 116 remark CCP_ACL Category=4
access-list 116 remark IPSec Rule
access-list 116 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 117 remark CCP_ACL Category=4
access-list 117 remark IPSec Rule
access-list 117 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 118 remark CCP_ACL Category=4
access-list 118 remark IPSec Rule
access-list 118 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 118 remark IPSec Rule
access-list 118 permit ip 192.168.10.0 0.0.1.255 10.60.16.0 0.0.0.255
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 106
control-plane
mgcp profile default
line con 0
transport output telnet
line 1
modem InOut
speed 115200
flowcontrol hardware
line aux 0
transport output telnet
line vty 0 4
session-timeout 45
access-class 110 in
transport input telnet ssh
line vty 5 15
access-class 109 in
transport input telnet ssh
scheduler interval 500
endThe crypto ACL for the site to site vpn should also include the vpn client pool, otherwise, traffic from the vpn client does not match the interesting traffic for the site to site vpn.
On Site A:
should include "access-list 107 permit ip 172.16.100.0 0.0.0.255 10.133.34.0 0.0.1.255"
You should also remove the following line as the pool is incorrect:
access-list 107 permit ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
On Site B:
should include: permit ip 10.133.34.0 0.0.1.255 172.16.100.0 0.0.0.255"
NAT exemption on site B should also be configured with deny on the above ACL. -
I cannot access my app store after upgrading to Mac Os10.8.2
I have problem accessing to the software update or the app store. This all happen after i upgrade to MAc OS 10.8.2 and certain software upate. Now i cant access the app store. Everytime i click on it, it just bounce for a few second then stop. Another issue is 'finder'. I cannot access the download or my folder in 'finders'. Help....
Yes, if you can follow mcgerbs advice and re-install OS X. There isn't any archive & install selection in 10.8.
Boot up holding command-r keys into your Recovery Volume.
The screen should give you these choices...
Restore from TM backup
Reinstall Mac OS X
Get help online
Disk Utility
First run Disk Utility Repair Disk, if you get errors run until no errors reported or reports "the disk cannot be fixed". Then, choose Reinstall OS X. This will be an install "in place" and shouldn't effect any of your own data or settings. -
I am in the final stages of a cross-forest migration. Users have Windows 7 workstations with redirected folders on a Windows Server 2012 box running in the old forest. User accounts were not migrated. The accounts in use have always
been in the "new" forest. One of our challenges was the large volume of data in redirected folders. I made sure users in the target forest had continued to have access to their redirected folders in the old forest and robocopied
the entire users share, copying the permissions with the files. By doing incremental robocopies, we can get a final copy done now in about six hours. The plan was simple: copy the files, do an incremental copy every night, on the night of the cutover
change the folder redirection policy Documents path from
\\oldserver\users\%USERNAME% to
\\newserver\users\%USERNAME%. The policy is configured to NOT copy user files from the existing folder to the new redirected folder. Everything was going well until I tested the policy change. After the folder redirection policy is updated
and applied, the user cannot access the private Documents folder. For example, user Chester Tester logs on as ctester. I open Windows Explorer and click the Documents shortcut. I see one subfolder, which is subfolder of Public Documents.
So I can look at Public Documents but when I click on the Documents folder (Under the Documents library link) I get an access denied error. Now for the kicker, if I open another Windows Explorer window and edit the address bar to
\\newserver\users\ctester, I can navigate the Documents folder tree and see my thousands of documents. What the ....?
I'm hoping this is something really simple to fix!
TIAHI Vivian,
Thank you for your reply. Yes, the path in Group Policy Folder Redirection Root Path was updated to
\\NEWSERVER\users. I had planned to point this to the distributed file system, so the first used was actually
\\domain\dfs\users. To simplify things I have backed off to copying to just a normal share
\\newserver\users.
We are using BASIC folder redirection and we create a folder for each user under the root path.
We did not want the policy to move content, as we were seeing users requiring 15-20 minute logon times (or higher) after the policy is changed.
