Index block dump: "header address" doesn't match rdba

Similar Messages

• ATT Mcell, address doesn't match account address

  I got a text with similar content to the title of this post a few days ago.  My Mcell has been set up for three years, and suddenly it went down and I have no reception in my home anymore. I looked through a few forums, and found that this problem is common and is due to an issue on ATT's end with the registration process and servers.  A new Microcell won't fix it, since the issue is not with the device but with the servers that handle the device.  I need this issue fixed ASAP, so I am posting here for further assistance.

  I am a professional computer nerd and manage quite a few microcells, both older orange/white and new black.
  While there might be a glitch in the reg system, the norm is that there is no requirement regarding the account address and the microcells physical location.
  I have microcells on accounts with account address in Los Angeles or other major cities, but the microcells are physically located in Colorado, Montana, Hawaii, etc, (caveat: as long as ATT is authorized to provide service at the microcells location.)
  One trick I use in rural locations when I get an address mismatch issue, is I use Apple Maps, Google Maps, or similar internet mapping site on my smart phone or tablet, with GPS enabled. I let it "tell me" what address it believes I am located at, and use that as the microcell location.
  Sometimes it is right on the money, other times, it tells me that I am quite far from the address I think I am at. ie: the entry gate to the property is 1234 Any Canyon Road, but by the time you get to the house, it thinks we are at 1456 Any Canyon Road. The GPS and the county (or USPS) address fairies don't always use the same numbering standards. (I know that somebody somewhere must be shocked at this revelation!)
  Generally rural fire and police/sheriff know the area well, and after the microcell is active, you can always contact your local agency 911 coordinator and ask them to put notes into the 911 system that if the get a cellular 911 call at 1456 Any Canyon Road, the entrance gate is actually at 1234 Any Canyon Road.
  Not sure if this helps your situation, but I know some people that have encountered this same issue.
  Good luck,
  Mark

• Mac address doesn't match

  I've successfully added 29 laptops via a computer list and been able to sync them with phd management. I have my last one that just won't go into the computer list. I can see it when I got to members and try to add it with the ..., but it never gets into the list. What I have determined is that the Mac address that is being seen in WGM is not the same one that shows up on the laptop. Don't know how to resolve this. Also, does anyone know if the apple list for client-management is down? I can't send any messages to it. Thanks.

  The From name will be whatever name the sender is using. Not that the from address displayed in Mail is J S <etc....>. What you see within the angle brackets should be the actual mail address.

