Internet access - widespread (national level) outage?
I haven't been able to get internet access for about a week now. I've made several calls to Verizon support and have received various answers. First, it was a local outage (in the incorrect city); next call - there was no outage; call last night there was a NATIONAL internet outage. Supposedly there is a problem with the ONT unit that I have - and Verizon is supposedly waiting for a new patch to fix the problem. I don't see anyone else out here that appears to be distressed over a lack of service that started last week (late on Feb 22nd/early 23rd), which is making me believe that I'm getting the **bleep** runaround from tech support.
Anyone out here know anything about this? I would think that if it were a NATIONAL problem, that there would be more noise about it...
Hi Justin,
Subject line edited...
I'm in a townhouse and am currently at work so don't have the router make/model in front of me. Everything is working and lit appropriately except for the internet light - it's orange and periodically blinks off and on slowly (about every 15-20 seconds). Last week, it was solid orange... phone & TV are working fine (or at least the TV was until last night's reset...)
Running the VHome diagnosics (or whatever it's called) both in wired and wireless mode gives the same result. I've reset the router, passwords, and the ONT multiple times to no avail. I've subjected myself to the pain of the support person going through their repair script more times than I want to remember. After being reassured for the 2nd or 3rd time that it would be back up and running 24 -48 hrs after each call (and being assured that it would be back up this evening), I have received yet again another email message on my cell saying now that it will be back up by 9pm tomorrow (whoo-hoo. NOT.)
So I suspect that I'm going to go home again tonight to make yet another call, but will attempt to get them to actually send someone out to waste my tim....uhm, look at/repair my unit unless someone out here has a better idea.
What ONT do you have (since the latest story is also that it will take a patch to "fix" this national ONT problem...)?
Similar Messages
-
Internet Access from Inside to Outside ASA 5510 ver 9.1
Hi everyone, I need help setting up an ASA 5510 to allow all traffic going from the inside to outside so I can get internet access through it. I have worked on this for days and I have finally got traffic moving between my router and my ASA, but that is it. Everything is blocked because of NAT rules I assume.
I get errors like this when I try Packet Tracer:
(nat-xlate-failed) NAT failed
(acl-drop) Flow is denied by configured rule
Version Information:
Cisco Adaptive Security Appliance Software Version 9.1(4)
Device Manager Version 7.1(5)
Compiled on Thu 05-Dec-13 19:37 by builders
System image file is "disk0:/asa914-k8.bin"
Here is my ASA config, all I want for this exercise is to pass traffic from the inside network to the outside to allow internet access so I can access the internet and then look for specific acl's or nat for specific services:
Thank You!
Config:
ASA5510# sh running-config
: Saved
ASA Version 9.1(4)
hostname ASA5510
domain-name
inside.int
enable password <redacted> encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd <redacted> encrypted
names
dns-guard
interface Ethernet0/0
description LAN Interface
nameif Inside
security-level 100
ip address 10.10.1.1 255.255.255.252
interface Ethernet0/1
description WAN Interface
nameif Outside
security-level 0
ip address 199.199.199.123 255.255.255.240
boot system disk0:/asa914-k8.bin
ftp mode passive
dns domain-lookup Outside
dns server-group DefaultDNS
name-server 199.199.199.4
domain-name
inside.int
object network inside-net
subnet 10.0.0.0 255.255.255.0
description Inside Network Object
access-list USERS standard permit 10.10.1.0 255.255.255.0
access-list OUTSIDE-IN extended permit ip any any
access-list INSIDE-IN extended permit ip any any
pager lines 24
logging enable
logging asdm informational
mtu Inside 1500
mtu Outside 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-715.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (Inside,Outside) source dynamic any interface
object network inside-net
nat (Inside,Outside) dynamic interface
access-group INSIDE-IN in interface Inside
access-group OUTSIDE-IN in interface Outside
router rip
network 10.0.0.0
network 199.199.199.0
version 2
no auto-summary
route Outside 0.0.0.0 0.0.0.0 199.199.199.113 1
route Inside 172.16.10.0 255.255.255.0 10.10.1.2 1
route Inside 172.16.20.0 255.255.255.0 10.10.1.2 1
route Inside 192.168.1.0 255.255.255.0 10.10.1.2 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 Inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 Inside
ssh timeout 60
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username <redacted> password <redacted> encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http
https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email
[email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
password encryption aes
Cryptochecksum:
<redacted>
: end
SH NAT:
ASA5510# sh nat
Manual NAT Policies (Section 1)
1 (Inside) to (Outside) source dynamic any interface
translate_hits = 0, untranslate_hits = 0
Auto NAT Policies (Section 2)
1 (Inside) to (Outside) source dynamic inside-net interface
translate_hits = 0, untranslate_hits = 0
SH RUN NAT:
ASA5510# sh run nat
nat (Inside,Outside) source dynamic any interface
object network inside-net
nat (Inside,Outside) dynamic interface
SH RUN OBJECT:
ASA5510(config)# sh run object
object network inside-net
subnet 10.0.0.0 255.255.255.0
description Inside Network Object
Hi all,Hello everyone, I need some help before my head explodes. IddddddddHello Mitchell,
First of all how are you testing this:
interface Ethernet0/0
description LAN Interface
nameif Inside
security-level 100
ip address 10.10.1.1 255.255.255.252
Take in consideration that the netmask is /30
The Twice NAT is good, ACLs are good.
do the following and provide us the result
packet-tracer input inside tcp 10.10.1.2 1025 4.2.2.2 80
packet-tracer input inside tcp 192.168.1.100 1025 4.2.2.2 80
And provide us the result!
Looking for some Networking Assistance?
Contact me directly at [email protected]
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
Note: Check my website, there is a video about this that might help you.
http://laguiadelnetworking.com -
Hi everybody,
I am unable to access internet with one of the vlan. i have two vlans
VLAN 2 192.168.1.0
VLAN 8 172.168.1.0
When i am on vlan 2 i can access to internet. when i work with vlan 8, i cannot access to internet. As a matter of fact VLAN 8 (172.168.1.0) is new. I need to know what else i need to configure to get access. the following is the configuration of my cisco ASA firewall. Any help will be apprieciated.
