Invalid mapping of rule to service address ranges
Hi
I have a configuration with a vip port range and service port range. When I try to add to the content a primary sorry server i got following answer:
Invalid mapping of rule to service address ranges
I presume, that this is beacause i don't have an address range in the primary sorry service. Is there a way to configure the primary sorry server ?
*************Configuration
content intnpp.post.ch_80
advanced-balance sticky-srcip
sticky-mask 255.255.240.0
vip address 194.41.224.28 range 16
add service h01t2e_farm_80
add service h01t57_farm_80
redundant-index 21490
port 80
protocol tcp
url "/*"
active
primary sorry Server
service sorryint.post.ch
ip address 194.41.160.68
keepalive type tcp
keepalive port 80
redundant-index 14320
type redirect
active
Thank you for the answer
To me it looks like you are using two services in the group that contain ip ranges and then you are trying to add a service that does not have a range.
Similar Messages
-
Limitation on source group with services using ip address range
Hello,
I have an interface on CSS which I regard as public and another interface I regard as private. On the private interface is a server farm with private ip addresses. Since the server admin guys insisted the servers need to access internet just for Windows Update, I made a source group to NAT the private addresses to public addresses to allow the servers to access internet.
I defined services for use by the source group. Since keepalive is not important in this case, I set keepalive none to ,I hope so, save system resources.
I have server 192.168.1.1-5 (5 servers) and 192.168.1.11-14 (4 servers), so I made a service with ip address 192.168.1.1 range 5 and another service 192.168.1.11 range 4.
But then I found that the two services cannot be put in the same source group. It is because of the different range in the service definition.
I can get it work if I define services with single ip address, but then I will have a long configuration with repetative information. And I think this may be using more system resources.
I can also get it work if I include 192.168.11.15 and define two services both with a range of 5 ip addresses. But 192.168.11.15 is not actually there.
Why is there such a limitation on source group, or services with ip address range? Is there the same limitation for content rules? Or am I getting it all wrong and should do the configuration in other ways?
Advices will be welcomed.
CT Yau
Hong KongYes you are correct. There is a limitation while adding services into source groups.
You can create as many services that share an ip range (eg. a /24 subnet range). But the trouble starts when you add them into source groups. You can not add them into a source group NOR you can add them under different source groups as well.
You mentioned that you can use single ip adress instead of range for the services...but it is not true as you will be stuck when you add them into source groups.
I can think of these following options in your case.
Option 1
Change the ip range on the servers. Use 2 different IP ranges one for those 5 servers and another for those 4 servers.
Create 2 services for each range.
Create 2 groups and add the services.
service server-out-192.168.1.1-5
ip address 192.168.1.1 range 5
active
service server-out-172.168.1.11-14
ip address 192.168.1.11 range 4
active
group server-out-192.168.1.11-14
vip address x.x.x.1
add server-out-192.168.1.1-5
active
group server-out-172.168.1.11-14
vip address x.x.x.2
add server-out-172.168.1.11-14
active
Option 2
Create a service that includes all the ip addresses starting from 192.168.1.1 through .14 using the range keyword.
Now you need to create one source group with a VIP. Add the service to the source group.
If you do not want to cover the unassigned ip addresses just move them up and use consecutive ones.
service server-out-192.168.1.1-14
ip address 192.168.1.1 range 14
active
group server-out-192.168.1.11-14
vip address x.x.x.x
add service server-out-192.168.1.1-14
active
thanks -
IP address range of Microsoft Location Services API
Hi,
I am developing a LOB windows 8.1 application. The windows 8 tablet device we are using needs to be locked down by IP address to the specific services that the application will use. I have not been able to find the IP address range for the Microsoft Location
Sevices API uses (Windows.Devices.Geolocation namespace).
Does someone know where on the MS website this sort of information is held as I can't seem to find this information anywhere?
ThanksProbably you can find more information from here:
https://msdn.microsoft.com/en-us/library/windows/desktop/dd464636(v=vs.85).aspx
As I understand system have a location service and when the app calls the service, the service query the location automatically.
