IPSec secured L2TPv3 - one way traffic in L2 tunnel
Sigh... after 7 hours battling coming here because I've exhausted all my options to find an answer for my problem.
So here is the topology - standard (boring) IPSec secured L2TPv3 tunnel: on one side - 897 connected to a DSL box, on another side - 1921 with two interfaces.
Purpose to setup a plain L2TPv3 tunnel between those locations so computers plugged into the 897's 8-port switch interface can communicate with number of devices connected to 1921 on other side.
897:
crypto ikev2 keyring key1
peer destination_ip_address
address local_outside_ip_address
pre-shared-key key
crypto ikev2 profile default
match identity remote address 1921_outside_ip_address 255.255.255.255
identity local address 897_outside_ip_address
authentication remote pre-share
authentication local pre-share
keyring local key1
crypto ikev2 dpd 30 3 periodic
controller VDSL 0
ip ssh rsa keypair-name router-key
ip ssh version 2
pseudowire-class DZD
encapsulation l2tpv3
ip local interface Loopback1
ip pmtu
ip dfbit set
ip tos reflect
crypto ipsec transform-set default esp-aes esp-sha-hmac
mode tunnel
crypto ipsec df-bit set
crypto map local 1 ipsec-isakmp
set peer 1921_outside_ip_address
set ikev2-profile default
match address 130
interface Loopback1
ip address 172.16.1.1 255.255.255.255
interface ATM0
no ip address
no atm ilmi-keepalive
interface Ethernet0
no ip address
interface GigabitEthernet0
no ip address
interface GigabitEthernet1
no ip address
interface GigabitEthernet2
no ip address
interface GigabitEthernet3
no ip address
xconnect 172.16.1.2 1 encapsulation l2tpv3 pw-class DZD
interface GigabitEthernet4
no ip address
interface GigabitEthernet5
no ip address
interface GigabitEthernet6
no ip address
interface GigabitEthernet7
no ip address
interface GigabitEthernet8
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface Wlan-GigabitEthernet8
no ip address
interface wlan-ap0
description Embedded Service module interface to manage the embedded AP
ip unnumbered Vlan1
interface Vlan1
ip address 10.97.2.29 255.255.255.0
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ipv6 address autoconfig
ppp authentication pap callin
ppp pap sent-username DSL_username password DSL_password
crypto map local
ip forward-protocol nd
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 Dialer1
access-list 130 permit ip host 172.16.1.1 host 172.16.1.2
dialer-list 1 protocol ip permit
c897#
1921:
crypto ikev2 keyring key1
peer 897_outside_ip_address
address 897_outside_ip_address
pre-shared-key key
crypto ikev2 profile default
match identity remote address 897_outside_ip_address 255.255.255.255
identity local address 1921_outside_ip_address
authentication remote pre-share
authentication local pre-share
keyring local key1
crypto ikev2 dpd 30 3 periodic
ip ssh version 2
lldp run
pseudowire-class ZRH
encapsulation l2tpv3
ip local interface Loopback1
ip pmtu
ip dfbit set
ip tos reflect
crypto ipsec transform-set default esp-aes esp-sha-hmac
mode tunnel
crypto ipsec df-bit set
crypto map local 1 ipsec-isakmp
set peer 897_outside_ip_address
set ikev2-profile default
match address 130
interface Loopback1
ip address 172.16.1.2 255.255.255.255
interface Embedded-Service-Engine0/0
no ip address
interface GigabitEthernet0/0
description WAN-ACC
ip address 1921_outside_ip_address 255.255.255.0
duplex auto
speed auto
crypto map local
interface GigabitEthernet0/1
description LAN-Trunk
no ip address
duplex auto
speed auto
xconnect 172.16.1.1 1 encapsulation l2tpv3 pw-class ZRH
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 default_gateway_of_1921
logging host 10.96.2.21
access-list 130 permit ip host 172.16.1.2 host 172.16.1.1
pnc01921#
Note - 1921 is connected to the Nexus 2248TP FEX, here is the config of the interface of the FEX:
pnc00001# sh run int e101/1/6
!Time: Thu May 1 06:15:02 2014
version 5.0(3)N2(2b)
interface Ethernet101/1/6
switchport access vlan 702
Now, IPsec tunnel comes up and does pass traffic - I can ping from one l1 another l1, below is the output from 897:
sh cry ike sa
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf Status
1 897_outside_ip_address/500 1921_outside_ip_address/500 none/none READY
Encr: AES-CBC, keysize: 256, Hash: SHA512, DH Grp:5, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/76 sec
IPv6 Crypto IKEv2 SA
#sh cry ips sa
interface: Dialer1
Crypto map tag: local, local addr 897_outside_ip_address
protected vrf: (none)
local ident (addr/mask/prot/port): (172.16.1.1/255.255.255.255/0/0)
remote ident (addr/mask/prot/port): (172.16.1.2/255.255.255.255/0/0)
current_peer 1921_outside_ip_address port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 7, #pkts encrypt: 7, #pkts digest: 7
#pkts decaps: 51, #pkts decrypt: 51, #pkts verify: 51
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: 897_outside_ip_address, remote crypto endpt.: 1921_outside_ip_address
path mtu 1492, ip mtu 1492, ip mtu idb Dialer1
current outbound spi: 0x852BF1F2(2234249714)
PFS (Y/N): N, DH group: none
inbound esp sas:
spi: 0x5D9DFB1A(1570634522)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 2, flow_id: Onboard VPN:2, sibling_flags 80000040, crypto map: local
sa timing: remaining key lifetime (k/sec): (4190855/3504)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE(ACTIVE)
inbound ah sas:
inbound pcp sas:
outbound esp sas:
spi: 0x852BF1F2(2234249714)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 1, flow_id: Onboard VPN:1, sibling_flags 80000040, crypto map: local
sa timing: remaining key lifetime (k/sec): (4190863/3504)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE(ACTIVE)
#ping 172.16.1.2 sour l1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/24 ms
Now, L2 tunnel shows to be up on both ends as well (output from 897 here)
#sh xconnect all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Gi3(Ethernet) UP l2tp 172.16.1.2:1 UP
However, if you look at detailed output of l2tunn, you will see that the tunnel receives traffic from 1921, but does not send anything:
#sh l2tun tunnel all
L2TP Tunnel Information Total tunnels 1 sessions 1
Tunnel id 3504576447 is up, remote id is 2898810219, 1 active sessions
Locally initiated tunnel
Tunnel state is established, time since change 00:19:34
Tunnel transport is IP (115)
Remote tunnel name is pnc01921