Thanks
hostname abcASA1
domain-name abc.com
enable password .4rNnGSuheRe encrypted
passwd 2KFQnbNIdI.2K encrypted
names
name 192.168.1.3 Email_DNS
name 192.168.1.4 SQLServer
name 192.168.2.2 VPN_3005
name 192.168.2.0 DMZ_Subnet
name 192.168.3.0 VPN_Subnet
name 192.168.1.0 Inside_Subnet
name 192.168.3.5 VPNNET_DNS
name 128.8.10.90 D_Root
name 192.5.5.241 F_Root
name 198.41.0.10 J_Root
name 192.33.4.12 C_Root
name 193.0.14.129 K_Root
name 198.32.64.12 L_Root
name 192.36.148.17 I_Root
name 192.112.36.4 G_Root
name 128.63.2.53 H_Root
name 128.9.0.107 B_Root
name 198.41.0.4 A_Root
name 202.12.27.33 M_Root
name 192.203.230.10 E_Root
name 12.183.68.51 ATT_DNS_2
name 12.183.68.50 ATT_DNS_1
name 192.168.1.6 FileServer_NAS
name 192.168.2.6 abc_WEB
name 199.130.197.153 CA_Mgmt_USDA
name 199.130.197.19 CA_Roaming_USDA
name 199.130.214.49 CA_CRLChk_USDA
name 199.134.134.133 CA_Mgmt_USDA_
name 199.134.134.135 CA_Roaming_USDA2
name 192.168.2.9 PublicDNS2
name 192.168.2.8 PublicDNS
name 192.168.1.11 abc02EX2
name 162.140.109.7 GPO_PKI_DIR
name 162.140.9.10 GPO_PKI
name 192.168.1.12 Patchlink
name 192.168.1.10 abcSLIMPS1
name 192.168.1.7 FileServer_DNS
name 192.168.1.15 abc06ex2
name 192.168.101.0 NEW_VPN_SUBNET
name 192.168.77.0 NEW_VPN_POOL description NEW_VPN_POOL
name 192.168.1.16 VTC description LifeSize VTC
name 12.18.13.16 VTC_Outside
name 192.168.2.50 Email_Gateway
name 192.168.1.20 Exch10
name 192.168.1.8 SharePoint
name 192.168.1.19 abc09ic description Web Servr
name 192.168.1.180 ExternalDNS
name 192.168.2.223 abc11ids
name 192.168.50.0 inside_new_Network
dns-guard
interface Vlan1
nameif outside
security-level 0
ip address 12.18.13.20 255.255.255.0
interface Vlan2
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
interface Vlan3
nameif dmz
security-level 10
ip address 192.168.2.1 255.255.255.0
interface Vlan4
nameif vpnnet
security-level 75
ip address 192.168.3.1 255.255.255.0
interface Vlan5
nameif asainside
security-level 50
ip address 192.168.4.1 255.255.255.0
interface Vlan6
nameif testinside
security-level 50
ip address 192.168.5.1 255.255.255.0
ipv6 address 2001:ab1:5::/64 eui-64
interface Vlan7
description New Local Area Network for Server
nameif inside_new
security-level 50
ip address 192.168.50.1 255.255.255.0
interface Vlan8
description abcdone Server VLAN
nameif Internal_LAN
security-level 100
ip address 172.168.1.254 255.255.255.0
interface Vlan16
description out of band
nameif oobnet
security-level 100
ip address 172.16.1.1 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
speed 100
duplex full
interface Ethernet0/2
switchport access vlan 3
interface Ethernet0/3
switchport access vlan 7
interface Ethernet0/4
interface Ethernet0/5
switchport trunk allowed vlan 1-10
switchport mode trunk
interface Ethernet0/6
interface Ethernet0/7
boot system disk0:/asa802-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup inside
dns domain-lookup vpnnet
dns server-group DefaultDNS
name-server 192.168.1.2
name-server Email_DNS
domain-name abc.com
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network Inside_Server_Group
description EmailServer, FileServer, SQLServer
network-object Email_DNS 255.255.255.255
network-object SQLServer 255.255.255.255
network-object 192.168.1.2 255.255.255.255
network-object FileServer_NAS 255.255.255.255
network-object host abc02EX2
network-object host abc06ex2
object-group network Inside_Server_Group_ref
network-object 192.168.3.73 255.255.255.255
network-object 192.168.3.74 255.255.255.255
network-object 192.168.3.72 255.255.255.255
network-object 192.168.3.76 255.255.255.255
object-group service DNS tcp-udp
description DNS Service both TCP/UDP
port-object eq domain
object-group network InternetDNS
network-object A_Root 255.255.255.255
network-object B_Root 255.255.255.255
network-object C_Root 255.255.255.255
network-object D_Root 255.255.255.255
network-object E_Root 255.255.255.255
network-object F_Root 255.255.255.255
network-object G_Root 255.255.255.255
network-object H_Root 255.255.255.255
network-object I_Root 255.255.255.255
network-object J_Root 255.255.255.255
network-object K_Root 255.255.255.255
network-object L_Root 255.255.255.255
network-object M_Root 255.255.255.255
network-object ATT_DNS_2 255.255.255.255
network-object ATT_DNS_1 255.255.255.255
object-group network USDA-PKI-Users
description GAO PKI User Group
network-object 192.168.1.51 255.255.255.255
network-object 192.168.1.52 255.255.255.255
network-object 192.168.1.53 255.255.255.255
network-object 192.168.1.54 255.255.255.255
network-object 192.168.1.55 255.255.255.255
network-object 192.168.1.56 255.255.255.255
network-object 192.168.1.57 255.255.255.255
network-object 192.168.1.58 255.255.255.255
network-object 192.168.1.59 255.255.255.255
network-object 192.168.1.60 255.255.255.255
network-object host 192.168.1.61
network-object host 192.168.1.62
network-object host 192.168.1.63
object-group network CITABCDAS
network-object 192.168.3.241 255.255.255.255
network-object 192.168.3.242 255.255.255.255
network-object 192.168.3.243 255.255.255.255
network-object 192.168.3.244 255.255.255.255
network-object 192.168.3.245 255.255.255.255
network-object VPNNET_DNS 255.255.255.255
object-group service Virginia.edu tcp
description blackboard java classroom
port-object range 8010 8012
object-group network PDASB1-VPN-Inside
network-object host abcPLIasd1
network-object host 192.168.3.10
object-group service http-https tcp
port-object range https https
port-object range www www
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service VTC tcp-udp
description LifeSize
port-object range 60000 64999
object-group service DM_INLINE_TCP_1 tcp
port-object eq 3268
port-object eq ldap
object-group service EmailGateway udp
description TrustManager
port-object eq 19200
port-object eq 8007
object-group service DM_INLINE_TCP_2 tcp
port-object eq 990
port-object eq ftp
port-object range 2000 5000
object-group service Barracuda tcp
port-object eq 5124
port-object eq 5126
object-group service barracuda udp
port-object eq 5124
port-object eq 5126
object-group service IMAP tcp
port-object eq 993
port-object eq imap4
object-group service DM_INLINE_SERVICE_0
service-object tcp eq domain
service-object udp eq domain
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit object-group TCPUDP any object-group InternetDNS object-group DNS
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_0 any host 12.18.13.222
access-list outside_access_in remark Website
access-list outside_access_in extended permit tcp any host 12.18.13.19 eq 8090
access-list outside_access_in remark Allow ICMP replies to inside
access-list outside_access_in extended permit icmp any host 12.18.13.21 echo-reply
access-list outside_access_in remark VTC
access-list outside_access_in extended permit tcp any host VTC_Outside eq h323
access-list outside_access_in remark VTC
access-list outside_access_in extended permit object-group TCPUDP any host VTC_Outside eq sip
access-list outside_access_in extended permit icmp any host VTC_Outside
access-list outside_access_in remark Barracuda
access-list outside_access_in extended permit tcp any host 192.168.1.25 object-group Barracuda
access-list outside_access_in remark Barracuda
access-list outside_access_in extended permit udp any host 192.168.1.25 object-group barracuda
access-list outside_access_in remark VTC
access-list outside_access_in extended permit udp any host VTC_Outside range 60000 64999
access-list outside_access_in remark VTC
access-list outside_access_in extended permit tcp any host VTC_Outside range 60000 64999
access-list outside_access_in remark for Public DNS2
access-list outside_access_in extended permit udp any host 12.18.13.223 eq domain
access-list outside_access_in remark for Public DNS2
access-list outside_access_in extended permit tcp any host 12.18.13.223 eq domain
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.224 eq www
access-list outside_access_in remark NTP from Router to DMZ
access-list outside_access_in extended permit udp host 12.18.13.1 host 12.18.13.15 eq ntp
access-list outside_access_in remark Syslog from Router
access-list outside_access_in extended permit udp host 12.18.13.1 gt 1023 host 12.18.13.13 eq syslog
access-list outside_access_in remark Inbound Email SMTP to DMZ Host 192.168.2.50
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.13 eq smtp
access-list outside_access_in remark VPNNET IPSec ESP
access-list outside_access_in extended permit esp any host 12.18.13.31
access-list outside_access_in remark VPNNET IPSec AH
access-list outside_access_in extended permit ah any host 12.18.13.31
access-list outside_access_in remark VPNNET IPSec Port 4500
access-list outside_access_in extended permit udp any eq 4500 host 12.18.13.31 eq 4500
access-list outside_access_in remark VPNNET IPSec ISAKMP
access-list outside_access_in extended permit udp any eq isakmp host 12.18.13.31 eq isakmp
access-list outside_access_in remark VPNNET IPSec over UDP port 10000
access-list outside_access_in extended permit udp any eq 10000 host 12.18.13.31 eq 10000
access-list outside_access_in remark Sharepoint1
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.42 eq https
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.31 eq https
access-list outside_access_in remark Access Rule to Webmail
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.32 eq https
access-list outside_access_in remark SLIMPSdev
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.33 object-group http-https
access-list outside_access_in remark Inbound Website
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.19 eq www
access-list outside_access_in remark Inbound SharePoint
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.42 eq www
access-list outside_access_in remark Inbound WEb Traffic to ISA server-SLIMPS
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.41 eq www
access-list outside_access_in remark Inbound Secure Web Traffic to ISA server-SLIMPS