If you still have questions about location service, perhaps ask at desktop forum is a better choice:
https://social.msdn.microsoft.com/Forums/windowsdesktop/en-US/home?forum=windowsgeneraldevelopmentissues
--James
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Using Oriented Point for from-to address ranges
I am trying to use the oriented point functionality to place from and to address ranges on my map. I have a problem that for the Horizontal Align, when I set the From to "Start" and the To to "End", the connecting edges cause the numbers to overlap. (ie: edge 1's To overlaps edge 2's From)
Has anyone gotten this to work correctly?
I am using the 091229 build of Mapviewer 11.The problem you have with using AD accounts for 802.1x auth as well as Network admin is mapping the groups. You can't map groups based on service being requested so unless all your Network Team accounts map to the same group you would have used for 802.1x then you have a problem
So the best option is probably to create seperate acccounts inside ACS for network admins, ( a shame I know since passwords will not be in step ).
As for deployment docs there is a white paper I co-authored that describes how to get the most out of T+ Network Admin access.
You can find it via Extraxi's web site
http://www.extraxi.com/TDA.htm
And Select the "Building Scalable T+ Device Mgmt link" -
PTR issues once the IP address range has been delegated to our name servers
In the past, with only a DSL line, our ISP provided our forward and reverse dns entries for our zone and we never had problems with outgoing email. Recently, we've upgraded to a managed T1 line and have decided to run our own name servers on two xserves (one on the T1 subnet and one on a DSL line). Now, many email servers won't accept mail from a mail server without a matching PTR record. We've had our ISP delegate authority of our IP address range to us.
With DNS service on, I've checked that our named.conf file refers to the db.xxx.xxx.xxx file contained in /var/named/ which contains the correct PRT entry: xxx.xxx.xxx.xxx.in-addr.arpa. IN PTR xserve.example.com.
However, when using an external DNS server a "host name for address" search in Network Utility using the IP address, it only replies with:
xxx.xxx.xxx.xxx.in-addr.arpa. 166154 IN CNAME 202.192/xxx.xxx.xxx.xxx.in-addr.arpa. Which refers to the IP range that our ISP has delegated to us.
When using our xserve as the DNS server, the host name is returned correctly, though.
Any thoughts? I've double checked with our ISP and they say they have delegated the IP address block to us.
Xserve G5 Mac OS X (10.4.8)
Xserve G5 Mac OS X (10.4.8)
Xserve G5 Mac OS X (10.4.8)
Xserve G5 Mac OS X (10.4.8)We had a similar problem in the past and could not explain why it was not working. The reason simply was that our carrier (the ISP owning the IP addresses) reserved the right to set PTR records only on their systems. Therefore our PTR record was simply ignored.
So I would recommend contacting the support of your ISP/carrier, explaining your issue and let them set up the PTR record on their DNS properly.
Edit: Sorry, noticed that it has been solved already; for any reason I saw only your first post. So ignore my reply. -
Is there a way to use a bookmark from Maps as the home/work address of a contact?
I'm trying to use location-based reminders. But the Home and Work addresses I have in my own contact card are not recognized by Apple Maps.
Is there a way to use Apple Maps to set the Home and Work addresses in my contact card to something that it will be able to understand?
Edit: It doesn't have to be with Apple Maps. Google Maps or any other service where I can bookmark my "Current Location" would be fine. I just want an effieient way to use Location-based reminders when manually inputting an address is not an option, but locating it on a map is.Unfortunately there is no way to do that current stage , you would need to add the tags manually.
Thanks,
Sanjit -
OIM-SOA tasks error (Invalid Token Error in Verification Service)
Hi Guys,
I have the following environment:
wls 10.3.3, soa 11.1.13, OIM 11.1..3, OAM 11.1.1.3 with OID and OVD for LDAP store all configured to run in different Hosts according to Entreprise deployement minus the clusters using the latest jrockit.