• Interpreting an index data block dump

  I have seen a few postings about reading index data blocks, mine doesnt quite look like those.
  Ok: 11Gr1 (linux)
  Tracing down a hot block issue with an index, I performed
  alter system dump datafile 11 block 4030208;
  Looking at the Web page "Index Block Dump: Index Only Section Part II (Station To Station)" and others they show a dump like this:
  row#0[8021] flag: ——, lock: 0, len=15
  col 0; len 5; (5): 42 4f 57 49 45
  col 1; len 6; (6): 02 01 48 8a 00 00
  row#1[8002] flag: ——, lock: 0, len=19
  col 0; len 9; (9): 4d 41 4a 4f 52 20 54 4f 4d
  col 1; len 6; (6): 02 01 48 8a 00 02
  row#2[7987] flag: ——, lock: 0, len=15
  col 0; len 5; (5): 5a 49 47 47 59
  col 1; len 6; (6): 02 01 48 8a 00 01
  —– end of leaf block dump —–
  End dump data blocks tsn: 8 file#: 8 minblk 84234 maxblk 84234
  I dont see anything that "obvious" in my dump. Am I looking at something other then an leaf block perhaps?
  I am expecting/hoping to see some sort of pairs for an index like X(y number, z number)
  Block dump from cache:
  Dump of buffer cache at level 4 for tsn=6, rdba=50167552
  BH (0x275f2aec8) file#: 11 rdba: 0x02fd7f00 (11/4030208) class: 4 ba: 0x274992000
    set: 111 bsz: 8192 bsi: 0 sflg: 0 pwc: 0, 25 lid: 0x00000000,0x00000000
    dbwrid: 2 obj: 127499 objn: 77784 tsn: 6 afn: 11
    hash: [0x403d34650,0x403d34650] lru: [0x333f32878,0x209f4ea88]
    lru-flags: hot_buffer
    ckptq: [NULL] fileq: [NULL] objq: [0x22dede3f8,0x30ff9c3f8]
    st: XCURRENT md: NULL tch: 2
    flags: block_written_once redo_since_read gotten_in_current_mode
    LRBA: [0x0.0.0] LSCN: [0x0.0] HSCN: [0xffff.ffffffff] HSUB: [34]
    cr pin refcnt: 0 sh pin refcnt: 0
    buffer tsn: 6 rdba: 0x02fd7f00 (11/4030208)
    scn: 0x0001.19bccf84 seq: 0x02 flg: 0x04 tail: 0xcf841002
    frmt: 0x02 chkval: 0x987f type: 0x10=DATA SEGMENT HEADER - UNLIMITED
  Hex dump of block: st=0, typ_found=1
  Dump of memory from 0x0000000274992000 to 0x0000000274994000
  274992000 0000A210 02FD7F00 19BCCF84 04020001  [................]
  274993FF0 00000000 00000000 00000000 CF841002  [................]
    Extent Control Header
    Extent Header:: spare1: 0      spare2: 0      #extents: 66     #blocks: 10239
                    last map  0x00000000  #maps: 0      offset: 4128
        Highwater::  0x047feb5b  ext#: 65     blk#: 731    ext size: 1024
    #blocks in seg. hdr's freelists: 0
    #blocks below: 9946
    mapblk  0x00000000  offset: 65
                     Unlocked
       Map Header:: next  0x00000000  #extents: 66   obj#: 127499 flag: 0x40000000
    Extent Map
     0x02fd7f01  length: 127
     0x0339ea80  length: 128
  ...

  Some time ago, I wrote a python script to print decimal form integer values from an index block dump. I don't know if it will help you, but it may be a start. It only prints the integer equivalent of the first column in the index, as that is what I needed at the time.
  It is called as...
  18:55:31 oracle@oh1xcwcdb01 /u02/admin/wcperf/udump >./blockdump.py wcperf1_ora_21618.trc
  col  0: [ 4]  c4 48 2a 53 converts to 71418200 on line #526 in the block dump.
  col  0: [ 5]  c4 48 2a 53 1d converts to 71418228 on line #640 in the block dump.
  col  0: [ 6]  c5 08 02 20 61 3f converts to 701319662 on line #648 in the block dump.
  col  0: [ 6]  c5 08 03 2f 33 17 converts to 702465022 on line #785 in the block dump.
  col  0: [ 6]  c5 08 03 2f 33 5f converts to 702465094 on line #793 in the block dump.
  col  0: [ 6]  c5 08 03 2f 40 38 converts to 702466355 on line #801 in the block dump.
  col  0: [ 6]  c5 08 03 30 09 5c converts to 702470891 on line #809 in the block dump.
  col  0: [ 6]  c5 08 03 32 61 05 converts to 702499604 on line #817 in the block dump.
  col  0: [ 6]  c5 08 03 33 0b 06 converts to 702501005 on line #827 in the block dump.
  col  0: [ 6]  c5 08 03 33 19 4b converts to 702502474 on line #835 in the block dump.
  col  0: [ 6]  c5 08 03 33 44 3d converts to 702506760 on line #843 in the block dump.
  col  0: [ 6]  c5 08 03 33 45 08 converts to 702506807 on line #851 in the block dump.
  col  0: [ 6]  c5 08 03 33 4e 5a converts to 702507789 on line #859 in the block dump.
  col  0: [ 6]  c5 08 03 33 5f 3b converts to 702509458 on line #867 in the block dump.
  col  0: [ 6]  c5 09 01 01 21 64 converts to 800003299 on line #875 in the block dump.
  col  0: [ 6]  c5 09 01 01 22 3b converts to 800003358 on line #883 in the block dump.
  18:55:41 oracle@oh1xcwcdb01 /u02/admin/wcperf/udump >...and the script itself is below...
  #!/usr/bin/python
  #Author:        Steve Howard
  #Date:          March 23, 2009
  #Organization:  AppCrawler
  #Purpose:       Simple script to print integer equivalents of block dump values in index.
  import fileinput
  import string
  import sys
  import re
  #boo=1
  boo=0
  j=0
  for line in fileinput.input([sys.argv[1:][0]]):
    j=j+1
    if re.match('^col  0:', line):
      #print line
      dep=int(string.replace(string.split(string.split(line,"]")[1])[0],"c","")) - 1
      #print dep
      i=0
      tot=0
      exp=dep
      for col in string.split(string.split(line,"]")[1]):
        if i > 0:
          tot = tot + ((int(col, 16) - 1) * (100**exp))
          exp = exp - 1
        i = i + 1
      print line.rstrip("\n") + " converts to " + str(tot) + " on line #" + str(j) + " in the block dump."

