IP cef issues
Hello -
I am having issues with cef between my VPN tunnel and my LAN interface, and was hoping someone point me in the correct direction on solving this issue.
Currently, I have been confirming conncectivity to a remote office using ICMP. IP cef by default is enabled on the 1841 router which is the end-point of the VPN tunnel originating on a VPN concentrator at the main office. For some reason, when I ping and IP address on the LAN side at the remote office (which traverses the VPN tunnel) I only get replys when my router perfroms process switching. I discovered this in the troubleshooting stages by creating ACLs that were logging. If I remove those ACLs that cause traffic to be processed switched, my pings fail to reply.
This issues seems to occur between my tunnel 1 and the fa 0/0 interface, since traffic reaches the internet fine. But since the DNS servers that the users at the remote office is our private DNS servers located in the head offfice, the DNS lookups need to traverse the VPN tunnel.
Currently I have an ACL logging all ingress traffic on my ethernet interface since I can't figure out what is going on with CEF. I know the throughput process switching is only about 800Kbps, which is kiiling my network since we have bonded T1s at this site. In addition to the addition latency this is causing, I am also getting logging overflows, which is dropping packets as well.
Any advice on where to start looking for my cef issues. Thank you in advance.
Shaun -
Thanks for your response on my problem.
According to documentation CEF is supported on all tunnel interfaces. While ASICs are not doing the actual CEF fib lookups, CEF switching should still offer greater throughput (even in software with the 1800s routers) than that of process switching.
I am noticing a lot of encap_fail for cef drops. I understand this to be an caused by incomplete adjecency issues, but when I issue a #sh adj command, all routes (including those I have pointed at the tunnel) register as valid CEF adjacencies. I also can run a #sh ip cef, which is basically a lookup of the fib table, and all the routes that I expect to see are there.
I appreciate your feedback, and if there is anything else you can think of for me to check, please let me know.
Thanks
Ryan
Similar Messages
-
Creative Cloud Package Installation Issues - School network behind a proxy
Greetings All,
I have created a package using creative cloud manager. I am now testing it before deployment by running the setup.exe (or the msi using msi exec) but it keeps stopping part of the way through. I have tried everything I can think of and am stuck. Please find my PDApp.log pasted below:
04/23/15 14:09:14:438 | [INFO] | | ASU | MSIInvoker | MSIInvoker | | | 9188 | Build Version - 1.9.0.14
04/23/15 14:09:14:438 | [INFO] | | ASU | MSIInvoker | MSIInvoker | | | 9188 | Logging Level verbosity Set to 4
04/23/15 14:09:15:985 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 11456 | Build Version - 1.9.0.14
04/23/15 14:09:15:985 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 11456 | Logging Level verbosity Set to 4
04/23/15 14:09:15:985 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 11456 | Executing immediate custom action for install mode.
04/23/15 14:09:15:985 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 11456 | The CustomActionData string is : mode=install;sourceDir=D:\Adobe\Adobe CS Full Suite x64\Build\;installDir=;origDB=D:\Adobe\Adobe CS Full Suite x64\Build\Adobe CS Full Suite x64.msi
04/23/15 14:09:15:985 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 11456 | Successfully executed the immediate custom action for install mode .
04/23/15 14:09:22:846 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Build Version - 1.9.0.14
04/23/15 14:09:22:846 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Logging Level verbosity Set to 4
04/23/15 14:09:22:846 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Executing the deferred custom action.
04/23/15 14:09:22:851 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Obtained the following as CustomActionData
04/23/15 14:09:22:851 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | mode=install;sourceDir=D:\Adobe\Adobe CS Full Suite x64\Build\;installDir=;origDB=D:\Adobe\Adobe CS Full Suite x64\Build\Adobe CS Full Suite x64.msi
04/23/15 14:09:22:851 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | mode=install;sourceDir=D:\Adobe\Adobe CS Full Suite x64\Build\;installDir=;origDB=D:\Adobe\Adobe CS Full Suite x64\Build\Adobe CS Full Suite x64.msi
04/23/15 14:09:22:851 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Original database path is : D:\Adobe\Adobe CS Full Suite x64\Build\Adobe CS Full Suite x64.msi
04/23/15 14:09:22:869 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | OptionXML saved at location :: C:\Users\jk\AppData\Local\Temp\{BDE01805-A6DF-4F23-B43B-E8EFC8422EBE}\\{FA82D1CF-5FAE-46F 7-9A05-46FF5B24461A}
04/23/15 14:09:23:061 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Build Version - 1.9.0.14
04/23/15 14:09:23:061 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Logging Level verbosity Set to 4
04/23/15 14:09:23:061 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Initializing Custom Action Data from parameters
04/23/15 14:09:23:061 | [INFO] | | ASU | DeploymentManager | Utilities | | | 6372 | Folder does not exist
04/23/15 14:09:23:061 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Provisioning Tool path is (C:\Users\jk\AppData\Local\Temp\{BDE01805-A6DF-4F23-B43B-E8EFC8422EBE}\\{865B5D0A-20EF-4B 51-A101-9EB2F87073B0}).
04/23/15 14:09:23:063 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Starting to run the custom action for install mode
04/23/15 14:09:23:063 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | STEP 1: Starting to parse Option XML.
04/23/15 14:09:23:076 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Self-Update BootStrapper Relative Path doesn't exist.
04/23/15 14:09:23:076 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | No of updates found (20).
04/23/15 14:09:23:119 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Number of Medias found = 26
04/23/15 14:09:23:119 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment Manager is running in Install Mode.
04/23/15 14:09:23:133 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{79E46CB7-83A3-42E 1-99A4-E64A0E6F0A16}
04/23/15 14:09:23:149 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{67BF6F11-8EE7-45B 9-A51C-0ADF7557F018}
04/23/15 14:09:23:157 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{930DFC9E-600B-4C7 B-B529-83F5D871F581}
04/23/15 14:09:23:164 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{89A52D99-3CC5-453 9-8007-9B3898E4A6F2}
04/23/15 14:09:23:171 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{55814351-9C1A-4B1 5-B031-99CDC80C9DF4}
04/23/15 14:09:23:181 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{BCC06D93-3CB6-45D F-A7D9-6C6811BD50B8}
04/23/15 14:09:23:191 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{1E76192B-9924-47B 8-91D6-FD4B15A584F5}
04/23/15 14:09:23:200 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{D960587D-FBCA-4B0 2-B946-EE16263DC3E8}
04/23/15 14:09:23:209 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{C5BB4E83-4617-43A B-B980-E4171831E4A6}
04/23/15 14:09:23:218 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{511D2127-D98E-459 E-8320-3E4A3F3C17B2}
04/23/15 14:09:23:230 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{B2C918F0-85C6-41C D-B34B-F734B40CF9F0}
04/23/15 14:09:23:239 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{6691F635-800B-431 9-B535-0BAC92D7C594}
04/23/15 14:09:23:247 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{9B975A7C-1572-41E 1-A346-8622F7A4CB2F}
04/23/15 14:09:23:256 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{77A5912C-4FBA-4C4 2-8A71-C647BAD495F8}
04/23/15 14:09:23:265 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{93788996-9CC3-480 0-BB84-DF945364FF1D}
04/23/15 14:09:23:274 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{601F2C38-0C39-498 6-AA6F-FB249F4C093E}
04/23/15 14:09:23:283 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{BE2F2EB0-D572-499 4-BA6B-04156FA728DB}
04/23/15 14:09:23:291 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{F7D116EF-E1EE-4DD 6-8C5F-4B09322774CD}
04/23/15 14:09:23:300 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{8F7887EA-C20C-4C0 0-9D15-0CC5CC9D8D46}
04/23/15 14:09:23:309 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{425D8A7B-090E-43E E-B995-13D2537F3F45}
04/23/15 14:09:23:320 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{B4EE60F8-C7E5-443 D-A1EA-5642428C98CF}
04/23/15 14:09:23:328 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{02D5F0E1-F429-443 E-B2C0-8E9F76708D2C}
04/23/15 14:09:23:335 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{12F55386-71E1-475 C-A1F5-9CB7FDBA27C0}
04/23/15 14:09:23:343 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{1F985711-15AB-47B 2-B54B-1355EE0E9EAC}
04/23/15 14:09:23:353 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{E78C4EBD-5831-40E 0-A629-2239EBA362CD}
04/23/15 14:09:23:361 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{32A88844-8C54-476 A-9B0C-15BF211103F0}
04/23/15 14:09:23:369 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{CD420C54-35FF-424 6-A365-84A5F24C464F}
04/23/15 14:09:23:376 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{BAC0124A-7B83-492 B-B153-26EDEF7849D6}
04/23/15 14:09:23:383 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{CF33EEF0-E87C-472 9-A7DE-E094DE9F28C0}
04/23/15 14:09:23:389 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{DF9DF6E3-7188-420 8-9190-40AE1C63EDA4}
04/23/15 14:09:23:395 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{F297502D-EC3D-4E9 4-84F2-2430B4A873BB}
04/23/15 14:09:23:400 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{ACA92CE4-F6A9-46A E-A4AF-5B3E2E4D3F73}
04/23/15 14:09:23:406 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{644837C3-501A-44E B-81A9-26E5673B382C}
04/23/15 14:09:23:410 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{B1002D27-D9D0-417 E-8F8F-A8E16A2B7735}
04/23/15 14:09:23:416 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{8ED5C0E7-98EC-433 3-804E-09B14AC16C4C}
04/23/15 14:09:23:421 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{7C44A858-ECF7-482 E-A058-896F6BE8657B}
04/23/15 14:09:23:426 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{7D605EDE-A520-439 3-A047-D515EA826C98}
04/23/15 14:09:23:431 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{7115B6EF-EB63-49D 3-B77C-1896DB456282}
04/23/15 14:09:23:439 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{73CD1B9D-F018-480 9-8396-653DA44C9C88}
04/23/15 14:09:23:443 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{27E92038-0644-4AB C-8593-48A693427D2C}
04/23/15 14:09:23:449 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{E41310CE-028E-4D4 B-B60A-600AB9912507}
04/23/15 14:09:23:971 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{12E26657-5972-40F 8-90B3-BE787314B69D}
04/23/15 14:09:23:987 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{4DD6D110-DB87-409 D-A2FA-E82A4FA6C4CE}
04/23/15 14:09:23:996 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{075C546F-E60E-434 9-95D5-D2F22342DD10}
04/23/15 14:09:24:010 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{1E90202E-AA8C-4F5 3-8EBB-E457D87DB6FC}
04/23/15 14:09:24:020 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{6B50DA1C-F2D8-4F3 3-B9A2-7B449892FDEE}
04/23/15 14:09:24:032 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{04B23B41-7A87-402 F-BAA0-C21E2E572118}
04/23/15 14:09:24:040 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{26E2DCAE-6D1B-49E B-9DD5-BB62B558E69C}
04/23/15 14:09:24:053 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{7B3ED4FF-E648-443 1-8002-E4DF7FD98520}
04/23/15 14:09:24:061 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{F71DA83D-0493-44A F-91D6-D71FCAF76E5B}
04/23/15 14:09:24:073 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Deployment XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{4C16D47E-9A50-45C 7-BE02-D62C1891E586}
04/23/15 14:09:24:084 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Override XML created at path :: C:\Users\jk\AppData\Local\Temp\{B33095BC-A787-4690-A5DA-35F9C482344B}\\{5D1569FE-C43E-4E7 E-8738-7926CC38E0A7}
04/23/15 14:09:24:127 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | STEP 2: Starting to launch ASU AAM.
04/23/15 14:09:24:127 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Bootstrapper launch location is :: D:\Adobe\Adobe CS Full Suite x64\Build\ASU\Set-up.dat
04/23/15 14:09:24:373 | [INFO] | | ASU | OPM | OPM | | | 8764 | Build Version - 9.0.0.25
04/23/15 14:09:24:373 | [INFO] | | ASU | OPM | OPM | | | 8764 | Logging Level verbosity Set to 4
04/23/15 14:09:24:949 | [WARN] | | ASU | OPM | OPM | | | 8764 | Failed in key3List generation
04/23/15 14:09:24:949 | [ERROR] | | ASU | OPM | CryptEngine | | | 8764 | Failed in key3List generation
04/23/15 14:09:24:952 | [INFO] | | ASU | OPM | OPM | | | 8764 | Schema version and schema compatibility version are same or greater than current
04/23/15 14:09:25:005 | [INFO] | | ASU | OPM | OPM | | | 8764 | _opm_handle_OPDReturnedStatus called with opdStatus as:0
04/23/15 14:09:25:005 | [INFO] | | ASU | OPM | OPM | | | 8764 | returning size of value as:3 in opm_getValueForKey
04/23/15 14:09:25:005 | [INFO] | | ASU | OPM | OPM | | | 8764 | _opm_handle_OPDReturnedStatus called with opdStatus as:0
04/23/15 14:09:25:006 | [INFO] | | ASU | OPM | OPM | | | 8764 | Successfully retreived value from opm domain:OOBE subdomain:ProxyCredentials key:ProxyUsername in opm_getValueForKey
04/23/15 14:09:25:006 | [INFO] | | ASU | OPM | OPM | | | 8764 | _opm_handle_OPDReturnedStatus called with opdStatus as:0
04/23/15 14:09:25:007 | [INFO] | | ASU | OPM | OPM | | | 8764 | returning size of value as:11 in opm_getValueForKey
04/23/15 14:09:25:007 | [INFO] | | ASU | OPM | OPM | | | 8764 | _opm_handle_OPDReturnedStatus called with opdStatus as:0
04/23/15 14:09:25:007 | [INFO] | | ASU | OPM | OPM | | | 8764 | Successfully retreived value from opm domain:OOBE subdomain:ProxyCredentials key:ProxyPassword in opm_getValueForKey
04/23/15 14:09:25:016 | [INFO] | | ASU | OPM | OPM | | | 8764 | Released OPM refrence successfully in opm_freeLibRef
04/23/15 14:09:25:090 | [INFO] | | ASU | PIM | PIM | | | 9092 | Build Version - 3.0.0.74
04/23/15 14:09:25:090 | [INFO] | | ASU | PIM | PIM | | | 9092 | Logging Level verbosity Set to 4
04/23/15 14:09:25:093 | [INFO] | | ASU | PIM | PIM | | | 9092 | Matching skip string found 'skipACC' for package set
04/23/15 14:09:25:098 | [INFO] | | ASU | PIM | PIM | | | 9092 | Skip packageset command line specified for package 'ACC'.
04/23/15 14:09:25:100 | [INFO] | | ASU | PIM | PIM | | | 9092 | Build Version - 3.0.0.74
04/23/15 14:09:25:100 | [INFO] | | ASU | PIM | PIM | | | 9092 | Logging Level verbosity Set to 4
04/23/15 14:09:25:100 | [INFO] | | ASU | PIM | PIM | | | 9092 | Build Version - 3.0.0.74
04/23/15 14:09:25:100 | [INFO] | | ASU | PIM | PIM | | | 9092 | Logging Level verbosity Set to 4
04/23/15 14:09:25:100 | [INFO] | | ASU | PIM | PIM | | | 9092 | Creating PIM instance for path: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp
04/23/15 14:09:25:102 | [INFO] | | ASU | PIM | PIM | | | 9092 | trying to createOrUpdatePIMDbSchema.
04/23/15 14:09:25:128 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS Created Tables.
04/23/15 14:09:25:128 | [INFO] | | ASU | PIM | PIM | | | 9092 | PIM Database is Up To Date.
04/23/15 14:09:25:424 | [INFO] | | ASU | PIM | PIM | | | 9092 | Build Version - 3.0.0.74
04/23/15 14:09:25:424 | [INFO] | | ASU | PIM | PIM | | | 9092 | Logging Level verbosity Set to 4
04/23/15 14:09:25:424 | [INFO] | | ASU | PIM | PIM | | | 9092 | Build Version - 3.0.0.74
04/23/15 14:09:25:424 | [INFO] | | ASU | PIM | PIM | | | 9092 | Logging Level verbosity Set to 4
04/23/15 14:09:25:424 | [INFO] | | ASU | PIM | PIM | | | 9092 | Creating PIM instance for path: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common
04/23/15 14:09:25:424 | [INFO] | | ASU | PIM | PIM | | | 9092 | trying to createOrUpdatePIMDbSchema.
04/23/15 14:09:25:425 | [INFO] | | ASU | PIM | PIM | | | 9092 | Current db schema version on machine 2.
04/23/15 14:09:25:425 | [INFO] | | ASU | PIM | PIM | | | 9092 | Current db schema version to install 2.
04/23/15 14:09:25:425 | [INFO] | | ASU | PIM | PIM | | | 9092 | PIM DB Schema is up to date. Current schema version is 2.
04/23/15 14:09:25:425 | [INFO] | | ASU | PIM | PIM | | | 9092 | PIM Database is Up To Date.
04/23/15 14:09:25:432 | [INFO] | | ASU | PIM | PIM | | | 9092 | Checking installation space required for application
04/23/15 14:09:25:433 | [INFO] | | ASU | PIM | PIM | | | 9092 | pim_haveEnoughDiskSpaceToInstallPackages reqSize ... 140877847
04/23/15 14:09:25:441 | [INFO] | | ASU | PIM | PIM | | | 9092 | pim_haveEnoughDiskSpaceToInstallPackages reqSize ... 65182167
04/23/15 14:09:25:441 | [INFO] | | ASU | PIM | PIM | | | 9092 | Total installation space required for application: 206060014
04/23/15 14:09:25:441 | [INFO] | | ASU | PIM | PIM | | | 9092 | Executing Adobe Genuine Validation for all the packages
04/23/15 14:09:25:441 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\UWA\UWA.pimx'
04/23/15 14:09:25:443 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\UWA\UWA.pima'
04/23/15 14:09:25:445 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\core\PDApp.pimx'
04/23/15 14:09:25:447 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\core\PDApp.pima'
04/23/15 14:09:25:447 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\D6\D6.pimx'
04/23/15 14:09:25:448 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\D6\D6.pima'
04/23/15 14:09:25:449 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\DECore\DECore.pimx'
04/23/15 14:09:25:450 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\DECore\DECore.pima'
04/23/15 14:09:25:451 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\DWA\DWA.pimx'
04/23/15 14:09:25:452 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\DWA\DWA.pima'
04/23/15 14:09:25:453 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\P6\P6.pimx'
04/23/15 14:09:25:454 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\P6\P6.pima'
04/23/15 14:09:25:456 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\LWA\LWA.pimx'
04/23/15 14:09:25:457 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\LWA\LWA.pima'
04/23/15 14:09:25:458 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\CCM\CCM.pimx'
04/23/15 14:09:25:459 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\CCM\CCM.pima'
04/23/15 14:09:25:460 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\P7\P7.pimx'
04/23/15 14:09:25:461 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\P7\P7.pima'
04/23/15 14:09:25:463 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\IPC\IPC.pimx'
04/23/15 14:09:25:464 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\IPC\IPC.pima'
04/23/15 14:09:25:468 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Runtime\Runtime.pimx'
04/23/15 14:09:25:469 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Runtime\Runtime.pima'
04/23/15 14:09:25:471 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\ADS\ADS.pimx'
04/23/15 14:09:25:471 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\ADS\ADS.pima'
04/23/15 14:09:25:472 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Core\Core.pimx'
04/23/15 14:09:25:472 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Core\Core.pima'
04/23/15 14:09:25:476 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\HEX\HEX.pimx'
04/23/15 14:09:25:477 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\HEX\HEX.pima'
04/23/15 14:09:25:478 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\CEF\CEF.pimx'
04/23/15 14:09:25:478 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\CEF\CEF.pima'
04/23/15 14:09:25:479 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\CoreExt\CoreExt.pimx'
04/23/15 14:09:25:480 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\CoreExt\CoreExt.pima'
04/23/15 14:09:25:484 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\ElevationManager\ElevationManager.pimx'
04/23/15 14:09:25:486 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\ElevationManager\ElevationManager.pima'
04/23/15 14:09:25:490 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\TCC\TCC.pimx'
04/23/15 14:09:25:490 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\TCC\TCC.pima'
04/23/15 14:09:25:493 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Notifications\Notifications.pimx'
04/23/15 14:09:25:494 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Notifications\Notifications.pima'
04/23/15 14:09:25:495 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\SignInApp\SignInApp.pimx'
04/23/15 14:09:25:495 | [INFO] | | ASU | PIM | PIM | | | 9092 | Validating package file: 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\SignInApp\SignInApp.pima'
04/23/15 14:09:25:498 | [INFO] | | ASU | PIM | PIM | | | 9092 | Adobe Genuine Validation PASSED for all the packages
04/23/15 14:09:25:498 | [INFO] | | ASU | PIM | PIM | | | 9092 | Starting installation for all the packages
04/23/15 14:09:25:498 | [INFO] | | ASU | PIM | PIM | | | 9092 | Semaphore is not locked
04/23/15 14:09:25:498 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package UWA
04/23/15 14:09:25:570 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:25:570 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:25:570 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:27:270 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\UWA\UWA.pimx'
04/23/15 14:09:27:282 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package PDApp
04/23/15 14:09:27:378 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:27:378 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:27:378 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:28:726 | [INFO] | | ASU | PIM | PIM | | | 9092 | Path to Process :C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\AAMCustomHook.exe Process Directory :C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core arguments being passed :"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\AAMCustomHook.exe" --createInventory=1 --doPostInstallStep=1
04/23/15 14:09:28:730 | [INFO] | | ASU | PIM | PIM | | | 9092 | Success in CreateProcess
04/23/15 14:09:28:768 | [INFO] | | ASU | AAMCustomHook | AAMCustomHook | | | 11364 | Build Version - 9.0.0.50
04/23/15 14:09:28:768 | [INFO] | | ASU | AAMCustomHook | AAMCustomHook | | | 11364 | Logging Level verbosity Set to 4
04/23/15 14:09:28:768 | [INFO] | | ASU | AAMCustomHook | | | | 11364 | Parsing the command line provided. Number of command line arguments is 3
04/23/15 14:09:28:824 | [INFO] | | ASU | AAMCustomHook | AAMCustomHook | | | 11364 | Updater Inventory location: 'C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\\UWA\updaterinventory.dll'
04/23/15 14:09:28:828 | [INFO] | | ASU | AAMCustomHook | AAMCustomHook | | | 11364 | Going to create or update inventory
04/23/15 14:09:28:854 | [INFO] | | ASU | AAMCustomHook | AAMCustomHook | | | 11364 | Successfully created or updated updater inventory
04/23/15 14:09:28:901 | [INFO] | | ASU | PIM | PIM | | | 9092 | Sucessfully launched and executed process...