Internet Address 172.16.1.2, port 0
Local tunnel name is pnc0DRZD
Internet Address 172.16.1.1, port 0
L2TP class for tunnel is l2tp_default_class
Counters, taking last clear into account:
0 packets sent, 763 received
0 bytes sent, 65693 received
Last clearing of counters never
Counters, ignoring last clear:
0 packets sent, 763 received
0 bytes sent, 65693 received
Control Ns 18, Nr 9
Local RWS 512 (default), Remote RWS 512 (max)
Control channel Congestion Control is disabled
Tunnel PMTU checking enabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 2
Total resends 0, ZLB ACKs sent 8
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled
Mirrored situation on other side - 1921 sends packets, but nothing is received:
pnc01921#sh l2tun tunnel all
L2TP Tunnel Information Total tunnels 1 sessions 1
Tunnel id 2898810219 is up, remote id is 3504576447, 1 active sessions
Remotely initiated tunnel
Tunnel state is established, time since change 00:21:15
Tunnel transport is IP (115)
Remote tunnel name is pnc0DRZD
Internet Address 172.16.1.1, port 0
Local tunnel name is pnc01921
Internet Address 172.16.1.2, port 0
L2TP class for tunnel is l2tp_default_class
Counters, taking last clear into account:
815 packets sent, 0 received
69988 bytes sent, 0 received
Last clearing of counters never
Counters, ignoring last clear:
815 packets sent, 0 received
69988 bytes sent, 0 received
Control Ns 9, Nr 20
Local RWS 1024 (default), Remote RWS 512
Control channel Congestion Control is disabled
Tunnel PMTU checking enabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 1
Total resends 0, ZLB ACKs sent 18
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled
There is a Windows box plugged into 897's G3 with IP address 10.97.2.25. I can ping from it 897's VLAN1 at 10.97.2.29. However I can't ping anything across the L2TPv3 tunnel. At the same time on that Windows box I can see broadcast traffic coming across the tunnel.
I give up. Anyone has some reasonable suggestion what might be wrong? I suspect that something is wrong at 897's side.
One last question - how can I create svi on 1921 and assign ip address from 10.97.2.0/24 network on it?
Anybody? Opened ticket #630128425, no response from Cisco yet..
Similar Messages
-
I am currently having an issue with two ASA 5505s. One would be representing a Central office for a small business operating a L2L IPsec VPN using a dynamic map for a remote site that does not have a static IP address.
I stripped the configuration down to the minimal possible for testing to get this working but ran into an issue where although I have my ISAKMP SA and my IPsec SA the tunnel is only passing traffic from my remote site with the dynamic address to the Central site with a static IP address. The Central site with the static IP address will not pass traffic to the remote site.
During my troubleshooting I came across two different issues. I could at some points get traffic coming from the Central site to hit my ACL as interesting traffic to the remote site, but it would then not hit the ACL for no NAT. I just could not figure out why the no NAT ACL wasn't working. My configuration matched a few configurations I found online, but no joy on getting it to actually bypass NAT to the remote site.
I have had the same type of set-up working on ISRs with no issue, but I do not have the same amount of experience with ASAs so any help would be appriciated. The Configurations I am using for the basic testing are below with the Hub being the Static IP site and the Spoke being a dynamic IP address site.
ASA Version 8.0(2)
hostname ASAHUB
interface Vlan1
nameif inside
security-level 100
ip address 192.168.10.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 12.15.44.176 255.255.255.192
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
shutdown
interface Ethernet0/2
shutdown
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list NONAT_INSIDE extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
access-list VPN extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
pager lines 24
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-713.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 interface
nat (inside) 0 access-list NONAT_INSIDE
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 12.15.44.129 1
route outside 192.168.20.0 255.255.255.0 12.15.44.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set TEST esp-3des esp-md5-hmac
crypto dynamic-map TEST 20 match address VPN
crypto dynamic-map TEST 20 set transform-set TEST
crypto map TEST 30 ipsec-isakmp dynamic TEST
crypto map TEST interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 10
telnet timeout 5
ssh timeout 5
console timeout 0
tunnel-group DefaultL2LGroup ipsec-attributes
pre-shared-key *
ASA Version 8.2(1)
hostname ASASPOKE
interface Vlan1
nameif inside
security-level 100
ip address 192.168.20.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
shutdown
interface Ethernet0/2
shutdown
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
ftp mode passive
access-list NONAT_INSIDE extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
access-list VPN extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
pager lines 24
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list NONAT_INSIDE
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set TEST esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map VPN 10 match address VPN
crypto map VPN 10 set peer 12.15.44.176
crypto map VPN 10 set transform-set TEST
crypto map VPN interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
tunnel-group 12.xx.xx.xx type ipsec-l2l
tunnel-group 12.xx.xx.xx ipsec-attributes
pre-shared-key *Well I had pretty much given up on this, but today had a few extra minutes so I grabbed some ASAs that I had wiped for a different project, copied my configs back on them and actually ended up with a functional VPN passing traffic in both directions. The only change that was made from the above configurations was with NAT traversal.
On the Configurations above the NAT traversal was configured only on the HUB ASA. When I got the configuration to work correctly it was with the NAT traversal configured only on the Spoke/Remote ASA. Does anyone know why that made the difference?
The final configs for both of the devices I used for testing are below.
