IPS on the stick - ECLB - UDLD doesn't disable the port during IPS reload

Similar Messages

• Closing the browser in InfoView doesn't log the user off.

  In Business Objects XI R2 Infoview, closing the browser in InfoView doesn't log the user off no matter how you answer the subsequent popup question "A window has closed. Log off as well?" Is there a fix for this somewhere?

  hi,
  In InfoView, with Performance Management installed, user sessions fail to be released immediately when the Log Off button is clicked.
  If you click the logoff button in Infoview and watch the address bar you will notice that it actually goes to another page called default.htm. It does this really fast. That page is located at C:\Program Files\Business Objects\Tomcat\webapps\businessobjects\enterprise115\desktoplaunch\InfoView. Remove both the default.htm and index.html and reboot your Tomcat server. Open a browser and go to Infoview. Once you have gotten in to Infoview click the log off button. You will get and error from the tomcat server and that is because the page does not exist anymore. If you look in CMS under servers and CMS you will also notice it dropped the session as well. So if you create another Default.htm page of your own and just redirect to another page it all should work.
  However I did notice an interesting ADAPT in CHF15 :-
  http://support.businessobjects.com/CommunityCS/FilesAndUpdates/boxir2_en_chf15_readme.pdf
  ADAPT00576483 Patch ID: 39,216,665
  Also did u do any customization setting before ?

• I bought a used ipad on ebay and the icloud acct is still linked to the old owner who doesn't remember the acct information. How can I set up my apple id on the iPad.

  I bought a used ipad on ebay and the icloud acct is still linked to the old owner who doesn't remember the acct information. How can I set up my apple id on the iPad?

  You will need the previous owner's Apple ID and Password to:
  1. Turn off Find My iPhone
  2. Erase device
  3. Reactivate device

• I cannot connect my iPhone 5 32GB IOS 6.02 to iTunes 11.01 on a Mac Book Pro. The screen freezes and doesn't recognize the iPhone at all. Thank you for your help.

  I cannot connect my iPhone 5 32GB IOS 6.02 to iTunes 11.01 on a Mac Book Pro. The screen freezes and doesn't recognize the iPhone at all. Thank you for your help.

  Read here.
  http://support.apple.com/kb/TS1591

• Error: The decapsulated inner packet doesn't match the negotiated policy in the SA

  I upgraded my ASA from 8.2(1) to 8.4(3) as I wanted to try to get Android devices to properly connect via VPN.
  After some effort, I was able to get the Android devices to connect via VPN.  However, my syslog server has a number of errors recorded that look this this:
  %ASA-4-402116: IPSEC: Received an ESP packet (SPI= 0x1E76EFA6, sequence number= 0x1F0) from x.x.x.x (user= testuser) to y.y.y.y.  The decapsulated inner packet doesn't match the negotiated policy in the SA.  The packet specifies its destination as z.z.z.z, its source as a.a.a.a, and its protocol as tcp.  The SA specifies its local proxy as y.y.y.y/255.255.255.255/udp/42246 and its remote_proxy as x.x.x.x/255.255.255.255/udp/0.
  Digging further, it seems this error might be due to a NAT issues with the VPN connections.  VPN previously worked with Cisco's VPN client on Windows, though I did not test to see if that is no longer working.  However, I made no changes in the config, except for those related to additions needed to support L2TP.  With the below config, Android clients can connect to the ASA and access the internal network, but they cannot connect to external addresses.  I'm at a loss.
  The addresses used in the config: 192.168.1.0/24 are on the internal LAN and 192.168.3.0/24 are addresses assigned to VPN clients.
  I noted in the config this line:
  access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.0
  The access list is not referenced anywhere, though it was referenced in the 8.2(1) config like this:
  nat (inside) 0 access-list inside_nat0_outbound
  I'm not sure what else changed, but I've looked over the config and I just cannot see what the issue might be.  I'm hoping somebody might be able to point out my error.
  Here's the config file (at least the parts that might be of interest):
  : Saved
  ASA Version 8.4(3)
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.1.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  boot system disk0:/asa843-k8.bin
  object network obj-192.168.3.0
  subnet 192.168.3.0 255.255.255.0
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  access-list outside_access_in extended permit icmp any interface outside time-exceeded
  access-list outside_access_in extended permit icmp any interface outside echo-reply
  access-list outside_access_in extended permit icmp any interface outside unreachable
  access-list outside_mpc extended permit ip any interface outside
  access-list inside_mpc extended permit ip 192.168.1.0 255.255.255.0 any
  access-list testVPN_splitTunnelAcl extended permit ip 192.168.1.0 255.255.255.0 any
  access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.0
  ip local pool VPN-Pool-1 192.168.3.1-192.168.3.254 mask 255.255.255.0
  ip verify reverse-path interface outside
  nat (inside,any) source static any any destination static obj-192.168.3.0 obj-192.168.3.0 no-proxy-arp
  object network obj-192.168.3.0
  nat (outside,outside) dynamic interface
  object network obj_any
  nat (inside,outside) dynamic interface
  access-group outside_access_in in interface outside
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP mode transport
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP mode transport
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 10 set ikev1 transform-set ESP-AES-128-SHA-TRANSP ESP-3DES-SHA-TRANSP
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ikev1 enable outside
  crypto ikev1 policy 5
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 10
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  group-policy testVPN internal
  group-policy testVPN attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol ikev1
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value testVPN_splitTunnelAcl
  default-domain value test.us
  group-policy testVPNnsl2tp internal
  group-policy testVPNnsl2tp attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol l2tp-ipsec
  group-policy testVPNns internal
  group-policy testVPNns attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol ikev1
  username testuser password PASSWORD encrypted privilege 15
  username testuser2 password PASSWORD nt-encrypted privilege 15
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group DefaultRAGroup ppp-attributes
  authentication ms-chap-v2
  tunnel-group testVPN type remote-access
  tunnel-group testVPN general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPN
  tunnel-group testVPN ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNns type remote-access
  tunnel-group testVPNns general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNns
  tunnel-group testVPNns ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNnsl2tp type remote-access
  tunnel-group testVPNnsl2tp general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group testVPNnsl2tp ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNnsl2tp ppp-attributes
  authentication ms-chap-v2
  One last question: in order to get the connection from Android to work, I was forced to use "tunnel-group DefaultRAGroup".  Is that actually a limitation, or did I make an error that forced that requirement?  I wanted to use "tunnel-group testVPNnsl2tp".
  Thanks!