04/23/15 14:09:28:901 | [INFO] | | ASU | PIM | PIM | | | 9092 | Successfully executed install modifier at path: 'C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\AAMCustomHook.exe'
04/23/15 14:09:28:903 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\core\PDApp.pimx'
04/23/15 14:09:28:916 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package D6
04/23/15 14:09:28:986 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:28:986 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:28:986 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:29:993 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\D6\D6.pimx'
04/23/15 14:09:30:010 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package DECore
04/23/15 14:09:30:088 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:30:088 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:30:088 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:32:760 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\DECore\DECore.pimx'
04/23/15 14:09:32:778 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package DWA
04/23/15 14:09:32:826 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:32:826 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:32:826 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:33:385 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\DWA\DWA.pimx'
04/23/15 14:09:33:394 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package P6
04/23/15 14:09:33:436 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:33:437 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:33:437 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:35:787 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\P6\P6.pimx'
04/23/15 14:09:35:805 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package LWA
04/23/15 14:09:35:847 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:35:848 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:35:848 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:37:329 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\LWA\LWA.pimx'
04/23/15 14:09:37:339 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package CCM
04/23/15 14:09:37:401 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:37:401 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:37:401 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:37:464 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\CCM\CCM.pimx'
04/23/15 14:09:37:475 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package P7
04/23/15 14:09:37:527 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:37:527 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:37:527 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:39:581 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\P7\P7.pimx'
04/23/15 14:09:39:594 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package IPC
04/23/15 14:09:39:637 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:39:637 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:39:637 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:39:807 | [INFO] | | ASU | PIM | PIM | | | 9092 | Path to Process :C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\customhook\AdobeIPCBrokerCustomHook.exe Process Directory :C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\customhook arguments being passed :"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\customhook\AdobeIPCBrokerCustomHook.exe" -uninstall
04/23/15 14:09:39:811 | [INFO] | | ASU | PIM | PIM | | | 9092 | Success in CreateProcess
04/23/15 14:09:39:935 | [INFO] | | ASU | PIM | PIM | | | 9092 | Sucessfully launched and executed process...
04/23/15 14:09:39:935 | [INFO] | | ASU | PIM | PIM | | | 9092 | Successfully executed install modifier at path: 'C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\customhook\AdobeIPCBrokerCustomHook.exe'
04/23/15 14:09:39:936 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\AAM\IPC\IPC.pimx'
04/23/15 14:09:39:957 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package Runtime
04/23/15 14:09:39:977 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:39:977 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:39:977 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:39:978 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:39:978 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:39:978 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:39:978 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:39:978 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:39:991 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:41:766 | [INFO] | | ASU | PIM | PIM | | | 9092 | Skipping Runtime customhook in EDTWorkflow
04/23/15 14:09:41:766 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Runtime\Runtime.pimx'
04/23/15 14:09:41:766 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:41:806 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package ADS
04/23/15 14:09:41:826 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:41:826 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:41:826 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:41:826 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:41:827 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:41:827 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:41:827 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:41:827 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:41:839 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:42:108 | [INFO] | | ASU | PIM | PIM | | | 9092 | Path to Process :C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\customhook\ADSCustomHook.exe Process Directory :C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\customhook arguments being passed :"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\customhook\ADSCustomHook.exe" --install=1 --update=true
04/23/15 14:09:42:118 | [INFO] | | ASU | PIM | PIM | | | 9092 | Success in CreateProcess
04/23/15 14:09:42:155 | [INFO] | | ADS | ADSCustomHook | | | CommandLineParser | 9052 | Parsing the command line provided. Number of command line arguments is 3
04/23/15 14:09:42:156 | [INFO] | | ADS | ADSCustomHook | | | | 9052 | Registry entry created for registry: 'SOFTWARE\Policies\Adobe\APIP' with key:'Enabled', value: '0'
04/23/15 14:09:42:156 | [INFO] | | ADS | ADSCustomHook | | | | 9052 | Registry entry created for registry: 'SOFTWARE\Policies\Adobe\Adobe Acrobat\10.0\FeatureLockDown' with key:'bUsageMeasurement', value: '0'
04/23/15 14:09:42:156 | [INFO] | | ADS | ADSCustomHook | | | | 9052 | Registry entry created for registry: 'SOFTWARE\Policies\Adobe\Adobe Acrobat\11.0\FeatureLockDown' with key:'bUsageMeasurement', value: '0'
04/23/15 14:09:42:162 | [INFO] | | ADS | ADSCustomHook | | | | 9052 | Successfully created ADS Vulcan Specifier file
04/23/15 14:09:42:213 | [INFO] | | ASU | PIM | PIM | | | 9092 | Sucessfully launched and executed process...
04/23/15 14:09:42:213 | [INFO] | | ASU | PIM | PIM | | | 9092 | Successfully executed install modifier at path: 'C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\customhook\ADSCustomHook.exe'
04/23/15 14:09:42:213 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\ADS\ADS.pimx'
04/23/15 14:09:42:213 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:42:270 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package Core
04/23/15 14:09:42:317 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:42:317 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:42:317 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:42:317 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:42:318 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:42:318 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:42:318 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:42:318 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:42:334 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:42:429 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Core\Core.pimx'
04/23/15 14:09:42:429 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:42:445 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package HEX
04/23/15 14:09:42:459 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:42:459 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:42:460 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:42:460 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:42:460 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:42:460 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:42:460 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:42:460 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:42:470 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:42:577 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\HEX\HEX.pimx'
04/23/15 14:09:42:577 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:42:591 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package CEF
04/23/15 14:09:42:603 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:42:603 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:42:603 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:42:603 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:42:604 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:42:604 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:42:604 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:42:604 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:42:613 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:43:529 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\CEF\CEF.pimx'
04/23/15 14:09:43:529 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:43:651 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package CoreExt
04/23/15 14:09:43:690 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:43:690 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:43:691 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:43:691 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:43:691 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:43:691 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:43:691 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:43:691 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:43:703 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:43:824 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\CoreExt\CoreExt.pimx'
04/23/15 14:09:43:824 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:43:839 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package ElevationManager
04/23/15 14:09:43:853 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:43:853 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:43:853 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:43:853 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:43:853 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:43:854 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:43:854 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:43:854 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:43:862 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:44:013 | [INFO] | | ASU | PIM | PIM | | | 9092 | Argument Path is --servicePath="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
04/23/15 14:09:44:013 | [INFO] | | ASU | PIM | PIM | | | 9092 | Path to Process :C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeServiceInstaller.exe Process Directory :C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager arguments being passed :"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeServiceInstaller.exe" --register=1 --servicePath="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe" --serviceLabel="AdobeUpdateService" --update=true
04/23/15 14:09:44:018 | [INFO] | | ASU | PIM | PIM | | | 9092 | Success in CreateProcess
04/23/15 14:09:44:053 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | register Sevice: Started
04/23/15 14:09:44:096 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | deRegister Sevice: Started
04/23/15 14:09:44:096 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | stopSevice: Started
04/23/15 14:09:44:096 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | stop Dependent Sevice: Started
04/23/15 14:09:44:097 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | stopService: Service stopped successfully
04/23/15 14:09:44:098 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | deRegisterService: Service successfully deregistered
04/23/15 14:09:44:098 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | registerService: Service successfully closed
04/23/15 14:09:44:191 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | startSevice: Started
04/23/15 14:09:45:208 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | startService: Service started successfully.
04/23/15 14:09:45:208 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | registerService: Service successfully started
04/23/15 14:09:45:208 | [INFO] | | EMCustomHook | EMCustomHook | | | | 6560 | EMCustomHook: Service with path : C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe , serviceLabel : AdobeUpdateService registered successfully
04/23/15 14:09:45:254 | [INFO] | | ASU | PIM | PIM | | | 9092 | Sucessfully launched and executed process...
04/23/15 14:09:45:254 | [INFO] | | ASU | PIM | PIM | | | 9092 | Successfully executed install modifier at path: 'C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeServiceInstaller.exe'
04/23/15 14:09:45:254 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\ElevationManager\ElevationManager.pimx'
04/23/15 14:09:45:254 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:45:266 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package TCC
04/23/15 14:09:45:276 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:45:276 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:45:277 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:45:277 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:45:277 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:45:277 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:45:277 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:45:277 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:45:285 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:45:392 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\TCC\TCC.pimx'
04/23/15 14:09:45:392 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:45:408 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package Notifications
04/23/15 14:09:45:422 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:45:422 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:45:422 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:45:422 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:45:423 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:45:423 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:45:423 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:45:423 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:45:432 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:45:847 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\Notifications\Notifications.pimx'
04/23/15 14:09:45:847 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:47:688 | [INFO] | | ASU | PIM | PIM | | | 9092 | START install Package SignInApp
04/23/15 14:09:47:779 | [INFO] | | ASU | PIM | PIM | | | 9092 | Schema Version is 2
04/23/15 14:09:47:780 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRelInfoRecords.
04/23/15 14:09:47:781 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deleteAppletRegInfoRecords.
04/23/15 14:09:47:781 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageUpgradeInfoRecords.
04/23/15 14:09:47:781 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS deletePackageInstallationInfoRecords.
04/23/15 14:09:47:781 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertPackageUpdateList.
04/23/15 14:09:47:782 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRegInfoList.
04/23/15 14:09:47:782 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS insertAppletRelInfoList.
04/23/15 14:09:47:820 | [INFO] | | ASU | PIM | PIM | | | 9092 | Backup Folder Created
04/23/15 14:09:48:017 | [INFO] | | ASU | PIM | PIM | | | 9092 | SUCCESS installPackage at file 'D:\Adobe\Adobe CS Full Suite x64\Build\ASU\packages\ADC\SignInApp\SignInApp.pimx'
04/23/15 14:09:48:017 | [INFO] | | ASU | PIM | PIM | | | 9092 | Trying to delete back up folder
04/23/15 14:09:48:046 | [INFO] | | ASU | PIM | PIM | | | 9092 | --register=1
04/23/15 14:09:48:046 | [INFO] | | ASU | PIM | PIM | | | 9092 | servicePath is --servicePath="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
04/23/15 14:09:48:051 | [INFO] | | ASU | PIM | PIM | | | 9092 | Elevation Manager pathC:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
04/23/15 14:09:48:051 | [INFO] | | ASU | PIM | PIM | | | 9092 | End installation for all the packages
04/23/15 14:09:48:060 | [INFO] | | ASU | PIM | PIM | | | 9092 | PIMSqlite closeDB status 0
04/23/15 14:09:48:060 | [INFO] | | ASU | PIM | PIM | | | 9092 | sqlite(pim.db) at path C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp is already closed
04/23/15 14:09:48:060 | [INFO] | | ASU | PIM | PIM | | | 9092 | FREE PIM Instance ...
04/23/15 14:09:48:066 | [INFO] | | ASU | PIM | PIM | | | 9092 | PIMSqlite closeDB status 0
04/23/15 14:09:48:066 | [INFO] | | ASU | PIM | PIM | | | 9092 | sqlite(pim.db) at path C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common is already closed
04/23/15 14:09:48:066 | [INFO] | | ASU | PIM | PIM | | | 9092 | FREE PIM Instance ...
04/23/15 14:09:48:066 | [ERROR] | | ASU | PIM | PIM | | | 9092 | Successfully freed PIM object Array
04/23/15 14:09:48:100 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | register Sevice: Started
04/23/15 14:09:48:152 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | deRegister Sevice: Started
04/23/15 14:09:48:152 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | stopSevice: Started
04/23/15 14:09:48:152 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | stop Dependent Sevice: Started
04/23/15 14:09:48:153 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | stopService: Service stopped successfully
04/23/15 14:09:48:155 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | deRegisterService: Service successfully deregistered
04/23/15 14:09:48:155 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | registerService: Service successfully closed
04/23/15 14:09:48:228 | [INFO] | | EMCustomHook | EMCustomHook | | | | 5292 | startSevice: Started
04/23/15 14:09:48:664 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Build Version - 1.9.0.14
04/23/15 14:09:48:664 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Logging Level verbosity Set to 4
04/23/15 14:09:48:664 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | The return code from the Bootstrapper Process is (0).
04/23/15 14:09:48:664 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Starting apply CCP ASU.
04/23/15 14:09:48:665 | [INFO] | | ASU | DeploymentManager | DeploymentManager | | | 6372 | Bootstrapper launch location is :: D:\Adobe\Adobe CS Full Suite x64\Build\ASU2\Set-up.dat
04/23/15 14:09:48:737 | [INFO] | | ASU | Setup | Setup | | | 12976 | Build Version - 9.0.0.24
04/23/15 14:09:48:737 | [INFO] | | ASU | Setup | Setup | | | 12976 | Logging Level verbosity Set to 4
04/23/15 14:09:48:743 | [INFO] | | ASU | Setup | | | | 12976 | Event Guid generated is: 'bbc896dc-a395-40a0-8e75-08bd2f5d1b3e'
04/23/15 14:09:48:744 | [INFO] | | ASU | Setup | Setup | | | 12976 | Start Adobe Setup
04/23/15 14:09:48:744 | [INFO] | | ASU | Setup | Setup | | | 12976 | TimeLog: Bootstrapper Start
04/23/15 14:09:48:744 | [INFO] | | ASU | Setup | Setup | | | 12976 | TimeLog: Start initial checks
04/23/15 14:09:48:744 | [INFO] | | ASU | Setup | Setup | | | 12976 | Action specified - "install"
04/23/15 14:09:48:745 | [INFO] | | ASU | Setup | PIM | | | 12976 | XML is valid
04/23/15 14:09:48:745 | [WARN] | | ASU | Setup | PIM | | | 12976 | Failed to find Node
04/23/15 14:09:48:745 | [WARN] | | ASU | Setup | Setup | | | 12976 | Reboot is pending from earlier installation.
04/23/15 14:09:48:747 | [INFO] | | ASU | Setup | Utilities | | | 12976 | Semaphore is not locked
04/23/15 14:09:48:751 | [INFO] | | ASU | Setup | | | | 2984 | Event with guid 'bbc896dc-a395-40a0-8e75-08bd2f5d1b3e' is being sent
04/23/15 14:09:48:753 | [INFO] | | ASU | PIM | PIM | | | 12976 | Build Version - 9.0.0.24
04/23/15 14:09:48:753 | [INFO] | | ASU | PIM | PIM | | | 12976 | Logging Level verbosity Set to 4
04/23/15 14:09:48:753 | [INFO] | | ASU | PIM | PIM | | | 12976 | Build Version - 9.0.0.24
04/23/15 14:09:48:753 | [INFO] | | ASU | PIM | PIM | | | 12976 | Logging Level verbosity Set to 4
04/23/15 14:09:48:753 | [INFO] | | ASU | PIM | PIM | | | 12976 | CREATE PIM Instance ...
04/23/15 14:09:48:754 | [INFO] | | ASU | PIM | PIM | | | 12976 | trying to createOrUpdatePIMDbSchema.
04/23/15 14:09:48:755 | [INFO] | | ASU | Setup | | | | 2984 | GetIEProxyInfo - No default proxy present on the user machine
04/23/15 14:09:48:755 | [INFO] | | ASU | PIM | PIM | | | 12976 | Current db schema version on machine 2.
04/23/15 14:09:48:755 | [INFO] | | ASU | PIM | PIM | | | 12976 | Current db schema version to install 1.
04/23/15 14:09:48:755 | [INFO] | | ASU | PIM | PIM | | | 12976 | SUCCESS Created Tables.
04/23/15 14:09:48:755 | [INFO] | | ASU | PIM | PIM | | | 12976 | PIM Database is Up To Date.
04/23/15 14:09:48:755 | [INFO] | | ASU | PIM | PIM | | | 12976 | Updater Inventory location:D:\Adobe\Adobe CS Full Suite x64\Build\ASU2\resources\updaterinventory.dll
04/23/15 14:09:48:756 | [INFO] | | ASU | Setup | | | | 2984 | GetIEProxyInfo - proxy Url is
04/23/15 14:09:48:757 | [INFO] | | ASU | PIM | PIM | | | 12976 | Acquired System level ACF lock ...
04/23/15 14:09:48:757 | [INFO] | | ASU | Setup | Setup | | | 12976 | TimeLog: End initial checks
04/23/15 14:09:48:757 | [INFO] | | ASU | Setup | Setup | | | 12976 |Hi DanaKESwan,
This doc might help with some
http://helpx.adobe.com/x-productkb/policy-pricing/activation-network-issues.html
https://lm.licenses.adobe.com
activate.adobe.com
The ones referenced in this post as well:
http://forums.adobe.com/message/5106473
-Dave -
Calling issue with Cisco 7937 conference station
Hi Friends,
I am facing issue wiht Cisco 7937 conference station, our customer have various branch offices accross the world. All branches are connected over MPLS through service provider( SIP service provider) . there is a centralized CUCM and remote office have SIP Voice gateways .
When making calls from once remote site to another using Cisco 6921 phones calls working fine
When making calls from once remote site to another using Cisco 7937 conference station to make call any phone at remote office, calls are getting disconneted, remote phone rings when calls, but its gets fast busy tone when other party picks up the phone and not able to talk.
I suspect the issue with Codec but we have configured transcoders in VG and registered with CUCM
Please help me if any one experience such issue earlier.
Regards
Sivahi Basant,
1. Actually tow phones A and B are registerd with centralized CUCM, A and B are located in two different locations, RTP traffic between And B pass through service provider.
Call Flow --> Phone A ---->CUCMRouterpattern--> SIP trunk ----> Voice gateway--->Service provider cloud---> Respective Voice Gateway---> CUCM -- Phone B
Show Run
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.02.27 15:14:52 =~=~=~=~=~=~=~=~=~=~=~=
sh run
Building configuration...
Current configuration : 12139 bytes
! Last configuration change at 06:35:59 UTC Tue Feb 25 2014
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname eucamvgw01
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.151-4.M5.bin
boot-end-marker
card type e1 0 0
logging buffered 51200 warnings
no logging console
no aaa new-model
no network-clock-participate wic 0
no ipv6 cef
ip source-route
ip traffic-export profile cuecapture mode capture
bidirectional
ip cef
ip multicast-routing
ip domain name drreddys.eu
ip name-server 10.197.20.1
ip name-server 10.197.20.2
multilink bundle-name authenticated
stcapp ccm-group 2
stcapp
stcapp feature access-code
stcapp feature speed-dial
stcapp supplementary-services
port 0/1/0
fallback-dn 5428025
port 0/1/1
fallback-dn 5428008
port 0/1/2
fallback-dn 5421462
port 0/1/3
fallback-dn 5421463
isdn switch-type primary-net5
crypto pki token default removal timeout 0
voice-card 0
dsp services dspfarm
voice call send-alert
voice call disc-pi-off
voice call convert-discpi-to-prog
voice rtp send-recv
voice service voip
ip address trusted list
ipv4 10.198.0.0 255.255.255.0
ipv4 152.63.1.0 255.255.255.0
address-hiding
allow-connections sip to sip
no supplementary-service h225-notify cid-update
no supplementary-service sip moved-temporarily
no supplementary-service sip refer
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
fax-relay ans-disable
sip
rel1xx supported "track"
privacy pstn
no update-callerid
early-offer forced
call-route p-called-party-id
voice class uri 100 sip
host 41.206.187.71
voice class codec 10
codec preference 1 g711alaw
codec preference 2 g711ulaw
codec preference 3 ilbc
codec preference 4 g729r8
codec preference 5 g729br8
voice class codec 20
codec preference 1 g729br8
codec preference 2 g729r8
voice moh-group 1
moh flash:moh/Panjo.alaw.wav
description MOH G711 alaw
multicast moh 239.1.1.2 port 16384 route 10.198.2.9
voice translation-rule 1
rule 1 /^012237280\(..\)/ /54280\1/
rule 2 /^012236514\(..\)/ /54214\1/
rule 3 /^01223651081/ /5428010/
rule 4 /^01223506701/ /5428010/
voice translation-rule 2
rule 1 /^00\(.+\)/ /+\1/
rule 2 /^0\(.+\)/ /+44\1/
rule 3 /^\([0-9].+\)/ /+\1/
voice translation-rule 3
rule 1 /^9\(.+\)/ /\1/
rule 2 /^\+44\(.+\)/ /0\1/
rule 3 /^\+\(.+\)/ /00\1/
voice translation-rule 4
rule 1 /^54280\(..\)/ /12237280\1/
rule 2 /^54214\(..\)/ /12236514\1/
rule 3 /^\+44\(.+\)/ /\1/
rule 4 /^.54280\(..\)/ /12237280\1/
rule 5 /^.54214\(..\)/ /12236514\1/
voice translation-rule 9
rule 1 /^\(....\)/ /542\1/
voice translation-rule 10
voice translation-rule 11
rule 1 /^\+44122372\(....\)/ /542\1/
rule 2 /^\+44122365\(....\)/ /542\1/
voice translation-rule 12
voice translation-rule 13
rule 1 /^\([18]...\)/ /542\1/
voice translation-rule 14
voice translation-profile MPLS-incoming
translate calling 10
translate called 9
voice translation-profile MPLS-outgoing
translate calling 11
translate called 12
voice translation-profile PSTN-incoming
translate calling 2
translate called 1
voice translation-profile PSTN-outgoing
translate calling 4
translate called 3
voice translation-profile SRST-incoming
translate calling 14
translate called 13
license udi pid CISCO2921/K9 sn FGL145110RE
hw-module ism 0
hw-module pvdm 0/0
username administrator privilege 15 secret 5 $1$syu5$DsxdOgfS7Wltx78o4PV.60
redundancy
controller E1 0/0/0
ip tcp path-mtu-discovery
ip scp server enable
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description internal LAN
ip address 10.198.2.9 255.255.255.0
duplex auto
speed auto
interface ISM0/0
ip unnumbered GigabitEthernet0/0
service-module ip address 10.198.2.8 255.255.255.0
!Application: CUE Running on ISM
service-module ip default-gateway 10.198.2.9
interface GigabitEthernet0/1
description to TATA NGN
ip address 115.114.225.122 255.255.255.252
duplex auto
speed auto
interface GigabitEthernet0/2
description SIP Trunks external
ip address 79.121.254.83 255.255.255.248
ip access-group SIP-InBound in
ip traffic-export apply cuecapture size 8000000
duplex auto
speed auto
interface ISM0/1
description Internal switch interface connected to Internal Service Module
no ip address
shutdown
interface Vlan1
no ip address
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.198.2.1
ip route 10.198.2.8 255.255.255.255 ISM0/0
ip route 41.206.187.0 255.255.255.0 115.114.225.121
ip route 77.37.25.46 255.255.255.255 79.121.254.81
ip route 83.245.6.81 255.255.255.255 79.121.254.81
ip route 83.245.6.82 255.255.255.255 79.121.254.81
ip route 95.223.1.107 255.255.255.255 79.121.254.81
ip route 192.54.47.0 255.255.255.0 79.121.254.81
ip access-list extended SIP-InBound
permit ip host 77.37.25.46 any
permit ip host 83.245.6.81 any
permit ip host 83.245.6.82 any
permit ip 192.54.47.0 0.0.0.255 any
permit icmp any any
permit ip host 95.223.1.107 any
deny ip any any log
control-plane
voice-port 0/1/0
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/1
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/2
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/3
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
no ccm-manager fax protocol cisco
ccm-manager music-on-hold bind GigabitEthernet0/0
ccm-manager config server 152.63.1.19 152.63.1.100 172.27.210.5
ccm-manager sccp local GigabitEthernet0/0
ccm-manager sccp
mgcp profile default
sccp local GigabitEthernet0/0
sccp ccm 10.198.2.9 identifier 3 priority 3 version 7.0
sccp ccm 152.63.1.19 identifier 4 version 7.0
sccp ccm 152.63.1.100 identifier 5 version 7.0
sccp ccm 172.27.210.5 identifier 6 version 7.0
sccp
sccp ccm group 2
bind interface GigabitEthernet0/0
associate ccm 4 priority 1
associate ccm 5 priority 2
associate ccm 6 priority 3
associate ccm 3 priority 4
associate profile 1002 register CFB_UK_CAM_02
associate profile 1001 register XCODE_UK_CAM_02
associate profile 1000 register MTP_UK_CAM_02
dspfarm profile 1001 transcode
codec ilbc
codec g722-64
codec g729br8
codec g729r8
codec gsmamr-nb
codec pass-through
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
maximum sessions 18
associate application SCCP
dspfarm profile 1002 conference
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 2
associate application SCCP
dspfarm profile 1000 mtp
codec g711alaw
maximum sessions software 200
associate application SCCP
dial-peer cor custom
name SRSTMode
dial-peer cor list SRST
member SRSTMode
dial-peer voice 100 voip
description *** Inbound CUCM ***
translation-profile incoming PSTN-incoming
incoming called-number .