Grant the User exclusive right to Documents - Disabled
Move the contents of Documents to the new location - Disabled
Related folder settings
Video - Follow Documents
Music - Follow Documents
Pictures - Follow Documents
Now when I change the folder redirection from old server to new server I now have TWO My Documents folders in the user's redirection folder on the server. The redirected Documents points to an empty folder set. The copied folders with all user
data are there, but folder redirection refuses to recognize the original folder.
I am looking at the full view of the folder, nothing hidden, so I'm wondering how a folder can have two subfolders with the exact same name. For now, I just want the redirection to move from the old server to the new server properly. I deleted
the new My Documents folder, rebooted the user's workstation and tried again. The behavior repeats itself, i.e., a new My Documents folder is always created when the redirection policy is changed from the old server to the new server. The environment
has about 1500 users with approximately 1.3TB of data in the redirected Documents folders. OUCH! -
I am working with a client who is attempting to backup to a NAS device
The device is a linksys NSS6000 (Cisco device).
It’s a dual 1Gbit LAN device that supports CIFS / FTP and NFS transfers. It has only 1Gbit lan connected.
The device has 4 * 500 gb sata drives in raid 1 attached.
Cables go from cat 5 to fiber back to cat5. (The NAS is located at a neighboring office) The switches are 1gbit.
Server is a win2k8r1 fully up to date.
When backing up to the NAS device, the following error occurs:
Running backup of volume Local Disk(D:), copied (86%).
Running backup of volume Local Disk(D:), copied (90%).
Running backup of volume Local Disk(D:), copied (94%).
Running backup of volume Local Disk(D:), copied (98%).
Backup of volume Local Disk(D:) completed successfully.
Backup stopped before completing.
Summary of backup:
Backup stopped before completing.
The process cannot access the file because it is being used by another process.
If we redirect the backup to a folder on a 2008 share, the backup completes successfully.
Only when backing up to the linksys NSS6000 does the error occur.
No other backup processes are writing to the NAS device so I can't understand why the process thinks the file is
being used by another process.
One thing we did notice that when the backup to the NAS device occurs, throughput is about 150 mbit average
On the 2008 server shares we successfully backup to, the through put is 500 mbit. Not sure if that is important, but
might be worth mentioning.
The following event log entry was noted at the end of the backup.
The description for Event ID '519' in Source 'Microsoft-Windows-Backup' cannot be found.
The local computer may not have the necessary registry information or message DLL files to display the message,
or you may not have permission to access them. The following information is part of the
event:'2009-05-12T10:13:31.617Z', '', '2147942432', '%%2147942432'
Any ideas?
Thanks..MichaelI am also seeing the same problem backing up nightly to a brand new NAS device (WD My Book Live)
All the error codes are the same as those in this thread.
From Windows Event Viewer:
The backup operation that started at '2011-03-25T06:00:19.811302700Z' has failed with following error code '2147942432' (The process cannot access the file because it is being used by another process.). Please review the event details
for a solution, and then rerun the backup operation once the issue is resolved.
