Information on FTP

Hi All,
I need a clarification regarding FTP. Is FTP must for an MDM server. Can I get some documents for enabling FTP.
Regards,
Pramod
Edited by: Pramod Govindan on Apr 25, 2008 4:02 PM

Hi Pramod,
FTP server is used with MDM to get data in to MDM or out from MDM to other systems.FTP server pings to a specified location and pics up the file and put it to the other specified location(at the time of syndication).
For example.
suppose you are sending data from MDM to R\3 using XI as a middleware then in XI sender communication channel you will use FTP , So that the FTP server will ping into the ready folder of the outbound port of the MDM repository and pick up the XML file.And at the reciver end in XI reciver channel will be IDOC type so that the data will be transfered to R\3 (as R\3 transferes data using IDOCS).
for furthere help please follow the links.
/people/shabarish.vijayakumar/blog/2006/08/01/along-came-a-file-adapter-mr-ftp-and-rest-of-the-gang
/people/balas.gorla/blog/2006/09/27/mdm-xi-r3-integration
I hope it will give you some idea hoe ftp works.
Reward if Helpfull.
Thanks and Regards,
Vinay Yadav

Similar Messages

Need Information Regarding FTP Configurations

Hi Experts,
I have developed one scenario in that i will send the files through FTP poll.
I am using the File adapter as Receiver
I need some info regarding Comm Channel settings.
under FTP connection parameters what should i give for
server
port
username
password
who will provide the above information.
And do i need to have any details of legacy system.
please advise.
Thanks
Bhaskar

Hi,
under FTP connection parameters what should i give for
server
port
username
password
who will provide the above information - The guys who are maintaining this FTP server or the application which is using this FTP server can provide you these details so that XI can connect to your this FTP server.....
And do i need to have any details of legacy system - See legacy system details as such are not required........but you need to know the FTP server details like the above information and directory information to put the files and the filename scheme which the legacy application is expecting for output files from XI system.
Regards,
Rajeev Gupta

FTP to FQDN doesn't work- to IP, it does... question AND solution

I have a 10.6 Server and i just setup FTP services. I am trying to ftp to the server locally. I can ftp to the IP address but I can not FTP to the FQDM. I tried to the ftp to just the domain name even though I thought it wouldn't work...and it did not. I even tried FTPing to the Bonjour .local address. Still no dice.
On the failure cases , I get an authentication dialog followed by a "connecting..." dialog followed by a Connection Failed, " There was an error connection to the server "server.blah.com". Check the server name or IP address, an then try again."
In checking the server logs, Open Directory shows authentication success and as expected, FTP has no further information, since FTP doesn't log login requests. SACL is not a problem since the user is part of an allowed group.
My lookup and reverse lookup match. Cyberduck reports a "Connection refused" error.
Anyone have any trouble shooting ideas?
Well, in the time I spent writing this up and researching the problem, the problem has cleared itself up! Thanks for all your help!

I have the same problem in Mac Book Pro Mid 2010 . But it happens both on the trackpad and mouse. If you want email me at [email protected] to discuss it

How to cancel downloading in JAVA FTP?

I tried to write a java ftp client to transfer files within our network. One of very usefully function I want to add is to cancel the transfer while files
are downloading or uploading. I can do this on file uploading by closing "ftpclient.put(filename) methods at anytime, but have trouble on closing "ftpClient.get(remoteFilename)". When I tried to close it by using "in.close()", the program stucked. I even tried to kill the thread, but no luck. Can any one give me a hint? Here is the code:
protected void downloadfile ()
byte [] buffer = new byte[BUFFER_SIZE];
try{
FileOutputStream out = new FileOutputStream(Localfilename);
InputStream in = ftpClient.get(remoteFilename); //downloading
// Write to local file
while (true && !cancelORnot)
// write to file
} catch ( Exception ex) { }
finally
try {
if (out ! = null)
out.close(); // this can be closed at any time
if (in != null)
in.close(); // This one stucked if it is in the middle
// of downloading and can not disconnect to the
// ftp server
catch ( IOException ex)
Thanks!

Thank you for replying. I am sorry I forgot including FTP API
information.The FTP API I used is from SUN, JDK, sun.net.ftp.FtpClient. The method is " InputStream in = ftpClient.get(remoteFilename)"and "in.close()" should close downloading. while it is still downloading, in.close() will not work and hang my program on forever. I am just wondering if there is trick to close downloading whenever I want especially in case that network connection is too slow and I want to cancel the job.

Connecting Via Windows FTP Service

I recently moved several sites that used Contribute to a new
webserver (Windows 2003 running IIS 6). The server uses Windows FTP
Service.
To create a FTP account I created a Windows Account and then
a Virtual FTP directory with the same name as the windows user and
pointed that virtual directory at the root of the site I want to
update with contribute. I gave the Windows account full control on
the site root folder. I can FTP connect via Internet Explorer and
the command line.
When connecting via contribute I get an error saying
The directory you specified does not exist. Please make sure you
entered the directory name correctly. On some servers,
file/directory names are case sensitive"
Contribute seems to be trying to change directory to a folder
with the same name as the FTP virtual directory, rather than to the
folder that the virtual directory points at.
here's the error log from contribute
Date: 11/27/2006
LocalTime: 14:07
Host: 80.76.207.49
Port:
LoginID: myFTPUserName
Path: /myFTPUserName/
Passive Enabled: false
ProxyHost: NoneContribute Alternate Rename: no
Contribute Optimized: yes
======================== Test Results
==========================
NOTE: Microsoft FTP Service has been detected. For more
information on FTP server compatibility issues, please see
http://www.macromedia.com/support/contribute/ts/documents/ftp_info.htm
Login: SUCCESS!
Changing Directory To: /myFTPUserName/ Error. The directory
you specified does not exist. Please make sure you entered the
directory name correctly. On some servers, file/directory names are
case sensitive.
----------------------- FTP log from the last operation
> CWD /ftp
< 550 /ftp: The system cannot find the file specified.
> CWD /ftp/
< 550 /ftp: The system cannot find the file specified.
> CWD /
< 250 CWD command successful.
> RNFR ftp
< 550 ftp: The system cannot find the file specified.
> MDTM ftp
< 550 ftp: The system cannot find the file specified.

Hi!
I think the windows service is using a different systemaccount that your other application, and that account does not have rights to read the sbo-common database.
You can change the account used by your service on the service definition or in the SERVICES application of Windows.
Sir Harold

FTP Fails in Dreamweaver MX, Same Config Works in CS5

I've been using Dreamweaver MX for about 5 years and have been using FTP throughout that period. About a week ago FTP started failing with the error message "An FTP error occurred - cannot make connection to host." My FTP log is blank, as if it did not attempt to make an FTP connection. If I save my site config and using that same site config in Dreamweaver CS5, then I can connect and use FTP without issue. I can also connect with other FTP programs, such as Filezilla. This confirms that I am using correct login information, and FTP is available for the website. Switching to passive FTP did not help. Removing and re-installing Dreamweaver MX did not help. Turning off all my firewalls did not help. Searching around the web, one person mentioned a similar issue being caused by the server that maintains the website changing their SSH host key changing and were able to resolve that by deleting Dreamweaver's ssh host file. For him the file was at ~/Library/Application Support/Dreamweaver 8/Configuration/ssh_hosts. However, it seems to be in a different location for Dreamweaver MX on my Widows 7 computer. Any ideas on what might be causing this or what I could try?

BarakObi wrote:
How about if you take a gamble and reinstall your DW MX? It could solve the problem. IMHO
Well - this is a very good suggestion but what puzzles me is why should a software that worked for 5 years suddenly stopped working. This is completely beyond any sensible reasons.
I think the MX was initially working in either Windows 2000 or Windows XP and now the NA770 decided to install the same product in Windows 7. If this is so then it looks like it must be a question of rights attached to that user. The OP should, perhaps try using as an ADMINISTRATOR or a USER account with those privileges to see if it is anything to do with the rights/security issues of Windows 7.
We don't know if the product is still running on the old operating system/machine. 5 years ago we didn't have Windows 7 and MX was released well before XP was released.
I am reluctant to suggest to reformat the HD and clear any bugs that might have entered the system but it is up to the OP to decide now.
There is no solution to this problem assuming all the configuration settings are correct as claimed in this thread.

%FWSM-4-406002 - Unable to utilize PASV ftp when masquerading

Hello,
I'm faced with bit of a problem. I have a setup with an ACE loadbalancer which loadbalances PASV ftp traffic across two ftp-servers. Behind the ACE, we have a firewall, with a dmz where the ftp-servers reside.
When we disable to 'masquerade' feature on the ftp-server, that is we don't inform the ftp-client of the external ip-address on the ACE, but rather send the actual rfc1918 ftp-server address with the PASV respond, it works for some client. Somehow, some clients are able to disregard the rfc1918 address and instead use the public address used during the initial setup. Other clients don't work.
But when we insert the actual public ip on the ftp-server, the connection is broken, when the client attempts to enter PASV mode. The firewall in front of the ftp-server issues the following msg:
%FWSM-4-406002: FTP port command different address: x.x.x.x(y.y.y.y) to z.z.z.z on interface Websrv-DMZ-Prod
x.x.x.x = actual ftp-server address
y.y.y.y = public ftp-server address (masqueraded)
z.z.z.z = nat-address on ACE for client ftp-requests to avoid asymmetric routing
We've tried to diable src.nat on the ACE (the z.z.z.z address is the NAT-address of external client requests), but the problem persists. So far, we attribute this to ftp-inspection, which is enabled. We do not, however, wish to disable ftp-inspection, but rather we're looking into a way to selectively disable ftp-inspection for this particular flow.
Is there any way to achieve this?
thanks
/ulrich

Hi Ulrich,
You are correct that the FTP inspection is causing the problem. If the FWSM inspects the traffic, you should not use the masquerading feature as the inspection will take care of re-writing the server's IP address for you.
To answer your question though, you can use the following to disable FTP inspection for a particular flow:
access-list myftp-acl deny tcp any host x.x.x.x eq 21access-list myftp-acl permit tcp any any eq 21!class-map myftp-class match access-list myftp-aclpolicy-map global_policy class inspection_default no inspect ftp class myftp-class inspect ftpservice-policy global_policy global
The above commands create a custom class-map that matches all FTP traffic except that which is destined to your FTP server and then enables the inspection based on that class.
-Mike