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 500 voip
description *** Inbound TATA MPLS ***
translation-profile incoming MPLS-incoming
session protocol sipv2
session target sip-server
incoming called-number ....
incoming uri from 100
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 510 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 54[013-9]....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 520 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 5[0-35-9].....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 200 voip
description *** Inbound M12 *** 01223651081, 01223651440 - 01223651489
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 0122365....
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 201 voip
description *** Inbound M12 *** 012237280XX
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 012237280..
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 202 voip
description *** Inbound M12 *** 01223506701
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 01223506701
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 210 voip
description *** Outbound M12 ***
translation-profile outgoing PSTN-outgoing
destination-pattern +...T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 211 voip
description *** Outbound ISDN for SRST and emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 9.T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 212 voip
description *** Outbound ISDN for emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 11[02]
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 2000 voip
description *** Outbound to CUCM Primary ***
preference 1
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.19
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2001 voip
description *** Outbound to CUCM Secondary ***
preference 2
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.100
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2002 voip
description *** Outbound to CUCM Teritiary ***
preference 3
destination-pattern 542....
session protocol sipv2
session target ipv4:172.27.210.5
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 999010 pots
service stcapp
port 0/1/0
dial-peer voice 999011 pots
service stcapp
port 0/1/1
dial-peer voice 999012 pots
service stcapp
port 0/1/2
dial-peer voice 999013 pots
service stcapp
port 0/1/3
sip-ua
no remote-party-id
gatekeeper
shutdown
call-manager-fallback
secondary-dialtone 9
max-conferences 4 gain -6
transfer-system full-consult
ip source-address 10.198.2.9 port 2000
max-ephones 110
max-dn 400 dual-line no-reg
translation-profile incoming SRST-incoming
moh flash:/moh/Panjo.ulaw.wav
multicast moh 239.1.1.1 port 16384 route 10.198.2.9
time-zone 22
time-format 24
date-format dd-mm-yy
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 131
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
line vty 5 15
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
scheduler allocate 20000 1000
ntp server 10.1.30.1
end
eucamvgw01#
Sh SCCP
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.03.03 17:57:44 =~=~=~=~=~=~=~=~=~=~=~=
SCCP Admin State: UP
Gateway Local Interface: GigabitEthernet0/0
IPv4 Address: 10.198.2.9
Port Number: 2000
IP Precedence: 5
User Masked Codec list: None
Call Manager: 10.198.2.9, Port Number: 2000
Priority: 3, Version: 7.0, Identifier: 3
Call Manager: 152.63.1.19, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 4
Trustpoint: N/A
Call Manager: 152.63.1.100, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 5
Trustpoint: N/A
Call Manager: 172.27.210.5, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 6
Trustpoint: N/A
MTP Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1000
Reported Max Streams: 400, Reported Max OOS Streams: 0
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Transcoding Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1001
Reported Max Streams: 36, Reported Max OOS Streams: 0
Supported Codec: ilbc, Maximum Packetization Period: 120
Supported Codec: g722r64, Maximum Packetization Period: 30
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: gsmamr-nb, Maximum Packetization Period: 60
Supported Codec: pass-thru, Maximum Packetization Period: N/A
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
Conferencing Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1002
Reported Max Streams: 16, Reported Max OOS Streams: 0
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070080
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070081
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070082
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070083
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
eucamvgw01# -
IOS SSL VPN application issues
Hi,
I have setup WEBVPN with the SSL client on a Cisco 2811. The WebVPN gateway is via a loopback address on the router, so I NAT port 443 to this address as it enters the ADSL interface.
Everything works great apart from when I try to access an internal address on the router itself (such as the internal LAN 192.168.0.1).
If I try to telnet to this address I connect but then spurious characters appear and the session hangs. I also cannot access the CME web pages via this address.
I have tried disabling CEF to see if some weird internal issue is the problem but that did not fix it.
Anyone else experienced this?
Thanks
ScottFarrukh,
As requested please see related config below:
aaa new-model
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authentication login sdm_vpn_xauth_ml_3 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
ip cef
crypto pki trustpoint TP-self-signed-569873274
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-569873274
revocation-check none
rsakeypair TP-self-signed-569873274
crypto pki certificate chain TP-self-signed-569873274
certificate self-signed 01
interface GigabitEthernet1/0
description $SWDMADDR:192.168.0.2$
ip address 10.0.0.1 255.255.255.0
no ip route-cache cef
interface GigabitEthernet1/0.1
encapsulation dot1Q 1 native
ip address 192.168.0.1 255.255.255.0
ip access-group 100 in
ip nat inside
ip virtual-reassembly
no ip route-cache same-interface
interface GigabitEthernet1/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip helper-address 10.0.0.1
no ip route-cache same-interface
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip access-group 101 in
ip mtu 1452
ip nat outside
ip inspect SDM_LOW out
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ip local pool TEST 192.168.20.200 192.168.20.240
ip route 0.0.0.0 0.0.0.0 Dialer0 permanent
ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
access-list 101 remark WEBVPN
access-list 101 permit tcp any host 203.206.169.63 eq 443
access-list 101 deny ip any any log
route-map SDM_RMAP_1 permit 1
match ip address 102
webvpn gateway gateway_1
ip address 203.206.169.63 port 443
ssl trustpoint TP-self-signed-569873274
inservice
webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
webvpn context Default_context
ssl authenticate verify all
no inservice
webvpn context visicom
secondary-color white
title-color #669999
text-color black
ssl authenticate verify all
url-list "WEB"
heading "Welcome"
url-text "OWA" url-value "http://192.168.0.10/exchange"
policy group policy_1
url-list "WEB"
functions svc-enabled
svc address-pool "TEST"
svc keep-client-installed
svc rekey method new-tunnel
svc split include 192.168.0.0 255.255.255.0
svc split include 192.168.20.0 255.255.255.0
svc split include 10.10.10.0 255.255.255.0
default-group-policy policy_1
aaa authentication list sdm_vpn_xauth_ml_3
gateway gateway_1
inservice -
Having an issue adding network to eigrp
I'm doing a class project using a network simulator and am asked to: Design and implement an network for company RoutersCourseMatters. The names of the department names at this company are Faculty, Staff, and Students. For security reasons, each department must be isolated from each other's broadcast domain on the network. The Faculty have 50 end devices that need to be connected to the network. Staff has 26 end devices and the Students have 100 end devices. The network spaced provided by the ISP is 192.168.0.0/24. The dynamic protocol used for this network must be for Cisco-only equipment. Test each department network with just one end device and ensure full connectivity across the entire network
So we have our network topology setup for the class project(see picture attached). We are using one router for faculty+staff. Faculty has ip/mask of 192.168.0.1/26 and staff is: 192.168.0.65/27. we have a seperate router for students which the IP subnet for students is 192.168.0.150/25. The routers are directly connected and are using ips 192.168.0.98/29 & 192.168.0.100/29 so since the two routers are directly connected on the same subnet they have no issue pinging each other. The problem is pinging hosts from a subnet to hosts on a different subnet. When I try and add ANY 192.168.0.* subnet to eigrp it instead adds 192.168.16.* network. For instance on the faculty/student router if i do a 'router eigrp 1' command followed by 'network 192.168.0.0 0.0.0.63' it shows network 192.168.16.0 has been added to eigrp under show run. here is show run command:
faculty/staff Con0 is now available
Press RETURN to get started!
faculty/staff>en
faculty/staff#show run
Building configuration...
Current configuration : 874 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname faculty/staff
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
ip subnet-zero
interface FastEthernet0/0
description blank
ip address 192.168.0.65 255.255.255.224
no ip directed-broadcast
interface FastEthernet0/1
description link to switch
ip address 192.168.0.1 255.255.255.192
no ip directed-broadcast
interface Serial0/0/0
ip address 192.168.20.2 255.255.255.0
no ip directed-broadcast
clockrate 2000000
interface Serial0/0/1
no ip address
no ip directed-broadcast
shutdown
clockrate 2000000
interface Serial0/1/0
no ip address
no ip directed-broadcast
shutdown
clockrate 2000000
interface Serial0/1/1
ip address 192.168.0.98 255.255.255.248
no ip directed-broadcast
router eigrp 1
network 0.0.0.0
network 192.168.1.1 0.0.0.0
network 192.168.16.0
network 192.168.20.0
no auto-summary
ip classless
no ip http server
no ip http secure-server
control-plane
line con 0
line aux 0
line vty 0 4
login
line vty 5 1180
login
scheduler allocate 20000 1000
end
faculty/staff#config t
Enter configuration commands, one per line. End with CNTL/Z
faculty/staff(config)#router eigrp 1
faculty/staff(config-router)#network 192.168.0.0 0.0.0.63
faculty/staff(config-router)#exit
faculty/staff(config)#exit
faculty/staff#show run
Building configuration...
Current configuration : 874 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname faculty/staff
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
ip subnet-zero
interface FastEthernet0/0
description blank
ip address 192.168.0.65 255.255.255.224
no ip directed-broadcast
interface FastEthernet0/1
description link to switch
ip address 192.168.0.1 255.255.255.192
no ip directed-broadcast
interface Serial0/0/0
ip address 192.168.20.2 255.255.255.0
no ip directed-broadcast
clockrate 2000000
interface Serial0/0/1
no ip address
no ip directed-broadcast
shutdown
clockrate 2000000
interface Serial0/1/0
no ip address
no ip directed-broadcast
shutdown
clockrate 2000000
interface Serial0/1/1
ip address 192.168.0.98 255.255.255.248
no ip directed-broadcast
router eigrp 1
network 0.0.0.0
network 192.168.1.1 0.0.0.0
network 192.168.16.0
network 192.168.20.0
no auto-summary
ip classless
no ip http server
no ip http secure-server
--More--
project.jpg
Reply Reply to Main Discussion
Cody Robinson
Cody Robinson
2:36pm
Here is 'show ip eigrp topology' on staff/faculty router:
faculty/staff Con0 is now available
Press RETURN to get started!
faculty/staff>en
faculty/staff#show ip interface
FastEthernet0/0 is up, line protocol is up
Internet address is 192.168.0.65/27
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1514 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is disabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
FastEthernet0/1 is up, line protocol is up
Internet address is 192.168.0.1/26
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1514 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is disabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Serial0/0/0 is down, line protocol is down
Internet address is 192.168.20.2/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1514 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is disabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Serial0/0/1 is administratively down, line protocol is down
Internet protocol processing disabled
Serial0/1/0 is administratively down, line protocol is down
Internet protocol processing disabled
Serial0/1/1 is up, line protocol is up
Internet address is 192.168.0.98/29
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1514 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is disabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
faculty/staff#show ip eigrp ?
<1-65535> Autonomous System
accounting IP-EIGRP Accounting
interfaces IP-EIGRP interfaces
neighbors IP-EIGRP neighbors
topology IP-EIGRP Topology Table
traffic IP-EIGRP Traffic Statistics
vrf Select a VPN Routing/Forwarding instance
faculty/staff#show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(192.168.20.2)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 192.168.0.0/26, 1 successors, FD is 2172416
via Connected, FastEthernet0/1
P 192.168.0.64/27, 1 successors, FD is 2172416
via Connected, FastEthernet0/0
P 192.168.0.96/29, 1 successors, FD is 2172416
via Connected, Serial0/1/1
faculty/staff#
Cody Robinson
Cody Robinson
2:37pm
Here is show run on students router:
Students Con0 is now available
Press RETURN to get started!
Students>sh run
^
% Invalid input detected at '^' marker.
Students>en
Students#sh run
Building configuration...
Current configuration : 874 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Students
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
ip subnet-zero
interface FastEthernet0/0
no ip address
no ip directed-broadcast
shutdown
interface FastEthernet0/1
description link to switch
ip address 192.168.0.150 255.255.255.128
no ip directed-broadcast
interface Serial0/0/0
ip address 192.168.10.1 255.255.255.0
no ip directed-broadcast
clockrate 2000000
interface Serial0/0/1
no ip address
no ip directed-broadcast
shutdown
clockrate 2000000
interface Serial0/1/0
no ip address
no ip directed-broadcast
shutdown
clockrate 2000000
interface Serial0/1/1
ip address 192.168.0.100 255.255.255.248
no ip directed-broadcast
clockrate 2000000
router eigrp 1
network 0.0.0.0
network 192.168.1.1 0.0.0.0
network 192.168.10.0
ip classless
no ip http server
no ip http secure-server
control-plane
line con 0
line aux 0
line vty 0 4
login
line vty 5 1180
login
scheduler allocate 20000 1000
end
Students#Hello lolwar,
From your setup and description you provided I see some mismatch in IP subneting you calculated.
For instance in your diagram you have networks 192.168.0.0/26 (FACULTY), 192.168.0.64/27 (STAFF), 192.168.0.96/29 (point-to-point link between routers) and 192.168.0.128/25 (STUDENTS).
First, you're wasting IP addresses, because you have unused space between point-to-point link and STUDENTS subnet. It's a good practice, when calculating subnets first calculate the biggest, subnet, then smaller one until the smallest one (usually some point-to-point cross-connects). For more about this see this guide.
Now, the issue I see as the most important is, that you have in your diagram networks as I mentioned above, but into your EIGRP process you're adding completely different subnets (192.168.16.x, 192.168.20.x,...).
I entered following:
STUDENT ROUTER =------------>
router eigrp 1
network 192.168.0.96 0.0.0.7
network 192.168.0.128 0.0.0.127
FACULTY/STAFF ROUTER =------------->
router eigrp 1
network 192.168.0.0 0.0.0.63
network 192.168.0.64 0.0.0.31
network 192.168.0.96 0.0.0.7
And all works just fine, computer's are able to ping each other. Also although it's not necessary, it's good to includes network wildcard mask into the "network" command under EIGRP (or OSPF) configuration.
I hope this will help you (please rate if this is the case. Thanks.) -
QoS / Native VLAN Issue - Please HELP! :)
I've purchased 10 Cisco Aironet 2600 AP’s (AIR-SAP2602I-E-K9 standalone rather than controller based).
I’ve configured the WAP’s (or the first WAP I’m going to configure and then pull the configuration from and push to the others) with 2 SSID’s. One providing access to our DATA VLAN (1000 – which I’ve set as native on the WAP) and one providing access to guest VLAN (1234). I’ve configured the connecting DELL switchport as a trunk and set the native VLAN to 1000 (DATA) and allowed trunk traffic for VLAN’s 1000 and 1234. Everything works fine, when connecting to the DATA SSID you get a DATA IP and when you connect to the GUEST SSID you lease a GUEST IP.
The problem starts when I create a QoS policy on the WAP (for Lync traffic DSCP 40 / CS5) and try to attach it to my VLAN’s. It won’t let me attach the policy to VLAN 1000 as it’s the native VLAN. If I change VLAN 1000 on the WAP to NOT be the native VLAN I can attach the policies however wireless clients can no longer attach to either SSID properly as they fail to lease an IP address and instead get a 169.x.x.x address.
I'm sure I'm missing something basic here so please forgive my ignorance.
This is driving me insane!
Thanks to anyone that provides assistance. Running config below and example of the error...
User Access Verification
Username: admin
Password:
LATHQWAP01#show run
Building configuration...
Current configuration : 3621 bytes
! Last configuration change at 02:37:59 UTC Mon Mar 1 1993 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LATHQWAP01
logging rate-limit console 9
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
no ip routing
dot11 syslog
dot11 vlan-name Data vlan 1000
dot11 vlan-name Guest vlan 1234
dot11 ssid LatitudeCorp
vlan 1000
authentication open
authentication key-management wpa version 2
wpa-psk ascii
dot11 ssid LatitudeGuest
vlan 1234
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii
crypto pki token default removal timeout 0
username admin privilege 15 password!
class-map match-all _class_Lync0
match ip dscp cs5
policy-map Lync
class _class_Lync0
set cos 6
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
stbc
station-role root
interface Dot11Radio0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1
no ip address
no ip route-cache
encryption vlan 1234 mode ciphers aes-ccm
encryption vlan 1000 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
no dfs band block
stbc
channel dfs
station-role root
interface Dot11Radio1.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface GigabitEthernet0.1000
encapsulation dot1Q 1000 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
no ip route-cache
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
service-policy input Lync
service-policy output Lync
interface BVI1
ip address 10.10.1.190 255.255.254.0
no ip route-cache
ip default-gateway 10.10.1.202
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
transport input all
end
LATHQWAP01#conf
Configuring from terminal, memory, or network [terminal]? t
Enter configuration commands, one per line. End with CNTL/Z.
LATHQWAP01(config)#int dot11radio1.1000
LATHQWAP01(config-subif)#ser
LATHQWAP01(config-subif)#service-policy in
LATHQWAP01(config-subif)#service-policy input Lync
set cos is not supported on native vlan interface
LATHQWAP01(config-subif)#Hey Scott,
Thank you (again) for your assistance.
So I' ve done as instructed and reconfigured the WAP. I've added an additional VLAN (1200 our VOIP VLAN) and made this the native VLAN - so 1000 and 1234 are now tagged. I've configure the BVI interface with a VOIP IP address for management and can connect quite happily. I've configured the connecting Dell switchport as a trunk and to allow trunk vlans 1000 (my DATA SSID), 1200(native) and 1234 (MY GUEST SSID). I'm now back to the issue where when a wireless client attempts to connect to either of my SSID's (Guest or DATA) they are not getting a IP address / cannot connect.
Any ideas guys? Forgive my ignorance - this is a learning curve and one i'm enjoying.
LATHQWAP01#show run
Building configuration...
Current configuration : 4426 bytes
! Last configuration change at 20:33:19 UTC Mon Mar 1 1993 by Cisco
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LATHQWAP01
logging rate-limit console 9
enable secret 5
no aaa new-model
no ip source-route
no ip cef
dot11 syslog
dot11 vlan-name DATA vlan 1000
dot11 vlan-name GUEST vlan 1234
dot11 vlan-name VOICE vlan 1200
dot11 ssid LatitudeCorp
vlan 1000
authentication open
authentication key-management wpa version 2
mobility network-id 1000
wpa-psk ascii
dot11 ssid LatitudeGuest
vlan 1234
authentication open
authentication key-management wpa version 2
mbssid guest-mode
mobility network-id 1234
wpa-psk ascii
no ids mfp client
dot11 phone
username CISCO password
class-map match-all _class_Lync0
match ip dscp cs5
policy-map Lync
class _class_Lync0
set cos 6
bridge irb
interface Dot11Radio0
no ip address
encryption vlan 1000 mode ciphers aes-ccm
encryption vlan 1234 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
stbc
mbssid
station-role root
interface Dot11Radio0.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio0.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 spanning-disabled
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1
no ip address
encryption vlan 1000 mode ciphers aes-ccm
encryption vlan 1234 mode ciphers aes-ccm
ssid LatitudeCorp
ssid LatitudeGuest
antenna gain 0
peakdetect
no dfs band block
stbc
mbssid
channel dfs
station-role root
interface Dot11Radio1.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 spanning-disabled
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
interface Dot11Radio1.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 spanning-disabled
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0
no ip address
duplex full
speed auto
interface GigabitEthernet0.1000
encapsulation dot1Q 1000
bridge-group 255
bridge-group 255 spanning-disabled
no bridge-group 255 source-learning
service-policy input Lync
service-policy output Lync
interface GigabitEthernet0.1200
encapsulation dot1Q 1200 native
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
bridge-group 254
bridge-group 254 spanning-disabled
no bridge-group 254 source-learning
service-policy input Lync
service-policy output Lync
interface BVI1
mac-address 881d.fc46.c865
ip address 10.10. 255.255.254.0
ip default-gateway 10.10.
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
login local
transport input all
sntp server ntp2c.mcc.ac.uk
sntp broadcast client
end
LATHQWAP01# -
Site to site VPN re-connection issue
Hi I done site -to -site VPN between two UC 560 and I am able to make call too. Both site I am using DDNS FQDN. Now I am facing these problems,
1. When ever any of the site gone down , it is taking around 45 minute to get reconnect the VPN.
2. With in 2 minute Dialer interface is getting WAN IP address from service provider and it is updating with Dyndns also. But while checking crypto session details from my local UC I can see the peer address is not changing or showing none.
please help me to overcome this issue
I tested by restarting ROUTER-A UC560
Please find the status of remote site:
ROUTER-B#sh crypto isa sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
2.50.37.13 86.99.72.10 MM_NO_STATE 2004 ACTIVE (deleted)
ROUTER-B#sh crypto isa saIPv4 Crypto ISAKMP SA
dst src state conn-id status
ROUTER-A#sh crypto isa sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
ROUTER-B#sho crypto session detail
Crypto session current status
Code: C - IKE Configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal, T - cTCP encapsulation
X - IKE Extended Authentication, F - IKE Fragmentation
Interface: Dialer0
Session status: UP-NO-IKE
Peer: 86.99.72.10 port 500 fvrf: (none) ivrf: (none)
Desc: (none)
Phase1_id: (none)
IPSEC FLOW: permit ip 192.168.10.0/255.255.255.0 192.168.50.0/255.255.255.0
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 12452 drop 0 life (KB/Sec) 4477633/1050
Outbound: #pkts enc'ed 15625 drop 228 life (KB/Sec) 4477628/1050
ROUTER-A# sho crypto session det
Crypto session current status
Code: C - IKE Configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal, T - cTCP encapsulation
X - IKE Extended Authentication, F - IKE Fragmentation
Interface: Virtual-Access2
Session status: DOWN
Peer: port 500 fvrf: (none) ivrf: (none)
Desc: (none)
Phase1_id: (none)
IPSEC FLOW: permit ip 192.168.50.0/255.255.255.0 192.168.10.0/255.255.255.0
Active SAs: 0, origin: crypto map
Inbound: #pkts dec'ed 0 drop 0 life (KB/Sec) 0/0
Outbound: #pkts enc'ed 0 drop 0 life (KB/Sec) 0/0
Interface: Dialer0
Session status: DOWN
Peer: port 500 fvrf: (none) ivrf: (none)
Desc: (none)
Phase1_id: (none)
IPSEC FLOW: permit ip 192.168.50.0/255.255.255.0 192.168.10.0/255.255.255.0
Active SAs: 0, origin: crypto map
Inbound: #pkts dec'ed 0 drop 0 life (KB/Sec) 0/0
Outbound: #pkts enc'ed 0 drop 23 life (KB/Sec) 0/0
**** Here I can see the peer IP is 86.99.72.10, but address had been changed to 92.98.211.242 in ROUTER-A
Please see the debug crypto isakpm
ROUTER-A#debug crypto isakmp
Crypto ISAKMP debugging is on
ROUTER-A#terminal monitor
000103: Aug 6 18:40:48.083: ISAKMP:(0): SA request profile is (NULL)
000104: Aug 6 18:40:48.083: ISAKMP: Created a peer struct for , peer port 500
000105: Aug 6 18:40:48.083: ISAKMP: New peer created peer = 0x86682AAC peer_handle = 0x80000031
000106: Aug 6 18:40:48.083: ISAKMP: Locking peer struct 0x86682AAC, refcount 1 for isakmp_initiator
000107: Aug 6 18:40:48.083: ISAKMP: local port 500, remote port 500
000108: Aug 6 18:40:48.083: ISAKMP: set new node 0 to QM_IDLE
000109: Aug 6 18:40:48.083: ISAKMP:(0):insert sa successfully sa = 8B4EBE04
000110: Aug 6 18:40:48.083: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
000111: Aug 6 18:40:48.083: ISAKMP:(0):No pre-shared key with !