Fault bucket 659897467, type 5
Event Name: WindowsBackupFailure
Response: Not available
Cab Id: 0
Problem signature:
P1: Backup
P2: 6.1.7600
P3: 0x80070020
P4: 7
P5:
P6:
P7:
P8:
P9:
P10:
Attached files:
C:\Windows\Logs\WindowsBackup\WindowsBackup.1.etl
These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Backup_6957d65de91fc4a853ecc7c78914bf7351fff0d1_14578325
Analysis symbol:
Rechecking for solution: 0
Report Id: dd480bf2-56a6-11e0-ae81-00217099bf56
Report Status: 0
From Report.wer in C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Backup_6957d65de91fc4a853ecc7c78914bf7351fff0d1_14578325
Version=1
EventType=WindowsBackupFailure
EventTime=129455071508181139
Consent=1
UploadTime=129455071508201140
ReportIdentifier=dd480bf2-56a6-11e0-ae81-00217099bf56
Response.BucketId=659897467
Response.BucketTable=5
Response.type=4
Sig[0].Name=Operation
Sig[0].Value=Backup
Sig[1].Name=AppVer
Sig[1].Value=6.1.7600
Sig[2].Name=HRESULT
Sig[2].Value=0x80070020
Sig[3].Name=TargetType
Sig[3].Value=7
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.1.7600.2.0.0.256.48
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=1033
State[0].Key=Transport.DoneStage1
State[0].Value=1
State[1].Key=DataRequest
State[1].Value=Bucket=659897467/nBucketTable=5/nResponse=1/n
FriendlyEventName=WindowsBackupFailure
ConsentKey=WindowsBackupFailure
AppName=Windows host process (Rundll32)
AppPath=C:\Windows\System32\rundll32.exe
ReportDescription=Windows Backup failure -
Cannot access external NFS mounts under Snow Leopard
I was previously running Leopard (10.5.x) and automounted an Ubuntu (9.04 Jaunty) Linux NFS mount from my iMac. I had set this up with Directory Utility and it was instantly functional and I never had any issues. After upgrading to Snow Leopard, I set up the same mount point on the same machine (using Disk Utility now), without changing any of the export settings, and Disk Utility stated that the external server had responded and appeared to be working correctly. However, when attempting to access the share, I get a 'Operation not permitted' error. I also cannot manually create the NFS mount using mount or mount_nfs. I get a similar error if I try to cd into /net/<remote-machine>/<share>. I can see the shared folder in /net/<remote-machine>, but I cannot access it (cd, ls, etc). I can see on the Linux machine that the iMac has mounted the share (showmount -a), so the problem appears to be solely in the permissions. But I have not changed any of the permissions on the remote machine, and even then, they are blown wide open (777) so I'm not sure what is causing the issue. I have tried everything as both a regular user, and as root. Any thoughts?
On the Linux NFS server:
% cat /etc/exports
/share 192.168.1.0/24(rw,sync,nosubtree_check,no_rootsquash)
% showmount -a
All mount points on <server>:
192.168.1.100:/share <-- <server> address
192.168.1.101:/share <-- iMac address
On the iMac:
% rpcinfo -t 192.168.1.100 nfs
program 100003 version 2 ready and waiting
program 100003 version 3 ready and waiting
program 100003 version 4 ready and waiting
% mount
trigger on /net/<server>/share (autofs, automounted, nobrowse)
% mount -t nfs 192.168.1.100:/share /Volumes/share1
mount_nfs: /Volumes/share1: Operation not permittedMy guess is that the Linux server is refusing NFS requests coming from a non-reserved (<1024) source port. If that's the case, adding "insecure" to the Linux export options should get it working. (Note: requiring the use of reserved ports doesn't actually make things any more secure on most networks, so the name of the option is a bit misleading.)
If you were previously able to mount that same export from a Mac, you must have been specifying the "-o resvport" option and doing the mounts as root (via sudo or automount which happens to run as root). So that may be another fix.
HTH
--macko -
I am getting this message in the output tab for buttons that I am trying to create. Here's the code:
import flash.events.MouseEvent;
stop();
function goHome(myEvent:MouseEvent):void {
gotoAndStop("home");
SoundMixer.stopAll();
function goAbout(myEvent:MouseEvent):void {
gotoAndStop("about");
SoundMixer.stopAll();
function goBusiness(myEvent:MouseEvent):void {
gotoAndStop("business");
SoundMixer.stopAll();
function goContact(myEvent:MouseEvent):void {
gotoAndStop("contact");
SoundMixer.stopAll();
function goArchives(myEvent:MouseEvent):void {
gotoAndStop("archives");
SoundMixer.stopAll();
function goBioTech(myEvent:MouseEvent):void {
gotoAndStop("bioTech");
SoundMixer.stopAll();
function goRealEstate(myEvent:MouseEvent):void {
gotoAndStop("realEstate");
SoundMixer.stopAll();
function goTechnology(myEvent:MouseEvent):void {
gotoAndStop("technology");
SoundMixer.stopAll();
function goEnergy(myEvent:MouseEvent):void {
gotoAndStop("energy");
SoundMixer.stopAll();
home_btn.addEventListener(MouseEvent.CLICK, goHome);
about_btn.addEventListener(MouseEvent.CLICK, goAbout);
business_btn.addEventListener(MouseEvent.CLICK, goBusiness);
contact_btn.addEventListener(MouseEvent.CLICK, goContact);
archives_btn.addEventListener(MouseEvent.CLICK, goArchives);
bioTech_btn.addEventListener(MouseEvent.CLICK, goBioTech);
realEstate_btn.addEventListener(MouseEvent.CLICK, goRealEstate);
technology_btn.addEventListener(MouseEvent.CLICK, goTechnology);
energy_btn.addEventListener(MouseEvent.CLICK, goEnergy);
I ran the debugger and got this:
TypeError: Error #1009: Cannot access a property or method of a null object reference.