• The pt 3 tutorial code doesn't match the pt 2 tutorial code.  Nowhere to insert head in pt 2 code.

  At the end of the part 2 tutorial, this was the code:
  @charset "utf-8";
  /* CSS Document */
  #container {
  width: 968px;
  background: #FFF;
  margin: 0 auto;
  padding-left: 10px;
  padding-right: 10px;
  overflow: hidden;
  }#main_image {
  background-image: url(images/main.jpg);
  background-repeat: no-repeat;
  #container #main_image {
  height: 376px;
  width: 968px;
  #left_column, #center_column, #right_column {
  width: 316px;
  float: left;
  #center_column, #right_column {
  margin-left: 10px;
  The part 3 tutorial instructed this:
  Copy the <script> tags from the Edge Web Fonts site, and paste them into the <head> section of index.html in Dreamweaver just above the <link> that attaches the style sheet like this:
  <head>
  <meta charset="utf-8">
  <title>Check Magazine</title>
  <script src="http://use.edgefonts.net/sarina.js"></script>
  <link href="styles/check_cs6.css" rel="stylesheet" type="text/css">
  </head>
  As you can see from the code at the end of part two (listed at the top), there is no reference to <head> anywhere in the code; therefore, I am uncertain as to where to insert these code instructions.

  I assume that the embedded tags are in the index document, not the styles type document?   I appreciate the information, but I don't see how it relates to my question.  Maybe your answer was just over my head? My original question was: If the instructions say this:
  Copy the paste them into the  section of index.html in
  Dreamweaver just above the  that attaches the style
  sheet like this:
  and there the word does not appear anywhere on the index file that I can see it (whether it's embedded or otherwise), where do I insert the code?
  Date: Fri, 8 Feb 2013 10:29:29 -0800
  From: [email protected]
  To: [email protected]
  Subject: The pt 3 tutorial code doesn't match the pt 2 tutorial code.  Nowhere to insert &lt;head&gt; in pt 2 code.
      Re: The pt 3 tutorial code doesn't match the pt 2 tutorial code.  Nowhere to insert  in pt 2 code.
      created by Nancy O. in Dreamweaver - View the full discussion
  The pair of and  tags are an integral part of any HTML document. When you create a new page in DW, it automatically creates the core HTML tags for you, so in that regard, there's nothing for you to add except content and styles. Embedded CSS styles are inserted inside the document's  tags like so:       body      #LeftSideBar       #RightSideBar      #MiddleContent
  External CSS is a separate physical file to which all your HTML pages are linked. Similar to above, links to external style sheets go inside the  tags like this:
    HTML & CSS Tutorials - http://www.html.net/http://w3schools.com/  Nancy O.
       Please note that the Adobe Forums do not accept email attachments. If you want to embed a screen image in your message please visit the thread in the forum to embed the image at http://forums.adobe.com/message/5058678#5058678
       Replies to this message go to everyone subscribed to this thread, not directly to the person who posted the message. To post a reply, either reply to this email or visit the message page: http://forums.adobe.com/message/5058678#5058678
       To unsubscribe from this thread, please visit the message page at http://forums.adobe.com/message/5058678#5058678. In the Actions box on the right, click the Stop Email Notifications link.
       Start a new discussion in Dreamweaver by email or at Adobe Community
    For more information about maintaining your forum email notifications please go to http://forums.adobe.com/message/2936746#2936746.