ASA Version 8.0(2)
hostname HUB
enable password 8Ry2YjIyt7RRXU24 encrypted
names
interface Vlan1
nameif inside
security-level 100
ip address 192.168.10.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 12.xx.xxx.xx 255.255.255.192
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
shutdown
interface Ethernet0/2
shutdown
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list NONAT_INSIDE extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
access-list VPN extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
pager lines 24
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-713.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list NONAT_INSIDE
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 12.15.44.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set TEST esp-3des esp-md5-hmac
crypto dynamic-map TEST 20 match address VPN
crypto dynamic-map TEST 20 set transform-set TEST
crypto map TEST 30 ipsec-isakmp dynamic TEST
crypto map TEST interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
tunnel-group DefaultL2LGroup ipsec-attributes
pre-shared-key cisco
prompt hostname context
Cryptochecksum:ac4003df5144c618b70555bf31b56e03
: end
ASA Version 8.2(1)
hostname ASASPOKE
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Vlan1
nameif inside
security-level 100
ip address 192.168.20.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
shutdown
interface Ethernet0/2
shutdown
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
ftp mode passive
access-list NONAT_INSIDE extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
access-list VPN extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
pager lines 24
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list NONAT_INSIDE
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set TEST esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map VPN 10 match address VPN
crypto map VPN 10 set peer 12.xx.xxx.xx
crypto map VPN 10 set transform-set TEST
crypto map VPN interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 10
track 10 rtr 10 reachability
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
tunnel-group 12.xx.xxx.xx type ipsec-l2l
tunnel-group 12.xx.xxx.xx ipsec-attributes
pre-shared-key cisco
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
Cryptochecksum:50a9d87c794db95b0f4cac127ee3c0fe
: end -
How to force one way traffic - JSP Servlet?
JSP "A" displays one quiz question (retrieved out of the database).
When the user hits submit, the "post" info is sent and processed by servlet "B".
Servlet "B" also retrieves a new question out of the database, and sends that new question back to JSP "A" for display.
User submits answer... back to servlet "B" where the process is repeated until the total questions hits 25.
Then another JSP "C" displays the quiz score and that variable gets stored in the database.
My question:
I want to be able to detect if the user hits the back button because if he/she does, my scoring is not correct any longer. Also I want to prevent that the user can see and re-answer a previous question by using the backbutton (only one chance to answer).
*Any ideas on how I can detect if the user hits the back button without using javascript?*
I was told before to compare a hidden field on JSP "A" with a step variable stored in the user's session. Then if these 2 were off (because theback button was hit, the user would be directed to an error/warning page). Exactly what I need! However, I don't see how the value stored in the hidden field in the JSP can be compared to the session variable since the hidden field's value never changes. Correct??? Am I missing something?No, you'd give each question a number, and keep track on the user's side what questions they've already answered. If the user submits an already-answered question, you could then easily detect that.
If you wanted to be extra paranoid, you could set a random number in another hidden field. When you retrieve the question from the database, select a random number (from a big range, so the user can't easily guess it) and store it in the user's session, and put it in the hidden field. When the user submits their answer, compare the two. If they're not the same, raise an error.
If the user tries hitting the back button and re-submits...then at this point, you would have chosen a new number, but they would be seeing the old old. When they submit again, the numbers wouldn't match.
Also: you should send an Expires: header when you send the JSP page, to prevent the page from being cached. That way, when the user goes to page A, they'll always see the latest question.
A cheater could alter their browser (or use a proxy, or whatever) to cache regardless, but they can't change the fact that the server is tracking which questions have already been asked and what the paranoia number is. -
One way ping through new switch
NetTechMike wrote:
If a ping works one way, then it is almost always the firewall on the end of the connection
PING isn't a one way traffic item. It is bi-directional.
The ICMP echo request goes out and the reply is what you see at the command prompt when you get a "reply received"
So, if PING really is replying with a proper response and not a "destination host unreachable" then there isn't a thing wrong on the routing side, it'll be the firewall.Hello!A few days back we installed a new switch (HP 1620-24G JG913A) for a new office inside our building. The switch is connected to the same one in our server room. The computers inside the office are functioning perfectly as far as the users are concirned. They can use network printers, open helpdesk tickets, access the intranet, internet, etc.
However, even though everything was functioning well in the old office (the machines are the same ones), nothing going the other way can get through. They can't be pinged, Spiceworks doesn't recognize them (although they have agents installed), and, well, that's not nice.The two switches are configured identically, and googling for the solution hasn't turned up anything usable (for me). For now it's not a big issue, but I'd like to solve it, so that it wouldn't become a problem later.Any help...
This topic first appeared in the Spiceworks Community -
SHAREPOINT QUESTION: One way SYNC of files from SharePoint cloud to hard-drive
SHAREPOINT QUESTION: One way SYNC of files from SharePoint cloud to hard-drive
How does a person enable Sales reps to SYNC literature files from a cloud library down to their computer,.... but then not be able to have them accidentally delete the files by accident if they delete a file from their computer and then have it
sync upwards again.
Permission Level
"Read" allows to download individual files but not SYNC down and there are too many files for them to go and download each file every-time.
"View Only" is only visible on the browser and not useful when reps are in remote parts of the world.
"Contribute" allows the sales reps to SYNC but if they delete a file from their computer, then it deletes it for all which is to much.
There must surely be a way to allow a one way (cloud-to-hard-drive) SYNC to avoid folks from deleting files.
Does anybody know how to d this or if not, how do I have Microsoft consider such a perceived weakness compare to dropboxYou can achieve the functionality which you describe using the OneDrive (SkyDrive Pro) in Sharepoint 2013. You can setup read only folders to sync to achieve "one way" traffic. You will need Office 2013 locally to avail the full features of
the coauthoring environment if you are looking into that as well.
Sharing with everyone (Read Only): http://community.office365.com/en-us/b/office_365_community_blog/archive/2013/07/15/ways-to-quot-share-with-everyone-quot-in-skydrive-pro.aspx
Some benefits of using OneDrive include the following:
Users can take their documents offline with them and have them synchronize when they are online again.
Users' documents can be synchronized across all client devices and servers where the files are stored and synchronized.
Multiple users (online or offline) can work on documents at the same time, and the OneDrive for Business Windows Sync client will synchronize the changes between the users. If there are conflicts, users are prompted to resolve the conflicts.
Users can share and collaborate on documents.
Users can work from many locations, either online or offline, and work from many devices.
http://technet.microsoft.com/en-us/library/dn167720(v=office.15).aspx
Thanks, Ransher Singh, MCP, MCTS | Click Vote As Helpful if you think that post is helpful in responding your question click Mark As Answer, if you think that this is your answer for your question. -
Traffic only allowed one-way for VPN connected computers
Hello,
I currently have an ASA 5505. I have set it up as a remote access SSL VPN. My computers can connect to the VPN just fine. They just can't access the internal LAN (192.168.250.0). They can't ping the inside interface of the ASA, or any of the machines. It seems like all traffic is blocked for them. The strange thing is that when someone is connected to the VPN, I can ping that VPN-connect machine from the ASA and other machines inside the LAN. It seems the traffic only allows one way. I have messed with ACL's with no avail. Any suggestions please?