at peakInsights_fla::MainTimeline/frame1()[peakInsights_fla.MainTimeline::frame1:48]
I guess it's telling me there's a problem with line 48 but what?
The home, about, business, contact, and archives button works. On the business page there are the remaining buttons biotech, technology, real estate, and energy. when i test it; i get the finger but the buttons don't work. this is my first flash site so I'am new, new.I followed the steps and read some of your comments on the same top topic in another thread. When I put it on the first frame it was okay but the next button on that page had the same problem. So what I am guessing is that I have to either create a document class or put the actions where the buttons are. Am I understanding that correctly? In the other thread in which you helped someone else; there was so comments about document class. I found a tutorial on it and the way I understand it is that it you can put you actions in an external document. But you have to include in the event listener the frame in which you want that action to happen.
Thaks for your help. And patience. -
My MacBook Pro is not recognizing my external hard drive. The hard drive is listed in disk utilities but an icon does not pop up and I cannot access the data. Is there any way to resolve this?
WE know Disk Warrior is more reliable, hence more useful, and should be in any disk mechanics toolchest.
For the record, I don't know anything of the kind. I have yet to see evidence that Disk Warrior is useful at all.
What I do know is that you seem to take every opportunity you get to promote it in these forums. Do you work for Alsoft?
Let me be a little more explicit. My opinion is that Disk Warrior is a waste of money if one has backups. If a journaled HFS directory is so badly corrupted that it can't be repaired by Disk Utility, then the volume should be reformatted and restored from backup, which has the same effect as running DW, but is probably faster and doesn't cost $99. -
The version of GroupWise you are using cannot access this post office
I built a new Server and added it to my PCSD Tree. The new server name is
GroupWise and has an IP Address of 10.10.0.13.
I followed the GroupWise 7 Installation Guide and installed GroupWise to
this server. At no point did I find any place to enter the GroupWise
License.
During the install I discovered that 4 of my long time employees were not
able to be assigned to this new GroupWise server. It appears that a one
time (Long time ago) these 4 employees were part of an old GroupWise Mail
server that must have been removed. I can not find any reference to this
old GroupWise server. My thought is to delete the accounts for there 4
users and recreate the accounts.
However the larger problem is this: I can not login to the GroupWise
Server. Below are two screen shots of what I’m getting when I
launch the GroupWise 7 Client. When I look at the .NLM loaded on the
Server for GroupWise MTA 7.0 it shows Domain Total=1 Closed=0, Post
Offices Total=1 Closed=1, Gateways Total=0 Closed=0.
On the Client, when I launch GroupWise, The Novell GroupWise Startup has a
message in the message window “The version of GroupWise you are
using cannot access this post office”. Then after clicking OK three
times, the following message appears on the screen “GroupWise did
not initialize successfully, Please run GroupWise Setup, or contact your
system administrator. Unspecified error OLE Error 80004005*During the install I discovered that 4 of my long time employees were not
able to be assigned to this new GroupWise server. It appears that a one
time (Long time ago) these 4 employees were part of an old GroupWise Mail
server that must have been removed. I can not find any reference to this
old GroupWise server. My thought is to delete the accounts for there 4
users and recreate the accounts.
**You need to disassociate these four NDS users from any GW attributes.
Right-click each user in C1, GroupWise Utilities->GW / eDirectory
Association->Disassociate GroupWise Attributes.