However, as soon as everything is up and running in developmetn mode (? jrockit maybe jdk if dev mode?), logged on to the OIM admin page as xelsysadm, click on the Task tab, it fails saying that an error occured while trying to access soa. So i went and check soa under the wls concole deployments, it has a warning as its status but i understand that occurs after you have patched soa from 11.1.1.2 to 11.1.1.3. Then i looked into the soa managed server logs and i found the following stacktrace and wonder if you guys have a clue of whats really going on:
<Mar 14, 2011 10:04:06 PM WAT> <Error> <oracle.soa.services.common> <BEA-000000> <<oracle.bpel.services.common.util.EncryptionService.getKey> Received null from credential store>
<Mar 14, 2011 10:04:06 PM WAT> <Error> <oracle.soa.services.workflow.common> <BEA-000000> <<.> Unable to fetch/generate encryption key.
Unable to fetch/generate encryption key.
Check installation/post-installation steps for errors. Check for errors during SOA server startup.
ORABPEL-35012
Unable to fetch/generate encryption key.
Unable to fetch/generate encryption key.
Check installation/post-installation steps for errors. Check for errors during SOA server startup.
at oracle.bpel.services.common.util.EncryptionService.getKey(EncryptionService.java:139)
at oracle.bpel.services.common.util.EncryptionService.encrypt(EncryptionService.java:54)
at oracle.bpel.services.workflow.verification.impl.VerificationService.encryptString(VerificationService.java:2336)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createTokenFromMap(VerificationService.java:2094)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createToken(VerificationService.java:2067)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContextS(VerificationService.java:904)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContext(VerificationService.java:874)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContext(VerificationService.java:826)
at oracle.bpel.services.workflow.verification.impl.VerificationService.authenticateUser(VerificationService.java:666)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.bpel.services.workflow.common.WorkflowServiceCacheEventAdvice.invoke(WorkflowServiceCacheEventAdvice.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodPhaseEventAspect.invoke(MethodPhaseEventAspect.java:82)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodEventAspect.invoke(MethodEventAspect.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy202.authenticateUser(Unknown Source)
at oracle.bpel.services.workflow.query.impl.TaskQueryService.authenticate(TaskQueryService.java:457)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
<Mar 14, 2011 8:58:37 PM WAT> <Error> <oracle.soa.services.workflow.query> <BEA-000000> <<.> Invalid Token Error in Verification Service.
Invalid Token Error in Verification Service. Received invalid token in createContext.
Verify that correct token is passed.
ORABPEL-30503
Invalid Token Error in Verification Service.
Invalid Token Error in Verification Service. Received invalid token in createContext.
Verify that correct token is passed.
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContext(VerificationService.java:879)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContext(VerificationService.java:826)
at oracle.bpel.services.workflow.verification.impl.VerificationService.authenticateUser(VerificationService.java:666)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.bpel.services.workflow.common.WorkflowServiceCacheEventAdvice.invoke(WorkflowServiceCacheEventAdvice.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodPhaseEventAspect.invoke(MethodPhaseEventAspect.java:82)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodEventAspect.invoke(MethodEventAspect.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy202.authenticateUser(Unknown Source)
at oracle.bpel.services.workflow.query.impl.TaskQueryService.authenticate(TaskQueryService.java:457)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.bpel.services.workflow.common.WorkflowServiceCacheEventAdvice.invoke(WorkflowServiceCacheEventAdvice.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.workflow.test.workflow.ExceptionTestCaseBuilder.invoke(ExceptionTestCaseBuilder.java:155)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodEventAspect.invoke(MethodEventAspect.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodPhaseEventAspect.invoke(MethodPhaseEventAspect.java:82)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy215.authenticate(Unknown Source)
at oracle.bpel.services.workflow.query.ejb.TaskQueryServiceBean.authenticate(TaskQueryServiceBean.java:80)
at oracle.bpel.services.workflow.query.ejb.TaskQueryService_oz1ipg_EOImpl.authenticate(TaskQueryService_oz1ipg_EOImpl.java:299)
at oracle.bpel.services.workflow.query.ejb.TaskQueryService_oz1ipg_EOImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused By: ORABPEL-35012
Unable to fetch/generate encryption key.
Unable to fetch/generate encryption key.