  Chris,
  This is still a bit off the mark.  I think I might be confusing the issue by including some of the VPN configuration that I had previously installed and working (e.g., two other VPN tunnel groups with split tunneling on one of them).  Let's just remove that stuff from consideration.  I actually tested the current configs just to see if they are working since the upgrade.  testVPN is working with the split tunneling, but testVPNns (no-split tunneling) does not allow external access.  I guess there is a NAT config issue there, too, but not sure what it is, yet.  I've not investigated that closely.
  I want to solve one problem at a time, though I understand there are some interdependencies.
  What I'd like to focus on right now is just the L2TP VPN connection.
  From what I've been able to understand from the documentation, what I need are these lines:
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP mode transport
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP mode transport
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 10 set ikev1 transform-set ESP-AES-128-SHA-TRANSP ESP-3DES-SHA-TRANSP
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ikev1 enable outside
  group-policy testVPNnsl2tp internal
  group-policy testVPNnsl2tp attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol l2tp-ipsec
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key P74bmqL6rT40bl5
  tunnel-group DefaultRAGroup ppp-attributes
  authentication ms-chap-v2
  crypto ikev1 policy 5
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  I still want to assign the IP addresses to VPN clients out of 192.168.3.0/24.
  The tricky part is understanding exactly what NAT rules to insert and to avoid that error message I'm getting relatred to the encapsulated packets.  I tried to introduce the commands you had, but it's missing stuff that I would need for L2TP/IPSec (e.g., "mode transport").  I also don't think I want "pfs group5".  The above config "works" in that I get connected -- all negotiation is done.  It's just that packets from the VPN client are not able to go out to the Internet and I'm seeing that encapsulation error messages when I try to send a packet.
  Paul

• If I am connected to Wifi and send an iMessage to a party that is not connected to the Internet then he doesn't receive the message. How do I force my iPhone to send an SMS instead?

  If I am connected to Wifi and send an iMessage to a party that is not connected to the Internet then he doesn't receive the message. How do I force my iPhone to send an SMS instead?

  It is an interesting option but I am not sure how it works. I disconnected the other party Wifi and 3G on the iPhone, iPad and computer. I sent the iMessage 15 minutes ago and it doesn't give the small foot print "delivered" but equally said I didn't get the RED exclamation mark on the right hand side of the message in BLUE. So we know that the message was sent but not delivered. I don't seem to have the option of sending by SMS when I tap on the BLUE message and hold.

• TS4062 On my Iphone I have 1-Camera roll, two Photo Libraries, and 1 delete.  I cannot get rid of the Photo albums off the phone.  I cannot take things off my Iphone using the itunes because it doesn't pull the Iphone up.

  On my Iphone I have 1-Camera roll, two Photo Libraries, and 1 delete.  I cannot get rid of the Photo albums off the phone.  I cannot take things off my Iphone using the itunes because it doesn't pull the Iphone up.