*** When I do as instructed I get the following error:
[username] is missing the following attribute: NGW: Post Office
~~~~~~~~~~~~~~~~~~~~~~~~
*GroupWise MTA 7.0 it shows Domain Total=1 Closed=0, Post
Offices Total=1 Closed=1, Gateways Total=0 Closed=0.
**If the post office is closed, you need to determine why this is. On the
MTA, hit F10, Configuration Status, highlight your PO and hit enter,
select details, then look at the last closure reason.
*** Last Closure Reason= Missing or incomplete address information
[ When I installed GroupWise, I wanted all the e-mail to be stored on the
EMAIL Volume. During the install, I Changed the Install Directory to
\Groupwiseemail. After the install I have two directories in this volume.
One called DOMAIN and the other called PCAM (PCAM is name of my domain).
~~~~~~~~~~~~~~~~~~~~~~~~
*On the Client, when I launch GroupWise, The Novell GroupWise Startup has
a message in the message window 'The version of GroupWise you are
using cannot access this post office'.
**What version of GroupWise is on the server and what version client are
you
using? Also, if you pull up the properties of both the domain and post
office in C1 what is the database version listed as?
*** I installed GroupWise 7 both Server and Client. I'm thinking this is
due to the Post Office being closed. I only have 1 Post Office.
Thank You;
Lewis -
Hello
I'm trying to load a swf called "polaroids.swf" into my main swf called "09replacesSWF.swf". I keep getting the error when I test the movie. I'm completely lost and have been at this for hours. If I just test polaroids.fla the movie works fine but if I try to load it into 09replacesSWF.swf, I get the error. I need some help PLEASE!!!!!
I tried to debug the movie and flash says......."Cannot display source code at this location".
....... TypeError: Error #1009: Cannot access a property or method of a null object reference.
at Polaroids$iinit()
Here is my AS code
package {
import flash.display.*;
import flash.filters.*;
import flash.utils.*;
import flash.net.*;
import flash.events.*;
import flash.filters.DropShadowFilter;
import caurina.transitions.*;
public class Polaroids extends MovieClip {
//Variables
public var stageContainer:MovieClip;
private var _scaleTempo:Number;
private var _thumbStr:Number;
private var _stageHeight:Number;
private var _stageWidth:Number;
private var _count:Number;
private var _initBGHeight:Number;
private var _initBGWidth:Number;
//Arrays
private var _backgroundImageArr:Array;
private var _imageURLArr:Array;
private var _imageCaptionArr:Array;
private var _imagesArr:Array;
//Bitmaps
private var _image:Bitmap;
private var _backgroundImage:Bitmap;
private var _bitmap:BitmapData;
private var _backgroundBitmap:BitmapData;
//XML
private var _xmlLoader:URLLoader;
private var _imageXML:XML;
//Holders
private var _imageContainer:ImageContainer;
private var _backgroundImageHolder:MovieClip;
//Image States
private var _activeImage = null;
private var _previousActiveImage = null;
//Loaders
private var backgroundImageLoader:Loader;
public function Polaroids() {
//sets up initial variable values
_count = 0;
_backgroundImageArr=new Array;
_imageURLArr=new Array;
_imageCaptionArr=new Array;
_imagesArr=new Array;
_scaleTempo=9;
_thumbStr = .3;
backgroundImageLoader = new Loader();
_stageHeight=stage.stageHeight;
_stageWidth=stage.stageWidth;
_backgroundImageHolder = new MovieClip();
stageContainer = new MovieClip();
addChild(stageContainer);
init();
//Add Stage Listener
private function addedToStage(e:Event):void {
stage.addEventListener(Event.RESIZE, onResize);
Initialise