Check installation/post-installation steps for errors. Check for errors during SOA server startup.
at oracle.bpel.services.common.util.EncryptionService.getKey(EncryptionService.java:139)
at oracle.bpel.services.common.util.EncryptionService.encrypt(EncryptionService.java:54)
at oracle.bpel.services.workflow.verification.impl.VerificationService.encryptString(VerificationService.java:2336)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createTokenFromMap(VerificationService.java:2094)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createToken(VerificationService.java:2067)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContextS(VerificationService.java:904)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContext(VerificationService.java:874)
at oracle.bpel.services.workflow.verification.impl.VerificationService.createContext(VerificationService.java:826)
at oracle.bpel.services.workflow.verification.impl.VerificationService.authenticateUser(VerificationService.java:666)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.bpel.services.workflow.common.WorkflowServiceCacheEventAdvice.invoke(WorkflowServiceCacheEventAdvice.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodPhaseEventAspect.invoke(MethodPhaseEventAspect.java:82)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodEventAspect.invoke(MethodEventAspect.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy202.authenticateUser(Unknown Source)
at oracle.bpel.services.workflow.query.impl.TaskQueryService.authenticate(TaskQueryService.java:457)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.bpel.services.workflow.common.WorkflowServiceCacheEventAdvice.invoke(WorkflowServiceCacheEventAdvice.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.workflow.test.workflow.ExceptionTestCaseBuilder.invoke(ExceptionTestCaseBuilder.java:155)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodEventAspect.invoke(MethodEventAspect.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at oracle.bpel.services.common.dms.MethodPhaseEventAspect.invoke(MethodPhaseEventAspect.java:82)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy215.authenticate(Unknown Source)
at oracle.bpel.services.workflow.query.ejb.TaskQueryServiceBean.authenticate(TaskQueryServiceBean.java:80)
at oracle.bpel.services.workflow.query.ejb.TaskQueryService_oz1ipg_EOImpl.authenticate(TaskQueryService_oz1ipg_EOImpl.java:299)
at oracle.bpel.services.workflow.query.ejb.TaskQueryService_oz1ipg_EOImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
Thanks in advance guys. We have tried everything from trying to map the keystores to retracing our installation but it just doesnt solve our problem.
Ta
Edited by: mocx on Mar 14, 2011 11:31 PMHi regoeng,
i too am facimg the same issue and using OID .
Can you please let me know the exact stpes followed to resoilve this issue.
Components used : UCM , SOA
Flow :
1 . User places an file/record in the content server folder in the review state.
2 . An Workflow will be intiated.
3 . It will send an mail to the approvers.
4 . The Approver will click on the link which will be sent in the mail.
5 . Provide there credentials.
6 . Approves the file/record.
7 . The file/record will be released state.
Now we are facing an issue in step 4 , where a mail is sent to the approver and when approvers click on the link it will keep on trying to open the page and in the back end we are finding the ORABPEL-35012 error.
Regards,
Karthik
Edited by: user13293564 on Aug 11, 2011 12:20 AM -
Apple icloud IP address ranges so we can block them
Hi
Does anyone know what the IP range is for the shiny new data centre for Apples iCloud service?
Whilst it's a great service, and indeed i intend to make use of it myself on my devices, as the person in charge of managing data policy for a corporate the idea that it will be available for the PC platform makes me go pale in fear.
Should an app that uses the iCloud API get on to the desktop then our data could easily be removed and be, instantly, on a number of devices.
Anyone know if there is a list made public ?
Thanks
OllyApple does not publish IP address ranges that I've ever seen. Someone might be able to spot the addresses by using a packet analyzer or other such utility to monitor outgoing traffic.
I understand the concern, but I think we need to wait until we're closer to the actual launch of iCloud to see what kind of controls and restriction capibilities Apple provides for the service. I would certainly hope that Apple has considered this sort of issue.
Note that data backup and synchronization will be tied to the specific Apple ID, so barring any sort of data sharing capability, hinted at in the announcement information but not detailed, the only way anyone would be able to get access to any data would be if they had access to that same Apple ID. So it would take more than just getting a given app onto the system for data to be exposed.
Let's hang in and see what the situation will be as we get closer to the release.