  Pat2006 wrote:
  I cannot take things off my Iphone using the itunes because it doesn't pull the Iphone up.
  Correct. You don't use iTunes to get photos off the iPhone.
  See this -> http://support.apple.com/kb/HT4083

• Why is my location city changed by Firefox to a town I don't live in? I put in my zip code in the weather info and it will not hold it no matter what I do. This is very frustrating and never a problem in the past. IE doesn't have the problem. Help?

  Why is my location city changed by Firefox to a town I don't live in? I put in my zip code in the weather info and it will not hold it no matter what I do. This is very frustrating and never a problem in the past. IE doesn't have the problem. Can anyone help?

  1) Is it a video clip? Something you recognize?  To be clear, it's displaying at a point in your exported movie but doesn't appear at all in the sequence?
  2) What are your sequence settings?  Right-click your sequence and choose "Item Properties" to verify.

• Fairly new to PP. When I drag a clip from the media browser only the video goes into the timeline. It doesn't allow the audio. What could I be doing wrong?

  Fairly new to PP. When I drag a clip from the media browser only the video goes into the timeline. It doesn't allow the audio. What could I be doing wrong?

  Its al in the targeting and source patching:
  Adobe Premiere Pro Help | Source patching and track targeting 

• The latest version of Firefox loads with the Ask page and doesn't retain the selected home page. How do I change this?

  I downloaded the latest Firefox version. Upon loading it it doesn't retain the previous Home Page setting and always reverts to the Ask page, which is always indicated as the Home Page. This is annoying. How do I overcome this problem?

  #Remove Ask Toolbar (if you have it installed):
  #*http://support.mozilla.org/en-US/kb/Uninstalling+add-ons
  #*http://support.mozilla.org/en-US/kb/Cannot%20uninstall%20an%20add-on
  #*http://kb.mozillazine.org/Uninstalling_toolbars
  #Reset your home page (if the Ask search page is displayed when starting Firefox): http://support.mozilla.org/en-US/kb/How+to+set+the+home+page
  #*You can reset to the default by clicking "Restore to default" on Options > General > Startup > Home page. Be sure to set "When Firefox starts" to "Show my home page" on that same panel.
  #Reset your Location Bar search engine (if typing a few words in the URL/Location Bar takes you to Ask search):
  #*type '''''about:config''''' in your Location Bar, like typing a web site address, and press the Enter key
  #*ignore warning and choose to continue
  #*in Filter, type '''''keyword.URL'''''
  #*in lower part of screen, if it is '''bold''' and shows "'''user set'''", right-click keyword.URL and choose "Reset"
  #*in Filter, type '''''Ask'''''
  #*any items in lower part of screen in '''bold''' and showing "'''user set'''", right-click and choose "Reset"
  #*close about:config tab
  #*See:
  #**http://kb.mozillazine.org/About:config
  #**http://kb.mozillazine.org/Location_Bar_search#Location_Bar_search_.28external_-_search_engine.29
  #**http://kb.mozillazine.org/Keyword.url
  #**http://www.techrena.net/computers/address-bar-search-provider-firefox/
  #If Ask is shown in your Search Bar and you want to remove it:
  #*https://support.mozilla.org/en-US/kb/Search%20bar
  '''If this reply solves your problem, please click "Solved It" next to this reply when <u>signed-in</u> to the forum.'''
  Not related to your question, but...
  You may need to update some plug-ins. Check your plug-ins and update as necessary:
  *Plug-in check --> http://www.mozilla.org/en-US/plugincheck/
  *Adobe Shockwave for Director Netscape plug-in: [https://support.mozilla.org/en-US/kb/Using%20the%20Shockwave%20plugin%20with%20Firefox#w_installing-shockwave Installing ('''''or Updating''''') the Shockwave plugin with Firefox]
  *'''''Adobe PDF Plug-In For Firefox and Netscape''''': [https://support.mozilla.org/en-US/kb/Using%20the%20Adobe%20Reader%20plugin%20with%20Firefox#w_installing-and-updating-adobe-reader Installing/Updating Adobe Reader in Firefox]
  *Shockwave Flash (Adobe Flash or Flash): [https://support.mozilla.org/en-US/kb/Managing%20the%20Flash%20plugin#w_updating-flash Updating Flash in Firefox]
  *'''''Next Generation Java Plug-in for Mozilla browsers''''': [https://support.mozilla.org/en-US/kb/Using%20the%20Java%20plugin%20with%20Firefox#w_installing-or-updating-java Installing or Updating Java in Firefox]

• When I click the facebook app it doesn't open the page.

  Im signed in to facebook and i want to fix this before my brother gets home! so when i click the facebook icon, it doesnt open the page the page goes blank all I see is the facebook logo on the top and the page is blank and after 10 secs it goes back to the ipod touch home page. i've tried recharging it, turned it on and off ! PLEASE HELP ! :'(

  I'm also having trouble with the facbook application on my Ipod Touch. When you try to click on a link within facebook, it doesn't go anywhere. I went and spoke with a person at the Apple store genius bar and they did a restore, and also reinstalled the application. This did not fix the issue. I then asked them to try it with another ipod and it did the same thing. The store rep said it was a problem caused by OS4 and he was not able to fix it.
  Any thoughts on how I can resolve this issue?