DHCP Pool: 192.168.250.20-50 --> For LAN
VPN Pool: 192.168.250.100 and 192.168.250.101
Outside interface grabs DHCP from modem
Inside interface: 192.168.1.1
Current Running Config:
: Saved
ASA Version 8.2(5)
hostname HardmanASA
enable password ###### encrypted
passwd ####### encrypted
names
interface Ethernet0/0
switchport access vlan 20
interface Ethernet0/1
switchport access vlan 10
interface Ethernet0/2
switchport access vlan 10
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
switchport access vlan 10
interface Vlan1
no nameif
no security-level
no ip address
interface Vlan10
nameif inside
security-level 100
ip address 192.168.250.1 255.255.255.0
interface Vlan20
nameif outside
security-level 0
ip address dhcp setroute
ftp mode passive
dns domain-lookup inside
dns domain-lookup outside
pager lines 24
mtu inside 1500
mtu outside 1500
ip local pool VPN_Pool 192.168.250.100-192.168.250.101 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 10 interface
nat (inside) 10 192.168.250.0 255.255.255.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 192.168.250.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 192.168.250.0 255.255.255.0 inside
ssh timeout 5
ssh version 2
console timeout 0
dhcpd dns 8.8.8.8
dhcpd address 192.168.250.20-192.168.250.50 inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
enable outside
svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
svc image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
svc image disk0:/anyconnect-linux-2.5.2014-k9.pkg 3
svc enable
tunnel-group-list enable
group-policy DfltGrpPolicy attributes
dns-server value 8.8.8.8
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
tunnel-group AnyConnect type remote-access
tunnel-group AnyConnect general-attributes
address-pool VPN_Pool
tunnel-group AnyConnect webvpn-attributes
group-alias AnyConnect enable
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:30fadff4b400e42e73e17167828e046f
: endHello,
I seem to be having the same kind of issue although I cannot ping from either end.
Ive set up a l2tp/ipsec vpn which I am able to connect to and get ip from my ip pool (radius authentication is working).
I tried running:
access-list NAT_0 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
nat (inside) 0 access-list NAT_0
but i get an error msg saying that the syntax of the nat command is deprecated. Im running ASA version 8.4.
Ive fiddled around abit to find the correct syntax but have been unsuccessfull so far.
Any help would be much appreciated
This is a part of my config:
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network AD1
host 192.168.1.31
description AD/RADIUS
object network NETWORK_OBJ_192.168.1.0_24
subnet 192.168.1.0 255.255.255.0
object network vpn_hosts
subnet 192.168.2.0 255.255.255.0
access-list AD_splitTunnelAcl standard permit 192.168.1.0 255.255.255.0
access-list split-acl standard permit 192.168.1.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip any 192.168.1.0 255.255.255.0
access-list inside_0_outbound extended permit ip object NETWORK_OBJ_192.168.1.0_24 object vpn_hosts
ip local pool POOL2 192.168.2.2-192.168.2.10 mask 255.255.255.0
nat (inside,outside) source static any any destination static NETWORK_OBJ_192.168.1.0_25 NETWORK_OBJ_192.168.1.0_25 no-proxy-arp route-lookup
nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static NETWORK_OBJ_192.168.1.0_25 NETWORK_OBJ_192.168.1.0_25 no-proxy-arp route-lookup
nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static vpn_hosts vpn_hosts
object network obj_any
nat (inside,outside) dynamic interface
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 ########## 1
no vpn-addr-assign aaa
no vpn-addr-assign dhcp -
How to configure a one-way L2L IPSec tunnel
This may be a dumb question, since VPN is for communications between trusted parties and that most people would try to fix a one-way tunnel.
But I am interested in turning a regular tunnel into one-way only, i.e., only traffic on my side can initiate the tunnel.
We recently built this tunnel between our ASA5510 and our biz partner's ASA5510 in order to run critical apps on their non-Internet-facing web servers. I want to tie it down so that they can't initiate the VPN. I have the crypto ACL set to limit to a port address so they can only come to us from that port once the tunnel is established. We also have personal firewall installed on each host.
Any idea on how to make the tunnel one way and also protect us better once the tunnel is up?Hi,
You can use the following command:
crypto map map-name seq-num set connection-type {answer-only | originate-only | bidirectional}
This command defines whether the tunnel is originate-only or answer-only. If you set the tunnel on your side to originate-only, the asa will never accept the tunnel setup from your business partner. However, you can still initiate the vpn tunnel setup.
Check out:
http://www.cisco.com/en/US/partner/docs/security/asa/asa80/command/reference/c5.html#wp2152576
Although the reference is for ASA8.0 I know it works for 7.2.x as well
Hope this helps
Kind regards
Pieter-Jan -
I have 2 Cisco 1941 routers with a standard IPSec tunnel between them. Data works fine, but VoIP is encountering a one way audio issue where the remote site calling cannot be heard but they can hear me. This seems to match what I'm seeing in encaps and decaps. The quesion I'm having is why would the remote site be encapsulating all packets but the office router isn't decaping these audio packets. I isolated one phone specifically so that's why the SA is for only 1 host.
Thanks!