FTP Tutorial

I'm new to Java and would like some information on FTP with java.
Please help

There is no inbuild support for FTP. Just study this code. This might help you.
//---------FTPSession.java
import java.io.*;
import java.net.*;
import java.util.*;
// This class implements file storage and retrieval using the
// FTP protocol. Your server must support the PASV command
// for this to work.
public class FTPSession extends Object
public String host; // Host name we connect to
public int port; // port number we connect to, default=21
public String username; // Username to log in with
public String password; // Password to log in with
public String acct; // optional acct for logging in
protected Socket sessionSock; // The control socket
protected DataInputStream inStream;
protected DataOutputStream outStream;
public FTPSession()
// This should be the most common constructor, it opens up an FTP session
// with the named host using the default FTP port and logs on using
// the username and password.
public FTPSession(String host, String username, String password)
throws IOException
this.host = host;
this.port = 21; // default FTP port is 21
this.username = username;
this.password = password;
logon(); // go ahead and log on to the server
// Opens up an FTP session with the named host using the default FTP
// port and logs on using the username and password, and account.
// The account field is pretty rare on FTP servers.
public FTPSession(String host, String username, String password,
String acct)
throws IOException
this.host = host;
this.port = 21; // default FTP port is 21
this.username = username;
this.password = password;
this.acct = acct;
logon(); // go ahead and log on to the server
// Opens up an FTP session with the named host using an alternate
// port number and if logOn is true, logs on using the username and password.
public FTPSession(String host, int port, String username,
String password, boolean logOn)
throws IOException
this.host = host;
this.port = port;
if (this.port <= 0) this.port = 21;
this.username = username;
this.password = password;
if (logOn) {
logon();
// Opens up an FTP session with the named host using an alternate
// port number and if logOn is true, logs on using the username,
// password and account.
public FTPSession(String host, int port, String username,
String password, String acct, boolean logOn)
throws IOException
this.host = host;
this.port = port;
if (this.port <= 0) this.port = 21;
this.username = username;
this.password = password;
this.acct = acct;
if (logOn) {
logon();
// Close down the session
public void close()
throws IOException
sessionSock.close();
sessionSock = null;
// Connect to the server
public void connect()
throws IOException
sessionSock = new Socket(host, port);
inStream = new DataInputStream(
sessionSock.getInputStream());
outStream = new DataOutputStream(
sessionSock.getOutputStream());
// Send a command and wait for a response
public String doCommand(String commandString)
throws IOException
outStream.writeBytes(commandString+"\n");
String response = getResponse();
return response;
// Get a response back from the server. Handles multi-line responses
// and returns them as part of the string.
public String getResponse()
throws IOException
String response = "";
for (;;) {
String line = inStream.readLine();
if (line == null) {
throw new IOException(
"Bad response from server.");
// FTP response lines should at the very least have a 3-digit number
if (line.length() < 3) {
throw new IOException(
"Bad response from server.");
response += line + "\n";
// If there isn't a '-' immediately after the number, we've gotten the
// complete response. ('-' is the continuation character for FTP responses)
if ((line.length() == 3) ||
(line.charAt(3) != '-')) return response;
// Logs on to the FTP server
public void logon()
throws IOException
connect();
// After connecting, the FTP server will send a response string. Make
// sure it starts with a '2' (reponses in the 200's are positive
// responses.
String response = getResponse();
if (response.charAt(0) != '2') {
throw new IOException(response);
// Send a logon command
response = doCommand("USER "+username);
// If we get a response in the 300's, send a password
if (response.charAt(0) == '3') {
response = doCommand("PASS "+password);
// If we get a response in the 300's on the password command,
// send the account
if (response.charAt(0) == '3') {
response = doCommand("ACCT "+acct);
// If the last response we got wasn't in the 200's, there was an error
// during the logon.
if (response.charAt(0) != '2') {
throw new IOException(response);
// Creates a data connection to the server by using the PASV command.
// Normally the data connection is set up by the client sending the
// server an address and port number using the PORT command. Unfortunately,
// since an applet cannot listen for incoming connections, we can't work
// that way. The PASV command asks the server to accept a connection.
// The response for the PASV command contains a host address and port
// number in the form h,h,h,h,p,p where h is a byte in the host address
// and p is a byte in the port.
protected synchronized Socket doPasvPort()
throws IOException
// Send the PASV command
String response = doCommand("PASV");
// If it wasn't in the 200's, there was an error
if (response.charAt(0) != '2') {
throw new IOException(response);
// The pasv response looks like:
// 227 Entering Passive Mode (127,0,0,1,4,160)
// We'll look for the ()'s at the end first
int parenStart = response.lastIndexOf('(');
int parenEnd = response.lastIndexOf(')');
// Make sure they're both there and that the ) comes after the (
if ((parenStart < 0) || (parenEnd < 0) ||
(parenStart >= parenEnd)) {
throw new IOException("PASV response format error");
// Extract the address bytes
String pasvAddr = response.substring(parenStart+1, parenEnd);
// Create a tokenizer to parse the bytes
StringTokenizer tokenizer = new StringTokenizer(pasvAddr, ",");
// Create the array to store the bytes
int[] addrValues = new int[6];
// Parse each byte
for (int i=0; (i < 6) && tokenizer.hasMoreTokens(); i++) {
try {
addrValues[i] = Integer.valueOf(
tokenizer.nextToken()).intValue();
} catch (Exception e) {
throw new IOException(
"PASV response format error");
// We ignore the host addresses, assuming that the host address is
// the same as the host address we used to connect the first time.
Socket newSock = new Socket(host, (addrValues[4] << 8) +
addrValues[5]);
return newSock;
// Fetches a file in binary mode and returns it as an array of bytes
public byte[] get(String remoteFile)
throws IOException
return get(remoteFile, true); // default to binary
// Fetches a file in binary mode if doBinary is true, or ascii mode if
// it's false, and returns it as an array of bytes.
public synchronized byte[] get(String remoteFile, boolean doBinary)
throws IOException
// If transferring in binary mode, send a type command for type I (IMAGE)
if (doBinary) {
String response = doCommand("TYPE I");
if (response.charAt(0) != '2') {
throw new IOException(response);
// If transferring in ascii mode, send a type command for type A (ASCII)
} else {
String response = doCommand("TYPE A");
if (response.charAt(0) != '2') {
throw new IOException(response);
// Set up the data connection
Socket getSock = doPasvPort();
// Tell the server to send the file over
String response = doCommand("RETR "+remoteFile);
// If the request is successful, the server should send a response
// in the 100's and then start sending the file. Once the file is
// sent, it should send a response in the 200's.
// Check for an initial response in the 100's
if (response.charAt(0) != '1') {
getSock.close();
throw new IOException(response);
ByteArrayOutputStream out = new ByteArrayOutputStream();
// For binary transfers, read one byte at a time and store it in
// the array.
if (doBinary) {
InputStream in = getSock.getInputStream();
int ch;
while ((ch = in.read()) >= 0) {
out.write(ch);
// For ascii transfers, read a line at a time and strip off whatever
// newline we got.
} else {
DataInputStream in = new DataInputStream(
getSock.getInputStream());
PrintStream dataOut = new PrintStream(out);
String line;
while ((line = in.readLine()) != null) {
dataOut.println(line);
// Close the data connection
getSock.close();
// Make sure we got a response in the 200's saying the transfer was
// successful.
response = getResponse();
if (response.charAt(0) != '2') {
throw new IOException(response);
return out.toByteArray();
// Stores an array of bytes in the named file using binary mode
public synchronized void put(String remoteFile, byte[] data)
throws IOException
put(remoteFile, data, true); // default to binary
// Stores an array of bytes in the named file, using binary mode if
// doBinary is true, ascii mode otherwise.
public synchronized void put(String remoteFile, byte[] data,
boolean doBinary)
throws IOException
// If transferring in binary mode, send a type command for type I (IMAGE)
if (doBinary) {
String response = doCommand("TYPE I");
if (response.charAt(0) != '2') {
throw new IOException(response);
// If transferring in ascii mode, send a type command for type A (ASCII)
} else {
String response = doCommand("TYPE A");
if (response.charAt(0) != '2') {
throw new IOException(response);
// Open up a data connection
Socket putSock = doPasvPort();
// Tell the server where we want it to store the data we are sending
String response = doCommand("STOR "+remoteFile);
// If the request is successful, the server should send a response
// in the 100's and then start receiving the bytes. Once the data
// connection is closed, it should send a response in the 200's.
if (response.charAt(0) != '1') {
putSock.close();
throw new IOException(response);
// If binary mode, just write all the bytes
if (doBinary) {
OutputStream out = putSock.getOutputStream();
out.write(data);
// If ascii mode, write the data a line at a time
} else {
DataInputStream in = new DataInputStream(
new ByteArrayInputStream(data));
DataOutputStream out = new DataOutputStream(
putSock.getOutputStream());
String line;
while ((line = in.readLine()) != null) {
out.writeBytes(line+"\r");
putSock.close();
response = getResponse();
// Make sure we got a 200 response
if (response.charAt(0) != '2') {
throw new IOException(response);

FTP issues with Dreamweaver CC v 13.0

Hello,
I've been having multiple problems with DW using ftp. I've been using DW since it was a Macromedia product, and am familiar with server settings. etc.
The biggest issue comes from my using DW at work and also at home. I make changes at work, then when working from home I try to 'get' a particular folder so I have the updated code, and DW fails as follows:
web/staff/Pget_data.php - Transferring
/web/staff/Pget_form.php - Transferring
/web/staff/Pget_table.php - Transferring
/web/staff/Pinsert_new_client.php - Transferring
/web/staff/Pinsert_new_participant.php - Transferring
/web/staff/Plogin.php - Transferring
/web/staff/Oinsert_new_client.php - Get operation successful
/web/staff/Ofreeassessment.php - error occurred - An FTP error occurred - cannot get Ofreeassessment.php.   The network connection is unavailable. Please verify and try the action again.
/web/staff/Oget_data.php - error occurred - An FTP error occurred - cannot get Oget_data.php.   The network connection is unavailable. Please verify and try the action again.
/web/staff/Plogout.php - Transferring
/web/staff/Pmember.php - Transferring
/web/staff/Pnew_participant_info.php - Transferring
/web/staff/Poutput_fns.php - Transferring
/web/staff/Pregistration.php - Transferring
/web/staff/Pshow_form.php - Transferring
/web/staff/Pstyle.css - Transferring
/web/staff/Pupdate_participant_info.php - Transferring
/web/staff/Ooutput_fns.php - error occurred - An FTP error occurred - cannot get Ooutput_fns.php.   The network connection is unavailable. Please verify and try the action again.
/web/staff/Pfind_form.php - Get operation successful
/web/staff/Oshow_form.php - error occurred - An FTP error occurred - cannot get Oshow_form.php.   The network connection is unavailable. Please verify and try the action again.
/web/staff/Oupdate_client_info.php - error occurred - An FTP error occurred - cannot get Oupdate_client_info.php.   The network connection is unavailable. Please verify and try the action again.
/web/staff/PPRupdate_participant_info.php - error occurred - An FTP error occurred - cannot get PPRupdate_participant_info.php.   The network connection is unavailable. Please verify and try the action again.
/web/staff/Pupdate_subset_participant_info.php - Transferring
/web/staff/Puser_fns.php - Transferring
/web/staff/PvalidateUser.php - Transferring
... and so on
These errors occur from Mac computers running 10.7 and 10.8 which connect to different ISP's, and I am working with the hosting company to see if there are issues there, but just now I made a change to a file and tried to upload it. DW failed multiple times.
I work with, say, entry.php, live on site. I want to rename my local file to entryR0 and the use save as but the file does not get uploaded to the site, only locally, I then have to add a space or something so I can use Save, then maybe the file is uploaded.
I have Transmit, which works flawlessly, but I don't want to stop my workflow to use it for one file.
Any and all suggestions are gratefully welcomed!
Thanks in advance.