• The document Address doesn't show the block when country isn't USA

  hello
  i have a little problem, when I create a new document for a customer which ship to address's country is different from USA, the document Address doesn't  show the block. i checked the bp address in the bp master data and the block is written, also when i click on the ... button near the ship or bill to address the block has a value !! but when i go back to the document, there is an empty space where the block has to be in the document address.
  is there any configuration to solve this problem
  thanks a lot!

  Hi,
  The configuration is under Admin-Setup-BP-Address Format. Each country has a built-in format for address initially.
  Thanks,
  Gordon

• My billing address doesn't seem to match the credit card I entered. But I'm 10000% sure that I wrote the adress correct. Is this some kind of error?

  My billing address doesn't seem to match the credit card I entered. But I'm 10000% sure that I wrote the adress correct. Is this some kind of error?@

  contact adobe support by clicking this link and then clicking 'still need help' as soon as it appears, https://helpx.adobe.com/contact.html

• Your billing address doesn't seem to match the credit card you entered.

  Hey everybody,
  I would like to purchase the  phoyoshop+lightroom programm but I constantly get the following error message:
  "Your billing address doesn't seem to match the credit card you entered. Check to make sure you entered this information correctly, and if you still can't place your order, please call us at +1 800-585-0774. If you're not in North America, you can look up a local number here."
  I am positive that the information I entered is correct as I checked and tried it more than ten times.
  Does anybody know what could be the problem and how to fix it?
  Esther

  I have the same issue. Haven't been able to get any work done for almost a week now. I have contacted the support chat 8 times by now - most unhelpful support ever. They all give me the same advice even though i say that i already tried that as if they are reading their answers off a pre-written sheet.
  I have tried 2 credit cards, i have confirmed everything, including the address, with my bank - all good there. Desperate for help, my boss is gonna have my balls soon -.-

• Dumping Index Blocks

  Hi,
  I'm trying to dump index blocks but the generated trace file has an error.
  how can I resolve this issue?
  Following is what I've done and got:
  SQL> SELECT object_id FROM USER_objects WHERE object_name = 'NAME_5'
  OBJECT_ID
       71142
  SQL> ALTER SESSION SET EVENTS 'immediate trace name treedump level 71142' ;
  Trace file e:\oracle\diag\rdbms\ora11g\ora11g\trace\ora11g_ora_3700.trc
  Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  Windows Server 2003 Version V5.2 Service Pack 2
  ----- begin tree dump
  2010-04-08 01:21:53.043: [  OCROSD]utgdv:11:could not read reg value ocrmirrorconfig_loc os error= The system could not find the environment option that was entered.
  2010-04-08 01:21:53.059: [  OCROSD]utgdv:11:could not read reg value ocrmirrorconfig_loc os error= The system could not find the environment option that was entered.
  leaf: 0x18057e4 25188324 (0: nrow: 10 rrow: 10)
  ----- end tree dump

  ahb72 wrote:
  SQL> SELECT object_id FROM USER_objects WHERE object_name = 'NAME_5'
  OBJECT_ID
  71142
  SQL> ALTER SESSION SET EVENTS 'immediate trace name treedump level 71142' ;
  Trace file e:\oracle\diag\rdbms\ora11g\ora11g\trace\ora11g_ora_3700.trc
  Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  Windows Server 2003 Version V5.2 Service Pack 2
  ----- begin tree dump
  2010-04-08 01:21:53.043: [  OCROSD]utgdv:11:could not read reg value ocrmirrorconfig_loc os error= The system could not find the environment option that was entered.
  2010-04-08 01:21:53.059: [  OCROSD]utgdv:11:could not read reg value ocrmirrorconfig_loc os error= The system could not find the environment option that was entered.
  leaf: 0x18057e4 25188324 (0: nrow: 10 rrow: 10)
  ----- end tree dump
  If your table has 10 rows, then this leaf block is the entire index and the two error lines are probably irrelevant.
  Create a table with a few thousand rows and see if the errors appear for every line in the tree dump, or just once at the start. If the former than you can probably live with it.
  Regards
  Jonathan Lewis