OFFICE ROUTER
protected vrf: (none)
local ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)
remote ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)
current_peer REMOTE_IP port 4500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 4104, #pkts encrypt: 4104, #pkts digest: 4104
#pkts decaps: 375, #pkts decrypt: 375, #pkts verify: 375
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 1, #recv errors 0
local crypto endpt.: 192.168.0.227, remote crypto endpt.: REMOTE_IP
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0
current outbound spi: 0x69C77389(1774678921)
PFS (Y/N): N, DH group: none
inbound esp sas:
spi: 0xEA4A3FF9(3930734585)
transform: esp-3des esp-sha-hmac ,
in use settings ={Tunnel UDP-Encaps, }
conn id: 2095, flow_id: Onboard VPN:95, sibling_flags 80000046, crypto map: VPN_MAP
sa timing: remaining key lifetime (k/sec): (4409444/1207)
IV size: 8 bytes
replay detection support: Y
Status: ACTIVE
REMOTE ROUTER
protected vrf: (none)
local ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)
remote ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)
current_peer IP_OFFICE port 4500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 4055, #pkts encrypt: 4055, #pkts digest: 4055
#pkts decaps: 4099, #pkts decrypt: 4099, #pkts verify: 4099
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: IP_REMOTE, remote crypto endpt.: IP_OFFICE
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0
current outbound spi: 0xEA4A3FF9(3930734585)
PFS (Y/N): N, DH group: noneThanks Michal.
1) I have taken these buffer captures. The capture associated with "outside" is short when compared with the number of packets from the "inside" capture in the amount that is most likely associated with the call we placed.
2) Not NAT at all.
3) No CBAC or ZBF, unless some default that I'm not aware of. Not sure off hand how to disable those.
I did get this case through to TAC but after 3 hours we are left at comparing the capture buffers. -
One way encryption, decrypting not encrypting ASA5505
Hello All,
I've been troubleshooting this issue and was hoping to get some more feed back and maybe point out an error if I'm not seeing it. I recently setup a remote access VPN on Cisco ASA 5505. Everything appeared to work at first and the IPsec client connect. However if you look at the packets being encrypted an decrypted on the Client side only the encrypted counter is incrementing and the decrypted stays at 0. The opposite is true on the ASA side the decrypted continures to increment and the encrypted stays at zero. My first thought was maybe a mis configured NAT 0 statement or not defining the correct Split tunnel ACL but I have verified that. I will post my config so maybe someone can point on the error. The asa version 8.2(5), I'll also list a packet-tracer I did from an inside host to VPN IP.
Any help will be greatly appreacted, thanks in advance!
ASA Version 8.2(5)
terminal width 511
hostname xyz
domain-name xyz.local
no names
dns-guard
interface Ethernet0/0
description ISP Connection
switchport access vlan 900
interface Ethernet0/1
switchport access vlan 10
interface Ethernet0/2
switchport access vlan 20
interface Ethernet0/3
switchport access vlan 30
interface Ethernet0/4
switchport access vlan 40
interface Ethernet0/5
switchport access vlan 50
switchport trunk allowed vlan 10,20,30,40,350
switchport trunk native vlan 10
switchport mode trunk
interface Ethernet0/6
switchport trunk allowed vlan 10,20,30,40,350
switchport trunk native vlan 10
switchport mode trunk
interface Ethernet0/7
description WAP
switchport trunk allowed vlan 10,20,30,40,350
switchport trunk native vlan 10
switchport mode trunk
interface Vlan10
description LAN
nameif inside
security-level 100
ip address 10.10.254.1 255.255.0.0
interface Vlan20
description LAN
nameif inside20
security-level 100
ip address 10.20.254.1 255.255.0.0
interface Vlan30
description LAN
nameif inside30
security-level 100
ip address 10.30.254.1 255.255.0.0
interface Vlan40
description LAN
nameif inside40
security-level 100
ip address 10.40.254.1 255.255.0.0
interface Vlan350
description Guest LAN
nameif guest
security-level 50
ip address 10.3.50.254 255.255.255.0
interface Vlan900
description ISP Connection
nameif outside
security-level 0
ip address x.x.x.x 255.255.255.252
boot system disk0:/asa825-k8.bin
ftp mode passive
dns server-group DefaultDNS
domain-name xyz.local
same-security-traffic permit intra-interface
access-list OUTSIDE-IN remark :
access-list OUTSIDE-IN remark : Allow OUTSIDE to inside
access-list OUTSIDE-IN remark :
access-list OUTSIDE-IN remark Allow ICMP Replies
access-list OUTSIDE-IN extended permit icmp any any echo-reply
access-list OUTSIDE-IN extended permit icmp any any time-exceeded
access-list OUTSIDE-IN extended permit icmp any any unreachable
access-list NAT-0-INSIDE remark :
access-list NAT-0-INSIDE remark : Do not NAT this traffic
access-list NAT-0-INSIDE remark :
access-list NAT-0-INSIDE remark Allow LAN to VPN Users
access-list NAT-0-INSIDE extended permit ip 10.10.0.0 255.255.0.0 172.16.10.0 255.255.255.0
access-list NAT-0-INSIDE extended permit ip 10.20.0.0 255.255.0.0 172.16.10.0 255.255.255.0
access-list NAT-0-INSIDE extended permit ip 10.40.0.0 255.255.0.0 172.16.10.0 255.255.255.0
access-list NAT-0-INSIDE extended permit ip 10.30.0.0 255.255.0.0 172.16.10.0 255.255.255.0
access-list NAT-0-INSIDE extended permit ip 10.3.0.0 255.255.255.0 172.16.10.0 255.255.255.0
access-list NAT-10-INSIDE remark :
access-list NAT-10-INSIDE remark : Allow LAN NAT
access-list NAT-10-INSIDE remark :
access-list NAT-10-INSIDE extended permit ip 10.0.0.0 255.0.0.0 any
access-list VPN-SPLIT-TUNNEL remark :
access-list VPN-SPLIT-TUNNEL remark : Add Routes for these networks to the VPN clients
access-list VPN-SPLIT-TUNNEL remark :
access-list VPN-SPLIT-TUNNEL extended permit ip 10.10.0.0 255.255.0.0 any
access-list VPN-SPLIT-TUNNEL extended permit ip 10.20.0.0 255.255.0.0 any
access-list VPN-SPLIT-TUNNEL extended permit ip 10.30.0.0 255.255.0.0 any