Thanks for your reply Srivatsa. Your assistance is greatly appreciated!
I am posting two items; the FTP log from when I launch DW then connect to the remote server, and the background file activity info which resulted when I just now tried to get the meals folder files which I changed at work.
I have substuted ^^^ for any information that might identify confidential information.
FTP Log
< 220 ProFTPD 1.2.9 Server ready.
> USER ^^^
< 331 Password required for ^^^.
> PASS
< 230 User ^^^ logged in.
> PWD
< 257 "/.users/122/^^^" is current directory.
> CWD /.users/122/^^^
< 250 CWD command successful.
> CWD /web
< 250 CWD command successful.
> MKD MM_CASETEST4291
< 257 "/web/MM_CASETEST4291" - Directory successfully created
> RMD MM_CASETEST4291
< 250 RMD command successful
> PWD
< 257 "/web" is current directory.
> PASV
< 227 Entering Passive Mode (^^^,179,232).
> LIST
< 150 Opening ASCII mode data connection for file list
< drwxr-sr-x   2 1130     656          4096 Mar 27 03:29 CodeTests
< drwxr-sr-x   3 1130     656          4096 Apr 14 05:39 Ostaff
< drwxr-sr-x   2 1130     656          4096 Sep 6 2012 Q
< -rw-r--r--   1 1130     656           894 Aug 15 15:55 SHn.ico
< drwxr-sr-x   2 1130     656          4096 Aug 12 2012 Scripts
< drwxr-sr-x   4 1130     656          4096 Aug 26 2012 Title
< drwxr-sr-x   2 1130     656          4096 Jul 12 2011 _notes
< -rw-r--r--   1 1130     656         22155 Jun 27 2012 camfile.jpg
< drwxr-sr-x   3 1130     656          4096 Apr 10 09:29 classes
< -rw-r--r--   1 1130     656           874 Jul 11 2012 colours.html
< -rw-r--r--   1 1130     656            53 Aug 1 2012 ^^^
< drwxr-xr-x   3 1130     656          4096 Aug 15 14:44 images
< -rw-r--r--   1 1130     656           292 May 24 03:42 index.html
< -rw-r--r--   1 1130     656          2586 Mar 24 04:43 index.php
< -rw-r--r--   1 1130     656          3177 Jun 25 14:47 indexR.php
< -rw-r--r--   1 1130     656            83 May 15 05:28 indexWordPress.html
< drwxr-xr-x 16 1130     656          4096 Aug 9 2012 joomla
< -rw-r--r--   1 1130     656           382 Aug 18 2011 jquery.html
< -rw-r--r--   1 1130     656          1075 Aug 18 2011 jquery.js
< -rw-r--r--   1 1130     656         91556 Aug 18 2011 jquerymin.js
< -rw-r--r--   1 1130     656           924 Aug 18 2011 lettering.js
< drwxr-sr-x   2 1130     656          4096 Aug 15 11:39 meals
< drwxr-sr-x 16 1130     656          4096 Oct 15 2012 mrbs
< -rw-r--r--   1 1130     656           773 Jun 27 2012 nSH.css
< drwxr-sr-x 19 1130     656          4096 Jun 29 2012 ^^^
< drwxr-sr-x   3 1130     656          4096 Apr 8 11:37 participants
< -rw-r--r--   1 1130     656          3980 Aug 18 2011 query.html
< -rw-r--r--   1 1130     656          2518 Aug 18 2011 query.js
< -rw-r--r--   1 1130     656          2971 Aug 18 2011 script.js
< drwxr-sr-x   3 1130     656          4096 Jun 20 13:25 ssh
< drwxr-sr-x   3 1130     656          4096 Aug 11 08:53 staff
< -rw-r--r--   1 1130     656          4856 Aug 14 06:31 style.css
< -rw-r--r--   1 1130     656          4856 Jul 29 07:12 styleR1.css
< drwxr-sr-x   5 1130     656          4096 Jul 21 2012 ^^^
< drwxr-sr-x   2 1130     656          4096 Jun 11 02:14 tv
< 226 Transfer complete.
> PASV
< 227 Entering Passive Mode (^^^,180,0).
> LIST
< 150 Opening ASCII mode data connection for file list
< drwxr-sr-x   2 1130     656          4096 Mar 27 03:29 CodeTests
< drwxr-sr-x   3 1130     656          4096 Apr 14 05:39 Ostaff
< drwxr-sr-x   2 1130     656          4096 Sep 6 2012 Q
< -rw-r--r--   1 1130     656           894 Aug 15 15:55 SHn.ico
< drwxr-sr-x   2 1130     656          4096 Aug 12 2012 Scripts
< drwxr-sr-x   4 1130     656          4096 Aug 26 2012 Title
< drwxr-sr-x   2 1130     656          4096 Jul 12 2011 _notes
< -rw-r--r--   1 1130     656         22155 Jun 27 2012 camfile.jpg
< drwxr-sr-x   3 1130     656          4096 Apr 10 09:29 classes
< -rw-r--r--   1 1130     656           874 Jul 11 2012 colours.html
< -rw-r--r--   1 1130     656            53 Aug 1 2012 ^^^
< drwxr-xr-x   3 1130     656          4096 Aug 15 14:44 images
< -rw-r--r--   1 1130     656           292 May 24 03:42 index.html
< -rw-r--r--   1 1130     656          2586 Mar 24 04:43 index.php
< -rw-r--r--   1 1130     656          3177 Jun 25 14:47 indexR.php
< -rw-r--r--   1 1130     656            83 May 15 05:28 indexWordPress.html
< drwxr-xr-x 16 1130     656          4096 Aug 9 2012 joomla
< -rw-r--r--   1 1130     656           382 Aug 18 2011 jquery.html
< -rw-r--r--   1 1130     656          1075 Aug 18 2011 jquery.js
< -rw-r--r--   1 1130     656         91556 Aug 18 2011 jquerymin.js
< -rw-r--r--   1 1130     656           924 Aug 18 2011 lettering.js
< drwxr-sr-x   2 1130     656          4096 Aug 15 11:39 meals
< drwxr-sr-x 16 1130     656          4096 Oct 15 2012 mrbs
< -rw-r--r--   1 1130     656           773 Jun 27 2012 nSH.css
< drwxr-sr-x 19 1130     656          4096 Jun 29 2012 ^^^
< drwxr-sr-x   3 1130     656          4096 Apr 8 11:37 participants
< -rw-r--r--   1 1130     656          3980 Aug 18 2011 query.html
< -rw-r--r--   1 1130     656          2518 Aug 18 2011 query.js
< -rw-r--r--   1 1130     656          2971 Aug 18 2011 script.js
< drwxr-sr-x   3 1130     656          4096 Jun 20 13:25 ssh
< drwxr-sr-x   3 1130     656          4096 Aug 11 08:53 staff
< -rw-r--r--   1 1130     656          4856 Aug 14 06:31 style.css
< -rw-r--r--   1 1130     656          4856 Jul 29 07:12 styleR1.css
< drwxr-sr-x   5 1130     656          4096 Jul 21 2012 ^^^
< drwxr-sr-x   2 1130     656          4096 Jun 11 02:14 tv
< 226 Transfer complete.
> PASV
< 227 Entering Passive Mode (^^^,180,1).
> LIST
< 150 Opening ASCII mode data connection for file list
< drwxr-sr-x   2 1130     656          4096 Mar 27 03:29 CodeTests
< drwxr-sr-x   3 1130     656          4096 Apr 14 05:39 Ostaff
< drwxr-sr-x   2 1130     656          4096 Sep 6 2012 Q
< -rw-r--r--   1 1130     656           894 Aug 15 15:55 SHn.ico
< drwxr-sr-x   2 1130     656          4096 Aug 12 2012 Scripts
< drwxr-sr-x   4 1130     656          4096 Aug 26 2012 Title
< drwxr-sr-x   2 1130     656          4096 Jul 12 2011 _notes
< -rw-r--r--   1 1130     656         22155 Jun 27 2012 camfile.jpg
< drwxr-sr-x   3 1130     656          4096 Apr 10 09:29 classes
< -rw-r--r--   1 1130     656           874 Jul 11 2012 colours.html
< -rw-r--r--   1 1130     656            53 Aug 1 2012 ^^^
< drwxr-xr-x   3 1130     656          4096 Aug 15 14:44 images
< -rw-r--r--   1 1130     656           292 May 24 03:42 index.html
< -rw-r--r--   1 1130     656          2586 Mar 24 04:43 index.php
< -rw-r--r--   1 1130     656          3177 Jun 25 14:47 indexR.php
< -rw-r--r--   1 1130     656            83 May 15 05:28 indexWordPress.html
< drwxr-xr-x 16 1130     656          4096 Aug 9 2012 joomla
< -rw-r--r--   1 1130     656           382 Aug 18 2011 jquery.html
< -rw-r--r--   1 1130     656          1075 Aug 18 2011 jquery.js
< -rw-r--r--   1 1130     656         91556 Aug 18 2011 jquerymin.js
< -rw-r--r--   1 1130     656           924 Aug 18 2011 lettering.js
< drwxr-sr-x   2 1130     656          4096 Aug 15 11:39 meals
< drwxr-sr-x 16 1130     656          4096 Oct 15 2012 mrbs
< -rw-r--r--   1 1130     656           773 Jun 27 2012 nSH.css
< drwxr-sr-x 19 1130     656          4096 Jun 29 2012 ^^^
< drwxr-sr-x   3 1130     656          4096 Apr 8 11:37 participants
< -rw-r--r--   1 1130     656          3980 Aug 18 2011 query.html
< -rw-r--r--   1 1130     656          2518 Aug 18 2011 query.js
< -rw-r--r--   1 1130     656          2971 Aug 18 2011 script.js
< drwxr-sr-x   3 1130     656          4096 Jun 20 13:25 ssh
< drwxr-sr-x   3 1130     656          4096 Aug 11 08:53 staff
< -rw-r--r--   1 1130     656          4856 Aug 14 06:31 style.css
< -rw-r--r--   1 1130     656          4856 Jul 29 07:12 styleR1.css
< drwxr-sr-x   5 1130     656          4096 Jul 21 2012 ^^^
< drwxr-sr-x   2 1130     656          4096 Jun 11 02:14 tv
< 226 Transfer complete.
Background File Activity Log:
Started: 13-08-16 14:53
/web/meals/lookup_meals.php - Transferring
/web/meals/meals.php - Transferring
/web/meals/meals_accum.php - Transferring
/web/meals/meals_cash.php - Transferring
/web/meals/meals_cashR1.php - Transferring
/web/meals/meals_correction.php - Transferring
/web/meals/meals_correctionR0.php - Transferring
/web/meals/meals_correctionR1.php - Transferring
/web/meals/meals_dailylist.php - Transferring
/web/meals/meals_delete.php - Transferring
/web/meals/meals_foodcosts.php - same - not transferred
/web/meals/meals_deleteR0.php - Transferring
/web/meals/meals_deleteR1.php - Transferring
/web/meals/meals_foodcostsR1.php - same - not transferred
/web/meals/meals_foodcosts_submit.php - same - not transferred
/web/meals/meals.php - error occurred - An FTP error occurred - cannot get meals.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry.php - Transferring
/web/meals/meals_entryR0.php - Transferring
/web/meals/meals_accum.php - error occurred - An FTP error occurred - cannot get meals_accum.php. Internal data error. Failed to receive network data.
/web/meals/meals_entryR1.php - Transferring
/web/meals/meals_entryR2.php - Transferring
/web/meals/meals_entry_process.php - Transferring
/web/meals/meals_entry_processR1.php - Transferring
/web/meals/meals_entry_review.php - Transferring
/web/meals/meals_cashR1.php - error occurred - An FTP error occurred - cannot get meals_cashR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_reviewR1.php - Transferring
/web/meals/meals_entry_submit.php - Transferring
/web/meals/meals_cash.php - error occurred - An FTP error occurred - cannot get meals_cash.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_submitR1.php - Transferring
/web/meals/meals_foodcosts_summary.php - Transferring
/web/meals/meals_kitchensummary.php - Transferring
/web/meals/meals_kitchensummaryR1.php - Transferring
/web/meals/meals_monthly.php - Transferring
/web/meals/meals_otherincome.php - Transferring
/web/meals/meals_otherincomeR0.php - Transferring
/web/meals/meals_correctionR0.php - error occurred - An FTP error occurred - cannot get meals_correctionR0.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincomeR1.php - Transferring
/web/meals/meals_otherincome_process.php - Transferring
/web/meals/meals_otherincome_review.php - Transferring
/web/meals/lookup_meals.php - error occurred - An FTP error occurred - cannot get lookup_meals.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincome_submit.php - Transferring
/web/meals/meals_dailylist.php - error occurred - An FTP error occurred - cannot get meals_dailylist.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincomelist.php - Transferring
/web/meals/meals_ytd.php - Transferring
/web/meals/meals_correction.php - error occurred - An FTP error occurred - cannot get meals_correction.php. Internal data error. Failed to receive network data.
/web/meals/meals_delete.php - error occurred - An FTP error occurred - cannot get meals_delete.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry.php - error occurred - An FTP error occurred - cannot get meals_entry.php. Internal data error. Failed to receive network data.
/web/meals/meals_deleteR0.php - error occurred - An FTP error occurred - cannot get meals_deleteR0.php. Internal data error. Failed to receive network data.
/web/meals/meals_deleteR1.php - error occurred - An FTP error occurred - cannot get meals_deleteR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_entryR0.php - error occurred - An FTP error occurred - cannot get meals_entryR0.php. Internal data error. Failed to receive network data.
/web/meals/meals_entryR1.php - error occurred - An FTP error occurred - cannot get meals_entryR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_correctionR1.php - error occurred - An FTP error occurred - cannot get meals_correctionR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_entryR2.php - error occurred - An FTP error occurred - cannot get meals_entryR2.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_processR1.php - error occurred - An FTP error occurred - cannot get meals_entry_processR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_process.php - error occurred - An FTP error occurred - cannot get meals_entry_process.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_review.php - error occurred - An FTP error occurred - cannot get meals_entry_review.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_reviewR1.php - error occurred - An FTP error occurred - cannot get meals_entry_reviewR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_submit.php - error occurred - An FTP error occurred - cannot get meals_entry_submit.php. Internal data error. Failed to receive network data.
/web/meals/meals_foodcosts_summary.php - error occurred - An FTP error occurred - cannot get meals_foodcosts_summary.php. Internal data error. Failed to receive network data.
/web/meals/meals_entry_submitR1.php - error occurred - An FTP error occurred - cannot get meals_entry_submitR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincome_review.php - error occurred - An FTP error occurred - cannot get meals_otherincome_review.php. Internal data error. Failed to receive network data.
/web/meals/meals_kitchensummary.php - error occurred - An FTP error occurred - cannot get meals_kitchensummary.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincomeR0.php - error occurred - An FTP error occurred - cannot get meals_otherincomeR0.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincomeR1.php - error occurred - An FTP error occurred - cannot get meals_otherincomeR1.php. Internal data error. Failed to receive network data.
/web/meals/meals_monthly.php - error occurred - An FTP error occurred - cannot get meals_monthly.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincome_process.php - error occurred - An FTP error occurred - cannot get meals_otherincome_process.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincome_submit.php - error occurred - An FTP error occurred - cannot get meals_otherincome_submit.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincomelist.php - error occurred - An FTP error occurred - cannot get meals_otherincomelist.php. Internal data error. Failed to receive network data.
/web/meals/meals_ytd.php - error occurred - An FTP error occurred - cannot get meals_ytd.php. Internal data error. Failed to receive network data.
/web/meals/meals_otherincome.php - error occurred - An FTP error occurred - cannot get meals_otherincome.php. Internal data error. Failed to receive network data.
/web/meals/meals_kitchensummaryR1.php - error occurred - An FTP error occurred - cannot get meals_kitchensummaryR1.php. An unknown error occurred.
File activity incomplete. 34 file(s) or folder(s) were not completed.
Files skipped: 3
File Transfer failed due to following reasons:
- Internal data error. Failed to receive network data.
- An unknown error occurred.
Files with errors: 34
/web/meals/meals.php
/web/meals/meals_accum.php
/web/meals/meals_cashR1.php
/web/meals/meals_cash.php
/web/meals/meals_correctionR0.php
/web/meals/lookup_meals.php
/web/meals/meals_dailylist.php
/web/meals/meals_correction.php
/web/meals/meals_delete.php
/web/meals/meals_entry.php
/web/meals/meals_deleteR0.php
/web/meals/meals_deleteR1.php
/web/meals/meals_entryR0.php
/web/meals/meals_entryR1.php
/web/meals/meals_correctionR1.php
/web/meals/meals_entryR2.php
/web/meals/meals_entry_processR1.php
/web/meals/meals_entry_process.php
/web/meals/meals_entry_review.php
/web/meals/meals_entry_reviewR1.php
/web/meals/meals_entry_submit.php
/web/meals/meals_foodcosts_summary.php
/web/meals/meals_entry_submitR1.php
/web/meals/meals_otherincome_review.php
/web/meals/meals_kitchensummary.php
/web/meals/meals_otherincomeR0.php
/web/meals/meals_otherincomeR1.php
/web/meals/meals_monthly.php
/web/meals/meals_otherincome_process.php
/web/meals/meals_otherincome_submit.php
/web/meals/meals_otherincomelist.php
/web/meals/meals_ytd.php
/web/meals/meals_otherincome.php
/web/meals/meals_kitchensummaryR1.php
Finished: 13-08-16 14:54
Kind regards,
sh_yhz1