access-list outside_access_in extended permit tcp any gt 1023 host 12.18.13.41 eq https
access-list outside_access_in remark Inbound FTP abc_web
access-list outside_access_in extended permit tcp any host 12.18.13.14 object-group DM_INLINE_TCP_2
access-list outside_access_in remark DNS1
access-list outside_access_in remark for Public DNS2
access-list outside_access_in remark for Public DNS2
access-list outside_access_in remark NTP from Router to DMZ
access-list outside_access_in remark Syslog from Router
access-list outside_access_in remark Inbound Email SMTP to DMZ Host 192.168.2.5
access-list outside_access_in remark VPNNET IPSec ESP
access-list outside_access_in remark VPNNET IPSec AH
access-list outside_access_in remark VPNNET IPSec Port 4500
access-list outside_access_in remark VPNNET IPSec ISAKMP
access-list outside_access_in remark VPNNET IPSec over UDP port 10000
access-list outside_access_in remark Inbound WEb Traffic to Facilitate Web Server in DMZ
access-list outside_access_in remark Inbound Secure Web Traffic to Facilitate Web Server in DMZ
access-list outside_access_in remark Access Rule to FE Server
access-list outside_access_in remark SLIMPSdev
access-list outside_access_in remark Inbound WEb Traffic to ISA server-SLIMPS
access-list outside_access_in remark Inbound Secure Web Traffic to ISA server-SLIMPS
access-list outside_access_in remark Inbound port 93 to ISA server-SLIMPS
access-list outside_access_in remark Explicit Deny All
access-list vpnnet_access_in remark Patrica RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.53 eq 3389
access-list vpnnet_access_in remark Berry RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.51 eq 3389
access-list vpnnet_access_in remark John Tsai RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.156 eq 3389
access-list vpnnet_access_in remark Chopper RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.128 eq 3389
access-list vpnnet_access_in remark Ms Ballard RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.58 eq 3389
access-list vpnnet_access_in remark Wakita
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.153 eq 3389
access-list vpnnet_access_in remark Amy RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.124 eq 3389
access-list vpnnet_access_in remark KC RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.57 eq 3389
access-list vpnnet_access_in remark Eyang RDP
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.161 eq 3389
access-list vpnnet_access_in remark SLIMPS doc
access-list vpnnet_access_in extended permit tcp VPN_Subnet 255.255.255.0 host 192.168.1.13 eq 3389
access-list vpnnet_access_in extended deny ip any any
access-list vpnnet_access_in remark for SLIMPS APP
access-list vpnnet_access_in remark for SLIMPS APP
access-list vpnnet_access_in remark for SLIMPS APP
access-list vpnnet_access_in remark FOR SLIMPS Application
access-list vpnnet_access_in remark SLIMPS Production Workflow
access-list vpnnet_access_in remark SLIMPS
access-list vpnnet_access_in remark FOR SLIMPS Application
access-list vpnnet_access_in remark SLIMPS VPN access to SLIMPSTEST2 Alpha website
access-list vpnnet_access_in remark SLIMPS VPN access to abc02SLIMPS1
access-list vpnnet_access_in remark SLIMPS VPN access to abc02SLIMPS2
access-list vpnnet_access_in remark for abc06SLIMPS1
access-list vpnnet_access_in remark for abc06SLIMPS1
access-list vpnnet_access_in remark VPNNET Windows Port 135 Netbios
access-list vpnnet_access_in remark VPNNET Windows Port 137 Netbios Name Service
access-list vpnnet_access_in remark VPNNET Windows Port 138 Netbios Datagram
access-list vpnnet_access_in remark VPNNET Windows Port 139 Netbios Session Service
access-list vpnnet_access_in remark VPNNET Windows Port 445 Server Message Block
access-list vpnnet_access_in remark VPNNET Windows Port 389 Lightweight Directory Access Protocol
access-list vpnnet_access_in remark VPNNET Windows Port 389 Lightweight Directory Access Protocol
access-list vpnnet_access_in remark VPNNET Windows Port 88 Kerberos
access-list vpnnet_access_in remark VPNNET Windows Port 88 Kerberos
access-list vpnnet_access_in remark VPNNET Windows Port 1433 Windows Sql Server
access-list vpnnet_access_in remark VPNNET Windows Port 9000 Static RPC Port
access-list vpnnet_access_in remark VPNNET Windows Port 9000 Static RPC Port
access-list vpnnet_access_in remark VPNNET Windows Port 9001 Static RPC Port
access-list vpnnet_access_in remark VPNNET Windows Port 9001 Static RPC Port
access-list vpnnet_access_in remark VPNNET Windows Port 4000 Status NTDS Port
access-list vpnnet_access_in remark VPNNET Windows TCP Domain Name Service
access-list vpnnet_access_in remark VPNNET Windows UDP Domain Name Service
access-list vpnnet_access_in remark VPNNET DNS Forwarding to DMZ DNS
access-list vpnnet_access_in remark VPNNET DNS Forwarding to DMZ DNS
access-list vpnnet_access_in remark VPNNET DNS Forwarding to DMZ DNS
access-list vpnnet_access_in remark VPNNET DNS Forwarding to DMZ DNS
access-list vpnnet_access_in remark VPNNET Outbound Web
access-list vpnnet_access_in remark VPNNET Outbound Secure Web
access-list vpnnet_access_in remark VPNNET Outbound FTP
access-list vpnnet_access_in remark VPNNET ICMP Echo
access-list vpnnet_access_in remark VPNNET ICMP Echo-Reply
access-list vpnnet_access_in remark RDP for ISA
access-list vpnnet_access_in remark Allow access after Exemption from nat to inside network
access-list vpnnet_access_in remark talin test
access-list dmz_access_in remark isa to SLIMPS1 vote portal
access-list dmz_access_in extended permit tcp host 192.168.2.20 host 192.168.2.10 eq 8200
access-list dmz_access_in extended permit udp host 192.168.2.101 host 12.18.13.1 eq ntp
access-list dmz_access_in remark ISA to SLIMPS Dev
access-list dmz_access_in extended permit tcp host 192.168.2.14 host 12.18.13.33 eq www inactive
access-list dmz_access_in remark ClearSwift TRUSTmanager Reputations server &
access-list dmz_access_in remark Broadcasting of greylisting data to peer Gateway
access-list dmz_access_in extended permit udp host Email_Gateway any eq 8007
access-list dmz_access_in remark ClearSwift TRUSTmanager Reputations server &
access-list dmz_access_in remark Broadcasting of greylisting data to peer Gateway
access-list dmz_access_in extended permit udp host Email_Gateway any eq 19200
access-list dmz_access_in remark NTP Email Gateway
access-list dmz_access_in extended permit udp host Email_Gateway gt 1023 host FileServer_DNS eq ntp
access-list dmz_access_in remark FTP
access-list dmz_access_in extended permit tcp host Email_Gateway host FileServer_DNS eq ftp
access-list dmz_access_in remark ldap
access-list dmz_access_in extended permit udp host Email_Gateway gt 1023 host 192.168.2.78
access-list dmz_access_in remark ldap
access-list dmz_access_in extended permit udp host SharePoint gt 1023 host 192.168.2.78
access-list dmz_access_in remark HTTP for Email_Gateway
access-list dmz_access_in extended permit object-group TCPUDP host Email_Gateway host FileServer_DNS object-group DNS
access-list dmz_access_in remark HTTP for Email_Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway host FileServer_DNS eq ldap
access-list dmz_access_in remark HTTP for Email_Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 host 192.168.2.78 eq www inactive
access-list dmz_access_in remark HTTPS access to the Clearswift Update Server
access-list dmz_access_in extended permit tcp Inside_Subnet 255.255.255.0 gt 1023 host Email_Gateway eq https inactive
access-list dmz_access_in remark HTTP for SharePoint
access-list dmz_access_in extended permit tcp host SharePoint host FileServer_DNS eq ldap
access-list dmz_access_in remark LDAP Communication for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 host 192.168.2.78 object-group DM_INLINE_TCP_1
access-list dmz_access_in remark LDAP Communication
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 host 192.168.2.78 eq 3268
access-list dmz_access_in remark DMZ DNS Forwarding to Outside
access-list dmz_access_in extended permit udp host PublicDNS object-group InternetDNS object-group DNS
access-list dmz_access_in remark DMZ DNS Forwarding to Outside for Email Gateway
access-list dmz_access_in extended permit udp host Email_Gateway gt 1023 object-group InternetDNS object-group DNS
access-list dmz_access_in remark DMZ ISA DNS Forwarding to Outside
access-list dmz_access_in extended permit udp host 192.168.2.15 gt 1023 object-group InternetDNS object-group DNS
access-list dmz_access_in remark DMZ DNS Forwarding to Outside
access-list dmz_access_in extended permit udp host SharePoint gt 1023 object-group InternetDNS object-group DNS
access-list dmz_access_in remark DMZ DNS Forwarding to UUNET DNS (Zone Tranfer)
access-list dmz_access_in extended permit udp host abc_WEB gt 1023 object-group InternetDNS object-group DNS
access-list dmz_access_in remark DMZ DNS Forwarding to Outside for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 object-group InternetDNS object-group DNS
access-list dmz_access_in remark DMZ DNS Forwarding to Outside
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 object-group InternetDNS object-group DNS inactive
access-list dmz_access_in remark DMZ DNS Forwarding to UUNET DNS (Zone Tranfer)
access-list dmz_access_in extended permit tcp host PublicDNS gt 1023 any eq https
access-list dmz_access_in remark DMZ DNS Forwarding to UUNET DNS (Zone Tranfer)
access-list dmz_access_in extended permit tcp host PublicDNS2 gt 1023 any eq https
access-list dmz_access_in remark DMZ DNS Outbound https Web
access-list dmz_access_in extended permit tcp host abc_WEB gt 1023 object-group InternetDNS object-group DNS inactive
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Email Static Address
access-list dmz_access_in extended permit udp host PublicDNS gt 1023 object-group InternetDNS object-group DNS
access-list dmz_access_in remark Public DNS server.