private function init():void {
//Setup stage
stage.align = StageAlign.TOP_LEFT;
stage.scaleMode = StageScaleMode.NO_SCALE;
//Load XML
var _xmlLoader:URLLoader=new URLLoader;
_xmlLoader.load(new URLRequest("photos.xml"));
_xmlLoader.addEventListener(Event.COMPLETE,processXML);
this.addEventListener(Event.ADDED_TO_STAGE, addedToStage);
Process XML
private function processXML(e:Event):void {
_imageXML=new XML(e.target.data);
_backgroundImageArr[0] = _imageXML.@backgroundImage;
for (var i:int=0; i < _imageXML.*.length(); i++) {
_imageURLArr[i]=_imageXML.image[i].@url;
_imageCaptionArr[i]=_imageXML.image[i].@caption;
loadImages();
loadBackgroundImage();
Load Background Image
private function loadBackgroundImage():void {
backgroundImageLoader.contentLoaderInfo.addEventListener(Event.COMPLETE,addBack ground);
backgroundImageLoader.load(new URLRequest(_backgroundImageArr[0]));
Add background image to stage
private function addBackground(e:Event):void {
_backgroundImage=Bitmap(e.target.content);
_backgroundBitmap=_image.bitmapData;
_backgroundImage.smoothing = true;
_backgroundImageHolder.addChild(_backgroundImage);
_initBGHeight = backgroundImageLoader.contentLoaderInfo.height;
_initBGWidth = backgroundImageLoader.contentLoaderInfo.width;
if ((_initBGWidth/_initBGHeight) > (stage.stageWidth/stage.stageHeight)) {
_backgroundImageHolder.height = stage.stageHeight;
_backgroundImageHolder.width = _backgroundImageHolder.height * _initBGWidth / _initBGHeight;
} else {
_backgroundImageHolder.width = stage.stageWidth;
_backgroundImageHolder.height= _backgroundImageHolder.width * _initBGHeight / _initBGWidth;
Load Images
private function loadImages():void {
for (var i:int=0; i < _imageURLArr.length; i++) {
var imageLoader:Loader=new Loader;
imageLoader.contentLoaderInfo.addEventListener(Event.COMPLETE,addImage);
imageLoader.load(new URLRequest(_imageURLArr[i]));
Add images to MovieClip on Stage
private function addImage(e:Event):void {
_image=Bitmap(e.target.content);
_bitmap=_image.bitmapData;
_image.smoothing = true;
_imageContainer = new ImageContainer();
_imageContainer.falseBtn.buttonMode = true;
_imageContainer.falseBtn.doubleClickEnabled = true;
_imageContainer.imageHolder.addChild(_image);//Add Bitmap to a MoviClip _imageContainer
_image.x = _imageContainer.width/2 - (_image.width/2 + 15);
_image.y = _imageContainer.height/2 - (_image.height/2 + 80) ;
_imageContainer.imageCaption.text = _imageCaptionArr[_count];
_imageContainer.scaleX = _thumbStr;
_imageContainer.scaleY = _thumbStr;
_imageContainer.rotation = 30 - 60 * Math.random();
if (Math.round(Math.random() * 1) == 1) {
_imageContainer.y=stage.stageHeight * Math.random() + _imageContainer.height * 2;
if (Math.round(Math.random() * 1) == 1) {
_imageContainer.x=stage.stageWidth + _imageContainer.width * 2;
} else {
_imageContainer.x=- _imageContainer.width * 2;
} else {
_imageContainer.x=stage.stageWidth * Math.random() + _imageContainer.width * 2;
if (Math.round(Math.random() * 1) == 1) {
_imageContainer.y=stage.stageHeight + _imageContainer.height * 2;
} else {
_imageContainer.y=- _imageContainer.height * 2;
//Setup Attributes
_imageContainer.newX = Math.round((_imageContainer.width/2) + (stage.stageWidth-_imageContainer.width)*Math.random());
_imageContainer.newY = Math.round((_imageContainer.height/2) + (stage.stageHeight-_imageContainer.height)*Math.random());
_imageContainer.oldRotation = _imageContainer.rotation;
_imageContainer.oldX = _imageContainer.newX;
_imageContainer.oldY = _imageContainer.newY;
_imageContainer.startX = _imageContainer.x;
_imageContainer.startY = _imageContainer.y;