Regards. -
Add IP address ranges to my airport extreme firewall white list.
I need to add IP address ranges to my airport extreme firewall white list. This is so Security Metrics can access my computer and approve a scan for my credit card PCI compliance. How do i add ip ranges?
Sorry, but this option is not available with the AirPort routers. The only control you have over the AirPort's NAT firewall is either to enable/disable it or to configure it for Port Mapping. There are no option that supports whitelisting/blacklisting IP addresses/ranges.
If this is an important requirement, you may need to replace your current AirPort with another vendor's product that will support this. -
How can I map SSH from an outside network range to an internal host (ASA 5505)
Cisco Adaptive Security Appliance Software Version 7.2(4)
Device Manager Version 5.2(4)
- External network range that needs SSH access: 8.8.8.0/24
- Outside interface: 10.1.10.2 (NAT'd from 7.7.7.7)
- Inside Network: 192.168.100.0/24
- Inside host to redirect external SSH to: 192.168.100.98
Hi All,
I have a Cisco ASA 5505 (version above) and I have someone that needs to SSH into a box behind the ASA. I'm having a few issues trying to configure this access-list and NAT. I've tried many combinations and clearly my IOS is not as good as I thought.
Can anyone help with this? What commands should I enter to accomplish mapping SSH from an outside network range to an internal host?
Many thanks,
TarranThis may or may not work depending on how your modem handles the natting. On your firewall try this -
static (inside,outside) tcp interface 22 192.168.100.98 22
then add this to your acl on the outside interface of your ASA -
access-list outside_in permit tcp 8.8.8.0 255.255.255.0 host 10.1.10.2 eq 22
if you don't have an acl applied then add this extra step -
access-group outside_in in interface outside
Jon -
Hi All,
We are trying to access the Create Deployment method stated below
http://msdn.microsoft.com/en-us/library/windowsazure/ee460813
We have uploaded the Package in the blob and browsing the configuration file. We have checked trying to upload manually the package and config file in Azure portal and its working
fine.
Below is the code we have written for creating deployment where "AzureEcoystemCloudService" is our cloud service name where we want to deploy our package. I have also highlighted the XML creation
part.
byte[] bytes =
new byte[fupldConfig.PostedFile.ContentLength + 1];
fupldConfig.PostedFile.InputStream.Read(bytes, 0, bytes.Length);
string a = Encoding.UTF8.GetString(bytes, 0, bytes.Length);
string base64ConfigurationFile = a.ToBase64();
X509Certificate2 certificate =
CertificateUtility.GetStoreCertificate(ConfigurationManager.AppSettings["thumbprint"].ToString());
HostedService.CreateNewDeployment(certificate,
ConfigurationManager.AppSettings["SubscriptionId"].ToString(),
"2012-03-01", "AzureEcoystemCloudService", Infosys.AzureEcosystem.Entities.Enums.DeploymentSlot.staging,
"AzureEcoystemDeployment",
"http://shubhendustorage.blob.core.windows.net/shubhendustorage/Infosys.AzureEcoystem.Web.cspkg",
"AzureEcoystemDeployment", base64ConfigurationFile,
true, false);
<summary>
/// </summary>
/// <param name="certificate"></param>
/// <param name="subscriptionId"></param>
/// <param name="version"></param>
/// <param name="serviceName"></param>
/// <param name="deploymentSlot"></param>
/// <param name="name"></param>
/// <param name="packageUrl"></param>
/// <param name="label"></param>
/// <param name="base64Configuration"></param>
/// <param name="startDeployment"></param>
/// <param name="treatWarningsAsError"></param>
public static
void CreateNewDeployment(X509Certificate2 certificate,
string subscriptionId,
string version, string serviceName, Infosys.AzureEcosystem.Entities.Enums.DeploymentSlot deploymentSlot,
string name, string packageUrl,
string label, string base64Configuration,
bool startDeployment, bool treatWarningsAsError)
Uri uri = new