000112: Aug 6 18:40:48.083: ISAKMP:(0): No Cert or pre-shared address key.
000113: Aug 6 18:40:48.083: ISAKMP:(0): construct_initial_message: Can not start Main mode
000114: Aug 6 18:40:48.083: ISAKMP: Unlocking peer struct 0x86682AAC for isadb_unlock_peer_delete_sa(), count 0
000115: Aug 6 18:40:48.083: ISAKMP: Deleting peer node by peer_reap for : 86682AAC
000116: Aug 6 18:40:48.083: ISAKMP:(0):purging SA., sa=8B4EBE04, delme=8B4EBE04
000117: Aug 6 18:40:48.083: ISAKMP:(0):purging node 2113438140
000118: Aug 6 18:40:48.083: ISAKMP: Error while processing SA request: Failed to initialize SA
000119: Aug 6 18:40:48.083: ISAKMP: Error while processing KMI message 0, error 2.
000120: Aug 6 18:41:18.083: ISAKMP:(0): SA request profile is (NULL)
000121: Aug 6 18:41:18.083: ISAKMP: Created a peer struct for , peer port 500
000122: Aug 6 18:41:18.083: ISAKMP: New peer created peer = 0x8668106C peer_handle = 0x80000032
000123: Aug 6 18:41:18.083: ISAKMP: Locking peer struct 0x8668106C, refcount 1 for isakmp_initiator
000124: Aug 6 18:41:18.083: ISAKMP: local port 500, remote port 500
000125: Aug 6 18:41:18.083: ISAKMP: set new node 0 to QM_IDLE
000126: Aug 6 18:41:18.083: ISAKMP:(0):insert sa successfully sa = 86685DFC
000127: Aug 6 18:41:18.083: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
000128: Aug 6 18:41:18.083: ISAKMP:(0):No pre-shared key with !
000129: Aug 6 18:41:18.083: ISAKMP:(0): No Cert or pre-shared address key.
000130: Aug 6 18:41:18.083: ISAKMP:(0): construct_initial_message: Can not start Main mode
000131: Aug 6 18:41:18.083: ISAKMP: Unlocking peer struct 0x8668106C for isadb_unlock_peer_delete_sa(), count 0
000132: Aug 6 18:41:18.083: ISAKMP: Deleting peer node by peer_reap for : 8668106C
000133: Aug 6 18:41:18.083: ISAKMP:(0):purging SA., sa=86685DFC, delme=86685DFC
000134: Aug 6 18:41:18.083: ISAKMP:(0):purging node 379490091
000135: Aug 6 18:41:18.083: ISAKMP: Error while processing SA request: Failed to initialize SA
000136: Aug 6 18:41:18.083: ISAKMP: Error while processing KMI message 0, error 2.
000137: Aug 6 18:42:48.083: ISAKMP:(0): SA request profile is (NULL)
000138: Aug 6 18:42:48.083: ISAKMP: Created a peer struct for , peer port 500
000139: Aug 6 18:42:48.083: ISAKMP: New peer created peer = 0x86691200 peer_handle = 0x80000033
000140: Aug 6 18:42:48.083: ISAKMP: Locking peer struct 0x86691200, refcount 1for isakmp_initiator
000141: Aug 6 18:42:48.083: ISAKMP: local port 500, remote port 500
000142: Aug 6 18:42:48.083: ISAKMP: set new node 0 to QM_IDLE
000143: Aug 6 18:42:48.083: ISAKMP:(0):insert sa successfully sa = 866E1758
000144: Aug 6 18:42:48.083: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
000145: Aug 6 18:42:48.083: ISAKMP:(0):No pre-shared key with !
000146: Aug 6 18:42:48.083: ISAKMP:(0): No Cert or pre-shared address key.
000147: Aug 6 18:42:48.083: ISAKMP:(0): construct_initial_message: Can not start Main mode
000148: Aug 6 18:42:48.083: ISAKMP: Unlocking peer struct 0x86691200 for isadb_unlock_peer_delete_sa(), count 0
000149: Aug 6 18:42:48.083: ISAKMP: Deleting peer node by peer_reap for : 86691200
000150: Aug 6 18:42:48.083: ISAKMP:(0):purging SA., sa=866E1758, delme=866E1758
000151: Aug 6 18:42:48.083: ISAKMP:(0):purging node -309783810
000152: Aug 6 18:42:48.083: ISAKMP: Error while processing SA request: Failed to initialize SA
000153: Aug 6 18:42:48.083: ISAKMP: Error while processing KMI message 0, error 2.
000154: Aug 6 18:43:18.083: ISAKMP:(0): SA request profile is (NULL)
000155: Aug 6 18:43:18.083: ISAKMP: Created a peer struct for , peer port 500
000156: Aug 6 18:43:18.083: ISAKMP: New peer created peer = 0x8668106C peer_handle = 0x80000034
000157: Aug 6 18:43:18.083: ISAKMP: Locking peer struct 0x8668106C, refcount 1 for isakmp_initiator
000158: Aug 6 18:43:18.083: ISAKMP: local port 500, remote port 500
000159: Aug 6 18:43:18.083: ISAKMP: set new node 0 to QM_IDLE
000160: Aug 6 18:43:18.083: ISAKMP:(0):insert sa successfully sa = 8B4AB780
000161: Aug 6 18:43:18.083: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
000162: Aug 6 18:43:18.083: ISAKMP:(0):No pre-shared key with !
000163: Aug 6 18:43:18.083: ISAKMP:(0): No Cert or pre-shared address key.
000164: Aug 6 18:43:18.083: ISAKMP:(0): construct_initial_message: Can not start Main mode
000165: Aug 6 18:43:18.083: ISAKMP: Unlocking peer struct 0x8668106C for isadb _unlock_peer_delete_sa(), count 0
000166: Aug 6 18:43:18.083: ISAKMP: Deleting peer node by peer_reap for : 8668106C
000167: Aug 6 18:43:18.083: ISAKMP:(0):purging SA., sa=8B4AB780, delme=8B4AB78 0
000168: Aug 6 18:43:18.083: ISAKMP:(0):purging node 461611358
000169: Aug 6 18:43:18.083: ISAKMP: Error while processing SA request: Failed to initialize SA
000170: Aug 6 18:43:18.083: ISAKMP: Error while processing KMI message 0, erro r 2.
000171: Aug 6 18:44:48.083: ISAKMP:(0): SA request profile is (NULL)
000172: Aug 6 18:44:48.083: ISAKMP: Created a peer struct for , peer port 500
000173: Aug 6 18:44:48.083: ISAKMP: New peer created peer = 0x8B4A25C8 peer_handle = 0x80000035
000174: Aug 6 18:44:48.083: ISAKMP: Locking peer struct 0x8B4A25C8, refcount 1 for isakmp_initiator
000175: Aug 6 18:44:48.083: ISAKMP: local port 500, remote port 500
000176: Aug 6 18:44:48.083: ISAKMP: set new node 0 to QM_IDLE
000177: Aug 6 18:44:48.083: ISAKMP:(0):insert sa successfully sa = 8B4EC7E8
000178: Aug 6 18:44:48.083: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
000179: Aug 6 18:44:48.083: ISAKMP:(0):No pre-shared key with !
000180: Aug 6 18:44:48.083: ISAKMP:(0): No Cert or pre-shared address key.
000181: Aug 6 18:44:48.083: ISAKMP:(0): construct_initial_message: Can not start Main mode
000182: Aug 6 18:44:48.083: ISAKMP: Unlocking peer struct 0x8B4A25C8 for isadb_unlock_peer_delete_sa(), count 0
000183: Aug 6 18:44:48.083: ISAKMP: Deleting peer node by peer_reap for : 8B4A25C8
000184: Aug 6 18:44:48.083: ISAKMP:(0):purging SA., sa=8B4EC7E8, delme=8B4EC7E8
000185: Aug 6 18:44:48.083: ISAKMP:(0):purging node -1902909277
000186: Aug 6 18:44:48.083: ISAKMP: Error while processing SA request: Failed to initialize SA
000187: Aug 6 18:44:48.083: ISAKMP: Error while processing KMI message 0, error 2.
000188: Aug 6 18:45:18.083: ISAKMP:(0): SA request profile is (NULL)
000189: Aug 6 18:45:18.083: ISAKMP: Created a peer struct for , peer port 500
000190: Aug 6 18:45:18.083: ISAKMP: New peer created peer = 0x8668106C peer_handle = 0x80000036
000191: Aug 6 18:45:18.083: ISAKMP: Locking peer struct 0x8668106C, refcount 1 for isakmp_initiator
000192: Aug 6 18:45:18.083: ISAKMP: local port 500, remote port 500
000193: Aug 6 18:45:18.083: ISAKMP: set new node 0 to QM_IDLE
000194: Aug 6 18:45:18.083: ISAKMP:(0):insert sa successfully sa = 86685DFC
000195: Aug 6 18:45:18.083: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
000196: Aug 6 18:45:18.083: ISAKMP:(0):No pre-shared key with !
000197: Aug 6 18:45:18.083: ISAKMP:(0): No Cert or pre-shared address key.
000198: Aug 6 18:45:18.083: ISAKMP:(0): construct_initial_message: Can not start Main mode
000199: Aug 6 18:45:18.083: ISAKMP: Unlocking peer struct 0x8668106C for isadb_unlock_peer_delete_sa(), count 0
000200: Aug 6 18:45:18.083: ISAKMP: Deleting peer node by peer_reap for : 8668106C
000201: Aug 6 18:45:18.083: ISAKMP:(0):purging SA., sa=86685DFC, delme=86685DFC
000202: Aug 6 18:45:18.083: ISAKMP:(0):purging node 1093064733
000203: Aug 6 18:45:18.083: ISAKMP: Error while processing SA request: Failed to initialize SA
000204: Aug 6 18:45:18.083: ISAKMP: Error while processing KMI message 0, error 2.
000205: Aug 6 18:46:48.083: ISAKMP:(0): SA request profile is (NULL)
000206: Aug 6 18:46:48.083: ISAKMP: Created a peer struct for , peer port 500
000207: Aug 6 18:46:48.083: ISAKMP: New peer created peer = 0x86682BE0 peer_handle = 0x80000037
000208: Aug 6 18:46:48.083: ISAKMP: Locking peer struct 0x86682BE0, refcount 1 for isakmp_initiator
000209: Aug 6 18:46:48.083: ISAKMP: local port 500, remote port 500
000210: Aug 6 18:46:48.083: ISAKMP: set new node 0 to QM_IDLE
000211: Aug 6 18:46:48.083: ISAKMP:(0):insert sa successfully sa = 866E1758
000212: Aug 6 18:46:48.083: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
000213: Aug 6 18:46:48.083: ISAKMP:(0):No pre-shared key with !
000214: Aug 6 18:46:48.083: ISAKMP:(0): No Cert or pre-shared address key.
000215: Aug 6 18:46:48.083: ISAKMP:(0): construct_initial_message: Can not start Main mode
000216: Aug 6 18:46:48.083: ISAKMP: Unlocking peer struct 0x86682BE0 for isadb_unlock_peer_delete_sa(), count 0
000217: Aug 6 18:46:48.083: ISAKMP: Deleting peer node by peer_reap for : 86682BE0
000218: Aug 6 18:46:48.083: ISAKMP:(0):purging SA., sa=866E1758, delme=866E1758
000219: Aug 6 18:46:48.083: ISAKMP:(0):purging node -1521272284
000220: Aug 6 18:46:48.083: ISAKMP: Error while processing SA request: Failed to initialize SA
000221: Aug 6 18:46:48.083: ISAKMP: Error while processing KMI message 0, error 2.
000222: Aug 6 18:47:03.131: ISAKMP (0): received packet from 2.50.37.13 dport 500 sport 500 Global (N) NEW SA
000223: Aug 6 18:47:03.131: ISAKMP: Created a peer struct for 2.50.37.13, peer port 500
000224: Aug 6 18:47:03.131: ISAKMP: New peer created peer = 0x8668106C peer_handle = 0x80000038
000225: Aug 6 18:47:03.131: ISAKMP: Locking peer struct 0x8668106C, refcount 1 for crypto_isakmp_process_block
000226: Aug 6 18:47:03.131: ISAKMP: local port 500, remote port 500
000227: Aug 6 18:47:03.131: ISAKMP:(0):insert sa successfully sa = 8B4C1924
000228: Aug 6 18:47:03.131: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
000229: Aug 6 18:47:03.131: ISAKMP:(0):Old State = IKE_READY New State = IKE_R_MM1
000230: Aug 6 18:47:03.131: ISAKMP:(0): processing SA payload. message ID = 0
000231: Aug 6 18:47:03.131: ISAKMP:(0): processing vendor id payload
000232: Aug 6 18:47:03.131: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
000233: Aug 6 18:47:03.131: ISAKMP (0): vendor ID is NAT-T RFC 3947
000234: Aug 6 18:47:03.131: ISAKMP:(0): processing vendor id payload
000235: Aug 6 18:47:03.131: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch
000236: Aug 6 18:47:03.131: ISAKMP (0): vendor ID is NAT-T v7
000237: Aug 6 18:47:03.131: ISAKMP:(0): processing vendor id payload
000238: Aug 6 18:47:03.131: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch
000239: Aug 6 18:47:03.131: ISAKMP:(0): vendor ID is NAT-T v3
000240: Aug 6 18:47:03.131: ISAKMP:(0): processing vendor id payload
000241: Aug 6 18:47:03.131: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
000242: Aug 6 18:47:03.131: ISAKMP:(0): vendor ID is NAT-T v2
000243: Aug 6 18:47:03.131: ISAKMP:(0):found peer pre-shared key matching 2.50.37.13
000244: Aug 6 18:47:03.131: ISAKMP:(0): local preshared key found
000245: Aug 6 18:47:03.131: ISAKMP : Scanning profiles for xauth ... sdm-ike-profile-1
000246: Aug 6 18:47:03.131: ISAKMP:(0): Authentication by xauth preshared
000247: Aug 6 18:47:03.131: ISAKMP:(0):Checking ISAKMP transform 1 against priority 1 policy
000248: Aug 6 18:47:03.131: ISAKMP: encryption 3DES-CBC
000249: Aug 6 18:47:03.131: ISAKMP: hash SHA
000250: Aug 6 18:47:03.131: ISAKMP: default group 2
000251: Aug 6 18:47:03.131: ISAKMP: auth pre-share
000252: Aug 6 18:47:03.131: ISAKMP: life type in seconds
000253: Aug 6 18:47:03.131: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
000254: Aug 6 18:47:03.135: ISAKMP:(0):atts are acceptable. Next payload is 0
000255: Aug 6 18:47:03.135: ISAKMP:(0):Acceptable atts:actual life: 1800
000256: Aug 6 18:47:03.135: ISAKMP:(0):Acceptable atts:life: 0
000257: Aug 6 18:47:03.135: ISAKMP:(0):Fill atts in sa vpi_length:4
000258: Aug 6 18:47:03.135: ISAKMP:(0):Fill atts in sa life_in_seconds:86400
000259: Aug 6 18:47:03.135: ISAKMP:(0):Returning Actual lifetime: 1800
000260: Aug 6 18:47:03.135: ISAKMP:(0)::Started lifetime timer: 1800.
000261: Aug 6 18:47:03.135: ISAKMP:(0): processing vendor id payload
000262: Aug 6 18:47:03.135: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
000263: Aug 6 18:47:03.135: ISAKMP (0): vendor ID is NAT-T RFC 3947
000264: Aug 6 18:47:03.135: ISAKMP:(0): processing vendor id payload
000265: Aug 6 18:47:03.135: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch
000266: Aug 6 18:47:03.135: ISAKMP (0): vendor ID is NAT-T v7
000267: Aug 6 18:47:03.135: ISAKMP:(0): processing vendor id payload
000268: Aug 6 18:47:03.135: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch
000269: Aug 6 18:47:03.135: ISAKMP:(0): vendor ID is NAT-T v3
000270: Aug 6 18:47:03.135: ISAKMP:(0): processing vendor id payload
000271: Aug 6 18:47:03.135: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
000272: Aug 6 18:47:03.135: ISAKMP:(0): vendor ID is NAT-T v2
000273: Aug 6 18:47:03.135: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
000274: Aug 6 18:47:03.135: ISAKMP:(0):Old State = IKE_R_MM1 New State = IKE_R_MM1
000275: Aug 6 18:47:03.135: ISAKMP:(0): constructed NAT-T vendor-rfc3947 ID
000276: Aug 6 18:47:03.135: ISAKMP:(0): sending packet to 2.50.37.13 my_port 500 peer_port 500 (R) MM_SA_SETUP
000277: Aug 6 18:47:03.135: ISAKMP:(0):Sending an IKE IPv4 Packet.
000278: Aug 6 18:47:03.135: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
000279: Aug 6 18:47:03.135: ISAKMP:(0):Old State = IKE_R_MM1 New State = IKE_R_MM2
000280: Aug 6 18:47:03.191: ISAKMP (0): received packet from 2.50.37.13 dport 500 sport 500 Global (R) MM_SA_SETUP
000281: Aug 6 18:47:03.191: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
000282: Aug 6 18:47:03.191: ISAKMP:(0):Old State = IKE_R_MM2 New State = IKE_R_MM3
000283: Aug 6 18:47:03.191: ISAKMP:(0): processing KE payload. message ID = 0
000284: Aug 6 18:47:03.199: ISAKMP:(0): processing NONCE payload. message ID = 0
000285: Aug 6 18:47:03.203: ISAKMP:(0):found peer pre-shared key matching 2.50.37.13
000286: Aug 6 18:47:03.203: ISAKMP:(2001): processing vendor id payload
000287: Aug 6 18:47:03.203: ISAKMP:(2001): vendor ID is DPD
000288: Aug 6 18:47:03.203: ISAKMP:(2001): processing vendor id payload
000289: Aug 6 18:47:03.203: ISAKMP:(2001): speaking to another IOS box!
000290: Aug 6 18:47:03.203: ISAKMP:(2001): processing vendor id payload
000291: Aug 6 18:47:03.203: ISAKMP:(2001): vendor ID seems Unity/DPD but major 223 mismatch
000292: Aug 6 18:47:03.203: ISAKMP:(2001): vendor ID is XAUTH
000293: Aug 6 18:47:03.203: ISAKMP:received payload type 20
000294: Aug 6 18:47:03.203: ISAKMP (2001): His hash no match - this node outside NAT
000295: Aug 6 18:47:03.203: ISAKMP:received payload type 20
000296: Aug 6 18:47:03.203: ISAKMP (2001): No NAT Found for self or peer
000297: Aug 6 18:47:03.203: ISAKMP:(2001):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
000298: Aug 6 18:47:03.203: ISAKMP:(2001):Old State = IKE_R_MM3 New State = IKE_R_MM3
000299: Aug 6 18:47:03.203: ISAKMP:(2001): sending packet to 2.50.37.13 my_port 500 peer_port 500 (R) MM_KEY_EXCH
000300: Aug 6 18:47:03.203: ISAKMP:(2001):Sending an IKE IPv4 Packet.
000301: Aug 6 18:47:03.203: ISAKMP:(2001):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
000302: Aug 6 18:47:03.203: ISAKMP:(2001):Old State = IKE_R_MM3 New State = IKE_R_MM4
000303: Aug 6 18:47:03.295: ISAKMP (2001): received packet from 2.50.37.13 dport 500 sport 500 Global (R) MM_KEY_EXCH
000304: Aug 6 18:47:03.295: ISAKMP:(2001):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
000305: Aug 6 18:47:03.295: ISAKMP:(2001):Old State = IKE_R_MM4 New State = IKE_R_MM5
000306: Aug 6 18:47:03.295: ISAKMP:(2001): processing ID payload. message ID = 0
000307: Aug 6 18:47:03.295: ISAKMP (2001): ID payload
next-payload : 8
type : 1
address : 2.50.37.13
protocol : 17
port : 500
length : 12
000308: Aug 6 18:47:03.295: ISAKMP:(0):: peer matches *none* of the profiles
000309: Aug 6 18:47:03.295: ISAKMP:(2001): processing HASH payload. message ID = 0
000310: Aug 6 18:47:03.295: ISAKMP:(2001): processing NOTIFY INITIAL_CONTACT protocol 1
spi 0, message ID = 0, sa = 0x8B4C1924
000311: Aug 6 18:47:03.295: ISAKMP:(2001):SA authentication status:
authenticated
000312: Aug 6 18:47:03.295: ISAKMP:(2001):SA has been authenticated with 2.50.37.13
000313: Aug 6 18:47:03.295: ISAKMP:(2001):SA authentication status:
authenticated
000314: Aug 6 18:47:03.295: ISAKMP:(2001): Process initial contact,
bring down existing phase 1 and 2 SA's with local 92.98.211.242 remote 2.50.37.13 remote port 500
000315: Aug 6 18:47:03.295: ISAKMP: Trying to insert a peer 92.98.211.242/2.50.37.13/500/, and inserted successfully 8668106C.
000316: Aug 6 18:47:03.295: ISAKMP:(2001):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
000317: Aug 6 18:47:03.295: ISAKMP:(2001):Old State = IKE_R_MM5 New State = IKE_R_MM5
000318: Aug 6 18:47:03.295: ISAKMP:(2001):SA is doing pre-shared key authentication using id type ID_IPV4_ADDR
000319: Aug 6 18:47:03.295: ISAKMP (2001): ID payload
next-payload : 8
type : 1
address : 92.98.211.242
protocol : 17
port : 500
length : 12
000320: Aug 6 18:47:03.295: ISAKMP:(2001):Total payload length: 12
000321: Aug 6 18:47:03.295: ISAKMP:(2001): sending packet to 2.50.37.13 my_port 500 peer_port 500 (R) MM_KEY_EXCH
000322: Aug 6 18:47:03.295: ISAKMP:(2001):Sending an IKE IPv4 Packet.
000323: Aug 6 18:47:03.295: ISAKMP:(2001):Returning Actual lifetime: 1800
000324: Aug 6 18:47:03.299: ISAKMP: set new node -1235582904 to QM_IDLE
000325: Aug 6 18:47:03.299: ISAKMP:(2001):Sending NOTIFY RESPONDER_LIFETIME protocol 1
spi 2291695856, message ID = 3059384392
000326: Aug 6 18:47:03.299: ISAKMP:(2001): sending packet to 2.50.37.13 my_port 500 peer_port 500 (R) MM_KEY_EXCH
000327: Aug 6 18:47:03.299: ISAKMP:(2001):Sending an IKE IPv4 Packet.