• Contention on index block splits  consuming significant database time

  Hi Guys,
  can anybody suggest on how to remove Contention on index block splits,this is giving so many issues on my production DB,the CPU usage shots up and application hangs for few minutes.
  DB is 10.2.0.3 and OS is IBM AIX 5.3

  I found this.. it might be useful
  One possibility is that this is caused by shared CBC latching peculiarities:
  1) during normal selects your index root block can be examined under a
  shared cache buffers chains latch.
  So as long as everybody is only reading the index root block, everybody can
  do it concurrently (without pinning the block). The "current holder count"
  in the CBC latch structure is just increased by one for every read only
  latch get and decreased by one on every release. 0 value means that nobody
  has this latch taken currently.
  Nobody has to wait for others for reading index root block in all read only
  case. That greatly helps to combat hot index root issues.
  2) Now if a branch block split happens a level below the root block, the
  root block has to be pinned in exclusive mode for reflecting this change in
  it. In order to pin a block you need to get the corresponding CBC latch in
  exclusive mode.
  If there are already a bunch of readers on the latch, then the exclusive
  latch getter will just flip a bit in the CBC latch structure - stating it's
  interest for exclusive get.
  Every read only latch get will check for this bit, if it's set, then the
  getters will just spin instead, waiting this bit to be cleared (they may
  yield or sleep immediately as well, I haven't checked). Now the exclusive
  getter has to spin/wait until all the shared getters have released the latch
  and the "current holder count" drops to zero. Once it's zero (and the getter
  manager to get on to CPU) it can get the latch, do its work and release the
  latch.
  During all that time starting from when the "exclusive interest" bit was
  set, nobody could access this indexes root block except the processes which
  already had the latch in shared mode. Depending on latch spin/sleep strategy
  for this particular case and OSD implementation, this could mean that all
  those "4000 readers per second" start just spinning on that latch, causing
  heavy spike in CPU usage and they all queue up.
  How do diagnose that:
  You could sample v$latch_misses to see whether the number of "kcbgtcr:
  kslbegin shared" nowaitfails/sleeps counter takes an exceptional jump up
  once you observe this hiccup.
  How to fix that once diagnosed:
  The usual stuff, like partitioning if possible or creating a single table
  hash cluster instead.
  If you see that the problem comes from excessive spinning, think about
  reducing the spinning overhead (by reducing spincount for example). This
  could affect your other database functions though..
  If you can't do the above - then if you have off-peak time, then analyse
  indexes (using treedump for start) and if you see a block split coming in a
  branch below root block, then force the branch block to split during
  off-peak time by inserting carefully picked values into the index tree,
  which go exactly in the range which cause the proper block to split. Then
  you can just roll back your transaction - the block splits are not rolled
  back nor coalesced somehow, as this is done in a separate recursive
  transaction.
  And this
  With indexes, the story is more complicated since you can't just insert a
  row into any free block available like with tables. Multiple freelists with
  tables help us to spread up inserts to different datablocks, since every
  freelist has its distinct set of datablocks in it. With indexes, the
  inserted key has to go exactly to the block where the structure of b?tree
  index dictates, so multiple freelists can't help to spread contention here.
  When any of the index blocks has to split, a new block has to be allocated
  from the freelist (and possibly unlinked from previous location in index),
  causing an update to freelist entry in segment header block. Now if you had
  defined multiple freelists for your segment, they'd still remain in the
  single segment header block and if you'd have several simultaneous block
  splits, the segment header would become the bottleneck.
  You could relieve this by having multiple freelist groups (spreading up
  freelists into multiple blocks after segment header), but this approach has
  it's problems as well - like a server process which maps to freelist group 1
  doesn't see free blocks in freelist group 2, thus possibly wasting space in
  some cases...
  So, if you have huge contention on regular index blocks, then you should
  rethink the design (avoid right hand indexes for example), or physical
  design (partition the index), increasing freelists won't help here.
  But if you have contention on index segment's header block because of block
  splits/freelist operations, then either partition the index or have multiple
  freelist groups, adding freelists again won't help here. Note that adding
  freelist groups require segment rebuild.