Uri(String.Format(Constants.CreateDeploymentUrlTemplate, subscriptionId, serviceName, deploymentSlot.ToString()));
XNamespace wa = Constants.xmlNamespace;
XDocument requestBody =
new XDocument();
String base64ConfigurationFile = base64Configuration;
String base64Label = label.ToBase64();
XElement xName = new
XElement(wa + "Name", name);
XElement xPackageUrl =
new XElement(wa +
"PackageUrl", packageUrl);
XElement xLabel = new
XElement(wa + "Label", base64Label);
XElement xConfiguration =
new XElement(wa +
"Configuration", base64ConfigurationFile);
XElement xStartDeployment =
new XElement(wa +
"StartDeployment", startDeployment.ToString().ToLower());
XElement xTreatWarningsAsError =
new XElement(wa +
"TreatWarningsAsError", treatWarningsAsError.ToString().ToLower());
XElement createDeployment =
new XElement(wa +
"CreateDeployment");
createDeployment.Add(xName);
createDeployment.Add(xPackageUrl);
createDeployment.Add(xLabel);
createDeployment.Add(xConfiguration);
createDeployment.Add(xStartDeployment);
createDeployment.Add(xTreatWarningsAsError);
requestBody.Add(createDeployment);
requestBody.Declaration =
new XDeclaration("1.0",
"UTF-8", "no");
XDocument responseBody;
RestApiUtility.InvokeRequest(
uri, Infosys.AzureEcosystem.Entities.Enums.RequestMethod.POST.ToString(),
HttpStatusCode.Accepted, requestBody, certificate, version,
out responseBody);
<summary>
/// A helper function to invoke a Service Management REST API operation.
/// Throws an ApplicationException on unexpected status code results.
/// </summary>
/// <param name="uri">The URI of the operation to invoke using a web request.</param>
/// <param name="method">The method of the web request, GET, PUT, POST, or DELETE.</param>
/// <param name="expectedCode">The expected status code.</param>
/// <param name="requestBody">The XML body to send with the web request. Use null to send no request body.</param>
/// <param name="responseBody">The XML body returned by the request, if any.</param>
/// <returns>The requestId returned by the operation.</returns>
public static
string InvokeRequest(
Uri uri,
string method,
HttpStatusCode expectedCode,
XDocument requestBody,
X509Certificate2 certificate,
string version,
out XDocument responseBody)
responseBody =
null;
string requestId = String.Empty;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Method = method;
request.Headers.Add("x-ms-Version", version);
request.ClientCertificates.Add(certificate);
request.ContentType =
"application/xml";
if (requestBody != null)
using (Stream requestStream = request.GetRequestStream())
using (StreamWriter streamWriter =
new StreamWriter(
requestStream, System.Text.UTF8Encoding.UTF8))
requestBody.Save(streamWriter,
SaveOptions.DisableFormatting);
HttpWebResponse response;
HttpStatusCode statusCode =
HttpStatusCode.Unused;
try
response = (HttpWebResponse)request.GetResponse();
catch (WebException ex)
// GetResponse throws a WebException for 4XX and 5XX status codes
response = (HttpWebResponse)ex.Response;
try
statusCode = response.StatusCode;
if (response.ContentLength > 0)
using (XmlReader reader =
XmlReader.Create(response.GetResponseStream()))
responseBody =
XDocument.Load(reader);
if (response.Headers !=
null)
requestId = response.Headers["x-ms-request-id"];
finally
response.Close();
if (!statusCode.Equals(expectedCode))
throw new
ApplicationException(string.Format(
"Call to {0} returned an error:{1}Status Code: {2} ({3}):{1}{4}",
uri.ToString(),
Environment.NewLine,
(int)statusCode,
statusCode,
responseBody.ToString(SaveOptions.OmitDuplicateNamespaces)));
return requestId;
But every time we are getting the below error from the line
response = (HttpWebResponse)request.GetResponse();
<Error xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<Code>BadRequest</Code>
<Message>The specified configuration settings for Settings are invalid. Verify that the service configuration file is a valid XML file, and that role instance counts are specified as positive integers.</Message>
</Error>
Any help is appreciated.