_imageContainer.oldHeight = _imageContainer.scaleY;
_imageContainer.oldWidth = _imageContainer.scaleX;
_imageContainer.id = _count;
_imageContainer.addEventListener(Event.ENTER_FRAME, animateImage);
_imageContainer.addEventListener(MouseEvent.MOUSE_DOWN,dragImage);
_imageContainer.addEventListener(MouseEvent.MOUSE_UP,dropImage);
_imageContainer.addEventListener(MouseEvent.MOUSE_OUT, dropImage);
_imageContainer.falseBtn.addEventListener(MouseEvent.DOUBLE_CLICK, setup_activeImage);
_imagesArr.push(_imageContainer);//Add image reference to an Array
_imageContainer.filters = [new DropShadowFilter(0,0,0,.9,8,8,1,1,false,false)];
//Button Listeners
_imageContainer.nextBtn.visible = false;
_imageContainer.previousBtn.visible = false;
_imageContainer.nextBtn.buttonMode = true;
_imageContainer.previousBtn.buttonMode = true;
_imageContainer.nextBtn.addEventListener(MouseEvent.MOUSE_DOWN, nextImage);
_imageContainer.previousBtn.addEventListener(MouseEvent.MOUSE_DOWN, previousImage);
//Add Container to Stage
addChild(_imageContainer);
stageContainer.addChild(_imageContainer);
_count++;
Animate Images onto Stage
private function animateImage(e:Event):void {
e.target.y += (e.target.newY - e.target.y) / _scaleTempo;
e.target.x += (e.target.newX - e.target.x) / _scaleTempo;
if (Math.round(e.target.y) == e.target.newY) {
e.target.removeEventListener(Event.ENTER_FRAME, animateImage);
Drag & Drop Images
private function dragImage(e:MouseEvent) {
if (e.currentTarget != _activeImage) {
e.currentTarget.startDrag();
if (_activeImage == null) {
stageContainer.setChildIndex(DisplayObject(e.currentTarget), stageContainer.numChildren-1);
} else {
stageContainer.setChildIndex(DisplayObject(e.currentTarget), stageContainer.numChildren-2);
private function dropImage(e:MouseEvent) {
if (e.currentTarget != _activeImage) {
e.currentTarget.stopDrag();
e.currentTarget.oldX = e.currentTarget.x;
e.currentTarget.oldY = e.currentTarget.y;
onResize Handler
private function onResize(e:Event):void {
for (var i:int = 0; i<_imagesArr.length; i++) {
if (_imagesArr[i] != _activeImage) {
_imagesArr[i].x = Math.round(stage.stageWidth * (_imagesArr[i].x/_stageWidth));
_imagesArr[i].y = Math.round(stage.stageHeight * (_imagesArr[i].y/_stageHeight));
} else {
_activeImage.x = stage.stageWidth/2;
_activeImage.y = stage.stageHeight/2;
_imagesArr[i].oldX = Math.round(stage.stageWidth * (_imagesArr[i].oldX/_stageWidth));
_imagesArr[i].oldY = Math.round(stage.stageHeight * (_imagesArr[i].oldY/_stageHeight));
_imagesArr[i].newX = Math.round(stage.stageWidth * (_imagesArr[i].newX/_stageWidth));
_imagesArr[i].newY = Math.round(stage.stageHeight * (_imagesArr[i].newY/_stageHeight));
_imagesArr[i].startX = Math.round(stage.stageWidth * (_imagesArr[i].startX/_stageWidth));
_imagesArr[i].startY = Math.round(stage.stageHeight * (_imagesArr[i].startY/_stageHeight));
//Background Resizer
if ((_initBGWidth/_initBGHeight) > (stage.stageWidth/stage.stageHeight)) {
_backgroundImageHolder.height = stage.stageHeight;
_backgroundImageHolder.width = _backgroundImageHolder.height * _initBGWidth / _initBGHeight;
} else {
_backgroundImageHolder.width = stage.stageWidth;
_backgroundImageHolder.height= _backgroundImageHolder.width * _initBGHeight / _initBGWidth;
_stageWidth = stage.stageWidth;
_stageHeight = stage.stageHeight;
Handle Selected Image
private function zoomImage():void {
stageContainer.setChildIndex(_activeImage, stageContainer.numChildren-1);
Tweener.addTween(_activeImage,{scaleX: 1, scaleY: 1, rotation: 0, x: _stageWidth/2 , y: _stageHeight/2, time: 1});
_activeImage.nextBtn.visible = true;