access-list dmz_access_in extended permit tcp host PublicDNS2 gt 1023 object-group InternetDNS object-group DNS
access-list dmz_access_in remark Public DNS Server
access-list dmz_access_in extended permit tcp host PublicDNS gt 1023 any eq www
access-list dmz_access_in remark Public DNS Server
access-list dmz_access_in extended permit tcp host PublicDNS2 gt 1023 any eq www
access-list dmz_access_in remark DMZ Public DNS Outbound Web
access-list dmz_access_in remark DMZ Public DNS Outbound Web
access-list dmz_access_in remark DMZ Public DNS to Outside
access-list dmz_access_in remark DMZ DNS to Outside
access-list dmz_access_in remark DMZ Public DNS Outbound Web
access-list dmz_access_in extended deny tcp host SharePoint gt 1023 host 192.168.2.73 eq www
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Email Static Address
access-list dmz_access_in extended deny tcp host abc_WEB gt 1023 host 192.168.2.73 eq www
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Web Shield Static Address
access-list dmz_access_in extended deny tcp host SharePoint gt 1023 host 192.168.2.75 eq www
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Web Shield Static Address
access-list dmz_access_in extended deny tcp host abc_WEB gt 1023 host 192.168.2.75 eq www
access-list dmz_access_in remark DMZ DNS FTP for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 any eq ftp
access-list dmz_access_in remark DMZ DNS Outbound Web for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 any eq www
access-list dmz_access_in remark DMZ ISA DNS Outbound Web
access-list dmz_access_in extended permit tcp host 192.168.2.15 gt 1023 any eq www
access-list dmz_access_in remark DMZ DNS Outbound Web
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 any eq www
access-list dmz_access_in remark For Email Gateway
access-list dmz_access_in extended permit icmp host Email_Gateway host 12.18.13.1
access-list dmz_access_in remark ISA
access-list dmz_access_in extended permit icmp host 192.168.2.15 host 12.18.13.1
access-list dmz_access_in extended permit icmp host SharePoint host 12.18.13.1
access-list dmz_access_in remark DMZ DNS Outbound Web
access-list dmz_access_in extended permit tcp host abc_WEB gt 1023 any eq www
access-list dmz_access_in extended permit tcp host 192.168.2.7 gt 1023 any eq www
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in extended deny tcp host SharePoint gt 1023 host 192.168.2.73 eq ftp inactive
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in extended deny tcp host abc_WEB gt 1023 host 192.168.2.73 eq ftp
access-list dmz_access_in remark DMZ DNS Outbound FTP
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 any eq ftp inactive
access-list dmz_access_in remark DMZ DNS Outbound FTP
access-list dmz_access_in extended permit tcp host abc_WEB gt 1023 any eq ftp
access-list dmz_access_in remark DMZ DNS Inbound Email Relay SMTP
access-list dmz_access_in extended permit tcp host SharePoint host 192.168.2.73 eq smtp
access-list dmz_access_in remark DMZ DNS Inbound Email Gateway SMTP
access-list dmz_access_in extended permit tcp host Email_Gateway host 192.168.2.77 eq smtp
access-list dmz_access_in remark DMZ DNS Inbound Email Gateway SMTP
access-list dmz_access_in extended permit tcp host Email_Gateway host Exch10 eq smtp
access-list dmz_access_in remark DMZ DNS Inbound Email Gateway SMTP
access-list dmz_access_in extended permit tcp host Email_Gateway host abc06ex2 eq smtp
access-list dmz_access_in remark DMZ DNS Inbound Email Relay SMTP
access-list dmz_access_in extended permit tcp host SharePoint host abc06ex2 eq smtp inactive
access-list dmz_access_in remark DMZ DNS Inbound Web Shield Relay SMTP
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 host 192.168.2.75 eq smtp inactive
access-list dmz_access_in remark Mailsweeper access to FE Server
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 host 192.168.2.11 eq smtp inactive
access-list dmz_access_in extended permit tcp host 192.168.2.7 gt 1023 host 192.168.2.73 eq smtp
access-list dmz_access_in extended permit tcp host 192.168.2.7 gt 1023 host 192.168.2.75 eq smtp
access-list dmz_access_in remark DMZ EMail Gateway outbound delivery
access-list dmz_access_in extended permit tcp host Email_Gateway any eq smtp
access-list dmz_access_in remark DMZ Mail Sweeper outbound delivery
access-list dmz_access_in extended permit tcp host SharePoint any eq smtp inactive
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in extended deny tcp host SharePoint gt 1023 host 192.168.2.73 eq https inactive
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in extended deny tcp host abc_WEB gt 1023 host 192.168.2.73 eq https
access-list dmz_access_in remark DMZ DNS Outbound HTTPS for Email Gateway
access-list dmz_access_in extended permit udp host Email_Gateway object-group EmailGateway any eq 8007
access-list dmz_access_in remark DMZ DNS Outbound HTTPS for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 any eq https
access-list dmz_access_in remark DMZ DNS Outbound HTTPS
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 any eq https
access-list dmz_access_in remark DMZ DNS Outbound HTTPS
access-list dmz_access_in extended permit tcp host abc_WEB gt 1023 any eq https inactive
access-list dmz_access_in extended permit tcp host 192.168.2.7 gt 1023 any eq https inactive
access-list dmz_access_in remark DMZ DNS Outbound SMTP to Internet
access-list dmz_access_in extended permit tcp host SharePoint gt 1023 any eq smtp inactive
access-list dmz_access_in remark for ISA
access-list dmz_access_in extended permit tcp host 192.168.2.20 gt 1023 any eq www
access-list dmz_access_in remark for ISA
access-list dmz_access_in extended permit tcp host 192.168.2.20 gt 1023 any eq https
access-list dmz_access_in extended permit object-group TCPUDP host SharePoint Inside_Subnet 255.255.255.0 eq domain
access-list dmz_access_in extended permit icmp host SharePoint Inside_Subnet 255.255.255.0
access-list dmz_access_in extended permit ip host abc11ids any
access-list dmz_access_in extended permit ip Inside_Subnet 255.255.255.0 any
access-list dmz_access_in remark Explicit Rule
access-list dmz_access_in extended deny ip any any
access-list dmz_access_in remark isa to SLIMPS1 vote portal
access-list dmz_access_in remark ISA to SLIMPS Dev
access-list dmz_access_in remark ldap
access-list dmz_access_in remark LDAP Communication
access-list dmz_access_in remark DMZ DNS Forwarding to Outside
access-list dmz_access_in remark DMZ DNS Forwarding to Outside
access-list dmz_access_in remark DMZ DNS Forwarding to UUNET DNS (Zone Tranfer)
access-list dmz_access_in remark DMZ DNS Forwarding to Outside
access-list dmz_access_in remark DMZ DNS Forwarding to UUNET DNS (Zone Tranfer)
access-list dmz_access_in remark DMZ DNS Forwarding to UUNET DNS (Zone Tranfer)
access-list dmz_access_in remark DMZ DNS Outbound https Web
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Email Static Address
access-list dmz_access_in remark Public DNS server.