• Serial number doesn't match product

  My coworker downloaded Adobe Acrobat XI Standard on our computers recently and now whenever I try to open up a PDF file a pop up screen appears with the heading "Serial Number Upgrade" asking me to chose a product and type in the serial number I have tried matching every single product option with my serial number and none of them work. The screen does say my serial number is correct but it doesn't match any of the products. I'm not sure what to do at this point...?

  Ok, so what you are saying is we bought the upgraded Adobe Acrobat, but we would need to buy the previous version if we want the serial number to work?
  King & Wood, P.A.
  1701 Hermitage Blvd., Ste. 104
  (850) 580-7711
  (850) 205-4501 fax
  Privileged & Confidential: This email is intended for the named recipient(s) only and may contain information that is proprietary, privileged, confidential, or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy, or disseminate this message or any part of it. Nothing in this email is intended to constitute a waiver of any privilege or the confidentiality of this message. If you have received this email in error, please notify the sender immediately and delete this message. Circular 230 Disclosure:To ensure compliance with Treasury Department regulations, we advise you that, unless expressly indicated, any federal tax advice contained in this message or any attachments cannot be used for the purpose of avoiding penalties imposed by the Internal Revenue Code, or (ii) promoting, marketing, or recommending to another party any matters addressed herein

• How to Block Specific IP Address (YouTube)

  This is a follow-up question to one I posted earlier this week. I want to block YouTube (and a handful of other sites) from my stepson's new iMac and it was suggested I try/use Leopard's "Parental Control" feature.
  I tried that, but the problem is, when he attempts to visit the site, a warning page pops up informing him Parental Controls have blocked the site, then gives him the option to log in as the administrator or to email the admin for access...and that's pretty much the worst thing that could happen. He has serious Obsessive Compulsive Disorder (OCD) and it HUGELY upsets him that he can't guess the Admin password.
  Soooooo...can anyone suggest an alternative means of blocking a specific IP address that does so WITHOUT serving up a "Contact the Administrator" message? Someone has suggested blocking the IP address via the network router, but I haven't a clue how to do that.
  Any help?
  Thanks.

  Something else you might look at to see if it is suitable for you is to use the DNS servers from www.opendns.com (on your router for example) and set up an account on there, then exclude the sites you don't want accessed - either by the names of the sites OR by the category of site they are.
  What that does is NOT actually "blocking the site" as such, what it does is when the workstation wants to resolve the hostname into an IP address, OpenDNS will fail the request. The user will see a browser page from OpenDNS saying that the site was blocked by the network administrator - you can change the wording and even add an icon if you like.
  If the user doesn't have admin access to the workstation (whereby they could change the DNS server locally to your ISP's normal DNS, which presumably doesn't offer this sort of lookup-filtering) and they don't know the IP address(es) of the sites they want to access - obviously if the workstation doesn't have to go to a DNS to look the address up, it doesn't matter whether the DNS is blocking the lookup for you - this works well.
  There's more information on www.opendns.com - as I said maybe it won't be appropriate for you, but if it is, it's pretty easy to set up and to administer.