Clientless SSL VPN and ActiveX question

Hey All,
First post for me here, so be gentle. I'll try to be as detailed as possible.
With the vast majority of my customers, I am able to configure an IPSEC L2L VPN, and narrow the traffic down to a very minimal set of ports. However, I have a customer that does not want to allow a L2L VPN tunnel between their remote site, and their NOC center. I thought this might be a good opportunity to get a clientless (they don't want to have to launch and log into a separate client) SSL VPN session setup. Ultimately, this will be 8 individual sites, so setting up SSL VPN's at each site would be cost prohibitive from a licensing perspective. My focus has been on using my 5510 (v8.2(5)) at my corp site as the centralized portal entrance, and creating bookmarks to each of the other respective sites, since I already have existing IPSEC VPN's via ASA5505, (same rev as the 5510 )setup with each of the sites.
First issue I've run into is that I can only access bookmarks that point to the external address for the remote web-server (the site has a static entry mapping an external address to the internal address of the web server). I am unable to browse (via bookmark) to the internal address of the remote web server. Through my browser at the office, I can access the internal address fine, just not through the SSL VPN portal. I am testing this external connectivity using a cell card to be able to simulate outside access. Is accessing the external IP address by design, or do I have something hosed?
Second issue I face is when I access the external address through the bookmark, I am ultimately able to log onto my remote website, and do normal browsing and javascript-type functions. I am not able to use controls that require my company's ActiveX controls (video, primarily). I did enable ActiveX relay, and that did allow the browser to start prompting me to install the controls as expected, but that still didn't allow the video stream through. The stream only runs at about 5 fps, so it's not an intense stream.
I have researched hairpinning for this situation, and "believe" that I have the NAT properly defined - even going as far as doing an ANY ANY, just for testing purposes to no avail. I do see a decent number of "no translates" from a show nat:
match ip inside any outside any
NAT exempt
translate_hits = 8915, untranslate_hits = 6574
access-list nonat extended permit ip any any log notifications
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list nonat extended permit ip 192.168.16.32 255.255.255.224 192.168.2.0 255.255.255.0
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 192.168.16.32 255.255.255.224
access-list nonat extended permit ip 192.168.16.32 255.255.255.224 192.168.17.0 255.255.255.0
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 172.16.250.0 255.255.255.0
access-list nonat extended permit ip 192.168.16.32 255.255.255.224 172.16.250.0 255.255.255.0
access-list nonat extended permit ip 192.168.16.32 255.255.255.224 172.16.254.0 255.255.255.0
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 172.16.254.0 255.255.255.0
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 host A-172.16.9.34
access-list nonat extended permit ip 192.168.18.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list nonat extended permit ip 192.168.18.0 255.255.255.0 192.168.16.32 255.255.255.224
access-list nonat extended permit ip 192.168.18.0 255.255.255.0 192.168.17.0 255.255.255.0
access-list nonat extended permit ip 192.168.18.0 255.255.255.0 172.16.250.0 255.255.255.0
access-list nonat extended permit ip 192.168.18.0 255.255.255.0 172.16.254.0 255.255.255.0
access-list nonat extended permit ip 192.168.18.0 255.255.255.0 host A-172.16.9.34
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 192.168.18.0 255.255.255.0
access-list nonat extended permit ip 192.168.16.32 255.255.255.224 192.168.18.0 255.255.255.0
access-list nonat extended permit ip 192.168.16.32 255.255.255.224 host 172.16.62.57
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 host 172.16.62.57
access-list nonat extended permit ip 192.168.18.0 255.255.255.0 host 172.16.62.57
access-list nonat extended permit ip 192.168.17.0 255.255.255.0 172.16.8.0 255.255.254.0
access-list nonat extended permit ip 192.168.16.32 255.255.255.224 172.16.8.0 255.255.254.0
access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 192.168.2.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 192.168.17.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 192.168.18.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 172.16.250.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 192.168.16.32 255.255.255.224
access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 192.168.18.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 192.168.16.32 255.255.255.224
access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 192.168.17.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 172.16.250.0 255.255.255.0
access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 172.16.250.0 255.255.255.0
access-list outside_1_cryptomap extended permit ip 192.168.16.32 255.255.255.224 host A-172.16.9.34
access-list outside_1_cryptomap extended permit ip 192.168.17.0 255.255.255.0 host A-172.16.9.34
access-list outside_1_cryptomap extended permit ip 192.168.18.0 255.255.255.0 host A-172.16.9.34
access-list outside_1_cryptomap extended permit ip 192.168.16.32 255.255.255.224 host 172.16.62.57
access-list outside_1_cryptomap extended permit ip 192.168.17.0 255.255.255.0 host 172.16.62.57
access-list outside_1_cryptomap extended permit ip 192.168.18.0 255.255.255.0 host 172.16.62.57
access-list External_VPN extended permit ip 192.168.16.32 255.255.255.224 172.16.254.0 255.255.255.0
access-list External_VPN extended permit ip 192.168.17.0 255.255.255.0 172.16.254.0 255.255.255.0
access-list outside_in extended permit icmp any any log notifications
access-list outside_in extended permit tcp any any log notifications
pager lines 24
logging enable
logging asdm informational
logging ftp-server 192.168.16.34 / syslog *****
mtu inside 1500
mtu outside 1500
ip local pool Remote 172.16.254.1-172.16.254.25 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-645.bin
no asdm history enable
arp timeout 14400
global (inside) 1 interface
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 192.168.16.32 255.255.255.224
nat (inside) 1 192.168.17.0 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0
access-group outside_in in interface outside
192.168.2.0 is my corp network range
192.168.2.171 is my internal IP for corp ASA5510
97.x.x.x is the external interface for my corp ASA5510
192.168.16.34 is the internal interface for the remote ASA5505
64.x.x.x is the external interface for the remote ASA5505
192.168.17.0, and 192.168.18.0 are two other private LANS behind the remote 5505
As you can see, I have things reasonably wide open - with no port restrictions on this one yet - this is for troubleshooting purposes, and it will get restrictive as soon as I figure this out Right now, the ASA5510 is pretty restrictive, and to be brutally honest, I'm not certain I'm even using the packet tracer 100% proper to be able to simulate coming from the outside of the network through my ASA5510, out to a remote ASA5505, and to a web server behind that 5505. I'm sure that the issue is probably going to be a mix of ACL's between the 5510, and the 5505.
I guess the main question, is Clientless SSL VPN really a good choice for this, or are there other real alternatives - especially since my client doesn't want to have to install, or use an actual client (like AnyConnect), nor do they want to have an always-on IPSEC VPN. Am I going about this the right way? Anyone have any suggestions, or do I have my config royally hosed?
Thanks much for any and all ideas!

Hey All, I appreciate all of the views on this post. I would appreciate any input - even if you think it might be far-fetched. I'm grasping at straws, and am super-hesitant to tell my customer this is even remotely possible if I can't have a POC myself. Thanks, in advance!!