access-list dmz_access_in remark Public DNS Server
access-list dmz_access_in remark Public DNS Server
access-list dmz_access_in remark DMZ Public DNS Outbound Web
access-list dmz_access_in remark DMZ Public DNS to Outside
access-list dmz_access_in remark DMZ DNS to Outside
access-list dmz_access_in remark DMZ Public DNS Outbound Web
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Email Static Address
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Web Shield Static Address
access-list dmz_access_in remark (DENY) DMZ DNS to DMZ Inside Web Shield Static Address
access-list dmz_access_in remark DMZ DNS Outbound Web
access-list dmz_access_in remark DMZ DNS Outbound Web
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Web Shield Static Address
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Web Shield Static Address
access-list dmz_access_in remark DMZ DNS Outbound FTP
access-list dmz_access_in remark DMZ DNS Outbound FTP
access-list dmz_access_in remark DMZ DNS Inbound Email Relay SMTP
access-list dmz_access_in remark DMZ DNS Inbound Email Relay SMTP
access-list dmz_access_in remark DMZ DNS Inbound Web Shield Relay SMTP
access-list dmz_access_in remark Mailsweeper access to FE Server
access-list dmz_access_in remark DMZ Mail Sweeper outbound delivery
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Email Static Address
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Web Shield Static Address
access-list dmz_access_in remark (DENY) DMZ DNS Outbound to DMZ Inside Web Shield Static Address
access-list dmz_access_in remark DMZ DNS Outbound HTTPS
access-list dmz_access_in remark DMZ DNS Outbound HTTPS
access-list dmz_access_in remark DMZ DNS Outbound SMTP to Internet
access-list dmz_access_in remark for ISA
access-list dmz_access_in remark for ISA
access-list dmz_access_in remark Explicit Deny All
access-list testinside_access_in remark Deny IP Traffic from Test to Production DMZ
access-list testinside_access_in remark Allow all other Traffic to Outside
access-list testinside_access_in remark Deny IP Traffic from Test to Production DMZ
access-list testinside_access_in remark Allow all other Traffic to Outside
access-list vpnnet_nat0_outbound extended permit ip VPN_Subnet 255.255.255.0 Inside_Subnet 255.255.255.0
access-list vpnnet_nat0_outbound extended permit ip VPN_Subnet 255.255.255.0 NEW_VPN_POOL 255.255.255.0
access-list inside_nat0_outbound extended permit ip Inside_Subnet 255.255.255.0 host Email_Gateway
access-list inside_nat0_outbound remark SharePoint
access-list inside_nat0_outbound extended permit ip Inside_Subnet 255.255.255.0 host SharePoint
access-list inside_nat0_outbound extended permit ip Inside_Subnet 255.255.255.0 NEW_VPN_POOL 255.255.255.0
access-list dmz_nat0_outbound remark For Email Gateway
access-list dmz_nat0_outbound extended permit ip host Email_Gateway Inside_Subnet 255.255.255.0
access-list dmz_nat0_outbound remark Sharepoint
access-list dmz_nat0_outbound extended permit ip host SharePoint Inside_Subnet 255.255.255.0
access-list dmz_nat0_outbound extended permit ip DMZ_Subnet 255.255.255.0 NEW_VPN_SUBNET 255.255.255.0
access-list dmz_nat0_outbound extended permit ip DMZ_Subnet 255.255.255.0 NEW_VPN_POOL 255.255.255.0
access-list capture_acl extended permit ip host 12.18.13.33 host 12.18.13.180
access-list capture_acl extended permit ip host 12.18.13.180 host 12.18.13.33
access-list cap_acl extended permit ip host 192.168.2.14 host 12.18.13.180
access-list cap_acl extended permit ip host 12.18.13.180 host 192.168.2.14
access-list 213 extended permit ip host SharePoint host 192.168.2.21
access-list asainside_access_in remark permit traffic from the new ASA
access-list asainside_access_in extended permit ip 192.168.100.0 255.255.255.0 Inside_Subnet 255.255.255.0
access-list asainside_access_in extended permit ip 192.168.4.0 255.255.255.0 Inside_Subnet 255.255.255.0
access-list asainside_nat0_outbound extended permit ip 192.168.100.0 255.255.255.0 Inside_Subnet 255.255.255.0
access-list asainside_nat0_outbound extended permit ip 192.168.4.0 255.255.255.0 Inside_Subnet 255.255.255.0
access-list acl_cap extended permit ip host 192.168.100.1 host 192.168.4.1
access-list acl_cap extended permit ip host 192.168.4.1 host 192.168.100.1
access-list abcdONE_splitTunnelAcl standard permit Inside_Subnet 255.255.255.0
access-list abcdONE_splitTunnelAcl standard permit DMZ_Subnet 255.255.255.0
access-list abcdONE_splitTunnelAcl standard permit 172.16.1.0 255.255.255.0
access-list oobnet_access_in extended permit ip any Inside_Subnet 255.255.255.0
access-list VMman_nat0_outbound extended permit ip 172.16.1.0 255.255.255.0 Inside_Subnet 255.255.255.0
access-list Internal_LAN_access_in extended permit object-group TCPUDP any object-group InternetDNS object-group DNS
access-list Internal_LAN_access_in extended permit ip any any
snmp-map mysnmpmap
pager lines 30
logging enable
logging timestamp
logging monitor informational
logging buffered informational
logging trap debugging
logging history warnings
logging asdm debugging
logging mail informational
logging from-address [email protected]
logging recipient-address [email protected] level errors
logging device-id ipaddress outside
logging host vpnnet VPNNET_DNS
logging host inside abc09ic
logging host inside 192.168.1.60
mtu outside 1500
mtu inside 1500
mtu dmz 1500
mtu vpnnet 1500
mtu asainside 1500
mtu testinside 1500
mtu inside_new 1500
mtu Internal_LAN 1500
mtu oobnet 1500
ip local pool VPNPOOL 192.168.101.1-192.168.101.254 mask 255.255.255.0
ip local pool NEW_VPN_POOL 192.168.77.10-192.168.77.240 mask 255.255.255.0
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip verify reverse-path interface dmz
ip verify reverse-path interface vpnnet
ip verify reverse-path interface asainside
ip audit name Outside attack action drop
ip audit interface outside Outside
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
asdm image disk0:/asdm-621.bin
asdm history enable
arp outside 12.18.13.20 0024.c4e9.4764
arp timeout 14400
global (outside) 1 12.18.13.21 netmask 255.255.255.255
global (outside) 2 12.18.13.22 netmask 255.255.255.255
global (outside) 3 12.18.13.23 netmask 255.255.255.255
global (outside) 4 12.18.13.24 netmask 255.255.255.255
global (outside) 5 12.18.13.25 netmask 255.255.255.255
global (inside) 1 interface
global (dmz) 1 192.168.2.21 netmask 255.255.255.255
global (dmz) 3 192.168.2.23 netmask 255.255.255.255
global (dmz) 4 192.168.2.24 netmask 255.255.255.255
global (dmz) 5 192.168.2.25 netmask 255.255.255.255
global (vpnnet) 1 192.168.3.21 netmask 255.255.255.255
nat (outside) 1 NEW_VPN_POOL 255.255.255.0
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 Inside_Subnet 255.255.255.0
nat (dmz) 0 access-list dmz_nat0_outbound
nat (dmz) 2 DMZ_Subnet 255.255.255.0
nat (vpnnet) 0 access-list vpnnet_nat0_outbound
nat (vpnnet) 3 VPN_Subnet 255.255.255.0
nat (asainside) 0 access-list asainside_nat0_outbound
nat (asainside) 1 192.168.4.0 255.255.255.0
nat (oobnet) 0 access-list VMman_nat0_outbound
static (dmz,outside) 12.18.13.31 VPN_3005 netmask 255.255.255.255
static (inside,vpnnet) 192.168.3.72 FileServer_DNS netmask 255.255.255.255
static (inside,vpnnet) 192.168.3.74 SQLServer netmask 255.255.255.255
static (inside,vpnnet) 192.168.3.73 Email_DNS netmask 255.255.255.255
static (inside,vpnnet) 192.168.3.76 FileServer_NAS netmask 255.255.255.255 dns
static (inside,vpnnet) 192.168.3.80 abcSLIMPS1 netmask 255.255.255.255 dns
static (inside,dmz) 192.168.2.73 Email_DNS netmask 255.255.255.255
static (inside,dmz) 192.168.2.77 abc06ex2 netmask 255.255.255.255
static (dmz,outside) 12.18.13.13 Email_Gateway netmask 255.255.255.255
static (dmz,outside) 12.18.13.14 abc_WEB netmask 255.255.255.255