000328: Aug 6 18:47:03.299: ISAKMP:(2001):purging node -1235582904
000329: Aug 6 18:47:03.299: ISAKMP: Sending phase 1 responder lifetime 1800
000330: Aug 6 18:47:03.299: ISAKMP:(2001):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
000331: Aug 6 18:47:03.299: ISAKMP:(2001):Old State = IKE_R_MM5 New State = IKE_P1_COMPLETE
000332: Aug 6 18:47:03.299: ISAKMP:(2001):Input = IKE_MESG_INTERNAL, IKE_PHASE1_COMPLETE
000333: Aug 6 18:47:03.299: ISAKMP:(2001):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE
000334: Aug 6 18:47:03.307: ISAKMP (2001): received packet from 2.50.37.13 dport 500 sport 500 Global (R) QM_IDLE
000335: Aug 6 18:47:03.307: ISAKMP: set new node -687536412 to QM_IDLE
000336: Aug 6 18:47:03.307: ISAKMP:(2001): processing HASH payload. message ID = 3607430884
000337: Aug 6 18:47:03.307: ISAKMP:(2001): processing SA payload. message ID = 3607430884
000338: Aug 6 18:47:03.307: ISAKMP:(2001):Checking IPSec proposal 1
000339: Aug 6 18:47:03.307: ISAKMP: transform 1, ESP_3DES
000340: Aug 6 18:47:03.307: ISAKMP: attributes in transform:
000341: Aug 6 18:47:03.307: ISAKMP: encaps is 1 (Tunnel)
000342: Aug 6 18:47:03.307: ISAKMP: SA life type in seconds
000343: Aug 6 18:47:03.307: ISAKMP: SA life duration (basic) of 3600
000344: Aug 6 18:47:03.307: ISAKMP: SA life type in kilobytes
000345: Aug 6 18:47:03.307: ISAKMP: SA life duration (VPI) of 0x0 0x46 0x50 0x0
000346: Aug 6 18:47:03.307: ISAKMP: authenticator is HMAC-SHA
000347: Aug 6 18:47:03.307: ISAKMP:(2001):atts are acceptable.
000348: Aug 6 18:47:03.307: ISAKMP:(2001): processing NONCE payload. message ID = 3607430884
000349: Aug 6 18:47:03.311: ISAKMP:(2001): processing ID payload. message ID = 3607430884
000350: Aug 6 18:47:03.311: ISAKMP:(2001): processing ID payload. message ID = 3607430884
000351: Aug 6 18:47:03.311: ISAKMP:(2001):QM Responder gets spi
000352: Aug 6 18:47:03.311: ISAKMP:(2001):Node 3607430884, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
000353: Aug 6 18:47:03.311: ISAKMP:(2001):Old State = IKE_QM_READY New State = IKE_QM_SPI_STARVE
000354: Aug 6 18:47:03.311: ISAKMP:(2001): Creating IPSec SAs
000355: Aug 6 18:47:03.311: inbound SA from 2.50.37.13 to 92.98.211.242 (f/i) 0/ 0
(proxy 192.168.10.0 to 192.168.50.0)
000356: Aug 6 18:47:03.311: has spi 0x4C5A127C and conn_id 0
000357: Aug 6 18:47:03.311: lifetime of 3600 seconds
000358: Aug 6 18:47:03.311: lifetime of 4608000 kilobytes
000359: Aug 6 18:47:03.311: outbound SA from 92.98.211.242 to 2.50.37.13 (f/i) 0/0
(proxy 192.168.50.0 to 192.168.10.0)
000360: Aug 6 18:47:03.311: has spi 0x1E83EC91 and conn_id 0
000361: Aug 6 18:47:03.311: lifetime of 3600 seconds
000362: Aug 6 18:47:03.311: lifetime of 4608000 kilobytes
000363: Aug 6 18:47:03.311: ISAKMP:(2001): sending packet to 2.50.37.13 my_port 500 peer_port 500 (R) QM_IDLE
000364: Aug 6 18:47:03.311: ISAKMP:(2001):Sending an IKE IPv4 Packet.
000365: Aug 6 18:47:03.311: ISAKMP:(2001):Node 3607430884, Input = IKE_MESG_INTERNAL, IKE_GOT_SPI
000366: Aug 6 18:47:03.311: ISAKMP:(2001):Old State = IKE_QM_SPI_STARVE New State = IKE_QM_R_QM2
000367: Aug 6 18:47:03.323: ISAKMP (2001): received packet from 2.50.37.13 dport 500 sport 500 Global (R) QM_IDLE
000368: Aug 6 18:47:03.323: ISAKMP:(2001):deleting node -687536412 error FALSE reason "QM done (await)"
000369: Aug 6 18:47:03.323: ISAKMP:(2001):Node 3607430884, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
000370: Aug 6 18:47:03.323: ISAKMP:(2001):Old State = IKE_QM_R_QM2 New State = IKE_QM_PHASE2_COMPLETE
000371: Aug 6 18:47:53.323: ISAKMP:(2001):purging node -687536412
ROUTER-A# sho crypto isa sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
92.98.211.242 2.50.37.13 QM_IDLE 2001 ACTIVE
RUNNING CONFIGURATION OF ROUTER-A
Building configuration...
Current configuration : 29089 bytes
! Last configuration change at 21:31:11 PST Tue Aug 7 2012 by administrator
version 15.1
parser config cache interface
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service internal
service compress-config
service sequence-numbers
hostname xxxxxxxxxxXX
boot-start-marker
boot-end-marker
enable secret 4 LcV6aBcc/53FoCJjXQMd7rBUDEpeevrK8V5jQVoJEhU
aaa new-model
aaa authentication login default local
aaa authentication login Foxtrot_sdm_easyvpn_xauth_ml_1 local
aaa authorization network Foxtrot_sdm_easyvpn_group_ml_1 local
aaa session-id common
clock timezone ZP4 4 0
clock summer-time PST recurring
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-4070447007
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4070447007
revocation-check none
rsakeypair TP-self-signed-4070447007
crypto pki certificate chain TP-self-signed-4070447007
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34303730 34343730 3037301E 170D3132 30373331 30353139
30375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 30373034
34373030 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BBA6 F2C9A163 B7EAB25D 6C538A5B 29832F58 6B95D2C0 1FBE0E72 BD4E9585
6230CAD1 8DA4E337 5A11332C 36EAFF86 02D8C977 6CD2AA50 D76FB97F 52AE73AD
E777194B 011C95EB E2A588B4 3A7D618E F1D03E3F EF1A60FB 26372B63 9395002D
38126CC5 EA79E23C 40E0F331 76E7731E D03E2CE8 F1A0B5E9 B83AA780 D566A679
599F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14C8BC47 90602FB0 18A8821A 85A3444F 874E2292 27301D06
03551D0E 04160414 C8BC4790 602FB018 A8821A85 A3444F87 4E229227 300D0609
2A864886 F70D0101 05050003 8181001B D0EA74FE 7EDD03FE 68733D87 6434D20B
80481807 DD4A488E FFEFA631 245F396F 5CADF523 1438A70B CA113994 9798483D
F59221EA 09EDB8FC 6D1DBBAE FE7FE4B9 E79F064F E930F347 B1CAD19B 01F5989A
8BCFDB1D 906163A4 C467E809 E988B610 FE613177 A815DFB0 97839F92 4A682E8F
43F08787 E08CBE70 E98DEBE7 BCD8B8
quit
dot11 syslog
ip source-route
ip cef
ip dhcp relay information trust-all
ip dhcp excluded-address 10.1.1.1 10.1.1.9
ip dhcp excluded-address 10.1.1.241 10.1.1.255
ip dhcp excluded-address 192.168.50.1 192.168.50.9
ip dhcp excluded-address 192.168.50.241 192.168.50.255
ip dhcp pool phone
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
option 150 ip 10.1.1.1
ip dhcp pool data
import all
network 192.168.50.0 255.255.255.0
default-router 192.168.50.1
ip inspect WAAS flush-timeout 10
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp router-traffic
ip inspect name SDM_LOW udp router-traffic
ip inspect name SDM_LOW vdolive
ip ddns update method sdm_ddns1
HTTP
add http://xxxxxxxs:[email protected]/nic/update?system=dyndns&[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://xxxxxxx:[email protected]/nic/update?system=dyndns&[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 2 0 0 0
interval minimum 1 0 0 0
no ipv6 cef
multilink bundle-name authenticated
stcapp ccm-group 1
stcapp
trunk group ALL_FXO
max-retry 5
voice-class cause-code 1
hunt-scheme longest-idle
voice call send-alert
voice rtp send-recv
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
no supplementary-service h450.2
no supplementary-service h450.3
supplementary-service h450.12
sip
no update-callerid
voice class codec 1
codec preference 1 g711ulaw
codec preference 2 g729r8
voice class h323 1
call start slow
voice class cause-code 1
no-circuit
voice register global
mode cme
source-address 10.1.1.1 port 5060
load 9971 sip9971.9-2-2
load 9951 sip9951.9-2-2
load 8961 sip8961.9-2-2
voice translation-rule 1000
rule 1 /.*/ //
voice translation-rule 1112
rule 1 /^9/ //
voice translation-rule 1113
rule 1 /^82\(...\)/ /\1/
voice translation-rule 1114
rule 1 /\(^...$\)/ /82\1/
voice translation-rule 2002
rule 1 /^6/ //
voice translation-rule 2222
rule 1 /^91900......./ //
rule 2 /^91976......./ //
voice translation-profile CALLER_ID_TRANSLATION_PROFILE
translate calling 1111
voice translation-profile CallBlocking
translate called 2222
voice translation-profile OUTGOING_TRANSLATION_PROFILE
translate called 1112
voice translation-profile XFER_TO_VM_PROFILE
translate redirect-called 2002
voice translation-profile multisiteInbound
translate called 1113
voice translation-profile multisiteOutbound
translate calling 1114
voice translation-profile nondialable
translate called 1000
voice-card 0
dspfarm
dsp services dspfarm
fax interface-type fax-mail
license udi pid UC560-FXO-K9 sn FHK1445F43M
archive
log config
logging enable
logging size 600
hidekeys
username administrator privilege 15 secret 4 LcV6aBcc/53FoCJjXQMd7rBUDEpeevrK8V5jQVoJEhU
username pingerID password 7 06505D771B185F
ip tftp source-interface Vlan90
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
lifetime 1800
crypto isakmp key xxxxxxx address 0.0.0.0 0.0.0.0
crypto isakmp client configuration group EZVPN_GROUP_1
key xxxxxxx
dns 213.42.20.20
pool SDM_POOL_1
save-password
max-users 20
crypto isakmp profile sdm-ike-profile-1
match identity group EZVPN_GROUP_1
client authentication list Foxtrot_sdm_easyvpn_xauth_ml_1
isakmp authorization list Foxtrot_sdm_easyvpn_group_ml_1
client configuration address respond
virtual-template 1
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec profile SDM_Profile1
set transform-set ESP-3DES-SHA
set isakmp-profile sdm-ike-profile-1
crypto map multisite 1 ipsec-isakmp
description XXXXXXX
set peer xxxxxxxxxx.dyndns.biz dynamic
set transform-set ESP-3DES-SHA
match address 105
qos pre-classify
interface GigabitEthernet0/0
description $ETH-WAN$
no ip address
ip virtual-reassembly in
load-interval 30
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface Integrated-Service-Engine0/0
description Interface used to manage integrated application modulecue is initialized with default IMAP group
ip unnumbered Vlan90
ip nat inside
ip virtual-reassembly in
service-module ip address 10.1.10.1 255.255.255.252
service-module ip default-gateway 10.1.10.2
interface GigabitEthernet0/1/0
switchport mode trunk
switchport voice vlan 100
no ip address
macro description cisco-switch
interface GigabitEthernet0/1/1
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface GigabitEthernet0/1/2
no ip address
macro description cisco-desktop
spanning-tree portfast
interface GigabitEthernet0/1/3
description Interface used to communicate with integrated service module
switchport access vlan 90
no ip address
service-module ip address 10.1.10.1 255.255.255.252
service-module ip default-gateway 10.1.10.2
interface Virtual-Template1 type tunnel
ip unnumbered Vlan1
tunnel mode ipsec ipv4
tunnel protection ipsec profile SDM_Profile1
interface Vlan1
description $FW_INSIDE$
ip address 192.168.50.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
h323-gateway voip bind srcaddr 192.168.50.1
interface Vlan90
description $FW_INSIDE$
ip address 10.1.10.2 255.255.255.252
ip access-group 103 in
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
interface Vlan100
description $FW_INSIDE$
ip address 10.1.1.1 255.255.255.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
interface Dialer0
description $FW_OUTSIDE$
mtu 1492
ip ddns update hostname xxxxxxxxxx.dyndns.biz
ip ddns update sdm_ddns1
ip address negotiated
ip access-group 104 in
ip mtu 1452
ip nat outside
ip inspect SDM_LOW out
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname CCCCCC
ppp chap password 7 071739545611015445
ppp pap sent-username CCCCC password 7 122356324SDFDBDB
ppp ipcp dns request
ppp ipcp route default
crypto map multisite
ip local pool SDM_POOL_1 192.168.50.150 192.168.50.160
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http path flash:/gui
ip dns server
ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.1.10.1 255.255.255.255 Vlan90
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.10.0 0.0.0.255 any
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration##NO_ACES_5##
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp any host 192.168.50.1 eq non500-isakmp
access-list 101 permit udp any host 192.168.50.1 eq isakmp
access-list 101 permit esp any host 192.168.50.1
access-list 101 permit ahp any host 192.168.50.1
access-list 101 permit ip 192.168.10.0 0.0.0.255 any
access-list 101 permit ip any any
access-list 101 permit ip 10.1.10.0 0.0.0.3 any
access-list 101 permit ip 10.1.1.0 0.0.0.255 any
access-list 101 permit ip host 255.255.255.255 any
access-list 101 permit ip 127.0.0.0 0.255.255.255 any
access-list 102 remark auto generated by SDM firewall configuration##NO_ACES_7##
access-list 102 remark SDM_ACL Category=1
access-list 102 permit udp any host 10.1.1.1 eq non500-isakmp
access-list 102 permit udp any host 10.1.1.1 eq isakmp
access-list 102 permit esp any host 10.1.1.1
access-list 102 permit ahp any host 10.1.1.1
access-list 102 permit ip any any
access-list 102 permit tcp 10.1.10.0 0.0.0.3 any eq 2000
access-list 102 permit udp 10.1.10.0 0.0.0.3 any eq 2000
access-list 102 permit ip 192.168.50.0 0.0.0.255 any
access-list 102 permit ip 10.1.10.0 0.0.0.3 any
access-list 102 permit ip host 255.255.255.255 any
access-list 102 permit ip 127.0.0.0 0.255.255.255 any
access-list 103 remark auto generated by SDM firewall configuration##NO_ACES_7##
access-list 103 remark SDM_ACL Category=1
access-list 103 permit udp any host 10.1.10.2 eq non500-isakmp
access-list 103 permit udp any host 10.1.10.2 eq isakmp
access-list 103 permit esp any host 10.1.10.2
access-list 103 permit ahp any host 10.1.10.2
access-list 103 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 103 permit udp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 103 permit ip 192.168.50.0 0.0.0.255 any
access-list 103 permit ip 10.1.1.0 0.0.0.255 any
access-list 103 permit ip host 255.255.255.255 any
access-list 103 permit ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any
access-list 104 remark auto generated by SDM firewall configuration##NO_ACES_13##
access-list 104 remark SDM_ACL Category=1
access-list 104 permit ip 192.168.10.0 0.0.0.255 192.168.50.0 0.0.0.255
access-list 104 permit udp any any eq non500-isakmp
access-list 104 permit udp any any eq isakmp
access-list 104 permit esp any any
access-list 104 permit ahp any any
access-list 104 permit ip any any
access-list 104 permit ip 192.168.50.0 0.0.0.255 any
access-list 104 permit ip 10.1.10.0 0.0.0.3 any
access-list 104 permit ip 10.1.1.0 0.0.0.255 any
access-list 104 permit icmp any any echo-reply
access-list 104 permit icmp any any time-exceeded
access-list 104 permit icmp any any unreachable
access-list 104 permit ip 10.0.0.0 0.255.255.255 any
access-list 104 permit ip 172.16.0.0 0.15.255.255 any
access-list 104 permit ip 192.168.0.0 0.0.255.255 any
access-list 104 permit ip 127.0.0.0 0.255.255.255 any
access-list 104 permit ip host 255.255.255.255 any
access-list 104 permit ip host 0.0.0.0 any
access-list 105 remark CryptoACL for xxxxxxxxxx
access-list 105 remark SDM_ACL Category=4
access-list 105 permit ip 192.168.50.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 106 remark SDM_ACL Category=2
access-list 106 deny ip 192.168.50.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 106 permit ip 10.1.10.0 0.0.0.3 any
access-list 106 permit ip 192.168.50.0 0.0.0.255 any
access-list 106 permit ip 10.1.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
route-map SDM_RMAP_1 permit 1
match ip address 106
snmp-server community public RO
tftp-server flash:/phones/521_524/cp524g-8-1-17.bin alias cp524g-8-1-17.bin
tftp-server flash:/ringtones/Analog1.raw alias Analog1.raw
tftp-server flash:/ringtones/Analog2.raw alias Analog2.raw
tftp-server flash:/ringtones/AreYouThere.raw alias AreYouThere.raw
tftp-server flash:/ringtones/DistinctiveRingList.xml alias DistinctiveRingList.xml
tftp-server flash:/ringtones/RingList.xml alias RingList.xml
tftp-server flash:/ringtones/AreYouThereF.raw alias AreYouThereF.raw
tftp-server flash:/ringtones/Bass.raw alias Bass.raw
tftp-server flash:/ringtones/CallBack.raw alias CallBack.raw
tftp-server flash:/ringtones/Chime.raw alias Chime.raw
tftp-server flash:/ringtones/Classic1.raw alias Classic1.raw
tftp-server flash:/ringtones/Classic2.raw alias Classic2.raw
tftp-server flash:/ringtones/ClockShop.raw alias ClockShop.raw
tftp-server flash:/ringtones/Drums1.raw alias Drums1.raw
tftp-server flash:/ringtones/Drums2.raw alias Drums2.raw
tftp-server flash:/ringtones/FilmScore.raw alias FilmScore.raw
tftp-server flash:/ringtones/HarpSynth.raw alias HarpSynth.raw
tftp-server flash:/ringtones/Jamaica.raw alias Jamaica.raw
tftp-server flash:/ringtones/KotoEffect.raw alias KotoEffect.raw
tftp-server flash:/ringtones/MusicBox.raw alias MusicBox.raw
tftp-server flash:/ringtones/Piano1.raw alias Piano1.raw
tftp-server flash:/ringtones/Piano2.raw alias Piano2.raw
tftp-server flash:/ringtones/Pop.raw alias Pop.raw
tftp-server flash:/ringtones/Pulse1.raw alias Pulse1.raw
tftp-server flash:/ringtones/Ring1.raw alias Ring1.raw
tftp-server flash:/ringtones/Ring2.raw alias Ring2.raw
tftp-server flash:/ringtones/Ring3.raw alias Ring3.raw
tftp-server flash:/ringtones/Ring4.raw alias Ring4.raw
tftp-server flash:/ringtones/Ring5.raw alias Ring5.raw
tftp-server flash:/ringtones/Ring6.raw alias Ring6.raw
tftp-server flash:/ringtones/Ring7.raw alias Ring7.raw
tftp-server flash:/ringtones/Sax1.raw alias Sax1.raw
tftp-server flash:/ringtones/Sax2.raw alias Sax2.raw
tftp-server flash:/ringtones/Vibe.raw alias Vibe.raw
tftp-server flash:/Desktops/CampusNight.png
tftp-server flash:/Desktops/TN-CampusNight.png
tftp-server flash:/Desktops/CiscoFountain.png
tftp-server flash:/Desktops/TN-CiscoFountain.png
tftp-server flash:/Desktops/CiscoLogo.png
tftp-server flash:/Desktops/TN-CiscoLogo.png
tftp-server flash:/Desktops/Fountain.png
tftp-server flash:/Desktops/TN-Fountain.png
tftp-server flash:/Desktops/MorroRock.png
tftp-server flash:/Desktops/TN-MorroRock.png
tftp-server flash:/Desktops/NantucketFlowers.png
tftp-server flash:/Desktops/TN-NantucketFlowers.png
tftp-server flash:Desktops/320x212x16/List.xml
tftp-server flash:Desktops/320x212x12/List.xml
tftp-server flash:Desktops/320x216x16/List.xml
tftp-server flash:/bacdprompts/en_bacd_allagentsbusy.au alias en_bacd_allagentsbusy.au
tftp-server flash:/bacdprompts/en_bacd_disconnect.au alias en_bacd_disconnect.au
tftp-server flash:/bacdprompts/en_bacd_enter_dest.au alias en_bacd_enter_dest.au
tftp-server flash:/bacdprompts/en_bacd_invalidoption.au alias en_bacd_invalidoption.au
tftp-server flash:/bacdprompts/en_bacd_music_on_hold.au alias en_bacd_music_on_hold.au
tftp-server flash:/bacdprompts/en_bacd_options_menu.au alias en_bacd_options_menu.au
tftp-server flash:/bacdprompts/en_bacd_welcome.au alias en_bacd_welcome.au
tftp-server flash:/bacdprompts/en_bacd_xferto_operator.au alias en_bacd_xferto_operator.au
radius-server attribute 31 send nas-port-detail
control-plane
voice-port 0/0/0
station-id number 401
caller-id enable
voice-port 0/0/1
station-id number 402
caller-id enable
voice-port 0/0/2
station-id number 403
caller-id enable
voice-port 0/0/3
station-id number 404
caller-id enable
voice-port 0/1/0
trunk-group ALL_FXO 64
connection plar opx 201
description Configured by CCA 4 FXO-0/1/0-OP
caller-id enable
voice-port 0/1/1
trunk-group ALL_FXO 64
connection plar opx 201
description Configured by CCA 4 FXO-0/1/1-OP
caller-id enable
voice-port 0/1/2
trunk-group ALL_FXO 64
connection plar opx 201
description Configured by CCA 4 FXO-0/1/2-OP
caller-id enable
voice-port 0/1/3
trunk-group ALL_FXO 64
connection plar opx 201
description Configured by CCA 4 FXO-0/1/3-OP
caller-id enable
voice-port 0/4/0
auto-cut-through
signal immediate
input gain auto-control -15
description Music On Hold Port
sccp local Vlan90
sccp ccm 10.1.1.1 identifier 1 version 4.0
sccp
sccp ccm group 1
associate ccm 1 priority 1
associate profile 2 register mtpd0d0fd057a40
dspfarm profile 2 transcode
description CCA transcoding for SIP Trunk Multisite Only
codec g729abr8
codec g729ar8
codec g711alaw
codec g711ulaw
maximum sessions 10
associate application SCCP
dial-peer cor custom
name internal
name local
name local-plus
name international
name national
name national-plus
name emergency
name toll-free
dial-peer cor list call-internal
member internal
dial-peer cor list call-local
member local
dial-peer cor list call-local-plus
member local-plus
dial-peer cor list call-national
member national
dial-peer cor list call-national-plus
member national-plus
dial-peer cor list call-international
member international
dial-peer cor list call-emergency
member emergency
dial-peer cor list call-toll-free
member toll-free
dial-peer cor list user-internal
member internal
member emergency
dial-peer cor list user-local
member internal
member local
member emergency
member toll-free
dial-peer cor list user-local-plus
member internal
member local
member local-plus
member emergency
member toll-free
dial-peer cor list user-national
member internal
member local
member local-plus
member national
member emergency
member toll-free
dial-peer cor list user-national-plus
member internal
member local
member local-plus
member national
member national-plus
member emergency
member toll-free
dial-peer cor list user-international
member internal
member local
member local-plus
member international
member national
member national-plus
member emergency
member toll-free
dial-peer voice 1 pots
destination-pattern 401
port 0/0/0
no sip-register
dial-peer voice 2 pots
destination-pattern 402
port 0/0/1
no sip-register
dial-peer voice 3 pots
destination-pattern 403
port 0/0/2
no sip-register
dial-peer voice 4 pots
destination-pattern 404
port 0/0/3
no sip-register
dial-peer voice 5 pots
description ** MOH Port **
destination-pattern ABC
port 0/4/0
no sip-register
dial-peer voice 6 pots
description ôcatch all dial peer for BRI/PRIö
translation-profile incoming nondialable
incoming called-number .%
direct-inward-dial
dial-peer voice 50 pots
description ** incoming dial peer **
incoming called-number .%
port 0/1/0
dial-peer voice 51 pots
description ** incoming dial peer **
incoming called-number .%
port 0/1/1
dial-peer voice 52 pots
description ** incoming dial peer **
incoming called-number .%
port 0/1/2
dial-peer voice 53 pots
description ** incoming dial peer **
incoming called-number .%
port 0/1/3
dial-peer voice 54 pots
description ** FXO pots dial-peer **
destination-pattern A0
port 0/1/0
no sip-register
dial-peer voice 55 pots
description ** FXO pots dial-peer **
destination-pattern A1
port 0/1/1
no sip-register
dial-peer voice 56 pots
description ** FXO pots dial-peer **
destination-pattern A2
port 0/1/2
no sip-register
dial-peer voice 57 pots
description ** FXO pots dial-peer **
destination-pattern A3
port 0/1/3
no sip-register
dial-peer voice 2000 voip
description ** cue voicemail pilot number **
translation-profile outgoing XFER_TO_VM_PROFILE
destination-pattern 399
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
voice-class sip outbound-proxy ipv4:10.1.10.1
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 58 pots
trunkgroup ALL_FXO
corlist outgoing call-emergency
description **CCA*North American-7-Digit*Emergency**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 9911
forward-digits all
no sip-register
dial-peer voice 59 pots
trunkgroup ALL_FXO
corlist outgoing call-emergency
description **CCA*North American-7-Digit*Emergency**
preference 5
destination-pattern 911
forward-digits all
no sip-register
dial-peer voice 60 pots
trunkgroup ALL_FXO
corlist outgoing call-local
description **CCA*North American-7-Digit*7-Digit Local**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 9[2-9]......