Unable to Access Remote LAN over IPSec VPN

I have a Cisco ASA 5540 setup with Remote Access VPN for users. Suddenly no one can access the remote LAN over VPN. Below is my config:
ASA Version 7.0(8)
hostname DC2ASA
domain-name yorktel.com
enable password d2XdVlFOzleWlH1j encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
dns-guard
interface GigabitEthernet0/0
description outside/savvis
nameif outside
security-level 0
ip address 216.33.198.4 255.255.255.0 standby 216.33.198.5
interface GigabitEthernet0/1
description inside
nameif inside
security-level 100
ip address 10.203.204.1 255.255.254.0 standby 10.203.204.2
interface GigabitEthernet0/2
nameif insidesan
security-level 100
ip address 10.203.206.1 255.255.254.0 standby 10.203.206.2
interface GigabitEthernet0/3
description LAN/STATE Failover Interface
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
ftp mode passive
object-group service FileMaker tcp-udp
port-object range 16000 16001
access-list outside-in extended permit ip 65.123.204.0 255.255.254.0 216.33.198.0 255.255.255.0 log
access-list outside-in extended permit ip 216.33.198.0 255.255.255.0 216.33.198.0 255.255.255.0 log
access-list outside-in extended permit icmp 216.33.198.0 255.255.255.0 216.33.198.0 255.255.255.0 log
access-list outside-in extended permit icmp any any
access-list outside-in extended permit icmp any any echo
access-list outside-in extended permit ip any host 216.33.198.22 inactive
access-list outside-in extended permit tcp any host 216.33.198.19
access-list outside-in extended permit udp any host 216.33.198.19
access-list outside-in extended permit ip any host 216.33.198.19
access-list outside-in extended permit tcp any host 216.33.198.10 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.10 eq ftp inactive
access-list outside-in extended permit tcp any host 216.33.198.10 eq ftp-data inactive
access-list outside-in extended permit tcp any host 216.33.198.10 eq ssh inactive
access-list outside-in extended permit tcp any host 216.33.198.19 eq www
access-list outside-in extended permit tcp any host 216.33.198.19 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.19 eq https
access-list outside-in extended permit tcp any host 216.33.198.19 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.19 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.19 eq smtp
access-list outside-in extended permit tcp any host 216.33.198.19 eq pop3
access-list outside-in extended permit tcp any host 216.33.198.19 eq 587
access-list outside-in extended permit tcp any host 216.33.198.16 eq www
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.16 eq https
access-list outside-in extended permit tcp any host 216.33.198.16 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.16 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.16 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.38 eq www
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.38 eq https
access-list outside-in extended permit tcp any host 216.33.198.38 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.38 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.38 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.25 eq www
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.25 eq https
access-list outside-in extended permit tcp any host 216.33.198.25 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.25 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.25 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.22 eq www
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.22 eq https
access-list outside-in extended permit tcp any host 216.33.198.22 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.22 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.22 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.17 eq www
access-list outside-in extended permit tcp any host 216.33.198.17 eq rtsp
access-list outside-in extended permit udp any host 216.33.198.17 eq 5005
access-list outside-in extended permit tcp any host 216.33.198.17 eq 1755
access-list outside-in extended permit udp any host 216.33.198.17 eq 1755
access-list outside-in extended permit tcp any host 216.33.198.17 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.17 eq https
access-list outside-in extended permit tcp any host 216.33.198.17 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.17 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.17 eq 989
access-list outside-in extended permit tcp any host 216.33.198.17 eq 990
access-list outside-in extended permit tcp any host 216.33.198.24 eq www
access-list outside-in extended permit tcp any host 216.33.198.24 eq rtsp
access-list outside-in extended permit udp any host 216.33.198.24 eq 5005
access-list outside-in extended permit tcp any host 216.33.198.24 eq 1755
access-list outside-in extended permit udp any host 216.33.198.24 eq 1755
access-list outside-in extended permit udp any host 216.33.198.24
access-list outside-in extended permit tcp any host 216.33.198.24 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.24 eq https
access-list outside-in extended permit tcp 209.67.5.96 255.255.255.224 any inactive
access-list outside-in extended permit udp 209.67.5.96 255.255.255.224 any inactive
access-list outside-in extended permit udp any host 216.33.198.17 inactive
access-list outside-in extended permit tcp any host 216.33.198.18 eq 1433
access-list outside-in extended permit tcp any host 216.33.198.18 eq 1434
access-list outside-in extended permit tcp any host 216.33.198.100 eq www
access-list outside-in extended permit tcp any host 216.33.198.101 eq www
access-list outside-in extended permit tcp any host 216.33.198.102 eq www
access-list outside-in extended permit tcp any host 216.33.198.103 eq www
access-list outside-in extended permit tcp any host 216.33.198.104 eq www
access-list outside-in extended permit tcp any host 216.33.198.105 eq www
access-list outside-in extended permit tcp any host 216.33.198.106 eq www
access-list outside-in extended permit tcp any host 216.33.198.107 eq www
access-list outside-in extended permit tcp any host 216.33.198.108 eq www
access-list outside-in extended permit tcp any host 216.33.198.109 eq www
access-list outside-in extended permit tcp any host 216.33.198.110 eq www
access-list outside-in extended permit tcp any host 216.33.198.100 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.101 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.102 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.103 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.104 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.105 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.106 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.107 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.108 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.109 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.110 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.100 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.101 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.102 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.103 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.104 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.105 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.106 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.107 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.108 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.109 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.110 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.100 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.101 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.102 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.103 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.104 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.105 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.106 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.107 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.108 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.109 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.110 eq ftp-data
access-list outside-in extended permit tcp host 12.71.134.4 any
access-list outside-in extended permit udp host 12.71.134.4 any
access-list outside-in remark Allow Mark to access remote desktop from home office.
access-list outside-in extended permit tcp host 96.255.220.240 any
access-list outside-in remark Allow Mark to access remote desktop from home office.
access-list outside-in extended permit udp host 96.255.220.240 any
access-list outside-in extended permit tcp host 67.81.54.83 any
access-list outside-in remark Allow Chris to access remote desktop from home office.
access-list outside-in extended permit tcp host 100.1.41.196 any
access-list outside-in remark Allow Chris to access remote desktop from home office.
access-list outside-in extended permit udp host 100.1.41.196 any
access-list outside-in extended permit udp host 67.81.54.83 any
access-list outside-in remark Allow Jim Johnstone to remote in from home office.
access-list outside-in extended permit tcp host 96.225.44.46 any
access-list outside-in remark Allow Jim Johnstone to remote in from home office.
access-list outside-in extended permit udp host 96.225.44.46 any
access-list outside-in extended permit tcp host 64.19.183.67 any
access-list outside-in extended permit udp host 64.19.183.67 any
access-list outside-in remark Allow Steve Fisher to remote in from home office.
access-list outside-in extended permit tcp host 173.67.0.16 any
access-list outside-in remark Allow Steve Fisher to remote in from home office.
access-list outside-in extended permit udp host 173.67.0.16 any
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq 3389
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq ftp-data
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq ftp
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq www
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 eq https
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.20 inactive
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit udp any host 216.33.198.20 inactive
access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
access-list outside-in extended permit ip any host 216.33.198.20 inactive
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.19 eq 3389 inactive
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq 3389
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq www
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq https
access-list outside-in extended permit tcp any host 216.33.198.21 eq 8080
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq ftp
access-list outside-in remark Allow remote desktop connections to BMS-TV
access-list outside-in extended permit tcp any host 216.33.198.21 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.19 eq 3306
access-list outside-in extended permit udp any host 216.33.198.19 eq 3306
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq 3389
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq ftp
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq www
access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
access-list outside-in extended permit tcp any host 216.33.198.23 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.18 eq 3389 inactive
access-list outside-in extended permit tcp any host 216.33.198.17 inactive
access-list outside-in extended permit ip any host 216.33.198.17 inactive
access-list outside-in extended permit tcp any host 216.33.198.18 inactive
access-list outside-in extended permit udp any host 216.33.198.17 eq 554
access-list outside-in extended permit udp any host 216.33.198.24 eq 554
access-list outside-in remark Allow any access from Treasury
access-list outside-in extended permit tcp host 64.241.196.50 any
access-list outside-in remark Allow any access from Treasury
access-list outside-in extended permit udp host 64.241.196.50 any
access-list outside-in remark Allow any access from Treasury
access-list outside-in extended permit ip host 64.241.196.50 any
access-list outside-in extended permit tcp any host 216.33.198.26 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.26 eq www
access-list outside-in extended permit tcp any host 216.33.198.26 eq https
access-list outside-in extended permit tcp any host 216.33.198.27 eq https
access-list outside-in extended permit tcp any host 216.33.198.27 eq www
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.27 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.27 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.27 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.26 eq ftp inactive
access-list outside-in extended permit tcp any host 216.33.198.26 eq ssh inactive
access-list outside-in extended permit tcp any host 216.33.198.28 eq 81
access-list outside-in extended permit tcp any host 216.33.198.28 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.28 eq www
access-list outside-in extended permit tcp any host 216.33.198.28 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.29 eq www
access-list outside-in extended permit tcp any host 216.33.198.28 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.29 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.30 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.31 eq ssh
access-list outside-in extended permit tcp any host 216.33.198.20 object-group FileMaker
access-list outside-in extended permit tcp any host 216.33.198.20 eq 5003
access-list outside-in extended permit udp any host 216.33.198.20 eq 5003
access-list outside-in extended permit tcp any host 216.33.198.33 eq www
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.33 eq https
access-list outside-in extended permit tcp any host 216.33.198.33 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.33 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.33 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.34 eq www
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.34 eq https
access-list outside-in extended permit tcp any host 216.33.198.34 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.34 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.34 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.36 eq www
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.36 eq https
access-list outside-in extended permit tcp any host 216.33.198.36 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.36 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.36 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.37 eq www
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.37 eq https
access-list outside-in extended permit tcp any host 216.33.198.37 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.37 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.37 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.39 eq www
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.39 eq https
access-list outside-in extended permit tcp any host 216.33.198.39 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.39 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8094
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8096
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8097
access-list outside-in extended permit tcp any host 216.33.198.39 eq 8090
access-list outside-in extended permit tcp any host 216.33.198.41 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.41 eq www
access-list outside-in extended permit tcp any host 216.33.198.41 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.41 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.41 eq https
access-list outside-in extended permit tcp any host 216.33.198.41 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.42 eq 3389
access-list outside-in extended permit tcp any host 216.33.198.42 eq www
access-list outside-in extended permit tcp any host 216.33.198.42 eq https
access-list outside-in extended permit tcp any host 216.33.198.42 eq ftp
access-list outside-in extended permit tcp any host 216.33.198.42 eq ftp-data
access-list outside-in extended permit tcp any host 216.33.198.42 eq 8080
access-list outside-in extended permit tcp any host 216.33.198.28
access-list inside-out extended permit tcp any host 216.33.198.17 eq rtsp
access-list inside-out extended permit udp any host 216.33.198.17 eq 5004
access-list inside-out extended permit udp any host 216.33.198.17 eq 5005
access-list inside-out extended permit tcp any host 216.33.198.17 eq 1755
access-list inside-out extended permit udp any host 216.33.198.17 eq 1755
access-list rtsp-acl extended deny tcp any host 216.33.198.17 eq rtsp
access-list rtsp-acl extended permit tcp any any eq rtsp
access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 10.203.204.0 255.255.255.192
access-list inside_nat0_outbound extended permit ip any 10.203.204.48 255.255.255.240
access-list inside_nat0_outbound extended permit ip any 10.203.204.0 255.255.255.192
access-list inside_nat0_outbound extended permit ip host 10.203.204.19 10.203.204.32 255.255.255.224
access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 192.168.250.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 192.168.252.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip any 10.203.204.144 255.255.255.240
access-list inside_nat0_outbound extended permit ip host 216.33.198.33 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.19 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.17 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.24 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip host 216.33.198.20 any inactive
access-list inside_nat0_outbound extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip any 10.203.204.48 255.255.255.248
access-list inside_nat0_outbound extended permit ip any 216.33.198.56 255.255.255.248
access-list dc2vpn_splitTunnelAcl standard permit 10.203.204.0 255.255.255.0
access-list dc2vpn_splitTunnelAcl standard permit 192.168.250.0 255.255.255.0
access-list dc2vpn_splitTunnelAcl standard permit 192.168.252.0 255.255.255.0
access-list dc2vpn_splitTunnelAcl standard permit any
access-list outside_map standard permit any
access-list Split_Tunnel_List standard permit 10.203.204.0 255.255.255.0
access-list test_splitTunnelAcl standard permit any
access-list outside_access_out extended permit tcp any host 12.71.134.75 inactive
access-list outside_in extended permit tcp host 12.71.134.75 any eq smtp
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.130.31
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.102
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.103
access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.104
access-list outside_nat0_inbound extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
access-list outside_cryptomap_80 extended permit ip 10.203.204.0 255.255.255.0 192.168.250.0 255.255.255.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.33 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.19 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.17 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended deny ip host 216.33.198.24 165.89.0.0 255.255.0.0
access-list outside_cryptomap_60 extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
access-list outside_cryptomap_100 extended permit ip 10.203.204.0 255.255.255.0 192.168.252.0 255.255.255.0
access-list dc2vpntest_splitTunnelAcl standard permit 10.203.204.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
logging ftp-bufferwrap
logging ftp-server 10.203.204.10 logs asa ****
mtu outside 1500
mtu inside 1500
mtu insidesan 1500
mtu management 1500
ip local pool vpnpool 10.203.204.60-10.203.204.65 mask 255.255.255.0