static (outside,inside) VTC VTC_Outside netmask 255.255.255.255
static (dmz,outside) 12.18.13.15 192.168.2.101 netmask 255.255.255.255
static (inside,outside) 12.18.13.19 abc09ic netmask 255.255.255.255
static (inside,outside) 12.18.13.42 SharePoint netmask 255.255.255.255
static (inside,dmz) 192.168.2.78 FileServer_DNS netmask 255.255.255.255
static (inside,outside) 12.18.13.32 Exch10 netmask 255.255.255.255
static (inside,dmz) 192.168.2.10 abcSLIMPS1 netmask 255.255.255.255
static (inside,dmz) 192.168.2.11 abc02EX2 netmask 255.255.255.255
static (inside,vpnnet) 192.168.3.11 abc02EX2 netmask 255.255.255.255
static (inside,vpnnet) 192.168.3.81 192.168.1.155 netmask 255.255.255.255
static (inside,vpnnet) 192.168.3.82 192.168.1.28 netmask 255.255.255.255 dns
static (inside,dmz) 192.168.2.13 192.168.1.13 netmask 255.255.255.255
static (inside,outside) VTC_Outside VTC netmask 255.255.255.255
static (inside,outside) 12.18.13.33 192.168.1.13 netmask 255.255.255.255
static (inside,outside) 12.18.13.41 abcSLIMPS1 netmask 255.255.255.255
static (inside,outside) 12.18.13.222 ExternalDNS netmask 255.255.255.255
static (inside,Internal_LAN) Inside_Subnet Inside_Subnet netmask 255.255.255.0
static (Internal_LAN,inside) 172.168.1.0 172.168.1.0 netmask 255.255.255.255
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
access-group dmz_access_in in interface dmz
access-group vpnnet_access_in in interface vpnnet
access-group asainside_access_in in interface asainside
access-group Internal_LAN_access_in in interface Internal_LAN
access-group oobnet_access_in in interface oobnet
route outside 0.0.0.0 0.0.0.0 12.18.13.1 1
route asainside 192.168.100.0 255.255.255.0 192.168.4.2 1
timeout xlate 1:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server abc.com protocol nt
aaa-server abc.com (inside) host 192.168.1.2
nt-auth-domain-controller abc12dc1
aaa-server abc.com (inside) host Email_DNS
nt-auth-domain-controller abc12dc2
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
http server enable
http 10.0.0.0 255.255.255.0 outside
http Inside_Subnet 255.255.255.0 outside
http Inside_Subnet 255.255.255.0 inside
http VPN_Subnet 255.255.255.0 vpnnet
snmp-server group Authentication_Only v3 auth
snmp-server group Authentication&Encryption v3 priv
snmp-server user mkaramat Authentication&Encryption v3 encrypted auth md5 25:57:33:8a:86:b0:fc:71:36:5f:de:3d:83:35:eb:d4 priv aes 128 25:57:33:8a:86:b0:fc:71:36:5f:de:3d:83:35:eb:d4
snmp-server host inside 192.168.1.60 version 3 mkaramat udp-port 161
no snmp-server location
no snmp-server contact
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart
no service resetoutbound interface outside
no service resetoutbound interface inside
no service resetoutbound interface dmz
no service resetoutbound interface vpnnet
no service resetoutbound interface asainside
no service resetoutbound interface testinside
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto map oobnet_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map oobnet_map interface oobnet
crypto isakmp enable outside
crypto isakmp enable inside
crypto isakmp enable inside_new
crypto isakmp enable oobnet
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
no crypto isakmp nat-traversal
telnet 12.18.13.0 255.255.255.0 outside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh Inside_Subnet 255.255.255.0 inside
ssh VPN_Subnet 255.255.255.0 vpnnet
ssh timeout 30
ssh version 1
console timeout 0
dhcpd auto_config inside
dhcpd dns 192.168.1.2 Email_DNS interface oobnet
dhcpd domain abc.com interface oobnet
dhcpd option 3 ip 172.16.0.1 interface oobnet
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp server 192.43.244.18 source outside prefer
tftp-server vpnnet 192.168.3.10 /
webvpn
group-policy DfltGrpPolicy attributes
vpn-idle-timeout 60
group-policy abcdONEVPN internal
group-policy abcdONEVPN attributes
dns-server value 192.168.1.7 192.168.1.3
vpn-tunnel-protocol IPSec
default-domain value abc
group-policy abcdONE internal
group-policy abcdONE attributes
dns-server value 192.168.1.7 192.168.1.3
vpn-idle-timeout 30
vpn-tunnel-protocol IPSec l2tp-ipsec
split-tunnel-policy tunnelall
split-tunnel-network-list value abcdONE_splitTunnelAcl
default-domain value abc.com
service-type remote-access
service-type remote-access
tunnel-group abcdONE type remote-access
tunnel-group abcdONE general-attributes
address-pool NEW_VPN_POOL
default-group-policy abcdONE
tunnel-group abcdONE ipsec-attributes
pre-shared-key *
isakmp keepalive disable
tunnel-group abcdONE ppp-attributes
authentication pap
authentication ms-chap-v2
authentication eap-proxy
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map type inspect ipsec-pass-thru VPN
parameters
esp
ah
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect http
inspect icmp
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
service-policy global_policy global
prompt hostname context
Cryptochecksum:02e178404b46bb8758b23aea638d2f24
: end
asdm image disk0:/asdm-621.bin
asdm location NEW_VPN_POOL 255.255.255.0 inside
asdm location abc09ic 255.255.255.255 inside
asdm location VTC 255.255.255.255 inside
asdm location Email_Gateway 255.255.255.255 inside
asdm location Exch10 255.255.255.255 inside
asdm location ExternalDNS 255.255.255.255 inside
asdm location abc11ids 255.255.255.255 inside
asdm history enableHi,
Could you let me know if you have tried the configuration I originally suggested. I mean creating a "nat" statement for the "Internal_LAN" thats ID number matches one of the existing "global" or make a new "global" for it. And also if the "Internal_LAN" needs to access "inside" you could have added the "static" command suggested.
It seems there has been some other suggestions in between that have again suggested completely different things. I would have been interested to know what the situation is after the suggested changes before going and doing something completely different.
If you are changing a lot of NAT configurations for the new "Internal_LAN" interface I would suggest checking the output of
show xlate | inc 172.168.1
To see if you need to use some variant of the "clear xlate" command to clear old translations still active on the firewall. You should not use the "clear xlate" without additional parameters as otherwise it clears all translations on the firewall in the mentioned form of the command
You can use
clear xlate ?
To view the different optional parameters for the command
- Jouni -
How to disable Wifi and Network access in low level setting for security ?
Hi
New to here
One of our final customer bought imac last months. OS 10.9, SN is c02*******J4i
Since they are security printing, all the necessary ports accessing to outisdes need to be disabled in low level setting(not the ons just like turn on and off ).
The ports including USB storage, Network and WIFI.
I googled and found the following
Open the /System/Library/Extensions folder.
To remove support for USB mass storage devices, drag the following file to the Trash: IOUSBMassStorageClass.kext
Open Terminal and enter the following command: $ sudo touch /System/Library/Extensions The touch command changes the modified date of the /System/Library/Extensions folder. When the folder has a new modified date, the Extension cache files (located in /System/Library/) are deleted and rebuilt by Mac OS X.
Choose Finder > Secure Empty Trash to delete the file.
Restart the system.
I want to confirm this before sending to final user. Since I didn't have mac on hand, just wonder whether there are similar kext files for network and wifi to remove.
Just like step 2 described.
I would like customer to backup these files before permanently removed.