forward-digits all
no sip-register
dial-peer voice 61 pots
trunkgroup ALL_FXO
corlist outgoing call-local
description **CCA*North American-7-Digit*Service Numbers**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 9[2-9]11
forward-digits all
no sip-register
dial-peer voice 62 pots
trunkgroup ALL_FXO
corlist outgoing call-national
description **CCA*North American-7-Digit*Long Distance**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 91[2-9]..[2-9]......
forward-digits all
no sip-register
dial-peer voice 63 pots
trunkgroup ALL_FXO
corlist outgoing call-international
description **CCA*North American-7-Digit*International**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 9011T
forward-digits all
no sip-register
dial-peer voice 64 pots
trunkgroup ALL_FXO
corlist outgoing call-toll-free
description **CCA*North American-7-Digit*Toll-Free**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 91800.......
forward-digits all
no sip-register
dial-peer voice 65 pots
trunkgroup ALL_FXO
corlist outgoing call-toll-free
description **CCA*North American-7-Digit*Toll-Free**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 91888.......
forward-digits all
no sip-register
dial-peer voice 66 pots
trunkgroup ALL_FXO
corlist outgoing call-toll-free
description **CCA*North American-7-Digit*Toll-Free**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 91877.......
forward-digits all
no sip-register
dial-peer voice 67 pots
trunkgroup ALL_FXO
corlist outgoing call-toll-free
description **CCA*North American-7-Digit*Toll-Free**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 91866.......
forward-digits all
no sip-register
dial-peer voice 68 pots
trunkgroup ALL_FXO
corlist outgoing call-toll-free
description **CCA*North American-7-Digit*Toll-Free**
translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
preference 5
destination-pattern 91855.......
forward-digits all
no sip-register
dial-peer voice 2100 voip
corlist incoming call-internal
description **CCA*INTERSITE inbound call to xxxxxxxxxx
translation-profile incoming multisiteInbound
incoming called-number 82...
voice-class h323 1
dtmf-relay h245-alphanumeric
fax protocol cisco
no vad
dial-peer voice 2101 voip
corlist incoming call-internal
description **CCA*INTERSITE outbound calls to xxxxxxxxxx
translation-profile outgoing multisiteOutbound
destination-pattern 81...
session target ipv4:192.168.10.1
voice-class h323 1
dtmf-relay h245-alphanumeric
fax protocol cisco
no vad
no dial-peer outbound status-check pots
telephony-service
sdspfarm units 5
sdspfarm transcode sessions 10
sdspfarm tag 2 mtpd0d0fd057a40
video
fxo hook-flash
max-ephones 138
max-dn 600
ip source-address 10.1.1.1 port 2000
auto assign 1 to 1 type bri
calling-number initiator
service phone videoCapability 1
service phone ehookenable 1
service dnis overlay
service dnis dir-lookup
service dss
timeouts interdigit 5
system message Cisco Small Business
url services http://10.1.10.1/voiceview/common/login.do
url authentication http://10.1.10.1/voiceview/authentication/authenticateOn 12/01/12 12:06, JebediahShapnacker wrote:
>
> Hello.
>
> I would like to setup a site to site VPN between 2 of our site. We have
> Bordermanager .7 on one end and IPCop on the other.
i'm not familiar with Bordermanager version but be sure you're using 3.9
with sp2 and sp2_it1 applied.
There are not specific documents that i'm aware that explains conf
between ipcop and bm but if ipcop behaves as standard ipsec device, you
can use as a guideline some of the docs that explains how to configure
bm with third party firewalls.
- AppNote: CISCO IOS 12.2(11) T with NBM 3.8 Server
Novell Cool Solutions: AppNote
By Upendra Gopu
- BorderManager and Novell Security Manager Site-to-Site VPN
Novell Cool Solutions: Feature
By Jenn Bitondo
- Setting Up an IPSec VPN Tunnel between Nortel and an NBM 3.8.4 Server
Author Info
8 November 2006 - 7:37pm
Submitted by: kchendil
- AppNote: NBM to Openswan: Site-to-site VPN Made Easy
Novell Cool Solutions: AppNote
By Gaurav Vaidya
- AppNote: Interoperability of Cisco PIX 500 and NBM 3.8 VPN
Novell Cool Solutions: AppNote
By Sreekanth Settipalli
Digg This - Slashdot This
Posted: 28 Oct 2004
etc -
Cisco ASA 8.6 configuration issues
Hello all ,
internet router-----------outside------------- ASA -------inside-------------cisco 3750 (----A----)
|
|
DMZ
|
|
Cisco 3750 (-----B---)
1- switch A -- wireless User + Cisco Wireless Ip phones
2- Switch B -- CUCM
Problem discriptiom :
--- from switch A i can not ping SwitchB (DMZ) so ip phones can not reached to CUCM
--- on switchA 4 VLANS are configured with Different SSIDs and internet is working fine .
--- on Switch A i want 2 VLANs (vlan60 and vlan 80) to communicate with DMZ also (Not working )
## some relevent Config is as under :
SWITCH A CONFIG
===============
vlan internal allocation policy ascending
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
shutdown
interface GigabitEthernet1/0/1
switchport access vlan 60
switchport mode access
spanning-tree portfast
|
|
|
|
|
|
interface GigabitEthernet1/0/23
description **connected to ASA-Inside**
switchport access vlan 100
switchport mode access
interface Vlan10
ip address X.X.100.5 255.255.255.0
interface Vlan50
ip address X.X.6.12 255.255.255.0
interface Vlan60
ip address X.X.8.251 255.255.255.0
interface Vlan80
ip address X.X.10.251 255.255.255.0
interface Vlan100
ip address X.X.20.1 255.255.255.0
ip classless
ip route 0.0.0.0 0.0.0.0 X.X.20.2
=========================================
ASA CONFIG
interface GigabitEthernet0/0
nameif inside
security-level 100
ip address X.X.20.2 255.255.255.0
|
|
interface GigabitEthernet0/2
nameif DMZ
security-level 50
ip address X.X.21.2 255.255.255.0
|
|
interface GigabitEthernet0/5
nameif outside
security-level 0
ip address 192.168.2.5 255.255.255.0
|
|
object network IN-OUT
subnet 0.0.0.0 0.0.0.0
object network W-PHONE
subnet X.X.10.0 255.255.255.0
object network BECA-WIRELESS-USER
subnet X.X.8.0 255.255.255.0
pager lines 24
|
|
nat (inside,outside) source dynamic IN-OUT interface
nat (inside,DMZ) source dynamic W-PHONE interface
nat (inside,DMZ) source dynamic BECA-WIRELESS-USER interface
route outside 0.0.0.0 0.0.0.0 192.168.2.1 1
route inside X.X.6.0 255.255.255.0 X.X.20.1 1
route inside X.X.7.0 255.255.255.0 X.X.20.1 1
route inside X.X.8.0 255.255.255.0 X.X.20.1 1
route inside X.X.10.0 255.255.255.0 X.X.20.1 1
timeout xlate 3:00:00
============================================
switch B
interface GigabitEthernet1/0/17
switchport access vlan 50
switchport mode access
switchport voice vlan 20
spanning-tree portfast
interface GigabitEthernet1/0/18
switchport access vlan 50
switchport mode access
interface Vlan10
ip address X.X.100.1 255.255.255.0
interface Vlan20
ip address X.X.7.1 255.255.255.0
ip helper-address X.X.6.6
interface Vlan50
ip address X.X.6.30 255.255.255.0
ip helper-address X.X.6.6
interface Vlan60
ip address X.X.8.252 255.255.255.0
interface Vlan101
ip address X.X.21.1 255.255.255.0
ip forward-protocol nd
ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 X.X.6.4
ip route X.X.6.0 255.255.255.0 X.X.21.2
ip route X.X.7.0 255.255.255.0 X.X.21.2We would also need to see the ACL configuration of the ASA as this is what actually controls the flow of traffic, that is if routing is correct which it seems to be from your configuration.
What you can do is run a packet-tracer on the ASA to see if the packet is allowed through the ASA:
packet-tracer input inside tcp 12345 detail
This should give you an indication where or if there is a misconfiguration on the ASA.
Please post the output here if you require further assistance. Also a full ASA configuration (remove public IPs and passwords) would help to identify the issue.
Please remember to rate and select a correct answer -
Phase 2 issue in IPSEC site-to-site
Hi All,
I have got an issue while creating an IPSEC site-to-site VPN between cisco2901-15.2(4)M3 ---> cisco861-12.4
Phase#1 is successfully up but when i'm putting command #show crypto ipsec sa i can't see encry & decry packets.
below is the running-conifgs and show crypto output for both side
cisco2901:-
Current configuration : 5668 bytes
! Last configuration change at 17:08:59 PCTime Mon Feb 3 2014 by ciscodxb
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname DXB-CIT
boot-start-marker
boot-end-marker
logging buffered 52000
aaa new-model
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa session-id common
clock timezone PCTime 4 0
ip cef
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.10.1 192.168.10.9
ip dhcp excluded-address 192.168.10.101 192.168.10.254
ip dhcp pool dxb-pool
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 80.xxx.xx.xx 213.xxx.xxx.xx
ip domain name channelit
ip name-server 80.xx.xx.xx
ip name-server 213.xx.xx.xx
no ipv6 cef
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-1231038404
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1231038404
revocation-check none
rsakeypair TP-self-signed-1231038404
crypto pki certificate chain TP-self-signed-1231038404
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31323331 30333834 3034301E 170D3134 30313331 31333230
30375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 32333130
33383430 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100ECF1 71B270A3 EFBC3609 C136BC9B 7D54A077 33286BF1 45558928 6DF96244
2DAF0A50 E5DA03C6 E87AD7AE 4544C6B0 2649AE20 83C5F9F1 FA73B5BF 5CC421DE
1FA66C70 FD39938F 8E46AA22 2996FBF9 6C739C35 13F1A287 651A1904 57898B3F
F076A50E F4955677 6D0BD4B3 57FB590D 851500DC D789A175 FA0F18BD 1A982438
63730203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14546BDB F740F993 E0A596EF 93D4991E 751C4240 7F301D06
03551D0E 04160414 546BDBF7 40F993E0 A596EF93 D4991E75 1C42407F 300D0609
2A864886 F70D0101 05050003 8181000E 1FDDF0E2 8D04EFD3 850F2417 B49E1B6B
04CFFED3 D89C032E FEB03641 B5BC830B D60E8F8A 8EB28EA4 1242ECB5 01E91511
08A59585 27260A9F C8470C48 0E5797F8 3C04DE38 3213CF77 ADCACC53 D6771D55
6E6C0027 F11BE11E 06F9BC8A 1C7C3874 9C4B937D 35D0DB0F 0328FC38 DE9916AC
FE4AD16D 1EA2CF64 316146D5 A960DB
quit
voice-card 0
license udi pid CISCO2901/K9 sn FCZ1716C4QT
hw-module pvdm 0/0
username cisco
username ciscodxb privilege 15 password 0 cisco
username compumate privilege 15 secret 4 YCR80zERMiSH2RJpMWWOYdaDiHRm0U6p9mGMCktErQ2
redundancy
crypto ctcp
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key xxxxxxxxx address 41.xxx.xx.xx
crypto isakmp client configuration group CITDXB
key xxxxxx
pool SDM_POOL_1
crypto isakmp profile ciscocp-ike-profile-1
match identity group xxxxx
client authentication list ciscocp_vpn_xauth_ml_1
isakmp authorization list ciscocp_vpn_group_ml_1
client configuration address respond
virtual-template 1
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
mode tunnel
crypto ipsec transform-set Dxb-to-Nigeria esp-3des esp-md5-hmac
mode tunnel
crypto ipsec profile CiscoCP_Profile1
set transform-set ESP-3DES-SHA
set isakmp-profile ciscocp-ike-profile-1
crypto dynamic-map hq-vpn 11
set security-association lifetime seconds 86400
set transform-set CHANNEL-DUBAI
crypto map Dxb-to-Nigeria 1 ipsec-isakmp
set peer 41.xxx.xxx.xxx
set transform-set Dxb-to-Nigeria
match address 110
crypto map VPN 1 ipsec-isakmp dynamic hq-vpn
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description $ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ES_LAN$$ETH-WAN$
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
description $ES_WAN$
ip address 80.xxx.xxx.xxx 255.255.255.252
ip flow ingress
ip flow egress
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map Dxb-to-Nigeria
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/1
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
ip local pool SDM_POOL_1 192.168.20.20 192.168.20.50
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip nat source list 100 interface GigabitEthernet0/1 overload
ip nat inside source route-map SDM_RMAP_1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
ip sla auto discovery
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 101 deny ip 192.168.10.0 0.0.0.255 41.206.13.192 0.0.0.7
access-list 101 permit ip 192.168.10.0 0.0.0.255 any
access-list 110 permit ip 192.168.10.0 0.0.0.255 41.206.13.192 0.0.0.7
route-map SDM_RMAP_1 permit 1
match ip address 101
control-plane
mgcp profile default
gatekeeper
shutdown
line con 0
logging synchronous
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
transport input telnet ssh
line vty 5 15
access-class 23 in
transport input telnet ssh
scheduler allocate 20000 1000
end
DXB-CIT#show cry
DXB-CIT#show crypto isa
DXB-CIT#show crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
41.xxx.xxx.xx 80.xxx.xx.xx QM_IDLE 1011 ACTIVE
IPv6 Crypto ISAKMP SA
DXB-CIT#show cry
DXB-CIT#show crypto ips
DXB-CIT#show crypto ipsec sa
interface: GigabitEthernet0/1
Crypto map tag: Dxb-to-Nigeria, local addr 80.xxx.xx.xx
protected vrf: (none)
local ident (addr/mask/prot/port): (192.168.10.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (41.xxx.xx.xx/255.255.255.248/0/0)
current_peer 41.xxx.xx.xxx port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 1467, #recv errors 0
local crypto endpt.: 80.xxx.xxx.xx, remote crypto endpt.: 41.xxx.xx.xx
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/1
current outbound spi: 0x0(0)
PFS (Y/N): N, DH group: none
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:
cisco861:-
crypto pki trustpoint TP-self-signed-2499926077
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2499926077
revocation-check none
rsakeypair TP-self-signed-2499926077
crypto pki trustpoint test_trustpoint_config_created_for_sdm
subject-name [email protected]
revocation-check crl
crypto pki certificate chain TP-self-signed-2499926077
certificate self-signed 01
3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32343939 39323630 3737301E 170D3032 30333031 30303036
32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34393939
32363037 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C1D0 0C45FD24 19ECECA0 9F7686A4 42B81E39 F6485ED8 66EBFBF3 4F3DCD64
25D4C2C7 5B56E7EF 7BF1963F F0406CBB 9B782A92 7925BA63 C761D92A 9E97CA4A
4D83CDD3 4B9811B9 734D84AB EFD85F9D 82541A09 4C2B580F E3302B67 97F93286
6D908B49 D936A0D1 78AB3829 56896990 9008E8EC 0333B1F1 8AACD0B2 4BCE81E3
A4A10203 010001A3 74307230 0F060355 1D130101 FF040530 030101FF 301F0603
551D1104 18301682 14434954 5F322E79 6F757264 6F6D6169 6E2E636F 6D301F06
03551D23 04183016 8014E7CE C4274196 09907466 DE068815 C9987EDF 4712301D
0603551D 0E041604 14E7CEC4 27419609 907466DE 068815C9 987EDF47 12300D06
092A8648 86F70D01 01040500 03818100 B546F76E B5A79129 95A37822 132F6685
E5541CD5 0818A4FE 83AD17AC 9C18AAC2 C137AF00 43FB787C 30534B0C 7D494FA8
ACC28C3E 7CBC3BB5 92FAFD2C 5D1766FF 2C8CACE0 E523C53E 7617A9AF 7AD8FDF3
35CD6184 8BB076E4 FBDF86B3 92EA9488 B173ABBD F42B1CA1 ECCB586B 882CC097
DEE688A7 E04797CB 7ED73ED3 E9FFC8D0
quit
crypto pki certificate chain test_trustpoint_config_created_for_sdm
ip source-route
ip dhcp excluded-address 10.10.10.1
ip cef
ip domain name yourdomain.com
username emma privilege 15 password 0 PasemmaY
username admin privilege 15 secret 5 $1$GHAV$CuyCKFpaEVCRcTX4jTNzp/
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp policy 3
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp policy 5
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp policy 7
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp key &dtej4$ address 41.xxx.xx.xxx
crypto isakmp key ch@nn#l!t address 41.xx.xx.xx
crypto isakmp key t3l3comch@nn3l&mtn address 196.xx.xx.xx
crypto isakmp key CITDENjan2014 address 80.xxx.xx.xx
crypto ipsec transform-set MTN-TCWA esp-3des esp-sha-hmac
crypto ipsec transform-set channelit esp-3des esp-md5-hmac
crypto ipsec transform-set MTNG-TCWA esp-3des esp-md5-hmac
crypto ipsec transform-set CHANNEL-DUBAI esp-3des esp-md5-hmac
crypto map CHANNEL-DUBAI 14 ipsec-isakmp
set peer 80.xxx.xx.xxx
set transform-set CHANNEL-DUBAI
match address 160
crypto map MTNVPN local-address FastEthernet4
crypto map MTNVPN 10 ipsec-isakmp
set peer 41.xxx.xx.xx
set transform-set MTN-TCWA
match address 101
crypto map MTNVPN 11 ipsec-isakmp
set peer 41.xxx.xx.x
set transform-set channelit
match address 150
crypto map MTNVPN 12 ipsec-isakmp
set peer 196.xxx.xx.xx
set transform-set MTNG-TCWA
match address MTNG
archive
log config
hidekeys
ip tcp synwait-time 5
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description This interface connect MTN Fibre
ip address 41.206.xx.xxx 255.255.255.252
duplex auto
speed auto
crypto map MTNVPN
interface Vlan1
description This interface connects to CIT LAN
ip address 41.xxx.xx.xxx 255.255.255.248
ip tcp adjust-mss 1452
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 41.xxx.xx.xx
ip route 10.93.128.128 255.255.255.224 41.xxx.xx.x
ip route 10.109.95.64 255.255.255.240 41.xxx.xx.xxx
ip route 10.135.45.0 255.255.255.224 196.xxx.xx.xx
ip route 10.199.174.225 255.255.255.255 41.xxx.xx.xxx
ip route 192.168.10.0 255.255.255.0 80.xxx.xxx.xxx
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip access-list extended MTNG
permit ip 41.xxx.xx.xxx0.0.0.7 10.135.45.0 0.0.0.31
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit any
access-list 101 permit ip 41.206.13.192 0.0.0.7 host 41.206.4.75
access-list 101 permit ip 41.206.13.192 0.0.0.7 10.109.95.64 0.0.0.15
access-list 101 permit ip 41.206.13.192 0.0.0.7 10.109.95.120 0.0.0.7
access-list 101 permit ip 41.206.13.192 0.0.0.7 host 10.199.174.225
access-list 101 permit ip 41.206.13.192 0.0.0.7 10.197.197.64 0.0.0.31
access-list 101 permit ip 41.206.13.192 0.0.0.7 10.197.197.96 0.0.0.31
access-list 150 permit ip host 41.206.13.193 10.197.212.224 0.0.0.31
access-list 150 permit ip host 41.206.13.194 10.197.212.224 0.0.0.31
access-list 150 permit ip host 41.206.13.195 10.197.212.224 0.0.0.31
access-list 150 permit ip host 41.206.13.196 10.197.212.224 0.0.0.31
access-list 150 permit ip host 41.206.13.197 10.197.212.224 0.0.0.31
access-list 150 permit ip host 41.206.13.198 10.197.212.224 0.0.0.31
access-list 160 permit ip 41.206.xx.xxx 0.0.0.7 192.168.10.0 0.0.0.255
no cdp run
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner login ^C
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE
PUBLICLY-KNOWN CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL
NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
^C
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
scheduler max-task-time 5000
end
CIT_2#show cry
CIT_2#show crypto isa
CIT_2#show crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id slot status
41.xxx.xx.xxx 80.xxx.xx.xxx QM_IDLE 2003 0 ACTIVE
IPv6 Crypto ISAKMP SA
CIT_2#show cry
CIT_2#show crypto ips
CIT_2#show crypto ipsec sa
interface: FastEthernet4
Crypto map tag: MTNVPN, local addr 41.xxx.xx.xx
protected vrf: (none)
local ident (addr/mask/prot/port): (41.xxx.xx.xxx/255.255.255.248/0/0)
remote ident (addr/mask/prot/port): (41.xxx.x.xx/255.255.255.255/0/0)
current_peer 41.xxx.xx.xxxport 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: 41.xxx.xx.xx, remote crypto endpt.: 41.xxx.xx.xxx
path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet4
current outbound spi: 0x0(0)
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:
protected vrf: (none)
local ident (addr/mask/prot/port): (41.xxx.xx.xxx/255.255.255.248/0/0)
remote ident (addr/mask/prot/port): (10.109.95.120/255.255.255.248/0/0)
current_peer 41.xxx.xx.xxx port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: 41.xxx.xx.xx, remote crypto endpt.: 41.xxx.xx.xx
path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet4
current outbound spi: 0x0(0)
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:@Marcin
any suggestion to fix the issue????