_activeImage.previousBtn.visible = true;
private function returnImage():void {
stageContainer.setChildIndex(_previousActiveImage, stageContainer.numChildren-2);
Tweener.addTween(_previousActiveImage,{scaleX: .3, scaleY: .3, rotation: _previousActiveImage.oldRotation, x: _previousActiveImage.oldX , y: _previousActiveImage.oldY, time: 1});
_previousActiveImage.nextBtn.visible = false;
_previousActiveImage.previousBtn.visible = false;
private function setup_activeImage(e:Event):void {
if ((_activeImage == null) && (_previousActiveImage == null)) {
_activeImage = e.currentTarget.parent;
zoomImage();
} else if (e.currentTarget.parent != _activeImage) {
_previousActiveImage = _activeImage;
_activeImage = e.currentTarget.parent;
zoomImage();
returnImage();
} else {
Tweener.addTween(_activeImage,{scaleX: .3, scaleY: .3, rotation: _activeImage.oldRotation, x: _activeImage.oldX , y: _activeImage.oldY, time: 1});
_activeImage.nextBtn.visible = false;
_activeImage.previousBtn.visible = false;
_activeImage = null;
_previousActiveImage = null;
Button Handlers
private function nextImage(e:MouseEvent):void {
var imageID = int(e.currentTarget.parent.id);
if (imageID < _imagesArr.length - 1) {
_previousActiveImage = e.currentTarget.parent;
_activeImage = _imagesArr[imageID+1];
zoomImage();
returnImage();
} else {
_previousActiveImage = e.currentTarget.parent;
_activeImage = _imagesArr[0];
zoomImage();
returnImage();
private function previousImage(e:MouseEvent):void {
var imageID = int(e.currentTarget.parent.id);
if (imageID != 0) {
_previousActiveImage = e.currentTarget.parent;
_activeImage = _imagesArr[imageID-1];
zoomImage();
returnImage();
} else {
_previousActiveImage = e.currentTarget.parent;
_activeImage = _imagesArr[_imagesArr.length-1];
zoomImage();
returnImage();
}Raymond,
The error is at line 55....when I debug
TypeError: Error #1009: Cannot access a property or method of a null object reference.
at Polaroids$iinit()[/Volumes/Herman's Passport/Music Rocka/RockaGallery/Polaroids.as:55]
So i'm looking in the code.....
Maybe you are looking for
-
Using LaCie 1Tb Network drive and Time MAchine
I have read a number of thread here about issues with LaCie and Time Machine but cannot find the help I am looking for. I have a the Lacie device connected to my network and I have access through the Browser Administration utility to the drive, I bel
-
Set Up CTS+: Webdynpro CTS_BROWSER - configure Organizer client in TMS
Hi all, I'm trying to set up the CTS+ in a Portal Enviroment. This is my landscape: SID System Role C1X ABAP + Java Stacks (CTS+ System and Trasport Domain Controller) with SPS15 (ABAP and JAVA) JD1 Java Stack (EP Java Development System) Stack SP
-
How do I disable the webpage preview that pops up when I hover my mouse over a tab?
I don't know why this started today, but it is driving me nuts! I was surfing the net, when all of a sudden I noticed that whenever I hovered my mouse over one of my tabs, a (poorly rendered) preview of the webpage popped up from my mouse. I really d
-
How to print full page rather than partial
Since my daughter used my computer to make and print labels, I can no longer print a full size page. When clicking on print the screen content contents shift left and The printer prints as shown on the shifted image. What do I do?
-
Reflection in Numbers and Primitive Arguments in a Method
Hi , I am trying to invoke a method which has primitive or Number arguments, my problem is that when i do method.invoke( ) it gives an instantiation exception, because it was trying to do clazzT.newInstance( ) where clazzT happened to be int.class ..