• Error: The decapsulated inner packet doesn't match the negotiated policy in the SA

  I upgraded my ASA from 8.2(1) to 8.4(3) as I wanted to try to get Android devices to properly connect via VPN.
  After some effort, I was able to get the Android devices to connect via VPN.  However, my syslog server has a number of errors recorded that look this this:
  %ASA-4-402116: IPSEC: Received an ESP packet (SPI= 0x1E76EFA6, sequence number= 0x1F0) from x.x.x.x (user= testuser) to y.y.y.y.  The decapsulated inner packet doesn't match the negotiated policy in the SA.  The packet specifies its destination as z.z.z.z, its source as a.a.a.a, and its protocol as tcp.  The SA specifies its local proxy as y.y.y.y/255.255.255.255/udp/42246 and its remote_proxy as x.x.x.x/255.255.255.255/udp/0.
  Digging further, it seems this error might be due to a NAT issues with the VPN connections.  VPN previously worked with Cisco's VPN client on Windows, though I did not test to see if that is no longer working.  However, I made no changes in the config, except for those related to additions needed to support L2TP.  With the below config, Android clients can connect to the ASA and access the internal network, but they cannot connect to external addresses.  I'm at a loss.
  The addresses used in the config: 192.168.1.0/24 are on the internal LAN and 192.168.3.0/24 are addresses assigned to VPN clients.
  I noted in the config this line:
  access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.0
  The access list is not referenced anywhere, though it was referenced in the 8.2(1) config like this:
  nat (inside) 0 access-list inside_nat0_outbound
  I'm not sure what else changed, but I've looked over the config and I just cannot see what the issue might be.  I'm hoping somebody might be able to point out my error.
  Here's the config file (at least the parts that might be of interest):
  : Saved
  ASA Version 8.4(3)
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.1.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  boot system disk0:/asa843-k8.bin
  object network obj-192.168.3.0
  subnet 192.168.3.0 255.255.255.0
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  access-list outside_access_in extended permit icmp any interface outside time-exceeded
  access-list outside_access_in extended permit icmp any interface outside echo-reply
  access-list outside_access_in extended permit icmp any interface outside unreachable
  access-list outside_mpc extended permit ip any interface outside
  access-list inside_mpc extended permit ip 192.168.1.0 255.255.255.0 any
  access-list testVPN_splitTunnelAcl extended permit ip 192.168.1.0 255.255.255.0 any
  access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.0
  ip local pool VPN-Pool-1 192.168.3.1-192.168.3.254 mask 255.255.255.0
  ip verify reverse-path interface outside
  nat (inside,any) source static any any destination static obj-192.168.3.0 obj-192.168.3.0 no-proxy-arp
  object network obj-192.168.3.0
  nat (outside,outside) dynamic interface
  object network obj_any
  nat (inside,outside) dynamic interface
  access-group outside_access_in in interface outside
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP mode transport
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP mode transport
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 10 set ikev1 transform-set ESP-AES-128-SHA-TRANSP ESP-3DES-SHA-TRANSP
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ikev1 enable outside
  crypto ikev1 policy 5
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 10
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  group-policy testVPN internal
  group-policy testVPN attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol ikev1
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value testVPN_splitTunnelAcl
  default-domain value test.us
  group-policy testVPNnsl2tp internal
  group-policy testVPNnsl2tp attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol l2tp-ipsec
  group-policy testVPNns internal
  group-policy testVPNns attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol ikev1
  username testuser password PASSWORD encrypted privilege 15
  username testuser2 password PASSWORD nt-encrypted privilege 15
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group DefaultRAGroup ppp-attributes
  authentication ms-chap-v2
  tunnel-group testVPN type remote-access
  tunnel-group testVPN general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPN
  tunnel-group testVPN ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNns type remote-access
  tunnel-group testVPNns general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNns
  tunnel-group testVPNns ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNnsl2tp type remote-access
  tunnel-group testVPNnsl2tp general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group testVPNnsl2tp ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNnsl2tp ppp-attributes
  authentication ms-chap-v2
  One last question: in order to get the connection from Android to work, I was forced to use "tunnel-group DefaultRAGroup".  Is that actually a limitation, or did I make an error that forced that requirement?  I wanted to use "tunnel-group testVPNnsl2tp".
  Thanks!