failover
failover lan unit secondary
failover lan interface failover GigabitEthernet0/3
failover polltime unit msec 999 holdtime 3
failover polltime interface 5
failover link failover GigabitEthernet0/3
failover interface ip failover 172.16.100.1 255.255.255.252 standby 172.16.100.2
monitor-interface outside
monitor-interface inside
monitor-interface insidesan
no monitor-interface management
icmp permit 65.123.204.0 255.255.254.0 outside
asdm image disk0:/asdm-508.bin
no asdm history enable
arp timeout 14400
nat-control
nat (outside) 0 access-list outside_nat0_inbound outside
nat (inside) 0 access-list inside_nat0_outbound
static (inside,outside) 216.33.198.10 10.203.204.10 netmask 255.255.255.255
static (inside,outside) 216.33.198.11 10.203.204.11 netmask 255.255.255.255
static (inside,outside) 216.33.198.12 10.203.204.12 netmask 255.255.255.255
static (inside,outside) 216.33.198.13 10.203.204.13 netmask 255.255.255.255
static (inside,outside) 216.33.198.14 10.203.204.14 netmask 255.255.255.255
static (inside,outside) 216.33.198.15 10.203.204.15 netmask 255.255.255.255
static (inside,outside) 216.33.198.16 10.203.204.16 netmask 255.255.255.255
static (inside,outside) 216.33.198.17 10.203.204.17 netmask 255.255.255.255
static (inside,outside) 216.33.198.18 10.203.204.18 netmask 255.255.255.255
static (inside,outside) 216.33.198.19 10.203.204.19 netmask 255.255.255.255
static (inside,outside) 216.33.198.20 10.203.204.20 netmask 255.255.255.255
static (inside,outside) 216.33.198.21 10.203.204.21 netmask 255.255.255.255
static (inside,outside) 216.33.198.22 10.203.204.22 netmask 255.255.255.255
static (inside,outside) 216.33.198.23 10.203.204.23 netmask 255.255.255.255
static (inside,outside) 216.33.198.24 10.203.204.24 netmask 255.255.255.255
static (inside,outside) 216.33.198.25 10.203.204.25 netmask 255.255.255.255
static (inside,outside) 216.33.198.26 10.203.204.26 netmask 255.255.255.255
static (inside,outside) 216.33.198.27 10.203.204.27 netmask 255.255.255.255
static (inside,outside) 216.33.198.28 10.203.204.28 netmask 255.255.255.255
static (inside,outside) 216.33.198.29 10.203.204.29 netmask 255.255.255.255
static (inside,outside) 216.33.198.30 10.203.204.30 netmask 255.255.255.255
static (inside,outside) 216.33.198.31 10.203.204.31 netmask 255.255.255.255
static (inside,outside) 216.33.198.32 10.203.204.32 netmask 255.255.255.255
static (inside,outside) 216.33.198.33 10.203.204.33 netmask 255.255.255.255
static (inside,outside) 216.33.198.34 10.203.204.34 netmask 255.255.255.255
static (inside,outside) 216.33.198.35 10.203.204.35 netmask 255.255.255.255
static (inside,outside) 216.33.198.36 10.203.204.36 netmask 255.255.255.255
static (inside,outside) 216.33.198.37 10.203.204.37 netmask 255.255.255.255
static (inside,outside) 216.33.198.38 10.203.204.38 netmask 255.255.255.255
static (inside,outside) 216.33.198.39 10.203.204.39 netmask 255.255.255.255
static (inside,outside) 216.33.198.40 10.203.204.40 netmask 255.255.255.255
static (inside,outside) 216.33.198.41 10.203.204.41 netmask 255.255.255.255
static (inside,outside) 216.33.198.42 10.203.204.42 netmask 255.255.255.255
static (inside,outside) 216.33.198.43 10.203.204.43 netmask 255.255.255.255
static (inside,outside) 216.33.198.44 10.203.204.44 netmask 255.255.255.255
static (inside,outside) 216.33.198.45 10.203.204.45 netmask 255.255.255.255
static (inside,outside) 216.33.198.46 10.203.204.46 netmask 255.255.255.255
static (inside,outside) 216.33.198.47 10.203.204.47 netmask 255.255.255.255
static (inside,outside) 216.33.198.48 10.203.204.48 netmask 255.255.255.255
static (inside,outside) 216.33.198.49 10.203.204.49 netmask 255.255.255.255
static (inside,outside) 216.33.198.50 10.203.204.50 netmask 255.255.255.255
static (inside,outside) 216.33.198.51 10.203.204.51 netmask 255.255.255.255
static (inside,outside) 216.33.198.52 10.203.204.52 netmask 255.255.255.255
static (inside,outside) 216.33.198.53 10.203.204.53 netmask 255.255.255.255
static (inside,outside) 216.33.198.54 10.203.204.54 netmask 255.255.255.255
static (inside,outside) 216.33.198.55 10.203.204.55 netmask 255.255.255.255
static (inside,outside) 216.33.198.56 10.203.204.56 netmask 255.255.255.255
static (inside,outside) 216.33.198.57 10.203.204.57 netmask 255.255.255.255
static (inside,outside) 216.33.198.58 10.203.204.58 netmask 255.255.255.255
static (inside,outside) 216.33.198.59 10.203.204.59 netmask 255.255.255.255
static (inside,outside) 216.33.198.60 10.203.204.60 netmask 255.255.255.255
static (inside,outside) 216.33.198.61 10.203.204.61 netmask 255.255.255.255
static (inside,outside) 216.33.198.62 10.203.204.62 netmask 255.255.255.255
static (inside,outside) 216.33.198.63 10.203.204.63 netmask 255.255.255.255
static (inside,outside) 216.33.198.64 10.203.204.64 netmask 255.255.255.255
static (inside,outside) 216.33.198.65 10.203.204.65 netmask 255.255.255.255
static (inside,outside) 216.33.198.66 10.203.204.66 netmask 255.255.255.255
static (inside,outside) 216.33.198.67 10.203.204.67 netmask 255.255.255.255
static (inside,outside) 216.33.198.68 10.203.204.68 netmask 255.255.255.255
static (inside,outside) 216.33.198.69 10.203.204.69 netmask 255.255.255.255
static (inside,outside) 216.33.198.70 10.203.204.70 netmask 255.255.255.255
static (inside,outside) 216.33.198.71 10.203.204.71 netmask 255.255.255.255
static (inside,outside) 216.33.198.100 10.203.204.100 netmask 255.255.255.255
static (inside,outside) 216.33.198.101 10.203.204.101 netmask 255.255.255.255
static (inside,outside) 216.33.198.102 10.203.204.102 netmask 255.255.255.255
static (inside,outside) 216.33.198.103 10.203.204.103 netmask 255.255.255.255
static (inside,outside) 216.33.198.104 10.203.204.104 netmask 255.255.255.255
static (inside,outside) 216.33.198.105 10.203.204.105 netmask 255.255.255.255
static (inside,outside) 216.33.198.106 10.203.204.106 netmask 255.255.255.255
static (inside,outside) 216.33.198.107 10.203.204.107 netmask 255.255.255.255
static (inside,outside) 216.33.198.108 10.203.204.108 netmask 255.255.255.255
static (inside,outside) 216.33.198.109 10.203.204.109 netmask 255.255.255.255
static (inside,outside) 216.33.198.110 10.203.204.110 netmask 255.255.255.255
static (inside,outside) 216.33.198.111 10.203.204.111 netmask 255.255.255.255
static (inside,outside) 216.33.198.112 10.203.204.112 netmask 255.255.255.255
static (inside,outside) 216.33.198.113 10.203.204.113 netmask 255.255.255.255
static (inside,outside) 216.33.198.114 10.203.204.114 netmask 255.255.255.255
static (inside,outside) 216.33.198.115 10.203.204.115 netmask 255.255.255.255
static (inside,outside) 216.33.198.116 10.203.204.116 netmask 255.255.255.255
static (inside,outside) 216.33.198.117 10.203.204.117 netmask 255.255.255.255
static (inside,outside) 216.33.198.118 10.203.204.118 netmask 255.255.255.255
static (inside,outside) 216.33.198.119 10.203.204.119 netmask 255.255.255.255
static (inside,outside) 216.33.198.120 10.203.204.120 netmask 255.255.255.255
static (inside,outside) 216.33.198.121 10.203.204.121 netmask 255.255.255.255
static (inside,outside) 216.33.198.122 10.203.204.122 netmask 255.255.255.255
static (inside,outside) 216.33.198.123 10.203.204.123 netmask 255.255.255.255
static (inside,outside) 216.33.198.124 10.203.204.124 netmask 255.255.255.255
static (inside,outside) 216.33.198.125 10.203.204.125 netmask 255.255.255.255
static (inside,outside) 216.33.198.126 10.203.204.126 netmask 255.255.255.255
static (inside,outside) 216.33.198.127 10.203.204.127 netmask 255.255.255.255
static (inside,outside) 216.33.198.128 10.203.204.128 netmask 255.255.255.255
static (inside,outside) 216.33.198.129 10.203.204.129 netmask 255.255.255.255
static (inside,outside) 216.33.198.130 10.203.204.130 netmask 255.255.255.255
static (inside,outside) 216.33.198.131 10.203.204.131 netmask 255.255.255.255
static (inside,outside) 216.33.198.132 10.203.204.132 netmask 255.255.255.255
static (inside,outside) 216.33.198.133 10.203.204.133 netmask 255.255.255.255
static (inside,outside) 216.33.198.134 10.203.204.134 netmask 255.255.255.255
static (inside,outside) 216.33.198.135 10.203.204.135 netmask 255.255.255.255
static (inside,outside) 216.33.198.136 10.203.204.136 netmask 255.255.255.255
static (inside,outside) 216.33.198.137 10.203.204.137 netmask 255.255.255.255
static (inside,outside) 216.33.198.138 10.203.204.138 netmask 255.255.255.255
static (inside,outside) 216.33.198.139 10.203.204.139 netmask 255.255.255.255
static (inside,outside) 216.33.198.140 10.203.204.140 netmask 255.255.255.255
static (inside,outside) 216.33.198.141 10.203.204.141 netmask 255.255.255.255
static (inside,outside) 216.33.198.142 10.203.204.142 netmask 255.255.255.255
static (inside,outside) 216.33.198.143 10.203.204.143 netmask 255.255.255.255
static (inside,outside) 216.33.198.144 10.203.204.144 netmask 255.255.255.255
static (inside,outside) 216.33.198.145 10.203.204.145 netmask 255.255.255.255
static (inside,outside) 216.33.198.146 10.203.204.146 netmask 255.255.255.255
static (inside,outside) 216.33.198.147 10.203.204.147 netmask 255.255.255.255
static (inside,outside) 216.33.198.148 10.203.204.148 netmask 255.255.255.255
static (inside,outside) 216.33.198.149 10.203.204.149 netmask 255.255.255.255
static (inside,outside) 216.33.198.150 10.203.204.150 netmask 255.255.255.255
static (inside,outside) 216.33.198.151 10.203.204.151 netmask 255.255.255.255
static (inside,outside) 216.33.198.152 10.203.204.152 netmask 255.255.255.255
static (inside,outside) 216.33.198.153 10.203.204.153 netmask 255.255.255.255
static (inside,outside) 216.33.198.154 10.203.204.154 netmask 255.255.255.255
static (inside,outside) 216.33.198.155 10.203.204.155 netmask 255.255.255.255
static (inside,outside) 216.33.198.156 10.203.204.156 netmask 255.255.255.255
static (inside,outside) 216.33.198.157 10.203.204.157 netmask 255.255.255.255
static (inside,outside) 216.33.198.158 10.203.204.158 netmask 255.255.255.255
static (inside,outside) 216.33.198.159 10.203.204.159 netmask 255.255.255.255
static (inside,outside) 216.33.198.160 10.203.204.160 netmask 255.255.255.255
static (inside,outside) 216.33.198.161 10.203.204.161 netmask 255.255.255.255
static (inside,outside) 216.33.198.162 10.203.204.162 netmask 255.255.255.255
static (inside,outside) 216.33.198.163 10.203.204.163 netmask 255.255.255.255
static (inside,outside) 216.33.198.164 10.203.204.164 netmask 255.255.255.255
static (inside,outside) 216.33.198.165 10.203.204.165 netmask 255.255.255.255
static (inside,outside) 216.33.198.166 10.203.204.166 netmask 255.255.255.255
static (inside,outside) 216.33.198.167 10.203.204.167 netmask 255.255.255.255
static (inside,outside) 216.33.198.168 10.203.204.168 netmask 255.255.255.255
static (inside,outside) 216.33.198.169 10.203.204.169 netmask 255.255.255.255
static (inside,outside) 216.33.198.170 10.203.204.170 netmask 255.255.255.255
static (inside,outside) 216.33.198.171 10.203.204.171 netmask 255.255.255.255
static (inside,outside) 216.33.198.172 10.203.204.172 netmask 255.255.255.255
static (inside,outside) 216.33.198.173 10.203.204.173 netmask 255.255.255.255
static (inside,outside) 216.33.198.174 10.203.204.174 netmask 255.255.255.255
static (inside,outside) 216.33.198.175 10.203.204.175 netmask 255.255.255.255
static (inside,outside) 216.33.198.176 10.203.204.176 netmask 255.255.255.255
static (inside,outside) 216.33.198.177 10.203.204.177 netmask 255.255.255.255
static (inside,outside) 216.33.198.178 10.203.204.178 netmask 255.255.255.255
static (inside,outside) 216.33.198.179 10.203.204.179 netmask 255.255.255.255
static (inside,outside) 216.33.198.180 10.203.204.180 netmask 255.255.255.255
static (inside,outside) 216.33.198.181 10.203.204.181 netmask 255.255.255.255
static (inside,outside) 216.33.198.182 10.203.204.182 netmask 255.255.255.255
static (inside,outside) 216.33.198.183 10.203.204.183 netmask 255.255.255.255
static (inside,outside) 216.33.198.184 10.203.204.184 netmask 255.255.255.255
static (inside,outside) 216.33.198.185 10.203.204.185 netmask 255.255.255.255
static (inside,outside) 216.33.198.186 10.203.204.186 netmask 255.255.255.255
static (inside,outside) 216.33.198.187 10.203.204.187 netmask 255.255.255.255
static (inside,outside) 216.33.198.188 10.203.204.188 netmask 255.255.255.255
static (inside,outside) 216.33.198.189 10.203.204.189 netmask 255.255.255.255
static (inside,outside) 216.33.198.190 10.203.204.190 netmask 255.255.255.255
static (inside,outside) 216.33.198.191 10.203.204.191 netmask 255.255.255.255
static (inside,outside) 216.33.198.192 10.203.204.192 netmask 255.255.255.255
static (inside,outside) 216.33.198.193 10.203.204.193 netmask 255.255.255.255
static (inside,outside) 216.33.198.194 10.203.204.194 netmask 255.255.255.255
static (inside,outside) 216.33.198.195 10.203.204.195 netmask 255.255.255.255
static (inside,outside) 216.33.198.196 10.203.204.196 netmask 255.255.255.255
static (inside,outside) 216.33.198.197 10.203.204.197 netmask 255.255.255.255
static (inside,outside) 216.33.198.198 10.203.204.198 netmask 255.255.255.255
static (inside,outside) 216.33.198.199 10.203.204.199 netmask 255.255.255.255
static (inside,outside) 216.33.198.200 10.203.204.200 netmask 255.255.255.255
access-group outside-in in interface outside
route outside 0.0.0.0 0.0.0.0 216.33.198.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
group-policy test internal
group-policy test attributes
dns-server value 10.203.204.14 10.203.204.15
split-tunnel-policy tunnelspecified
split-tunnel-network-list value test_splitTunnelAcl
default-domain value yorkmedia.local
webvpn
group-policy tunneltest internal
group-policy tunneltest attributes
dns-server value 10.203.204.14 4.2.2.2
default-domain value yorkmedia.local
webvpn
group-policy testpol internal
group-policy testpol attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelall
split-tunnel-network-list value dc2vpn_splitTunnelAcl
webvpn
group-policy aes internal
group-policy aes attributes
dns-server value 10.203.204.14 10.203.204.15
vpn-tunnel-protocol IPSec
group-lock value aestest
webvpn
group-policy grouptest internal
group-policy grouptest attributes
dns-server value 10.203.204.14 4.2.2.2
default-domain value yorkmedia.local
webvpn
group-policy dc2vpntest internal
group-policy dc2vpntest attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value dc2vpntest_splitTunnelAcl
webvpn
group-policy dc2vpn internal
group-policy dc2vpn attributes
dns-server value 10.203.204.14 10.203.204.15
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value dc2vpn_splitTunnelAcl
webvpn
group-policy BMSTV internal
group-policy BMSTV attributes
wins-server none
dns-server none
dhcp-network-scope none
vpn-access-hours none
vpn-simultaneous-logins 3
vpn-idle-timeout none
vpn-session-timeout none
vpn-filter none
vpn-tunnel-protocol IPSec
password-storage disable
ip-comp disable
re-xauth disable
group-lock none
pfs disable
ipsec-udp disable
ipsec-udp-port 10000
split-tunnel-policy tunnelall
split-tunnel-network-list none
default-domain none
split-dns none
secure-unit-authentication disable
user-authentication disable
user-authentication-idle-timeout none
ip-phone-bypass disable
leap-bypass disable
nem disable
backup-servers keep-client-config
client-firewall none
client-access-rule none
webvpn
username mmaxey password zSSKHLc.gx8szpy2 encrypted privilege 15
username mmaxey attributes
vpn-group-policy dc2vpn
webvpn
username jjohnstone password qElIg/rYW4OoTIEP encrypted privilege 15
username jjohnstone attributes
vpn-group-policy dc2vpntest
webvpn
username sragona password ZgCBom/StrITlFdU encrypted
username sragona attributes
vpn-group-policy dc2vpn
webvpn
username admin password 5zvQXQPrcnyHyGKm encrypted
username seng password PP8UcINDKi7BSsj2 encrypted
username seng attributes
vpn-group-policy dc2vpn
webvpn
username chauser password I3OIxCe8FBONQlhK encrypted
username chauser attributes
vpn-group-policy dc2vpn
webvpn
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http 65.123.204.0 255.255.254.0 outside
http 0.0.0.0 0.0.0.0 outside
http 10.203.204.0 255.255.254.0 inside
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map outside_dyn_map 20 set pfs group7
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-AES-256-SHA
crypto dynamic-map outside_dyn_map 20 set security-association lifetime seconds 28800
crypto dynamic-map outside_dyn_map 20 set security-association lifetime kilobytes 4608000
crypto map outside_map 60 match address outside_cryptomap_60
crypto map outside_map 60 set peer 165.89.240.1
crypto map outside_map 60 set transform-set ESP-3DES-SHA
crypto map outside_map 60 set security-association lifetime seconds 28800
crypto map outside_map 60 set security-association lifetime kilobytes 4608000
crypto map outside_map 80 match address outside_cryptomap_80
crypto map outside_map 80 set pfs
crypto map outside_map 80 set peer 64.19.183.67
crypto map outside_map 80 set transform-set ESP-3DES-SHA
crypto map outside_map 80 set security-association lifetime seconds 28800
crypto map outside_map 80 set security-association lifetime kilobytes 4608000
crypto map outside_map 100 match address outside_cryptomap_100
crypto map outside_map 100 set pfs
crypto map outside_map 100 set peer 64.241.196.50
crypto map outside_map 100 set transform-set ESP-3DES-SHA
crypto map outside_map 100 set security-association lifetime seconds 28800
crypto map outside_map 100 set security-association lifetime kilobytes 4608000
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
isakmp enable outside
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp policy 30 authentication pre-share
isakmp policy 30 encryption aes-256
isakmp policy 30 hash sha
isakmp policy 30 group 5
isakmp policy 30 lifetime 86400
isakmp policy 50 authentication pre-share
isakmp policy 50 encryption aes-256
isakmp policy 50 hash sha
isakmp policy 50 group 7
isakmp policy 50 lifetime 86400
isakmp nat-traversal 20
isakmp ipsec-over-tcp port 10000
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *
tunnel-group dc2vpn type ipsec-ra
tunnel-group dc2vpn general-attributes
address-pool vpnpool
default-group-policy dc2vpn
tunnel-group dc2vpn ipsec-attributes
pre-shared-key *
tunnel-group test type ipsec-ra
tunnel-group test general-attributes
default-group-policy test
tunnel-group test ipsec-attributes
pre-shared-key *
tunnel-group 165.89.240.1 type ipsec-l2l
tunnel-group 165.89.240.1 general-attributes
default-group-policy BMSTV
tunnel-group 165.89.240.1 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 3600 retry 2
tunnel-group 64.19.183.67 type ipsec-l2l
tunnel-group 64.19.183.67 ipsec-attributes
pre-shared-key *
tunnel-group 64.241.196.50 type ipsec-l2l
tunnel-group 64.241.196.50 ipsec-attributes
pre-shared-key *
isakmp keepalive disable
tunnel-group dc2vpntest type ipsec-ra
tunnel-group dc2vpntest general-attributes
default-group-policy dc2vpntest
tunnel-group dc2vpntest ipsec-attributes
pre-shared-key *
tunnel-group aestest type ipsec-ra
tunnel-group aestest general-attributes
address-pool vpnpool
default-group-policy aes
tunnel-group aestest ipsec-attributes
pre-shared-key *
tunnel-group TunnelGroup1 type ipsec-ra
tunnel-group TunnelGroup1 general-attributes
address-pool vpnpool
telnet 10.203.204.10 255.255.255.255 inside
telnet timeout 5
ssh 65.123.204.0 255.255.254.0 outside
ssh 10.203.204.0 255.255.254.0 inside
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd lease 3600
dhcpd ping_timeout 50
class-map rtsp-traffic
match access-list rtsp-acl
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
class rtsp-traffic
inspect rtsp
service-policy global_policy global
tftp-server inside 10.203.204.10 dc2asa01/config
Cryptochecksum:6d74d3994ea6764893c420f477568aac
: end