i mean if i'll put below commands will i be able to fix the issue???
crypto map MTNVPN 12 ipsec-isakmp
set peer 80.xxx.xx.xxx
set transform-set CHANNEL-DUBAI
match address 160 -
! Last configuration change at 16:28:19 GMT Mon Feb 27 2012 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname CCME2811
boot-start-marker
boot-end-marker
logging buffered 1000000
no logging console
enable secret 5 $1$UQ7v$Qe5DTyBYYB20KoEqCFqy30
no aaa new-model
clock timezone GMT -6 0
clock summer-time GMT recurring
dot11 syslog
ip source-route
ip cef
ip dhcp excluded-address 10.10.1.1 10.10.1.20
ip dhcp pool phone
network 10.10.1.0 255.255.255.0
default-router 10.10.1.1
option 150 ip 10.10.1.1
no ipv6 cef
multilink bundle-name authenticated
stcapp ccm-group 1
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
supplementary-service h450.12
no supplementary-service sip refer
h323
sip
registrar server expires max 3600 min 3600
voice class codec 1
codec preference 1 g711ulaw
voice class custom-cptone jointone
dualtone conference
frequency 600 900
cadence 300 150 300 100 300 50
voice class custom-cptone leavetone
dualtone conference
frequency 400 800
cadence 400 50 200 50 200 50
voice translation-rule 1
voice translation-rule 9
rule 1 /^911$/ /911/
rule 2 /^8\(.*\)/ /\1/
voice translation-rule 10
rule 1 /\(34..\)/ /605274\1/
rule 2 /\(41..\)/ /605275\1/
voice translation-profile CALLER_ID_TRANSLATION_PROFILE
translate calling 1
voice translation-profile PSTN-LD
translate calling 10
voice-card 0
dsp services dspfarm
crypto pki token default removal timeout 0
license udi pid CISCO2811 sn FTX1017A0Z1
archive
log config
hidekeys
username admin privilege 15 secret 5 $1$Casc$PqFn0/a.oZmvNJdhQAieS.
username conference password 0 null
username open password 0 null
class-map match-all L3-to-L2_VoIP-Cntrl
match ip dscp af31
class-map match-all L3-to-L2_VoIP-RTP
match ip dscp ef
class-map match-all SIP
match protocol sip
class-map match-all RTP
match protocol rtp
policy-map EthOut
class RTP
policy-map output-L3-to-L2
class L3-to-L2_VoIP-RTP
set cos 5
class L3-to-L2_VoIP-Cntrl
set cos 3
interface Loopback0
ip address 10.1.10.2 255.255.255.0
interface FastEthernet0/0
description ** Voice VLAN **
ip address 10.10.1.1 255.255.255.0
duplex auto
speed auto
interface FastEthernet0/1
description ** Data VLAN **
ip address 192.168.100.2 255.255.255.0
duplex auto
speed auto
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http path flash:/gui
ip route 0.0.0.0 0.0.0.0 192.168.100.1
telephony-service
sdspfarm conference mute-on 111 mute-off 222
sdspfarm units 1
sdspfarm tag 1 confdsp1
conference hardware
authentication credential (hidden info)
em logout 0:0 0:0 0:0
max-ephones 36
max-dn 108
ip source-address 10.10.1.1 port 2000
caller-id block code *10
no caller-id name-only
calling-number initiator
service phone videoCapability 1
system message IT Outlet
url services http://10.1.10.1/voiceview/common/login.do
url authentication http://10.1.10.2/CCMCIP/authenticate.asp
cnf-file perphone
load 7914 S00105000300
load 7935 P00503021500
load 7960-7940 P00308000500
time-zone 8
voicemail 5000
max-conferences 8 gain -6
call-forward pattern .T
call-forward system redirecting-expanded
moh music-on-hold.au
web admin system name admin secret 5 $1$vp1x$4PuEyYU1BsGN.KzjhnVOR.
dn-webedit
time-webedit
transfer-system full-consult
transfer-pattern 8.T
secondary-dialtone 8
after-hours pstn-prefix 4 4
night-service code *1234
night-service weekday 18:30 07:00
night-service day Sun 00:00 23:59
night-service day Sat 00:00 23:59
This is my running config that I have so far. The issue I'm having is that I can't access the web interface to do any configuring. I am currently hooked up to a DMZ which is on a 192.168.100.1 ip scheme. I am just doing testing of this phone system before I put it in our business to run 100%. At the moment the only thing holding me back is the web interface my boss wants me to be able to access the web interface so then I can configure clients easier. The farthest I've gotten was at 10.10.1.1 I got a page that loads that asks me for my username and password and then it says something about QoS Device Manager - Configure and monitor QoS through the web interface. When I click on that it takes me to a 404 error page. I've looked over my IPs as I posted above multiple times to try and figure out what I'm doing wrong. I at first was having DHCP issues with my laptop and the switch the router was hooked up to, but I got that figured out. Then I thought it might have been vlans but when I did a show vlan-switch I noticed there were only 1 - type = enet, 1002 - type = fddi, 1003 - type = tr, 1004 - type = fdnet, and 1005 - type = trnet.
I noticed I posted this in the wrong area from before. To update what I've done from then till now. All the CME files have been loaded into flash like I was reading in other posts. I did a show flash and everything seems to be in there that I need. I determined the page that is loading up after I type 10.10.1.1 or 192.168.100.2 in my web browser is the router itself. I have this hooked up to a DMZ like I said before and it keeps giving my laptop 2 default gateways one being 0.0.0.0 and the other being 10.10.1.1, not sure why it's doing that. My laptop is receiving and 10.10.1.21 address from the router and I have the router hooked up to the DMZ under 192.168.100.2. We were having issues with an older version of CME so I upgraded to 8.6, I'm using a test router to make sure everything is working before I implement it into our real phone system. Still can't get a web interface to show up. I don't think my ip route command is right but that's how it was in the old config from the phone system we have now. I did a backup of that config and editted everything based off the backup config. Somewhere I think in my config I believe I have something wrong pertaining to an IP address but I can't see it. Been working on this all day and haven't gotten anywhere.Hi Jamie,
Please use the below link,
https://supportforums.cisco.com/docs/DOC-8172
Hope it helps,
Anand -
Configuration Issue with my Cisco 871 Router
Hi all,
I am a newbie to the Cisco IOS.
I got a Cisco 871 Router that I'd like to use for internet connection. My LAN network is 192.168.1.0/24 and the ISP has assigned us the IP 41.212.79.108/24 and gateway 41.212.79.1.
With my current configuration, I can hit the router - 192.168.1.1 - and it's WAN port - 41.212.79.108 - but not the gateway.
Below is my current config:
Hoggers#show config
Using 4414 out of 131072 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Hoggers
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
enable secret 5 **********************.
no aaa new-model
crypto pki trustpoint TP-self-signed-568493463
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-568493463
revocation-check none
rsakeypair TP-self-signed-568493463
crypto pki certificate chain TP-self-signed-568493463
certificate self-signed 01 nvram:IOS-Self-Sig#7.cer
dot11 syslog
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.1
ip dhcp excluded-address 192.168.1.2
ip dhcp excluded-address 192.168.1.3
ip dhcp excluded-address 192.168.1.4
ip dhcp excluded-address 192.168.1.5
ip dhcp excluded-address 192.168.1.6
ip dhcp excluded-address 192.168.1.7
ip dhcp excluded-address 192.168.1.8
ip dhcp excluded-address 192.168.1.9
ip dhcp excluded-address 192.168.1.10
ip dhcp excluded-address 192.168.1.100
ip dhcp excluded-address 192.168.1.90
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
ip dhcp pool LANPOOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 41.212.3.2 41.212.3.253
ip domain name yourdomain.com
ip name-server 41.212.3.2
ip name-server 41.212.3.253
archive
log config
hidekeys
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description Wan to Outside World
ip address 41.212.79.108 255.255.255.0
duplex auto
speed auto
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
ip tcp adjust-mss 1452
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 41.212.79.1
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.1.31 80 interface FastEthernet4 80
access-list 23 permit 10.10.10.0 0.0.0.7
no cdp run
control-plane
scheduler max-task-time 5000
end
I'll appreciate any light you can shed on what am missing.2 wireless routers can not communicate wirelessly with each other.
You need to connect cable between 2 routers and use the second wireless router as access point.
Follow this link to connect Linksys router to another router.
Some of your devices are getting same IP address. This might be the issue with DHCP server of the router. You can try DHCP reservation on the router so that each device will get unique IP address. -
Issue with SPA525g registation and FXO port call calls are not disconnecting properly
Hi,
I have a UC540 and updated it to the latest IOS version with the latest firmware to my phones and i am having registration problems with SPA525g IP Phones. I updated the firmware of the phones as well and create manual tftp bindings with but still it is not registering. I run a couple of debugs (debug tftp events and debug ephone registration) I can see from the logs and in the phone that it is taking the proper VLAN and being discovered via CDP and being pointed to the TFTP server and still wont register. I can see that it is also taking its own .cnf file properly then the output sccp token regected invalid devices error is shown I have a SPA502G and it is working fine. Also there is a previous issue that all the voice port are shown as engage or offhook even the calls are disconnected thus make the main PSTN number busy am based in UAE and our service provider is etisalat I have check with them about the proper disconnection values but still it the same. That's why I have arrived in the conclusion to just update everything including the IOS and the phones firmware. I have put my config in this post, I am also trying to take the CCNA Voice exam on the 2nd week of april and I think that if i don't know how fix this issue for our customer then I would probably fail that exam. any suggestion and help is greatly appreciated cisco experts.
! Last configuration change at 13:36:42 ZP4 Thu Sep 13 2012 by Nick
! NVRAM config last updated at 13:45:41 ZP4 Thu Sep 13 2012 by Nick
version 15.1
parser config cache interface
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
service compress-config
service sequence-numbers
hostname UC540
boot-start-marker
boot system flash:uc500-advipservicesk9-mz.151-2.T4
boot-end-marker
logging buffered 64000
enable secret 5 $1$3CIf$.rXyHeJQrwd97X/f2dS0M1
no aaa new-model
clock timezone ZP4 4 0
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-3558175224
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3558175224
revocation-check none
crypto pki certificate chain TP-self-signed-3558175224
certificate self-signed 01 nvram:IOS-Self-Sig#3.cer
dot11 syslog
dot11 ssid cisco-data
vlan 1
authentication open
dot11 ssid cisco-voice
vlan 100
authentication open
ip source-route
ip cef
ip dhcp relay information trust-all
ip dhcp excluded-address 10.1.3.1 10.1.3.10
ip dhcp pool phone
network 10.1.3.0 255.255.255.0
default-router 10.1.3.1
option 150 ip 10.1.3.1
ip name-server 213.42.20.20
ip name-server 195.229.241.222
ip inspect WAAS flush-timeout 10
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp router-traffic
ip inspect name SDM_LOW udp router-traffic
ip inspect name SDM_LOW vdolive
no ipv6 cef
multilink bundle-name authenticated
stcapp ccm-group 1
stcapp
stcapp supplementary-services
port 0/0/0
fallback-dn 301
port 0/0/1
fallback-dn 302
port 0/0/2
fallback-dn 303
port 0/0/3
fallback-dn 304
trunk group ALL_FXO
max-retry 5
voice-class cause-code 1
hunt-scheme longest-idle
translation-profile outgoing PROFILE_ALL_FXO
trunk group ALL_FX0
voice call send-alert
voice rtp send-recv
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
supplementary-service h450.12
sip
no update-callerid
voice class codec 1
codec preference 1 g711alaw
codec preference 2 g711ulaw
voice class dualtone-detect-params 1
freq-max-deviation 50
freq-max-power 0
freq-min-power 13
freq-power-twist 4
cadence-variation 6
voice class custom-cptone UAE-CUSTOM
dualtone disconnect
frequency 406
cadence 398 344 237 527 400
voice class custom-cptone CCAjointone
dualtone conference
frequency 600 900
cadence 300 150 300 100 300 50
voice class custom-cptone CCAleavetone
dualtone conference
frequency 400 800
cadence 400 50 200 50 200 50
voice class cause-code 1
no-circuit
voice register global
voice hunt-group 1 parallel
list 301,302,303
timeout 24
pilot 511
voice translation-rule 4
rule 15 // //
voice translation-rule 1000
rule 1 /.*/ //
voice translation-rule 1111
voice translation-rule 1112
rule 1 /^9/ //
rule 3 /^0/ //
voice translation-rule 2222
voice translation-rule 3265
rule 1 /\(^..........$\)/ /9\1/
rule 2 /\(^.........$\)/ /9\1/
rule 15 /\(^ABCD$\)/ /ABCD\1/
voice translation-profile CALLER_ID_TRANSLATION_PROFILE
translate calling 1111
voice translation-profile CallBlocking
translate called 2222
voice translation-profile INCOMING_CallerID_PROFILE
translate calling 3265
voice translation-profile OUTGOING_TRANSLATION_PROFILE
translate called 1112
voice translation-profile PROFILE_ALL_FXO
translate calling 4
voice translation-profile nondialable
translate called 1000
voice-card 0
dspfarm
dsp services dspfarm
license udi pid UC540W-FXO-K9 sn FHK143074G6
archive
log config
logging enable
logging size 600
hidekeys
username cisco privilege 15 secret 5 $1$vjNa$OFKLhupqR8al6x2b8Xmcj/
username adminac privilege 15 secret 5 $1$NDC.$PtD0y4YGIj5SqI1gghxWE1
username Nick privilege 15 secret 5 $1$iAmL$tsg7Jf2TEND1NN.h8z2dy/
ip tftp source-interface Loopback0
bridge irb
interface Loopback0
description $FW_INSIDE$
ip address 10.1.10.2 255.255.255.252
ip access-group 101 in
ip nat inside
ip virtual-reassembly in
interface FastEthernet0/0
description $FW_OUTSIDE$
ip address 192.168.101.2 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface Integrated-Service-Engine0/0
description cue is initialized with default IMAP group
ip unnumbered Loopback0
ip nat inside
ip virtual-reassembly in
service-module ip address 10.1.10.1 255.255.255.252
service-module ip default-gateway 10.1.10.2
interface FastEthernet0/1/0
switchport voice vlan 100
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/1
switchport voice vlan 100
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/2
switchport voice vlan 100
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/3
switchport voice vlan 100
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/4
switchport voice vlan 100
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/5
switchport voice vlan 100
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/6
switchport voice vlan 100
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/7
switchport access vlan 20
spanning-tree portfast
interface FastEthernet0/1/8
switchport access vlan 100
macro description cisco-switch
interface Dot11Radio0/5/0
no ip address
shutdown
ssid cisco-data
ssid cisco-voice
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
interface Dot11Radio0/5/0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0/5/0.100
encapsulation dot1Q 100
bridge-group 100
bridge-group 100 subscriber-loop-control
bridge-group 100 spanning-disabled
bridge-group 100 block-unknown-source
no bridge-group 100 source-learning
no bridge-group 100 unicast-flooding
interface Vlan1
no ip address
bridge-group 1
bridge-group 1 spanning-disabled
interface Vlan20
ip address 10.10.10.1 255.255.255.0
interface Vlan100
no ip address
bridge-group 100
bridge-group 100 spanning-disabled
interface BVI1
description $FW_INSIDE$
no ip address
ip nat inside
ip virtual-reassembly in
shutdown
interface BVI100
description $FW_INSIDE$
ip address 10.1.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http path flash:/gui
ip dns server
ip nat inside source list 1 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.101.1
ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0
logging esm config
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 permit 10.1.3.0 0.0.0.255
access-list 1 permit 10.1.10.0 0.0.0.3
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip 192.168.10.0 0.0.0.255 any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration##NO_ACES_8##
access-list 101 remark SDM_ACL Category=1
access-list 101 permit tcp 10.1.3.0 0.0.0.255 eq 2000 any
access-list 101 permit udp 10.1.3.0 0.0.0.255 eq 2000 any
access-list 101 deny ip 10.1.3.0 0.0.0.255 any
access-list 101 deny ip 192.168.10.0 0.0.0.255 any
access-list 101 deny ip 192.168.101.0 0.0.0.3 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 permit ip any any
access-list 102 remark auto generated by SDM firewall configuration##NO_ACES_6##
access-list 102 remark SDM_ACL Category=1
access-list 102 deny ip 10.1.10.0 0.0.0.3 any
access-list 102 deny ip 10.1.3.0 0.0.0.255 any
access-list 102 deny ip 192.168.101.0 0.0.0.3 any
access-list 102 deny ip host 255.255.255.255 any
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 permit ip any any
access-list 102 permit ip 192.168.101.0 0.0.0.3 any
access-list 103 remark auto generated by SDM firewall configuration##NO_ACES_8##
access-list 103 remark SDM_ACL Category=1
access-list 103 permit tcp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 permit udp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 deny ip 10.1.10.0 0.0.0.3 any
access-list 103 deny ip 192.168.10.0 0.0.0.255 any
access-list 103 deny ip 192.168.101.0 0.0.0.3 any
access-list 103 deny ip host 255.255.255.255 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any
access-list 105 permit ip any any
snmp-server community public RO
tftp-server flash:/phones/521_524/cp524g-8-1-17.bin alias cp524g-8-1-17.bin
tftp-server flash:/phones/5x5/spa5x5-7-1-3c.bin alias spa5x5-7-1-3c.bin
tftp-server flash:/phones/525/spa525g-7-4-8.bin alias spa525g-7-4-8.bin
control-plane
bridge 1 route ip
bridge 100 route ip
voice-port 0/0/0
cptone GB
station-id name Cordless
station-id number 329
caller-id enable
voice-port 0/0/1
cptone AE
caller-id enable
voice-port 0/0/2
cptone AE
caller-id enable
voice-port 0/0/3
cptone AE
caller-id enable
voice-port 0/1/0
trunk-group ALL_FX0 64
translation-profile incoming INCOMING_CallerID_PROFILE
supervisory disconnect dualtone mid-call
supervisory custom-cptone UAE-CUSTOM
input gain 14
cptone GB
connection plar opx 511
impedance 600c
description Configured by CCA 4FXO-0/1/0-Custom-BG
bearer-cap Speech
caller-id enable
voice-port 0/1/1
trunk-group ALL_FX0 64
translation-profile incoming INCOMING_CallerID_PROFILE
supervisory disconnect dualtone mid-call
supervisory custom-cptone UAE-CUSTOM
input gain 14
cptone GB
connection plar opx 511
impedance 600c
description Configured by CCA 4 FXO-0/1/1-Custom-BG
bearer-cap Speech
caller-id enable
voice-port 0/1/2
trunk-group ALL_FX0 64
translation-profile incoming INCOMING_CallerID_PROFILE
supervisory disconnect dualtone mid-call
supervisory custom-cptone UAE-CUSTOM
supervisory dualtone-detect-params 1
input gain 14
cptone GB
connection plar opx 511
impedance 600c
description Configured by CCA 4 FXO-0/1/2-Custom-BG
bearer-cap Speech
caller-id enable
voice-port 0/1/3
trunk-group ALL_FX0 64
translation-profile incoming INCOMING_CallerID_PROFILE
supervisory disconnect dualtone mid-call
supervisory custom-cptone UAE-CUSTOM
input gain 14
cptone GB
connection plar opx 511
impedance 600c
description Configured by CCA 4 FXO-0/1/3-Custom-BG
bearer-cap Speech
caller-id enable
voice-port 0/4/0
auto-cut-through
signal immediate
input gain auto-control -15
description Music On Hold Port
sccp local Loopback0
sccp ccm 10.1.3.1 identifier 1 version 4.0
sccp
sccp ccm group 1
associate ccm 1 priority 1
associate profile 1 register confprof1
dspfarm profile 1 conference
description DO NOT MODIFY, active CCA conference profile - CCA2.0 codec729
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 2
associate application SCCP
dial-peer cor custom
name internal
name local
name local-plus
name international
name national
name national-plus
name emergency
name toll-free
dial-peer cor list call-internal
member internal
dial-peer cor list call-local
member local
dial-peer cor list call-local-plus
member local-plus
dial-peer cor list call-national
member national
dial-peer cor list call-national-plus
member national-plus
dial-peer cor list call-international
member international
dial-peer cor list call-emergency
member emergency
dial-peer cor list call-toll-free
member toll-free
dial-peer cor list user-internal
member internal
member emergency
dial-peer cor list user-local
member internal
member local
member emergency
member toll-free
dial-peer cor list user-local-plus
member internal
member local
member local-plus
member emergency
member toll-free
dial-peer cor list user-national
member internal
member local
member local-plus
member national
member emergency
member toll-free
dial-peer cor list user-national-plus
member internal
member local
member local-plus
member national
member national-plus
member emergency
member toll-free
dial-peer cor list user-international
member internal
member local
member local-plus
member international
member national
member national-plus
member emergency
member toll-free
dial-peer voice 1 pots
port 0/0/0
no sip-register
dial-peer voice 2 pots
port 0/0/1
no sip-register
dial-peer voice 3 pots
port 0/0/2
no sip-register
dial-peer voice 4 pots
port 0/0/3
no sip-register
dial-peer voice 5 pots
description ** MOH Port **
destination-pattern ABC
port 0/4/0
no sip-register
dial-peer voice 50 pots
description ** incoming dial peer **
incoming called-number ^AAAA$
port 0/1/0
dial-peer voice 51 pots
description ** incoming dial peer **
incoming called-number ^AAAA$
port 0/1/1
dial-peer voice 52 pots
description ** incoming dial peer **
incoming called-number ^AAAA$
port 0/1/2
dial-peer voice 53 pots
description ** incoming dial peer **
incoming called-number ^AAAA$
port 0/1/3
dial-peer voice 54 pots
description ** FXO pots dial-peer **
destination-pattern A0
port 0/1/0
no sip-register
dial-peer voice 55 pots
description ** FXO pots dial-peer **
destination-pattern A1
port 0/1/1
no sip-register
dial-peer voice 56 pots
description ** FXO pots dial-peer **
destination-pattern A2
port 0/1/2
no sip-register
dial-peer voice 2000 voip
description ** cue voicemail pilot number **
destination-pattern 388
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
voice-class sip outbound-proxy ipv4:10.1.10.1
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 6 pots
description "catch all dial peer for BRI/PRI"
translation-profile incoming nondialable
incoming called-number .%
direct-inward-dial
dial-peer voice 57 pots
description ** FXO pots dial-peer **
destination-pattern A3
port 0/1/3
no sip-register
dial-peer voice 69 pots
destination-pattern 329
port 0/0/0
dial-peer voice 300 pots
trunkgroup ALL_FX0
description Local Numbers
destination-pattern 9T
forward-digits 9
dial-peer voice 301 voip
destination-pattern 2..
session target ipv4:192.168.201.2
dial-peer voice 303 pots
trunkgroup ALL_FXO
trunkgroup ALL_FX0
description **InternationalCall**
destination-pattern 88T
dial-peer voice 304 pots
trunkgroup ALL_FX0
description *EM1*
destination-pattern 9[1-9]T
forward-digits 3
dial-peer voice 302 pots
trunkgroup ALL_FX0
description **Mobiles**
destination-pattern 9.[0-9].[0-9]......
dial-peer voice 305 pots
trunkgroup ALL_FX0
description **800-**
destination-pattern 9[0-9][0-9][0-9]T
no dial-peer outbound status-check pots
telephony-service
sdspfarm conference mute-on 111 mute-off 222
sdspfarm units 5
sdspfarm tag 1 confprof1
conference hardware
video
fxo hook-flash
max-ephones 40
max-dn 300
ip source-address 10.1.3.1 port 2000
max-redirect 20
auto assign 1 to 1 type bri
calling-number initiator
service phone videoCapability 1
service phone webAccess 0
service dnis overlay
service dnis dir-lookup
timeouts interdigit 5
system message American Center
url services http://10.1.10.1/voiceview/common/login.do
url authentication http://10.1.10.2/CCMCIP/authenticate.asp
load 521G-524G cp524g-8-1-17
load 525G spa525g-7-4-8
load 501G spa5x5-7-1-3c
load 502G spa5x5-7-1-3c
load 504G spa5x5-7-1-3c
load 508G spa5x5-7-1-3c
load 509G spa5x5-7-1-3c
time-zone 35
date-format dd-mm-yy
voicemail 388
max-conferences 8 gain -6
call-forward pattern .T
call-forward system redirecting-expanded
hunt-group logout HLog
moh MOH2.wav
multicast moh 239.10.16.16 port 2000
web admin system name cisco secret 5 $1$iDgA$MKNi2RWfsO0KjuC82kgLJ1
dn-webedit
time-webedit
transfer-system full-consult dss
transfer-pattern 9.T
transfer-pattern .T
secondary-dialtone 9
fac standard
create cnf-files version-stamp 7960 Aug 29 2012 12:00:04
line con 0
privilege level 15
logging synchronous
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
transport input all
line vty 5 100
login local
transport input all
ntp master
end
Some of the output are not shown becaus it is to long I have attach the whole config for reference and any advice on how could I optimize and resolve my issues is greatly appreciated. ThanksNicolo - First off this stuff gets crazy sometimes. No worries about the exam. Sometimes when FXO ports go crazy it is due to battery reversal. If you go to the FXO port settings try turning battery reversal on and or off... depending on its current setting. See if that helps.