access-list VPN-SPLIT-TUNNEL extended permit ip 10.40.0.0 255.255.0.0 any
access-list VPN-SPLIT-TUNNEL extended permit ip 10.3.0.0 255.255.255.0 any
pager lines 40
logging enable
logging timestamp
logging buffer-size 16384
logging buffered debugging
logging trap informational
logging history errors
logging asdm informational
mtu inside 1500
mtu inside20 1500
mtu inside30 1500
mtu inside40 1500
mtu guest 1500
mtu outside 1500
ip local pool VPN-POOL 172.16.10.1-172.16.10.99 mask 255.255.255.0
ip audit name IDSATTACK attack action alarm drop reset
ip audit interface inside IDSATTACK
ip audit interface inside20 IDSATTACK
ip audit interface inside30 IDSATTACK
ip audit interface inside40 IDSATTACK
ip audit interface guest IDSATTACK
ip audit interface outside IDSATTACK
ip audit attack action alarm drop reset
ip audit signature 2000 disable
ip audit signature 2001 disable
ip audit signature 2004 disable
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any inside20
icmp permit any inside30
icmp permit any inside40
icmp permit any guest
icmp permit any outside
asdm image disk0:/asdm-649.bin
asdm history enable
arp timeout 14400
global (outside) 10 interface
nat (inside) 0 access-list NAT-0-INSIDE
nat (inside) 10 access-list NAT-10-INSIDE
nat (inside20) 0 access-list NAT-0-INSIDE
nat (inside20) 10 access-list NAT-10-INSIDE
nat (inside30) 0 access-list NAT-0-INSIDE
nat (inside30) 10 access-list NAT-10-INSIDE
nat (inside40) 0 access-list NAT-0-INSIDE
nat (inside40) 10 access-list NAT-10-INSIDE
nat (guest) 0 access-list NAT-0-INSIDE
nat (guest) 10 access-list NAT-10-INSIDE
access-group OUTSIDE-IN in interface outside
route outside 0.0.0.0 0.0.0.0 x.x.x.y 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server RADIUS-AUTH protocol radius
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
aaa authentication enable console LOCAL
aaa authentication secure-http-client
http server enable 444
http 0.0.0.0 0.0.0.0 outside
http 0.0.0.0 0.0.0.0 inside
sysopt noproxyarp inside
sysopt noproxyarp inside20
sysopt noproxyarp inside30
sysopt noproxyarp inside40
crypto ipsec transform-set AES-256-SHA-ENCRYPT esp-aes-256 esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map VPN-DYN-MAP 1 set transform-set AES-256-SHA-ENCRYPT
crypto dynamic-map VPN-DYN-MAP 1 set security-association lifetime seconds 28800
crypto dynamic-map VPN-DYN-MAP 1 set security-association lifetime kilobytes 4608000
crypto map OUTSIDE-MAP 65535 ipsec-isakmp dynamic VPN-DYN-MAP
crypto map OUTSIDE-MAP interface outside
crypto isakmp identity hostname
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
telnet 0.0.0.0 0.0.0.0 inside
telnet 0.0.0.0 0.0.0.0 outside
telnet timeout 20
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 20
console timeout 0
dhcpd ping_timeout 750
dhcpd address 10.10.1.1-10.10.1.99 inside
dhcpd dns 4.2.2.2 interface inside
dhcpd domain xyz.local interface inside
dhcpd enable inside
dhcpd address 10.20.1.1-10.20.1.99 inside20
dhcpd dns 4.2.2.2 interface inside20
dhcpd enable inside20
dhcpd address 10.30.1.1-10.30.1.99 inside30
dhcpd dns 4.2.2.2 interface inside30
dhcpd enable inside30
dhcpd address 10.40.1.1-10.40.1.99 inside40
dhcpd dns 4.2.2.2 interface inside40
dhcpd enable inside40
dhcpd address 10.3.50.1-10.3.50.99 guest
dhcpd dns 4.2.2.2 interface guest
dhcpd enable guest
threat-detection basic-threat
threat-detection statistics host
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
tunnel-group-list enable
group-policy VPN-POLICY internal
group-policy VPN-POLICY attributes
vpn-simultaneous-logins 20
vpn-idle-timeout 3600
vpn-session-timeout 1440
vpn-tunnel-protocol IPSec svc webvpn
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPN-SPLIT-TUNNEL
default-domain value xyz.local
split-dns value xyz.local
tunnel-group secant type remote-access
tunnel-group secant general-attributes
address-pool VPN-POOL
authentication-server-group (outside) LOCAL
default-group-policy VPN-POLICY
tunnel-group secant ipsec-attributes
pre-shared-key *****
class-map INSPECTION-DEFAULT
description Complete Protocol Inspection List Class Map
match default-inspection-traffic
policy-map type inspect dns INSPECT-DNS-MAP
parameters
message-length maximum client auto
message-length maximum 4096
policy-map GLOBAL-INSPECTION-POLICY
description Global Inspection Policy
class INSPECTION-DEFAULT
inspect ftp
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect http
inspect ils
inspect pptp
inspect ipsec-pass-thru
inspect icmp
inspect dns INSPECT-DNS-MAP
inspect ctiqbe
inspect dcerpc
inspect mgcp
inspect icmp error
inspect snmp
inspect waas
inspect h323 h225
inspect h323 ras
service-policy GLOBAL-INSPECTION-POLICY global
A5505-1# packet-tracer input inside icmp 10.10.253.1 1 1 172.16.10.1 detailed
Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 172.16.10.1 255.255.255.255 outside
Phase: 2
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0xc96adb20, priority=0, domain=inspect-ip-options, deny=true
hits=69511, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip=0.0.0.0, mask=0.0.0.0, port=0
dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
Phase: 3
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
class-map INSPECTION-DEFAULT
description Complete Protocol Inspection List Class Map
match default-inspection-traffic
policy-map GLOBAL-INSPECTION-POLICY
description Global Inspection Policy
class INSPECTION-DEFAULT
inspect icmp
service-policy GLOBAL-INSPECTION-POLICY global
Additional Information:
Forward Flow based lookup yields rule:
in id=0xcc510638, priority=70, domain=inspect-icmp, deny=false
hits=10388, user_data=0xcc510438, cs_id=0x0, use_real_addr, flags=0x0, protocol=1
src ip=0.0.0.0, mask=0.0.0.0, port=0
dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
Phase: 4
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0xcc51dbb8, priority=70, domain=inspect-icmp-error, deny=false
hits=10388, user_data=0xcc51d9b8, cs_id=0x0, use_real_addr, flags=0x0, protocol=1
src ip=0.0.0.0, mask=0.0.0.0, port=0
dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
Phase: 5
Type: DEBUG-ICMP