You have three site-site VPNs and a remote access VPN setup. so the statement "Suddenly no one can access the remote LAN over VPN. " is a bit ambiguous in that context.
From which source to what destination is not working for you?

Why Can't I Open PHP Files on My New Mac?

I can open them fine in Firefox or Explorer on both my PC and my iMac, but on my new Mac G5 it prompts me to save the file.
Most disturbing...

Well, needless to say, it dodn't work.
Lone and behold, I do not have a httpd.conf file anywhere on my mac.
AND
On top of it all, I hardly understand what anyone is telling me or why they're telling me it. I understand step by step, and this is where it drives me nuts because I DO follow step by step directions and they don't work!
Then people tell me to download all this software... They might as well recall Apache or OS 10 because if step by step directions can't be executed... Well, then it's not very good software.
FROM MACROMEDIA HELP FILES
Setup for Sample PHP Site
Macromedia Dreamweaver MX 2004 comes with sample PHP pages to let you build a small web application. This chapter describes one way to set up the sample application using Microsoft Internet Information Server (IIS) or Personal Web Server (PWS). For more information on these web servers, see Installing a Web Server. If you're using a different web server, see "Setting Up a Web Application" in Using Dreamweaver Help.
If you're a Macintosh user, you can either connect to a remote PHP server or develop PHP sites locally using the Apache web server and PHP application server installed with your operating system. For setup information, see the following websites:
• developer.apple.com/internet/macosx/php.html
• www.entropy.ch/software/macosx/
Setting up a web application is a three-step process. First, configure your system. Second, define a Dreamweaver site. Third, connect the application to your database. This setup guide follows this three-step process.
Configuring your system (PHP)
You must configure your system before you can run PHP pages on it. Specifically, you must make sure a web server and a PHP application server are installed and running on your system, then you must create a root folder for your PHP files.
Configuring your Macintosh system (PHP)
If you're a Macintosh user, you can run PHP pages on your computer using the Apache web server and PHP application server installed with your operating system. Configuring your system consists of making sure the web server and PHP application server are working, then creating a root folder for your PHP files.
Testing the PHP installation (Macintosh)
You can test the Apache web server and PHP application server on your Macintosh by running a test page.
However, before you can use the web server to serve PHP pages and content from MySQL databases, you must configure the server to work with PHP and MySQL. For information on this process, see www.macromedia.com/devnet/mx/dreamweaver/articles/php_macintosh.html.
To test the Apache web server and PHP application server:
1. Configure the server as described in the article on the Macromedia website.
2. In Dreamweaver or any text editor, create a plain text file and name it timetest.php.
3. In the file, enter the following code:
4. This page was created at
5. <?php echo date("h:i:s a", time()); ?>
6. on the computer running PHP.
7. This code displays the time the page was processed on the server.
8. Copy the file to the /Users/yourusername/Sites folder on your Macintosh.
9. This Sites folder is your personal root folder for the Apache web server.
10. In your web browser, enter the following URL and press Return:
11. http://localhost/~yourusername/timetest.php
The test page should open and display a time of day.
The specified time is known as dynamic content because it changes every time you request the page. Click your browser's Refresh button to generate a new page with a different time.
Note: Looking at the source code (View > View Source in Safari) will confirm that the page does not use any client-side JavaScript to achieve this effect.
If the page doesn't work as expected, check for the following possible errors:
• The file does not have a .php extension.
• The URL contains a typing mistake. Check for errors and make sure the filename is not followed by a slash, such as http://localhost/~yourusername/timetest.php/. Also make sure you included the tilde (~) before your user name.
• The page code contains a typing mistake.
• The Apache server is not running. Look in System Preferences, in the Sharing category, to see whether Personal Web Sharing is enabled.
After testing and testing the server software, create a root folder for your web application. (See Creating a root folder (Macintosh).)
Creating a root folder (Macintosh)
After the server software is installed, create a root folder for your web application on the Macintosh.
To create a root folder for your web application:
• Create a folder called MySampleApp in the /Users/yourusername/Sites folder.
• Apache will process any page in this folder or in any of its subfolders in response to an HTTP request from a web browser.
After configuring your system, you must define a Dreamweaver site. (See Defining a Dreamweaver site (PHP).)
Defining a Dreamweaver site (PHP)
After configuring your system, copy the sample files to a local folder and define a Dreamweaver site to manage the files.
Note: If you're a Macromedia HomeSite or ColdFusion Studio user, you may find it useful to think of a Dreamweaver site as being like a HomeSite or Studio project.
Copying the sample files
If you haven't already done so, copy the sample files from the Dreamweaver application folder to a folder on your hard disk.
To copy the sample files:
1. Create a new folder called Sites-Local in your user folder on your hard disk.
2. For example, create one of the following folders:
• C:\Documents and Setting\yourusername\My Documents\Sites-Local (Windows)
• /Users/yourusername/Documents/Sites-Local (Macintosh).
3. Note: On the Macintosh, there's a folder called Sites already in your user folder. Don't use that Sites folder as your local folder; the Sites folder is where you place your pages to make them publicly accessible when you're using the Macintosh as a web server.
4. Locate the GettingStarted folder in the Dreamweaver application folder on your hard disk.
5. If you installed Dreamweaver to its default location, the path to the folder is as follows:
• C:\Program Files\Macromedia\Dreamweaver MX 2004\Samples\GettingStarted\ (Windows)
• /Applications/Macromedia Dreamweaver MX 2004/Samples/GettingStarted (Macintosh)
6. Copy the GettingStarted folder into the Sites-Local folder.
After copying the GettingStarted folder, define the folder as a Dreamweaver local folder. (See Defining a local folder.)
Defining a local folder
After copying the GettingStarted folder, define the folder containing the PHP sample files as a Dreamweaver local folder.
To define the Dreamweaver local folder:
1. In Dreamweaver, select Site > Manage Sites. In the Manage Sites dialog box, click the New button, then select Site.
2. The Site Definition dialog box appears.
3. If the Basic tab is showing, click the Advanced tab.
4. In the Site Name text box, enter Trio-PHP.
5. The name identifies your site within Dreamweaver.
6. Click the folder icon next to the Local Root Folder text box, then browse to and select the folder (inside the GettingStarted folder) that contains the PHP sample files. The folder should be as follows:
• C:\Documents and Setting\yourusername\My Documents\Sites-Local\GettingStarted\ 4-Develop\php (Windows)
• /Users/yourusername/Documents/Sites-Local/GettingStarted/4-Develop/php (Macintosh)
Leave the Site Definition dialog box open. Next, define a web server folder as a Dreamweaver remote folder. (See Defining a remote folder.)
Defining a remote folder
After defining a local folder, define a web server folder as a Dreamweaver remote folder.
To define the Dreamweaver remote folder:
1. In the Advanced tab of the Site Definition dialog box, select Remote Info from the Category list.
2. The Remote Info screen appears.
3. In the Access pop-up menu, choose how you want to move your files to and from the server: across a local network (the Local/Network option) or using FTP.
4. Note: There are other options in the Access pop-up menu, but this chapter doesn't cover them. For information about them, see Using Dreamweaver Help.
5. Enter the path or FTP settings to the web server folder you created in Creating a root folder (Windows).
6. The folder may be on your hard disk or on a remote computer. Even if you created the folder on your hard disk, that folder is still considered to be the remote folder. The following example shows a possible Remote Folder path if you chose Local/Network access and your remote folder is on your Windows hard disk:
7. Remote Folder: C:\Inetpub\wwwroot\MySampleApp
8. On the Macintosh, the folder might be as follows:
9. Remote Folder: /Users/yourusername/Sites/MySampleApp
10. For more information on FTP, see "Setting Remote Info options for FTP access" in Using Dreamweaver Help.
Leave the Site Definition dialog box open. Next, define a folder to process dynamic pages. (See Specifying where dynamic pages can be processed (PHP).)
Specifying where dynamic pages can be processed (PHP)
After defining the Dreamweaver remote folder, specify a folder to process dynamic pages. Dreamweaver uses this folder to display dynamic pages and connect to databases while you're developing your application.
To specify the folder to process dynamic pages:
1. In the advanced Site Definition dialog box, click Testing Server in the Category list.
2. The Testing Server screen appears. Dreamweaver needs the services of a testing server to generate and display dynamic content while you work. The testing server can be your local computer, a development server, a staging server, or a production server, as long as it can process PHP pages. In many situations, including setting up for the Trio site, you can use the same settings as the Remote Info category (see Defining a remote folder) because they point to a server capable of processing PHP pages.
3. Select PHP MySQL from the Server Model pop-up menu.
4. In the Access pop-up menu, select the same method (Local/Network or FTP) you specified for accessing your remote folder.
5. Dreamweaver enters the settings you specified in the Remote Info category. Leave the settings unchanged.
6. In the URL Prefix text box, enter the root URL you would enter in a web browser to request a page in your web application.
7. To display live data in your pages while you work, Dreamweaver creates a temporary file, copies it to the website's root folder, and attempts to request it using the URL prefix.
8. Dreamweaver makes a best guess at the URL prefix based on the information you provided in the Site Definition dialog box. However, the suggested URL prefix may be incorrect. Correct or enter a new URL prefix if the suggestion in Dreamweaver is incorrect. For more information, see "About the URL prefix" in Dreamweaver Help (Help > Using Dreamweaver).
9. For the PHP sample content in Windows, the prefix should be as follows:
10. URL Prefix: http://localhost/MySampleApp/
11. On the Macintosh, the prefix should be as follows:
12. URL Prefix: http://localhost/~yourusername/MySampleApp/
13. Tip: The URL prefix should always specify a directory, rather than a particular page on the site. Also, be sure to use the same capitalization you used when you created the folder.
14. Click OK to define the site and dismiss the Site Definition dialog box, then click Done to dismiss the Manage Sites dialog box.
After specifying a folder to process dynamic pages, upload the sample files to the web server. (See Uploading the sample files.)
Uploading the sample files
After specifying a folder to process dynamic pages, upload the sample files to the web server. You must upload the files even if the web server is running on your local computer.
If you don't upload the files, features such as Live Data view and Preview in Browser may not work properly with dynamic pages. For example, image links might be broken in Live Data view because the image files are not on the server yet. Similarly, clicking a link to a detail page while previewing a master page in a browser will cause an error if the detail page is missing from the server.
To upload the samples files to the web server:
1. In the Files panel (Window > Files), select the root folder of the site in the Local View pane.
2. The root folder is the first folder in the list.
3. Click the blue Put Files arrow icon in the Files panel toolbar, and confirm that you want to upload the entire site.
4. Dreamweaver copies all the files to the web server folder you defined in Defining a remote folder.
The Dreamweaver site is now defined. The next step is to connect to the sample database installed with Dreamweaver. (See Connecting to the sample database (PHP).)
Connecting to the sample database (PHP)
During installation, Dreamweaver copies a SQL script to your hard disk. You can use this script to automatically create a sample MySQL database. This section describes how to create a connection to the sample database.
This section assumes you have installed and configured MySQL on your local or remote computer. To download and install the database system, visit the MySQL website at www.mysql.com.
Creating the MySQL database
The sample files for Dreamweaver MX 2004 include a SQL script capable of creating and populating a sample MySQL database.
Before starting, make sure MySQL is installed and configured on your local or remote computer. You can download the latest version from the MySQL website at www.mysql.com.
To create the sample MySQL database:
1. Copy the SQL script file, insert.sql, to an appropriate folder on the computer that has MySQL installed.
2. If you installed Dreamweaver to its default location, the path to the script file is as follows:
• C:\Program Files\Macromedia\Dreamweaver MX 2004\Samples\Database\insert.sql (Windows)
• /Applications/Macromedia Dreamweaver MX 2004/Samples/Database/insert.sql (Macintosh)
3. If the computer running MySQL is a Windows computer, copy the insert.sql script to MySql\Bin. If the computer running MySQL is a Macintosh, copy the insert.sql script to your Documents folder in your home folder.
4. On the computer that has MySQL installed, open a command prompt window (Windows) or a Terminal window (Macintosh).
• In Windows, you can open the command prompt by selecting Start > Programs > Command Prompt or Start > Programs > Accessories > Command Prompt.
• On the Macintosh, you can open a Terminal window by going to the Applications folder, opening the Utilities folder, and double-clicking Terminal.
5. (Windows only) Change to the mysql\bin directory by entering the following commands at the command prompt:
6. cd \
7. cd mysql\bin
8. Note: On the Macintosh, you should be able to run mysql from any directory; it should have been added to your path during installation of MySQL. If the following step doesn't work on the Macintosh, though, try typing /usr/local/bin/mysql instead of mysql.
9. Start the MySQL client by entering the following command:
10. mysql -uUser -pPassword
11. For example, if your MySQL user name (also known as an account name) and password are Tara and Telly3, then enter the following command:
12. mysql -uTara -pTelly3
13. If you don't have a password, omit the -p argument as follows:
14. mysql -uTara
15. If you didn't define a user name while configuring your MySQL installation, enter root as the user name, as follows:
16. mysql -uroot
17. The MySQL client's command prompt appears, as follows:
18. mysql>
19. Create a new database by entering the following command at the MySQL prompt:
20. mysql>CREATE DATABASE TrioMotors;[/quote]
Last login: Mon Mar 27 23:05:38 on ttyp1
Welcome to Darwin!
mac:~ albert$ mysql -uMonaco
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 13 to server version: 4.1.18-standard
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> CREATE DATABASE TrioMotors;
ERROR 1044 (42000): Access denied for user ''@'localhost' to database 'triomotors'
mysql>
Needless to say, I can't get any further. :-/
[quote=macromedia help files]21. MySQL creates a new database, but it doesn't contain any tables or records yet.
22. Log out of the MySQL client by entering the following command at the prompt:
23. mysql>quit;
24. At the system command prompt, populate the new TrioMotors database in MySQL.
25. In Windows, use the following command:
26. mysql -uUser -pPassword TrioMotors < insert.sql
27. On the Macintosh, use the following command:
28. mysql -uUser -pPassword TrioMotors < ~/Documents/insert.sql
29. This command uses the insert.sql file to add tables and records to the TrioMotors database you created in step 5.
After creating the MySQL database, create a database connection to it in Dreamweaver. (See Creating a database connection.)[/quote]
G5 Mac OS X (10.4.4) It's ********