  Chris,
  This is still a bit off the mark.  I think I might be confusing the issue by including some of the VPN configuration that I had previously installed and working (e.g., two other VPN tunnel groups with split tunneling on one of them).  Let's just remove that stuff from consideration.  I actually tested the current configs just to see if they are working since the upgrade.  testVPN is working with the split tunneling, but testVPNns (no-split tunneling) does not allow external access.  I guess there is a NAT config issue there, too, but not sure what it is, yet.  I've not investigated that closely.
  I want to solve one problem at a time, though I understand there are some interdependencies.
  What I'd like to focus on right now is just the L2TP VPN connection.
  From what I've been able to understand from the documentation, what I need are these lines:
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP mode transport
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP mode transport
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 10 set ikev1 transform-set ESP-AES-128-SHA-TRANSP ESP-3DES-SHA-TRANSP
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ikev1 enable outside
  group-policy testVPNnsl2tp internal
  group-policy testVPNnsl2tp attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol l2tp-ipsec
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key P74bmqL6rT40bl5
  tunnel-group DefaultRAGroup ppp-attributes
  authentication ms-chap-v2
  crypto ikev1 policy 5
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  I still want to assign the IP addresses to VPN clients out of 192.168.3.0/24.
  The tricky part is understanding exactly what NAT rules to insert and to avoid that error message I'm getting relatred to the encapsulated packets.  I tried to introduce the commands you had, but it's missing stuff that I would need for L2TP/IPSec (e.g., "mode transport").  I also don't think I want "pfs group5".  The above config "works" in that I get connected -- all negotiation is done.  It's just that packets from the VPN client are not able to go out to the Internet and I'm seeing that encapsulation error messages when I try to send a packet.
  Paul

• The app console doesn't match. It gives error -1712

  THE app console doesn't match. It gives erro -1712. The store has already changed the memory

  Try using Google's DNS instead of the one your IPS is providing.
  - To change on the iPod go to Settings>wifi and change the DNS to 8.8.8.8
  - For the computer see:
  Public DNS — Google Developers
  - Did anything happen to your router right before this started? Maybe the router is blocking the port used.

• Error: parse error before '.' & number of arguments doesn't match

  Compiling my simple source code reports error error: parse error before '.' . But in fact there is not any "." token on this line.
  At my guess it has something to do with JNI C macros but I really have no idea how to find that bug
  // ##net_java_dev_jssm_MulticastSSM.h: line 55
  JNIEXPORT void JNICALL Java_net_java_dev_jssm_MulticastSSM_join2
    (JNIEnv *, jobject, jstring, jstring);
  // ##net_java_dev_jssm_MulticastSSM.c: line 306
  JNIEXPORT void JNICALL Java_net_java_dev_jssm_MulticastSSM_join2
    (JNIEnv *env, jobject obj, jstring s_addr, jstring g_addr) {
  // no code yet
  mingw32-gcc.exe -DWIN32 -Wall -c -IC:\java\JNI_headerFiles\jdk1.6.0/include -IC:\java\JNI_headerFiles\jdk1.6.0/include/win32 -shared src_c/net_java_dev_jssm_MulticastSSM.c -DNODEBUG
  src_c/net_java_dev_jssm_MulticastSSM.c:307: error: parse error before '.' token
  src_c/net_java_dev_jssm_MulticastSSM.c: In function `Java_net_java_dev_jssm_MulticastSSM_join2':
  src_c/net_java_dev_jssm_MulticastSSM.c:307: error: number of arguments doesn't match prototype
  src_c/net_java_dev_jssm_MulticastSSM.h:56: error: prototype declaration
  make: *** [all] Error 1
  C compiler: mingw32-gcc.exe
  JNI: jdk1.6.0
  Any help would be really appreciated.

  Hi radone,
  I just read your posting and suddently got an idea why your compiler was complaining about the period. In most C environment, there is a definition
  #define s_addr S_un.S_addr
  in some socket-related header file! Now you know where the dot is coming from.