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0xc97e7e30, priority=12, domain=debug-icmp-trace, deny=false
hits=16500, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=1
src ip=0.0.0.0, mask=0.0.0.0, port=0
dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
Phase: 6
Type: NAT-EXEMPT
Subtype:
Result: ALLOW
Config:
match ip inside 10.10.0.0 255.255.0.0 outside 172.16.10.0 255.255.255.0
NAT exempt
translate_hits = 5, untranslate_hits = 796
Additional Information:
Forward Flow based lookup yields rule:
in id=0xc97b1d40, priority=6, domain=nat-exempt, deny=false
hits=5, user_data=0xc9840640, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip=10.10.0.0, mask=255.255.0.0, port=0
dst ip=172.16.10.0, mask=255.255.255.0, port=0, dscp=0x0
Phase: 7
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (inside) 10 access-list NAT-10-INSIDE
match ip inside 10.0.0.0 255.0.0.0 outside any
dynamic translation to pool 10 (x.x.x.x [Interface PAT])
translate_hits = 61470, untranslate_hits = 8513
Additional Information:
Forward Flow based lookup yields rule:
in id=0xc9950080, priority=2, domain=nat, deny=false
hits=61604, user_data=0xc994ffc0, cs_id=0x0, flags=0x0, protocol=0
src ip=10.0.0.0, mask=255.0.0.0, port=0
dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
Phase: 8
Type: NAT
Subtype: host-limits
Result: ALLOW
Config:
nat (inside) 10 access-list NAT-10-INSIDE
match ip inside 10.0.0.0 255.0.0.0 inside any
dynamic translation to pool 10 (No matching global)
translate_hits = 0, untranslate_hits = 0
Additional Information:
Forward Flow based lookup yields rule:
in id=0xc994d1e0, priority=2, domain=host, deny=false
hits=69627, user_data=0xc994cdc8, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip=10.0.0.0, mask=255.0.0.0, port=0
dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
Phase: 9
Type: VPN
Subtype: encrypt
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
out id=0xc983d570, priority=70, domain=encrypt, deny=false
hits=777, user_data=0x4c2e4, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip=0.0.0.0, mask=0.0.0.0, port=0
dst ip=172.16.10.1, mask=255.255.255.255, port=0, dscp=0x0
Phase: 10
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 102356, packet dispatched to next module
Module information for forward flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_inspect_icmp
snp_fp_dbg_icmp
snp_fp_adjacency
snp_fp_encrypt
snp_fp_fragment
snp_ifc_stat
Module information for reverse flow ...
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allowHi Alan,
Please make the following changes:
access-list VPN_SPLIT_ACL remark :
access-list VPN_SPLIT_ACL remark : Add Routes for these networks to the VPN clients
access-list VPN_SPLIT_ACL remark :
access-list VPN_SPLIT_ACL permit 10.10.0.0 255.255.0.0
access-list VPN_SPLIT_ACL permit 10.20.0.0 255.255.0.0
access-list VPN_SPLIT_ACL permit 10.30.0.0 255.255.0.0
access-list VPN_SPLIT_ACL permit 10.40.0.0 255.255.0.0
access-list VPN_SPLIT_ACL permit 10.3.0.0 255.255.255.0
group-policy VPN-POLICY attributes
split-tunnel-network-list value VPN_SPLIT_ACL
crypto isakmp nat-traversal 30
capture capin interface inside match ip 10.10.0.0 255.255.0.0 172.16.10.0 255.255.255.0
Then connect and try to ping any IP within the 10.10.0.0 /16 range.
Once done, issue:
show capture capin
HTH.
Portu.
Please rate any helpful posts -
Remote Management of Hyper-V Across One-Way Trust
In order to abstract our hardware from the platform, we would like to virtualize all of our physical machines, installing Hyper-V server and just running one VM on Hyper-V. We hope this will allow us to quickly migrate machines that currently cannot be on
our virtual environment for whatever reason.
We set up a management domain for all of the Hyper-V servers separate from our main domain. A one way trust was established between the main domain and the management domain, with the management domain trusting the main domain. On the management domain,
we created a domain local group, called Management Domain Admins, which contains the foreign security principals from the main domain. The Management Domain Admins group is added to the Hyper-V built in Administrators group.
Now here is the problem, from a workstation in the main domain, we can manage every part of that server except for adding a virtual hard disk. We can manage the firewall, we can look through the event log, we can create virtual machines and connect them
to existing virtual hard disks, but we cannot create a virtual hard disk. The log returns:
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
We disabled the firewall on both the workstation and the server with the same result. Using a workstation WITHIN the management domain, logging in with an account from the main domain, we can create a virtual hard disk. We have also tried enabling anonymous
DCOM and adding the Hyper-V server to the Trusted Hosts list in WinRM to no avail. Also, using inline authentication, we can create virtual hard disks on the server BEFORE adding it to the domain. But as soon as it's added to the domain, we can no longer create
hard disks.
Appreciate any insight!I hope it isn't the trust and it's something dumb I forgot to set. I checked again and "cscript .\hvremote.wsf /anondcom:grant" returns "INFO: Nothing to do - ANONYMOUS LOGON already has remote access"
Thanks!
The event is generate from DCOM, 10028
DCOM was unable to communicate with the computer <myserver> using any of the configured protocols; requested by PID a34 (C:\Windows\system32\mmc.exe).
The full trace is:
2013-07-24 07:59:24.988 [15] USER_ACTION_INITIATED Wizards NewVirtualHardDiskWizard:CreateVirtualHardDiskOnBackgroundThread() Creating new virtual hard disk ...
2013-07-24 07:59:24.997 [15] USER_ACTION_INITIATED VirtMan ImageManagementServiceView:BeginCreateVirtualHardDisk() Starting creating dynamic virtual hard disk 'D:\Hyper-V\Virtual Hard Disks\test.vhdx' (size = '136365211648')
2013-07-24 07:59:26.645 [15] ERROR Wizards VMWizardForm:PerformWizardActionInternal() Failed to perform wizard action!