Would like to use song from Itunes as background music for blog, How do I?

Would like to use a song I have in my Itunes library as background music in my blog. Does anyone know how? New to computing and not great on the lingo just yet. Thanks

I'll give you my recipe to attain your goal. Then, please, tell me if it worked.
First of all, you need some MB of disc space on the web, and almost all of the e-mail providers (such hotmail.com, msn.com aol.com andso.on) can give you this chance.
Second step, you have to download, install on your computer and set with your web space information, an ftp browser such as SoftX FTP Client ( http://www.softx.org/ftp-download.html ) or Terrapin FTP Browser ( http://www.pcadvisor.co.uk/downloads/index.cfm?categoryID=1470&itemID=6574 ).
Third step, you have to reduce the mp3 bitrate of your song whether it's more than 128 kbps, to make sure it won't be too heavy to load when someone visit your blog. To do this, you must open the Preference panel of iTunes (in Windows version of it usually in tools menu), click on advanced, click on import and then choose import using mp3 encoding and set the bitrate to 128 kbps (less is better) and confirm. Now select your song, right click on it and click on convert selection to mp3. When the operation will end, you'll have two files of the same song. Right click on the new one and click on "show file". An Explorer window will open with the right file already selected. Just drag and drop it on the FTP browser (is better if you correct the name of the song and put out spaces between the words before the uploading - i.e.: "Storm in a tea cup.mp3" will become storminateacup.mp3 or storm.mp3, far better) and it will be uploaded to your web space. Obviously, if your file is already at a low bitrate (lower than 128), you must jump the "Preference panel setting" step and the "convert to mp3" step.
Final step: your blog
this is the standard html syntax, accepted by almost all of the blog providers:
'<embed src="http://YOURWEBADDRESS/NAMEOFTHESONG.mp3" autostart=false loop=false volume='85' width=425 height=40>'
Be careful: you have to write correctly your web address and the name of the song, because the html language is case sensitive.
put autostart=true if you'd like to hear the song as you open the blog and loop=true if you like to hear your song again and again. You can also set the volume as you like (0-100 is the range) and put to 0 both width and height if you like to make the song bar invisible.
You can put the code either in a post or in the blog page, as it will be the soundtrack for the blog or just for a single post.
Enjoy it
slowly, slowly catch the monkey

Performance to fetch result set from stored procedure.

I read some of related threads, but couldn't find any good suggestions about the performance issue to fetch the result set from a stored procedure.
Here is my case:
I have a stored procedure which will return 2,030,000 rows. When I run the select part only in the dbartisan, it takes about 3 minutes, so I know it's not query problem. But when I call the stored procedure in DBArtisan in following way:
declare cr SYS_REFCURSOR;
firstname char(20);
lastname char(20);
street char(40);
city char(20);
STATE varchar2(2);
begin DISPLAY_ADDRESS(cr);
DBMS_OUTPUT.ENABLE(null);
LOOP
FETCH cr INTO firstname,lastname,street, city, state;
EXIT WHEN cr%NOTFOUND;
DBMS_OUTPUT.PUT_LINE( firstname||','|| lastname||','|| street||',' ||city||',' ||STATE);
END LOOP;
CLOSE cr;
end;
It will take about 100 minutes. When I used DBI fetchrow_array in perl code, it took about same amount of time. However, same stored procedure in sybase without using cursor, and same perl code, it only takes 12 minutes to display all results. We assume oracle has better performance. So what could be the problem here?
The perl code:
my $dbh = DBI->connect($databaseserver, $dbuser, $dbpassword,
{ 'AutoCommit' => 0,'RaiseError' => 1, 'PrintError' => 0 })
or die "couldn't connect to database: " . DBI->errstr;
open OUTPUTFILE, ">$temp_output_path";
my $rc;
my $sql="BEGIN DISPLAY_ADDRESS(:rc); END;";
my $sth = $dbh->prepare($sql) or die "Couldn't prepare statement: " . $dbh->errstr;
$sth->bind_param_inout(':rc', \$rc, 0, { ora_type=> ORA_RSET });
$sth->execute() or die "Couldn't execute statement: " . $sth->errstr;
while($address_info=$rc->fetchrow_arrayref()){
my ($firstname, $lastname, $street, $city, $STATE) = @$address_info;
print OUTPUTFILE $firstname."|".$lastname."|".$street."|".$city."|".$STATE;
$dbh->commit();
$dbh->disconnect();
close OUTPUTFILE;
Thanks!
rulin

Thanks for you reply!
1) The stored procedure has head
CREATE OR REPLACE PROCEDURE X_OWNER.DISPLAY_ADDRESS
cv_1 IN OUT SYS_REFCURSOR
AS
err_msg VARCHAR2(100);
BEGIN
--Adaptive Server has expanded all '*' elements in the following statement
OPEN cv_1 FOR
Select ...
commit;
EXCEPTION
WHEN OTHERS THEN
err_msg := SQLERRM;
dbms_output.put_line (err_msg);
ROLLBACK;
END;
If I only run select .. in DBArtisan, it display all 2030,000 rows in 3:44 minutes
2) But when call stored procedure, it will take 80-100 minutes .
3) The stored procedure is translated from sybase using migration tools, it's very simple, in sybase it just
CREATE PROCEDURE X_OWNER.DISPLAY_ADDRESS
AS
BEGIN
select ..
The select part is exact same.
4) The perl code is almost exact same, except the query sql:
sybase verson: my $sql ="exec DISPLAY_ADDRESS";
and no need bind the cursor parameter.
This is batch job, we create a file with all information, and ftp to clients everynight.
Thanks!
Rulin

Getting result set from stored procedures in database controls in weblogic

I am calling a stored procedure from database control which actually returns a result set
when i call the stored procedure like
* @jc:sql statement="call PROC4()"
ResultSet sampleProc() throws SQLException;
it gives me exception saying
"weblogic.jws.control.ControlException: Method sampleProc is DML but does not return void or int"
I would appreciate any help
Thanks,
Uma

Thanks for you reply!
1) The stored procedure has head
CREATE OR REPLACE PROCEDURE X_OWNER.DISPLAY_ADDRESS
cv_1 IN OUT SYS_REFCURSOR
AS
err_msg VARCHAR2(100);
BEGIN
--Adaptive Server has expanded all '*' elements in the following statement
OPEN cv_1 FOR
Select ...
commit;
EXCEPTION
WHEN OTHERS THEN
err_msg := SQLERRM;
dbms_output.put_line (err_msg);
ROLLBACK;
END;
If I only run select .. in DBArtisan, it display all 2030,000 rows in 3:44 minutes
2) But when call stored procedure, it will take 80-100 minutes .
3) The stored procedure is translated from sybase using migration tools, it's very simple, in sybase it just
CREATE PROCEDURE X_OWNER.DISPLAY_ADDRESS
AS
BEGIN
select ..
The select part is exact same.
4) The perl code is almost exact same, except the query sql:
sybase verson: my $sql ="exec DISPLAY_ADDRESS";
and no need bind the cursor parameter.
This is batch job, we create a file with all information, and ftp to clients everynight.
Thanks!
Rulin

Information on FTP

Similar Messages

Maybe you are looking for