Many thanks
Kevin
<Edited By Host>chiqui wrote:
Is it possible to disable Internet access point and WAP as when I use WiFi some connections to WAP server of my provider are still made and I get charged. I am looking for the option not to delete it entirely from the access point list, but rather disable it as I might need connection when WiFi is not available and I want to be able to enable it as once I delete the server name and setting I won't know it.
Is it possible to do it and how?
You could delete WAP accesspoint. Not all providers (carriers) allow this.
‡Thank you for hitting the Blue/Green Star button‡
N8-00 RM 596 V:111.030.0609; E71-1(05) RM 346 V: 500.21.009 -
No Internet access after cisco vpn client connection
Hi Experts,
Kindly check below config.the problem is vpn is connected but no internet access
on computer after connecting vpn
ASA Version 8.0(2)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
names
interface Ethernet0/0
nameif outside
security-level 0
ip address 192.168.10.10 255.255.255.0
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.14.12 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
no nameif
no security-level
no ip address
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list dubai_splitTunnelAcl standard permit 192.168.14.0 255.255.255.0
access-list INSIDE_nat0_outbound extended permit ip any 192.168.14.240 255.255.2
55.240
pager lines 24
mtu inside 1500
mtu outside 1500
ip local pool testpool 192.168.14.240-192.168.14.250
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list INSIDE_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 192.168.10.12 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.14.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set setFirstSet esp-3des esp-md5-hmac
crypto dynamic-map dyn1 1 set transform-set setFirstSet
crypto dynamic-map dyn1 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface outside
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
username testuser password IqY6lTColo8VIF24 encrypted
username khans password X5bLOVudYKsK1JS/ encrypted privilege 15
tunnel-group mphone type remote-access
tunnel-group mphone general-attributes
address-pool testpool
tunnel-group mphone ipsec-attributes
pre-shared-key *
prompt hostname context
Cryptochecksum:059363cdf78583da4e3324e8dfcefbf0
: end
ciscoasa#Hi Harish,
Please check the o/ps below and route print in attached file
Latest ASA Config
ASA Version 8.0(2)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
names
interface Ethernet0/0
nameif outside
security-level 0
ip address 192.168.10.10 255.255.255.0
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.14.12 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
no nameif
no security-level
no ip address
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list dubai_splitTunnelAcl standard permit 192.168.14.0 255.255.255.0
access-list INSIDE_nat0_outbound extended permit ip any 192.168.14.0 255.255.255
.0
pager lines 24
mtu outside 1500
mtu inside 1500
ip local pool testpool 192.168.15.240-192.168.15.250
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 192.168.10.12 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.14.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set setFirstSet esp-3des esp-md5-hmac
crypto dynamic-map dyn1 1 set transform-set setFirstSet
crypto dynamic-map dyn1 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface outside
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
group-policy mphone internal
group-policy mphone attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value dubai_splitTunnelAcl
username testuser password IqY6lTColo8VIF24 encrypted privilege 15
username testuser attributes
vpn-group-policy mphone
username khans password X5bLOVudYKsK1JS/ encrypted privilege 15
username khans attributes
vpn-group-policy mphone
tunnel-group mphone type remote-access
tunnel-group mphone general-attributes
address-pool testpool
tunnel-group mphone ipsec-attributes
pre-shared-key *
prompt hostname context
Cryptochecksum:12308d7ff6c6df3d71181248e8d38ba8
: end
ciscoasa#
Route Print after vpn connection
C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x40003 ...00 24 01 a2 e6 f1 ...... D-Link DFE-520TX PCI Fast Ethernet Adapter -
Packet Scheduler Miniport
0x250004 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - Packet Schedule
r Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.211 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.0 255.255.255.0 192.168.10.211 192.168.10.211 20
192.168.10.211 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.10.255 255.255.255.255 192.168.10.211 192.168.10.211 20
192.168.14.0 255.255.255.0 192.168.15.1 192.168.15.240 1
192.168.15.0 255.255.255.0 192.168.15.240 192.168.15.240 20
192.168.15.240 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.15.255 255.255.255.255 192.168.15.240 192.168.15.240 20
213.42.233.97 255.255.255.255 192.168.10.1 192.168.10.211 1
224.0.0.0 240.0.0.0 192.168.10.211 192.168.10.211 20
224.0.0.0 240.0.0.0 192.168.15.240 192.168.15.240 20
255.255.255.255 255.255.255.255 192.168.10.211 192.168.10.211 1
255.255.255.255 255.255.255.255 192.168.15.240 192.168.15.240 1
Default Gateway: 192.168.10.1
===========================================================================
Persistent Routes:
None
C:\>
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : asu
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 7:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DFE-520TX PCI Fast Ethernet A
dapter
Physical Address. . . . . . . . . : 00-24-01-A2-E6-F1
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.211
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 213.42.20.20
195.229.241.222
Ethernet adapter Local Area Connection 8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Cisco Systems VPN Adapter
Physical Address. . . . . . . . . : 00-05-9A-3C-78-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.15.240
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : -
No Internet access after blackout since July 1, 2012
After blackout on July 1, 2012 I don't have Internet access at home. How can I fix this?
vanative1 wrote:
I called on 7/3 about the service outage (I'm in North Reston and my DSL has been out since the storm), and after finally navigating through the phone help menus, was able to speak with a tech support rep. He checked the pending open service tickets and stated that the DSL service is out due to the power outage in the Arlington area, so until that is restored, no DSL. He did not provide an estimate of when that would be restored. While frustrating, I understand that some are still without power so trying hard not to complain, but it is puzzling that an outage in Arlington would affect DSL service in Reston--seems like an odd connection.
It's possible some key equipment is found in a CO in Arlington, especially if it is nearby. It could also be possible you're coming out of that central office too, as areas such as mine often have a CO serving 5-6 different towns. My CO serves two cities, and two towns along with I believe an entire island. One of the cities is getting FiOS from that same CO. Easily a good 15-25 mile stretch in service area from my CO.
Who knows. If Verizon is acknowledging an issue, the service should come back up once they are able to bring gear back online. It's a GOOD thing that they are.
========
The first to bring me 1Gbps Fiber for $30/m wins! -
Setting up Load Balancing for 11i for Intranet & Internet Access
Our current environment for 11i (11.5.5) is accessed only internally (via Intranet). We need to allow outside access (via Internet) also for self-service apps (ie. HR). Oracle Support/Metalink has stated that Load Balancing (note 148155.1) is the only supported method to have multiple (Apps Servers) systems access a single database. Could I get feedback from anyone who has implemented Load Balancing for 11i? Additionally if someone has implemented this for both intranet and internet access how has your company setup? Do the secondary server(s) from the Load Balancing note reside in the DMZ? And thus the primary app server and database reside inside the firewall? Thanks....
Hi,
We are using 6 middle tiers for internal access for intranet access and 2 middle tiers in External DMZ with only web server running for Extrenal Access over Internet for Self Service.
You Implement one Load Balancer for first 6 internal Middle Tiers with site level profiles pointing to Internal .
You implement second Load balancer for external 2 middle tiers with server level profile options for these two servers pointing to External Load balancer .
To check how to implement load balancer vsiit
http://becomeappsdba.blogspot.com/2006/09/configure-hardware-load-balancer-at.html
Wait for my next post in above blog site with step by step procedure to implement above solution External & Internal one
Atul Kumar
Oracle Apps DBA
http://teachmeoracle.com -
Load Balancing 11i for both Intranet & Internet Access
Our current environment for 11i (11.5.5) is accessed only internally (via Intranet). We need to allow outside access (via Internet) also for self-service apps (ie. HR). Oracle Support/Metalink has stated that Load Balancing (note 148155.1) is the only supported method to have multiple (Apps Servers) systems access a single database. Could I get feedback from anyone who has implemented Load Balancing for 11i? Additionally if someone has implemented this for both intranet and internet access how has your company setup? Do the secondary server(s) from the Load Balancing note reside in the DMZ? And thus the primary app server and database reside inside the firewall? Thanks....
Hi,
We are using 6 middle tiers for internal access for intranet access and 2 middle tiers in External DMZ with only web server running for Extrenal Access over Internet for Self Service.
You Implement one Load Balancer for first 6 internal Middle Tiers with site level profiles pointing to Internal .