• The mini vga adaptor doesn't recognize the display help?

  i am unable to connect my macbook pro to the projector through the mini vga adaptor .it shows a blue screen on connecting and then nothing happens.please suggest step by step procedure to get the display . the projector is of sony.any setting changes are needed pls suggest.

  Check your port for any dirt or debris. Check your system prferences, for the correct sttings
  Try a PRAM reset.
  Shut down your Mac.
  Locate the following keys on the keyboard: Option, Command (⌘), P, and R. You will need to hold these keys down simultaneously in step 4.
  Turn on your Mac.
  Immediately press and hold the Option-Command-P-R keys. You must press this key combination before the gray screen appears. Continue holding the keys down until your Mac restarts, and you hear the startup sound for the second time.
  Release the keys.

• HT2792 Just purchased from an airport store the MagSafe Airline Adapter so I could use my MacBook Air on a long haul flight. But, the airline adapter plug doesn't fit the socket. Am I missing something?

  I purchased at the airport last week before a long haul flight the MagSafe Airline Adappter so I couod keep working on the MacBook Air without fear of the battery running out before I had completed the necessary work. The shop assistant assured me the kit worked on all planes but......the socket on the flight, both outbound and inbound, was the normal female 2 pin/3 pin socket that I used to use for my old thinkPad. What am I doing wrong? Am I missing something obvious here
  Thanks for any help you can offer.
  Geoff

  Hi CaptFred,
  Thanks for taking the time to respond. I understand your point and have indeed separated them. Since sending the message I have visited the Apple Store to check the picture of the accessory in case I was missing something and I wonder if I am missing the 20mm adapter but, over and above that, I just dont see the right size/shape empower port socket in the plane seat, only the traditional 3 pin/2 pin sockets. I wonder if the salesman was selling me a pig in the poke because the Apple Store also says that it fits some commercial airlines whereas the salesman told me it worked in all flights. I suspect I will need to go to the airline companies direct to see which planes have this particualr Empower port. In the meantime I am tempted to ask for my money back. Geoff

• I bought a song the other day and it only downloaded about a third of it. How do I fix the problem when iTunes doesn't recognize the mistake?

  Bought a song the other day and it did not download correctly. I am over 50 and a little new to using this technology so please pardon me if it is an easy fix. iTunes will not allow me to download it again or to even buy it again, so I cannot figure out how to fix it. Any help will be greatly appreciated.

  If your country's iTunes Store allows you to redownload purchased tracks, I'd delete your current copy of the track and try redownloading a fresh one. See the following document for instructions:
  Downloading past purchases from the App Store, iBookstore, and iTunes Store
  Otherwise, I'd report the problem to the iTunes Store.
  Log in to the Store. Click on "Account" in your Quick Links. When you're in your Account information screen, go down to Purchase History and click "See all".
  Find the item that is not playing properly. If you can't see "Report a Problem" next to the item, click the "Report a problem" button. Now click the "Report a Problem" link next to the item.

• Mac mini hard drive crashed. The ecovery drive only offers to reinstall mavericks on the recovery drive. Doesn't see the hard drive. What can I do?

  Hi, I have a mid-2011 with Mavericks installed. It crashed. I can boot into recovery mode. And it shows me the name of the hard drive and the recovery partition. When I boot back to the hard drive, it gives the grey screen and a long progress bar. WHen the progress bar eventually fills up, the computer just shuts down. In recovery mode, Disk Utility says the hard disk cannot be repaired.
  But when I try to re-install Mavericks from the Recovery Partition, it only shows the recovery partition as the destination, not the rest of the computer.
  Not sure what to do.
  Thanks if anyone has any advice.
  J

  Thank you very much for the reply.
  Indeed, Disk Utility can't even erase and reformat the drive. It's toast.
  This is very disappointing. Second Mac Mini I've had go out this year. First seems to be a logic board issue. Now the hard drive on the newer machine.
  At least I was able to use Disk Drill to get photos and other important files off the Mini. I had a Time Capsule, but last year, it too died (just a few months out of warranty).
  One further question, if you don't mind. If I'm just going to replace the HD on the mini, I'm not sure why one would do this step that you suggested: "get a new HD, put it in an enclosure or use another method that allows the HD to be connect to the Min. Then boot to the recovery partition and install Mavericks on the new HD."
  Also, maybe I can replace the drive on the mini myself. Maybe get an SSD for it? They seem more reliable.
  Thanks again for taking the time to answer me.