As for the 525s not registering.. These are inside the network correct? Are you connecting one directly to the UC500 with a Cat5E or Cat6 patch cable and the same thing happens? Does the MAC address on the phone match a MAC address under the EPHONE settings?
If you telnet into the UC500 can you execute a "dir" command at the CLI prompt and "CD" (change directory) into the phones folder and then the spa525g folder? Do files exist in there?
Also I only see an IP address under BVI100? This is the voice side of things what happened to the IP address under BVI1 (Data VLAN). Can you give us some information about the internal network? Cna you PING this phone system from the network? What IP address does it have? -
Adobe CEF Helper multiple instances causing problems using newest CC 1.5.1.369
I just reinstalled all CC and Apps after a clean refresh wipe of PC. Within one week I am having several crashes and lockups and other strange behavior while using Photoshop, Indesign and other apps.
The lockups have been getting progressively worse, starting with very short delays while switching between apps or even switching to desktop to mouse click a file icon there which seemed almost like my machine would get focused on whatever app I was in and would not immediately release when I switched to do other things. Now the lockups are getting longer. Photoshop is also not fully closing down. So later if I reopen it, a photoshop process is still running in Task Manager and I must force it down before I can open a new file in a new instance of photoshop.
Today I had one complete crash of PS, as well as some strange lockup when I had two small ad files open. We are talking 1/6th page ads - small. I had them open side by side when it locks up and only thing I can move is the mouse curser which has changed to an "unallowed" icon (circle with slash). Rest of application and tools were locked up. In one of the files it would let me click a layer in the file and it would jump around the page. I checked Task manager and multiple CEF helpers were running around 30-50,000K private memory working set, and one of the CEF helpers was fluctuating between 13-20% or so of CPU usage. I immediately ended that service and photoshop started working again and I was able to save the files. I'm still noticing other problems like not being able to select multiple items at one time to copy/paste seen both in Indesign and Adobe acrobat pdf files.
I remember hearing about this issue long ago and checked the forums. Low and behold the long time Adobe CEF Helper problem thread was closed by a staffer in Feb, 2014, stating the following:
https://forums.adobe.com/thread/1235395?start=120&tstart=0
Jeff A Wright Feb 14, 2014 8:37 AM (in response to Michael.Noble64)
Locking this discussion as the cause of the excessive usage of Adobe CEF Helper was addressed in version 1.1.2.232. For full release notes please see Creative Cloud app for desktop | Release Notes -http://helpx.adobe.com/creative-cloud/release-note/cc-release-notes.html.
If you are experiencing difficulties with the Adobe CEF Helper please post a new discussion with the specifics of the behavior you are encountering.
I am having problems with the CEF helper and I have CC 1.5.1.369 as far as I can tell, on a fresh install a week old.
System:
Windows prof 7 sp1 64bit, 32gb ram, SSD main drive and mechanical data drive
Items added to this PC are autodesk products and Adobe CC Apps. I don't have a number of addons for CC apps like photoshop, just one plugin for photoshop called Geographic Imager.
Hopefully there is something more subtle I can try besides wiping my PC and reinstalling all the apps and settings again. A pc refresh and install this time with up to date CC and Apps was meant to fix all my broken file associations issues from previous updates - which it did. But was hoping not to end up with a dreaded CEF helper issue. Any help would be appreciated as this seems to be getting worse daily.
Other note, I turned off Syncing of settings when I first started noticing issues. Haven't tried much else besides ending CEF helper services when forced to.I just want to note that my recommendations led my clients to purchase more than 5 licences of FMIS/AMIS througt the time.
As I see how low is the passion to react to any problem on Adobe side, I would have probably changed my mind.
This is really pain in the *** as any call to adobe official contact (taken on mind that to find one is a big quest by itself) lead just to reply "pay nasty amount for our consultancy Sir!" and it does not look any better here....
I am no novice on FMS/AMS platform, working with it more than 6 years throught many projects and I would not ask for some stupid questions which could be solved just by looking to documentation or could be solved by some performance eperience.
I am really upset for this :/ -
891W to 5505 EZVPN issue...No peer struct to get peer description
Hey everyone,
I've been on the forums looking for a solution to my issue in my lab....
I'm getting the No peer struct to get peer description error in my debug. I've done a search on these forums but the changes that I made did not work for me
It has to be something simple.....
I am able to ping out to my ASA
891Demo#ping 38.98.226.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 38.98.226.100, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/106/116 ms
I did a few show commands listed below if anyone wants to take a look...
891Demo#sho run
Building configuration...
Current configuration : 6370 bytes
! Last configuration change at 20:47:45 UTC Fri Jan 10 2014 by admin
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 891Demo
boot-start-marker
boot-end-marker
logging buffered 52000
aaa new-model
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
crypto pki trustpoint TP-self-signed-1670941714
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1670941714
revocation-check none
rsakeypair TP-self-signed-1670941714
crypto pki certificate chain TP-self-signed-1670941714
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363730 39343137 3134301E 170D3133 30393130 31383038
31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36373039
34313731 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A613 DCE81A2F 27DC53B6 6ED91D5E 167EEAEA D9793CB3 33C39BBE CBC5AF0B
029C1605 3FC09722 C7811B2D 173B5887 2C87A9C7 4DDAC1C4 AE13A1C3 743B940E
A5A7AF56 26A83081 2330E910 1BA8317A BE0BC37A 631D858D E307DC04 2F76D648
1500DB09 2BC1B92A 92C0B8FE 59434385 A3D1B19D 5665D3A9 07956793 F2B98EDA
EA870203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1489C50C C4C16781 28F37E31 DABE13A9 2EE9967E 58301D06
03551D0E 04160414 89C50CC4 C1678128 F37E31DA BE13A92E E9967E58 300D0609
2A864886 F70D0101 05050003 81810053 FD39A299 CFF9E763 C89846EE 9BE0DAE4
31B890D0 969764F0 98A21C63 FD103ADB 29BA7DB4 98C142B9 1EA60C71 1D6C4BE5
921224F5 BE5FC348 2A2A4858 A5D0E680 23346C0E 8EA55314 435CE650 5167C796
1EB4EFAD 1D045B2C 84031255 C2A9F5B7 C8542ACF 3C69C46E DE0230AE EA3587EE
464A0AC0 3987D917 47A4ABDB 5B6022
quit
ip cef
ip dhcp excluded-address 10.10.10.7 10.10.10.254
891Demo#sh run
Building configuration...
Current configuration : 6370 bytes
! Last configuration change at 20:47:45 UTC Fri Jan 10 2014 by admin
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 891Demo
boot-start-marker
boot-end-marker
logging buffered 52000
aaa new-model
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
crypto pki trustpoint TP-self-signed-1670941714
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1670941714
revocation-check none
rsakeypair TP-self-signed-1670941714
crypto pki certificate chain TP-self-signed-1670941714
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363730 39343137 3134301E 170D3133 30393130 31383038
31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36373039
34313731 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A613 DCE81A2F 27DC53B6 6ED91D5E 167EEAEA D9793CB3 33C39BBE CBC5AF0B
029C1605 3FC09722 C7811B2D 173B5887 2C87A9C7 4DDAC1C4 AE13A1C3 743B940E
A5A7AF56 26A83081 2330E910 1BA8317A BE0BC37A 631D858D E307DC04 2F76D648
1500DB09 2BC1B92A 92C0B8FE 59434385 A3D1B19D 5665D3A9 07956793 F2B98EDA
EA870203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1489C50C C4C16781 28F37E31 DABE13A9 2EE9967E 58301D06
03551D0E 04160414 89C50CC4 C1678128 F37E31DA BE13A92E E9967E58 300D0609
2A864886 F70D0101 05050003 81810053 FD39A299 CFF9E763 C89846EE 9BE0DAE4
31B890D0 969764F0 98A21C63 FD103ADB 29BA7DB4 98C142B9 1EA60C71 1D6C4BE5
921224F5 BE5FC348 2A2A4858 A5D0E680 23346C0E 8EA55314 435CE650 5167C796
1EB4EFAD 1D045B2C 84031255 C2A9F5B7 C8542ACF 3C69C46E DE0230AE EA3587EE
464A0AC0 3987D917 47A4ABDB 5B6022
quit
ip cef
ip dhcp excluded-address 10.10.10.7 10.10.10.254
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
lease 0 2
ip domain name yourdomain.com
no ipv6 cef
ipv6 multicast rpf use-bgp
multilink bundle-name authenticated
license udi pid CISCO891W-AGN-A-K9 sn FTX171783D3
username admin privilege 15 password 0 password
redundancy
csdb tcp synwait-time 30
csdb tcp idle-time 3600
csdb tcp finwait-time 5
csdb tcp reassembly max-memory 1024
csdb tcp reassembly max-queue-length 16
csdb udp idle-time 30
csdb icmp idle-time 10
csdb session max-session 65535
crypto isakmp policy 50
encr 3des
authentication pre-share
group 2
crypto isakmp key D1l2w3r4 address 38.98.226.100
crypto isakmp client configuration group VPNGroupZLAB
key D1l2w3r4
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
mode tunnel
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
mode tunnel
crypto ipsec client ezvpn CISCOCP_EZVPN_CLIENT_1
connect auto
group DefaultL2LGroup key D1l2w3r4
mode client
peer 38.98.226.100
username ztest password D1l2w3r4
xauth userid mode local
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to38.98.226.100
set peer 38.98.226.100
set transform-set ESP-3DES-SHA
match address 102
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
no ip address
interface FastEthernet5
no ip address
interface FastEthernet6
no ip address
interface FastEthernet7
no ip address
interface FastEthernet8
no ip address
shutdown
duplex auto
speed auto
interface Virtual-Template1 type tunnel
no ip address
tunnel mode ipsec ipv4
interface GigabitEthernet0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map SDM_CMAP_1
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
no ip address
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
interface Async1
no ip address
encapsulation slip
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source route-map SDM_RMAP_1 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1 254
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 192.168.1.1 254
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp 254
ip access-list extended protect_traffic
permit ip host 10.10.10.1 host 10.1.11.1
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 101
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 remark CCP_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 10.10.10.0 0.0.0.255 10.1.11.0 0.0.0.255
access-list 101 remark CCP_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny ip 10.10.10.0 0.0.0.255 10.1.11.0 0.0.0.255
access-list 101 permit ip 10.10.10.0 0.0.0.7 any
access-list 102 remark CCP_ACL Category=4
access-list 102 remark IPSec Rule
access-list 102 permit ip 10.10.10.0 0.0.0.255 10.1.11.0 0.0.0.255
control-plane
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
mgcp profile default
line con 0
line 1
modem InOut
speed 115200
flowcontrol hardware
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin udptn ssh
line aux 0
line vty 0 4
access-class 23 in
transport input telnet ssh
transport output telnet ssh
line vty 5 15
access-class 23 in
transport input telnet ssh
transport output telnet ssh
end
=============================================
=============================================
891Demo#sh crypto ipsec sa
interface: GigabitEthernet0
Crypto map tag: SDM_CMAP_1, local addr 10.0.0.35
protected vrf: (none)
local ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (10.1.11.0/255.255.255.0/0/0)
current_peer 38.98.226.100 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: 10.0.0.35, remote crypto endpt.: 38.98.226.100
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0
current outbound spi: 0x0(0)
PFS (Y/N): N, DH group: none
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:
=============================================
=============================================
891Demo#sho crypto se
Crypto session current status
Interface: GigabitEthernet0
Session status: DOWN
Peer: 38.98.226.100 port 500
IPSEC FLOW: permit ip 10.10.10.0/255.255.255.0 10.1.11.0/255.255.255.0
Active SAs: 0, origin: crypto map
891Demo#
*Jan 10 20:56:15.327: No peer struct to get peer description
=============================================
=============================================
891Demo#sh crypto isakmp default pol
Default IKE policy
Default protection suite of priority 65507
encryption algorithm: AES - Advanced Encryption Standard (128 bit keys).
hash algorithm: Secure Hash Standard
authentication method: Rivest-Shamir-Adleman Signature
Diffie-Hellman group: #5 (1536 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite of priority 65508
encryption algorithm: AES - Advanced Encryption Standard (128 bit keys).
hash algorithm: Secure Hash Standard
authentication method: Pre-Shared Key
Diffie-Hellman group: #5 (1536 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite of priority 65509
encryption algorithm: AES - Advanced Encryption Standard (128 bit keys).
hash algorithm: Message Digest 5
authentication method: Rivest-Shamir-Adleman Signature
Diffie-Hellman group: #5 (1536 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite of priority 65510
encryption algorithm: AES - Advanced Encryption Standard (128 bit keys).
hash algorithm: Message Digest 5
authentication method: Pre-Shared Key
Diffie-Hellman group: #5 (1536 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite of priority 65511
encryption algorithm: Three key triple DES
hash algorithm: Secure Hash Standard
authentication method: Rivest-Shamir-Adleman Signature
Diffie-Hellman group: #2 (1024 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite of priority 65512
encryption algorithm: Three key triple DES
hash algorithm: Secure Hash Standard
authentication method: Pre-Shared Key
Diffie-Hellman group: #2 (1024 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite of priority 65513
encryption algorithm: Three key triple DES
hash algorithm: Message Digest 5
authentication method: Rivest-Shamir-Adleman Signature
Diffie-Hellman group: #2 (1024 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite of priority 65514
encryption algorithm: Three key triple DES
hash algorithm: Message Digest 5
authentication method: Pre-Shared Key
Diffie-Hellman group: #2 (1024 bit)
lifetime: 86400 seconds, no volume limit
Any insight to this would be appreciated, i'm still going to try and figure it out as wellIt is the host site not transmitting. The ACL that i see thats blocking is for a client based VPN.
Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 Outside
Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 192.168.180.0 255.255.254.0 Inside
Phase: 3
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group Inside_access_in in interface Inside
access-list Inside_access_in extended permit ip object obj_any any
Additional Information:
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (Inside,Outside) source static DM_INLINE_NETWORK_20 DM_INLINE_NETWORK_20 destination static AT_Remote AT_Remote no-proxy-arp route-lookup
Additional Information:
Static translate 192.168.180.232/12345 to 192.168.180.232/12345
Phase: 6
Type: ACCESS-LIST
Subtype: vpn-user
Result: DROP
Config:
Additional Information:
Result:
input-interface: Inside
input-status: up
input-line-status: up
output-interface: Outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule -
Ok I dont know if its just staring at me ridiculing me but I am feeling like an idiot here... I have an 871 and all I need to do is some basic rules..
Here is the config I am having the issue with...
I need these statics:
.227 opened and forwarded to these ports:
10.0.0.240 80 tcp
10.0.0.241 81 tcp
10.0.0.242 82 tcp
10.0.0.243 83 tcp
10.0.0.244 84 tcp
10.0.0.9 3389 tcp
then .228 forwarded and allports opened to 10.0.0.15
Right now its working for the .228 but the .227 is blocking everything.. If I remove the lines for the 10.0.0.15 *.*.*.228 then everything works for the .227 statics and ports..
What is wrong here???
s run
Building configuration...
Current configuration : 4747 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service sequence-numbers
hostname ******
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
no aaa new-model
resource policy
clock timezone MST -7
ip cef
ip name-server *.*.*.65
ip name-server *.*.*.65
ip inspect log drop-pkt
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp router-traffic
ip inspect name SDM_LOW udp router-traffic
ip inspect name SDM_LOW vdolive
crypto pki trustpoint TP-self-signed-974215006
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-974215006
revocation-check none
rsakeypair TP-self-signed-974215006
crypto pki certificate chain TP-self-signed-974215006
certificate self-signed 01
30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 39373432 31353030 36301E17 0D313330 31303231 35333430
315A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3937 34323135
30303630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
CE70D924 A69C5408 AF2DC7DF CD6C4FB4 6FF8B3A7 04380A8B AC07B63F DF47B76C
9269256B 2D166D76 DFEEB4A1 A7F3CD14 87018C5E 00957EE5 233F76EE 8D0EB13E
D33FE972 77661DF2 B2BBC711 E09CF82F 7FC907DF 5591C326 CF80D599 09017B23
AB6F3589 A983AC80 2C92D62D E15FF75B 14241C9B 394BED17 69F2BE7F 69BB21EF
02030100 01A36C30 6A300F06 03551D13 0101FF04 05300301 01FF3017 0603551D
11041030 0E820C52 69766965 72615F6D 65736130 1F060355 1D230418 30168014
8F9D3891 FB866320 C9C2FA5B 7AEE8A53 91F495DD 301D0603 551D0E04 1604148F
9D3891FB 866320C9 C2FA5B7A EE8A5391 F495DD30 0D06092A 864886F7 0D010104
05000381 81005F45 DD5BBAE3 960E8930 1C88ACEC 4D190FEC C8C6FA71 48FB8CB8
969BD344 1FC0E8C6 98C4ED1D B559A772 1A3ED3D9 1C75D143 BE642414 B049118C
858422D5 E84617E9 018B1B66 341E928D EAE0E568 923424C4 BF31DFFF E7E5A490
B24D2DBC CE5DC6FF 306EC1C2 BD4DDC04 4AE70B0B 5CFE9426 21B5F83E CA6D28E0
3B93DCA9 015E
quit
username****** privilege 15 secret 5 34yweth2453723475
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description $FW_OUTSIDE$
ip address *.*.*.226 255.255.255.248
ip access-group 101 in
ip verify unicast reverse-path
ip nat outside
ip inspect SDM_LOW out
ip virtual-reassembly
duplex auto
speed auto
interface Vlan1
description $FW_INSIDE$
ip address 10.0.0.1 255.255.255.0
ip access-group 100 in
ip nat inside
ip virtual-reassembly
ip route 0.0.0.0 0.0.0.0 *.*.*.225
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat pool outside_ip_pool *.*.*.227 *.*.*.230 netmask 255.255.255.24 8
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 10.0.0.240 80 *.*.*.227 80 extendable
ip nat inside source static tcp 10.0.0.241 81 *.*.*.227 81 extendable
ip nat inside source static tcp 10.0.0.242 82 *.*.*.227 82 extendable
ip nat inside source static tcp 10.0.0.243 83 *.*.*.227 83 extendable
ip nat inside source static tcp 10.0.0.244 84 *.*.*.227 84 extendable
ip nat inside source static tcp 10.0.0.9 3389 *.*.*.227 3389 extendable
ip nat inside source static 10.0.0.15 *.*.*.228
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 100 remark auto generated by SDM firewall configuration##NO_ACES_4##
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip *.*.*.224 0.0.0.7 any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 permit ip any host *.*.*.228
control-plane
line con 0
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
scheduler max-task-time 5000
webvpn context Default_context
ssl authenticate verify all
no inservice
endHi,
I'm not really familiar with the Router Firewalls but I'd just point out what caught my eye (even though there might not be anything wrong about them)
You have ACL 101 attached to outside interface and it only allow traffic to .228
You have some outside_ip_pool configuration line that includes the IPs you're going to use for both Static NAT and Port Forward. Shouldnt you leave the .227 and .228 out of the Pool range?
- Jouni
Maybe you are looking for
-
Look at the Histogram. The color layer on top is usually gray tones (not brown). The thumbnails are white dishes on white. As a yesterday, all the images displayed correctly. I opened LR4 today to this. I have not changed or updated my OS since. I ha
-
Yesterday 9/11/13, Apple presented me an update to my printer software for my Artisan 835. Now it on
-
How can I get rid of the related searshes???
Every time I searsh for some thing , it "Related Searshes" appears on the left of the window and I don't want to see it again.
-
How to get manager position via hrp1001?
Hello lets say that i have worker number and i need is manager number. i think that via 4 selections i can get his boss. 1st find position of work SELECT SINGLE sobid INTO lv_sobid FROM hrp1001 where otype = 'P' and objid = '50000666' " and r
-
How to insert element in a Queue as the nth item
Hi Gurus, Please can anyone help with a method or algorithm that inserts item into the queue as the nth element (counting from front, which is element 1)? I have already spent a week on it...i can't seem to knock it out. Thanks in advance.