Thanks,
ShubhenduPlease find the request XML I have found it in debug mode
<CreateDeployment xmlns="http://schemas.microsoft.com/windowsazure">
<Name>742d0a5e-2a5d-4bd0-b4ac-dc9fa0d69610</Name>
<PackageUrl>http://shubhendustorage.blob.core.windows.net/shubhendustorage/WindowsAzure1.cspkg</PackageUrl>
<Label>QXp1cmVFY295c3RlbURlcGxveW1lbnQ=</Label>
<Configuration>77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4NCjwhLS0NCiAgKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKg0KDQogIFRoaXMgZmlsZSB3YXMgZ2VuZXJhdGVkIGJ5IGEgdG9vbCBmcm9tIHRoZSBwcm9qZWN0IGZpbGU6IFNlcnZpY2VDb25maWd1cmF0aW9uLkNsb3VkLmNzY2ZnDQoNCiAgQ2hhbmdlcyB0byB0aGlzIGZpbGUgbWF5IGNhdXNlIGluY29ycmVjdCBiZWhhdmlvciBhbmQgd2lsbCBiZSBsb3N0IGlmIHRoZSBmaWxlIGlzIHJlZ2VuZXJhdGVkLg0KDQogICoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioNCi0tPg0KPFNlcnZpY2VDb25maWd1cmF0aW9uIHNlcnZpY2VOYW1lPSJXaW5kb3dzQXp1cmUxIiB4bWxucz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9TZXJ2aWNlSG9zdGluZy8yMDA4LzEwL1NlcnZpY2VDb25maWd1cmF0aW9uIiBvc0ZhbWlseT0iMSIgb3NWZXJzaW9uPSIqIiBzY2hlbWFWZXJzaW9uPSIyMDEyLTA1LjEuNyI+DQogIDxSb2xlIG5hbWU9IldlYlJvbGUxIj4NCiAgICA8SW5zdGFuY2VzIGNvdW50PSIyIiAvPg0KICAgIDxDb25maWd1cmF0aW9uU2V0dGluZ3M+DQogICAgICA8U2V0dGluZyBuYW1lPSJNaWNyb3NvZnQuV2luZG93c0F6dXJlLlBsdWdpbnMuRGlhZ25vc3RpY3MuQ29ubmVjdGlvblN0cmluZyIgdmFsdWU9IkRlZmF1bHRFbmRwb2ludHNQcm90b2NvbD1odHRwcztBY2NvdW50TmFtZT1zaHViaGVuZHVzdG9yYWdlO0FjY291bnRLZXk9WHIzZ3o2aUxFSkdMRHJBd1dTV3VIaUt3UklXbkFrYWo0MkFEcU5saGRKTTJwUnhnSzl4TWZEcTQ1ZHI3aDJXWUYvYUxObENnZ0FiZnhONWVBZ2lTWGc9PSIgLz4NCiAgICA8L0NvbmZpZ3VyYXRpb25TZXR0aW5ncz4NCiAgPC9Sb2xlPg0KPC9TZXJ2aWNlQ29uZmlndXJhdGlvbj4=</Configuration>
<StartDeployment>true</StartDeployment>
<TreatWarningsAsError>false</TreatWarningsAsError>
</CreateDeployment>
Shubhendu G -
How to change the web service address of NetBeans generated WS client
I am currently experimenting with web services using netbeans and Sun Application Server.
Basically I am creating simple web services using net beans and then deploy them on the app server and then create another pfoject with web service reference to that web service to invoke the service.
My problem is when a project is deliverd to the production site the the client applications web service reference will need to be configured to refer to the production web service address. But when I looked at the generated web service client code the address is hard coded.
How can I change the address to the web service of a web service reference created in net beans either using some configuration file (without having to recompile the client) or at runtime.
Thanks in advancebump...
-
Memory address range - Solaris 10
Hi All,
Is there any command in Solaris 10 to know the memory address range ( hex) of each DIMM ?
How to calculate the size of the module based on the address range ?
Thanks in advanceHi All,
Is there any command in Solaris 10 to know the memory address range ( hex) of each DIMM ?
How to calculate the size of the module based on the address range ?