You implement second Load balancer for external 2 middle tiers with server level profile options for these two servers pointing to External Load balancer .
To check how to implement load balancer vsiit
http://becomeappsdba.blogspot.com/2006/09/configure-hardware-load-balancer-at.html
Wait for my next post in above blog site with step by step procedure to implement above solution External & Internal one
Atul Kumar
Oracle Apps DBA
http://teachmeoracle.com -
Internet Accesses Freeze Java Application
I have been programming a Java application, which is actually an instant text messaging system, that obviously makes internet accesses.
The thing is, I have got this JFrame, with JScrollPanes, JTextAreas for messaging, and whenever the user presses the magical 'send' button; till the reply comes, the window freezes; you know it turns into grey.
The way I send the messages is just to call the method that makes the connections and writes the data.
How should I modify my code that my application should not freeze while waiting response? Is there a way to decrease the priority of a method or something?
Thanks in advance..To clarify a bit.
When you press the button an event is generated and put into the
event handling queue (which handles all awt/swing events such as redraws/resizes etc). The Queue is processed by the event processing
thread which pulls the button pressed event from the queue, finds
the associated eventHandlers and calls them. What this means is that
any code inside your event handler is run in the Event handling thread
which causes it to not be able to handle any more events until the
code in your handler is finished. Therefore all refreshes/button presses
/resizes etc. (everything to do with the GUI and some other bits too)
stop responding until your handler returns. Creating network connections
can take a fair bit of time which means your handler takes a fair amount
of time which means that the GUI locks up for a fair amount of time.
Right, that there is the reason your GUI stalls.
now, as pkwooster said, the way around this is to create a seperate
thread that handles your connections to the internet. At the simplest
level this thread can be created inside your "button pressed" event handler
. For more complex solutions you will need to find someway of notifying
a running thread that you have more work for it.
pkwooster also said that there is a lot of code in this forum on topics
related to the task you are attempting. You might wish to take his
advice and look for it.
matfud -
Block internet access by MAC address all the time
I want to be able to block MAC addresses from accessing the internet but allow them to use the network.
I can do this in other router interfaces but the BT Home Hub 2.0 has a VERY un user friendly interface and will not allow advanced internet access or other settings to be modifyed to suit my needs.
I am at an intermediate level at understanding network equipment and an expert at residential networking.Not sure about the home hub 2, but on the home hub 1 you can use a "user defined" firewall setting to block access to a computer by specifying its IP address.
Source LAN
Interface 192.168.1.xxx (address you wish to block)
Destination WAN
Service ANY
Action Deny
You can tell the home hub to always use this IP address for the device you are trying to block.
There is probably a similar setting on the home hub 2.
By default I block all Internet access for devices, then I have rules to allow HTTP, HTTPS, POP3 and a couple of others.
I also have UpnP disabled.
This prevents any computer on the network accessing any non-standard ports.
There are some useful help pages here, for BT Broadband customers only, on my personal website.
BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones. -
Compact RIO Standalone RT Application with Internet access
Hi,
I am currently working on a Compact RIO and would like to deploy the VI as a standalone application to run independantly on the Compact RIO without the need for a host computer. Apart from that, the Compact RIO also has to have internet access. I have a CRIO 9022 and am unsure how to set up internet access for it as well. Should the Ethernet cable be plugged into Socket 1 or Socket 2? The other end of the ethernet cable is connected to a switch with internet access enabled.
Please Help
ThanksHi
Thanks for your reply. After we set up the Compact RIO to run st startup with a real time application, what other settings do we have to configure to allow it to have internet access? The IP address is static. Also, we would like to have a remote front panel service running in order to view the front panel from a remote browser to monitor our system. Would it be possible to provide me with some step by step instructions of setting this up? I tried the steps from the guides at National Instruments website but all of them require the presence of a host computer, whereas we are building a real time application.
Thanks -
Rate Shaping/Traffic Shaping 3750x Switch Internet Access Circuits
Hello, I have 3750x running c3750e-universalk9-mz.122-55.SE5 layer 3 capable. I have two internet access circuits on the switch both 100Mbps however there subrated down to 14Mbps by the ISP. Id like to rate shape out bound traffic toward the ISP so we dont drop traffic that exceeds the 14Mbps rate.
It appears this can be done at the layer 3 SVI or at the Layer 2 switch port level. Not sure which is the best way? Please could anyone show me the commands for acheiving the rate shaping?
AndyHey Andy,
i believe this is a good point to start:http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configuration/guide/3750xscg/swqos.html#wp1200681
HTH.
Regards,
RS. -
Poor Internet Access Throughout House - Any suggestions?
We had Fios Internet installed about a year ago and have noticed that we have almost no Internet access upstairs - the router is located on our first level. Is there any suggestions to fixing this? I understand if access isn't quite as good, but it is frankly not usable at all. Any help is most appreciated - At this point, I am very unhappy with the service and would like to see it work on both levels. Many thanks!
Kateline wrote:
... we have almost no Internet access upstairs - the router is located on our first level. Is there any suggestions to fixing this? ...
Take a look at this thread to learn how this user added another access point in another location in his home. It may work for you.
http://forums.verizon.com/t5/FiOS-Internet/How-to-add-second-access-point-using-coax/m-p/594929 -
IMac G4 800 mhz internet access via LAN very slow
We have a G4 800mhz running 10.3. Memory is 768K. The only use for this machine is as a music server. It is connected to the internet via LAN; internet access is extremely slow - pages take an incredibly long time to load. Download/Upload speeds are about the same as I see on my Macbook Pro so I don't think it is the connected to the internet. Is there anything one can do to troubleshoot very laggy browser performance?
You may need to turn to Activity Monitor (or "AM") in Applications > Utilities to see if a runaway background process is eating up processor cycles. If you've not run AM before, on first launch its "Show" window defaults to "My Processes." That will tell only part of the story. Change it to "All Processes"to get the full picture.
Now highlight the "%CPU" column to sort by processor usage. Best to check with no user apps running other than AM. Let AM percolate five to ten seconds to let it finish its first poll. What you are looking for are any processes that are using 15 percent or more of "%CPU" with nothing running other than AM. If you find one, post its name here and we can advise how to deal with it.
However, don't get your expectations too high that a process has gone rogue. Part of it is simply a lack of speed by today's standards. I recently upgraded a friends iMac G4 800 from Panther to Tiger so it could run the latest browsers and it was still terribly slow compared to my PowerBook G4 1Ghz running the same level OS. The iMac 800 has a slow logic board bus (100mHz). -
TC8305C not online/no Internet access
18 months of regular performance, no changes made to settings of any kind recently. WiFi signal is good on all devices(2 PCs, cell phone, ipad, etc.) No Internet access on any.
Modem has solid power light, flashing us/ds light, and mostly solid WiFi light with occasional quick flash.
Power cycled several times for several minutes, and tried basic modem reset (5 seconds on reset button). No change in condition.
Please help.If your US/DS (upstream/downstream) light is flashing you will not have an Internet connection. It might be a line issue. You can post the signal levels by going to "connection" and "XFINITY Network" here, or simply call Comcast at 1-800-COMCAST they can check the levels your gateway is receiving and see if this is your problem.
Maybe you are looking for
-
Error while creating a web service
Hi all, I am trying to create a webservice for doing SOAP to JDBC scenario. I created a WSDL file in Configuration. I am using NWDS for developing a web service using this WSDL file. While creating a web service, I am getting 2 errors after creation
-
I have a question: How to extract a ztable from miniwas to bw
Hi, In BW , I create a source system to connect my miniwas system. I read in the forums that you need to create a datasource in rso2 transaction to extract a ztable from r/3 and replicate it in BW. But in the miniwas system the transaction rso2 doesn
-
Forms clause query data source data block in oracle forms
Hello experts, I am new in oracle forms.I am using oracle forms 11g with weblogic 10.3.5 at windows 7.Through googaling I know how to create a database block,forms clause data block and stored procedure based datablock in oracle forms.I
-
I have custom permission level, however I need to break the permission from the parent site and set a custom permission for this sub site. Please advice detail instructions on how to do this without breaking the parent site permission level. Renee W
-
How do you pre-populate certain information on a form?
If I have to fill out a form multiple times on a given day, there are certain fields like my personal information which remain the same every time I fill out that form. How do I per-populate that information rather than me typing it again and again?