Thanks in advance -
QoS binding limited to IP address range and SSID on WLAN
Our VLAN id 2 is used only by a WLAN SSID
Defining a QoS profile as using VLAN id 2 did not work. No upper rate limitation worked
Only using the IP address range of the VLAN or the SSID appeared to work.
It does not appear consistent, when a VLAN id can be specified on a WLAN in the Wireless Basic Setting Table
It is also inconsistent, that the proper SSIDs are not listed in the drop down box on the
Add / Edit Profile Binding Configuration page. They only appear as AP-1, AP-2 etc.Has this been fixed under firmware 1.0.4.17? I cannot get this work with any type of Traffic Selector (IP/MAC/VLAN/DSCP/SSID).
Any suggestions are greatly appreciated. Thanks! -
Cisco ASA 5512x - Restrict email delivery to ip address range..
Hi,
I was wondering how to tighten the security of my email delivery to a range of ip addresses (I know how on my old firewall but the cisco is quite a bit different). Right now anyone sending email to a particular ip address on my firewall can do so. I want to restrict that to two ip address ranges it will accept deliver from. I'm thinking I need two network objects for the two ranges then add to a network object group. Can anyone help with configuring the ACL for delivery using that group if I'm correct about that?
TIA
AlHi,
I assume that you have a server or multiple servers on your network behind the ASA and want to restrict SMTP traffic to them and only allow SMTP traffic from certain address ranges?
You might have something like this configured for the server Static NATs
objec network SMTP-SERVER1
host 10.10.10.10
(dmz,outside) static x.x.x.x dns
object network SMTP-SERVER2
host 10.10.10.20
(dmz,outside) static y.y.y.y dns
If so you could simply create the following kind of configurations to restrict traffic to them
object-group network SMTP-SERVERS
network-object object SMTP-SERVER1
network-object object SMTP-SERVER2
object-group network ALLOWED-SMTP-SOURCE
network-object
network-object
network-object host
access-list OUTSIDE-IN remark Allowed SMTP connections
access-list OUTSIDE-IN permit tcp object-group ALLOWED-SMTP-SOURCE object-group SMTP-SERVERS eq smtp
access-group OUTSIDE-IN in interface outside
The above configuration does the following
Has 2 example Static NAT configurations for local DMZ servers
Groups those 2 servers to their own object-group SMTP-SERVERS (for easier use in the ACLs)
Creates an object-group that will contain all the public networks and host addresses that are allowed to contact your SMTP servers (for easier use in the ACLs)
Configures an ACL that allows SMTP (TCP/25) connections from "outside" only if the source network for the connection belongs to some address range on the ALLOWED-SMTP-SOURCE object-group and when the destination is either one of your SMTP servers.
Naturally the above object/object-group, access-list and interface names could be different and same for the actual IP addresses.
Also, if you already have an ACL attached to your "outside" interface then naturally you use that and DONT NEED the "access-group" command above. (As its used to attach an ACL to interface which doesnt already have one attached)
- Jouni
Maybe you are looking for
-
How do i save a site/page to toolbar since recent update?
Hi, Since the latest update to firefox, i cannot seem to find a way to save a site to my toolbar like previously was available. I've done some searching and tried to remedy this issue but am not coming up with any answers for this issue.
-
Win8.1 - Error when using traceview "PDB file does not contain provider information"
We have been attempting to manage a Windows 8.1 machine by using the Enterprise Device Management Protocol. We are encountering a failure during the process and would like to inspect what is going wrong on the Client Side. Used the "Windows 8.1 Enter
-
Everything was fine then my mini mac just turned off and hasn't been on since
-
Is is possible to open event lists from different tracks at the same time in Logic Pro 9?
Is it possible to open event lists from two difference tracks in an arrangement at the same time in Logic Pro 9? When I switch between tracks the event list swiches as well. Thanks in advance.
-
Invalid key length - basic question
Hi I've had recurring problems with my imac where disk utility is unable to repair the HD due to invalid key length, and one or two other problems. I've erased and installed about 4 times now, zeroing the drive twice. The last time was 2 weeks ago, e