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementObject.Initialize(Boolean getObject)
at System.Management.ManagementBaseObject.get_wbemObject()
at System.Management.ManagementClass.CreateInstance()
at Microsoft.Virtualization.Client.Management.VirtualHardDiskSettingData.GetVirtualHardDiskSettingDataEmbeddedInstance(String serverName, String namespacePath)
at Microsoft.Virtualization.Client.Management.ImageManagementServiceView.BeginCreateVirtualHardDisk(VirtualHardDiskType type, VirtualHardDiskFormat format, String path, String parentPath, Int64 maxInternalSize)
at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.CreateVirtualHardDiskOnBackgroundThread(Server server, VirtualHardDiskFormat hardDiskFormat, VirtualHardDiskType hardDiskType, String filePath, ConfigurationInfo configBase)
at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.PerformWizardAction(Object stateObj)
at Microsoft.Virtualization.Client.Wizards.VMWizardForm.PerformWizardActionInternal(Object stateObj)
2013-07-24 07:59:26.754 [16] ERROR Wizards VMWizardForm:WizardActionFailed() Wizard action failed!
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementObject.Initialize(Boolean getObject)
at System.Management.ManagementBaseObject.get_wbemObject()
at System.Management.ManagementClass.CreateInstance()
at Microsoft.Virtualization.Client.Management.VirtualHardDiskSettingData.GetVirtualHardDiskSettingDataEmbeddedInstance(String serverName, String namespacePath)
at Microsoft.Virtualization.Client.Management.ImageManagementServiceView.BeginCreateVirtualHardDisk(VirtualHardDiskType type, VirtualHardDiskFormat format, String path, String parentPath, Int64 maxInternalSize)
at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.CreateVirtualHardDiskOnBackgroundThread(Server server, VirtualHardDiskFormat hardDiskFormat, VirtualHardDiskType hardDiskType, String filePath, ConfigurationInfo configBase)
at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.PerformWizardAction(Object stateObj)
at Microsoft.Virtualization.Client.Wizards.VMWizardForm.PerformWizardActionInternal(Object stateObj)
2013-07-24 07:59:26.755 [16] ERROR Client InformationDisplayer:GetErrorInformationFromException() Application encountered a non-VirtMan exception! Not going to display non-localized message to user.
2013-07-24 07:59:26.756 [16] ERROR Client UnhandledExceptionHandler:HandleThreadExceptionInternal() Application encountered an unexpected exception!
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementObject.Initialize(Boolean getObject)
at System.Management.ManagementBaseObject.get_wbemObject()
at System.Management.ManagementClass.CreateInstance()
at Microsoft.Virtualization.Client.Management.VirtualHardDiskSettingData.GetVirtualHardDiskSettingDataEmbeddedInstance(String serverName, String namespacePath)
at Microsoft.Virtualization.Client.Management.ImageManagementServiceView.BeginCreateVirtualHardDisk(VirtualHardDiskType type, VirtualHardDiskFormat format, String path, String parentPath, Int64 maxInternalSize)
at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.CreateVirtualHardDiskOnBackgroundThread(Server server, VirtualHardDiskFormat hardDiskFormat, VirtualHardDiskType hardDiskType, String filePath, ConfigurationInfo configBase)
at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.PerformWizardAction(Object stateObj)
at Microsoft.Virtualization.Client.Wizards.VMWizardForm.PerformWizardActionInternal(Object stateObj) -
How do I set up one way video chat between iChatAV and AIM Pro on a PC?
I'm using the Mac and iChat, and my buddy is using AIM Pro on Microsoft Windows. I'm the one with the camera (which is the built-in one on my MacBook).
No Camera on the PC but starting on the PC end and then using the Buddy List menu items to start a Video chat to the Mac with a camera. I've never had video success at all, so even starting on the PC end wouldn't work.
I'm pretty good at understanding how to get around a computer, but the data information is very confusing. So the log reports make no sense to me.
but here is the information on my computer, because i have concluded that the problem is on my side of the connection. I also have wireless internet, my buddy i do believe is connected via cable.
Model Name: Mac
Model Identifier: MacBook2,1
Processor Name: Intel Core 2 Duo
Processor Speed: 2.16 GHz
Number Of Processors: 1
Total Number Of Cores: 2
L2 Cache (per processor): 4 MB
Memory: 2 GB
Bus Speed: 667 MHz
Boot ROM Version: MB21.00A5.B06
SMC Version: 1.17f0
Serial Number: W87222RAYA8
Sudden Motion Sensor:
State: Enabled
My Airport ID: 00:1b:63:c2:bb:e6
My Ethernet ID: 00:1b:63:2e:1e:c8
AirPort Card Information:
Wireless Card Type: AirPort Extreme (0x168C, 0x87)
Wireless Card Locale: USA
Wireless Card Firmware Version: 1.0.47
Current Wireless Network: linksys
Wireless Channel: 6
My iChat version: 3.1.8 (v445)
iChat:
Version: 3.1.8
Last Modified: 4/28/07 2:34 AM
Kind: Universal
Get Info String: iChat 3.1.8, Copyright © 2000-2007 Apple Inc. All Rights Reserved.
Location: /Applications/iChat.app
server: login.oscar.aol.com
port: 5190
Built-in iSight:
Version: 1.84
Bus Power (mA): 500
Speed: Up to 480 Mb/sec
Manufacturer: Micron
Product ID: 0x8501
Vendor ID: 0x05ac (Apple Computer, Inc.)
Built-in FireWire:
Type: FireWire
Hardware: FireWire
BSD Device Name: fw0
IPv4:
Configuration Method: DHCP
IPv6:
Configuration Method: Automatic
Proxies:
Proxy Configuration Method: Manual
ExcludeSimpleHostnames: 0
FTP Passive Mode: Yes
Auto Discovery Enabled: No
Ethernet:
MAC Address: 00:1b:63:ff:fe:6e:bc:ea
Media Options: Full Duplex
Media Subtype: autoselect
Intel GMA 950:
Chipset Model: GMA 950
Type: Display
Bus: Built-In
VRAM (Total): 64 MB of shared system memory
Vendor: Intel (0x8086)
Device ID: 0x27a2
Revision ID: 0x0003
Displays:
Color LCD:
Display Type: LCD
Resolution: 1280 x 800
Depth: 32-bit Color
Built-In: Yes
Core Image: Supported
Main Display: Yes
Mirror: Off
Online: Yes
Quartz Extreme: Supported
Display:
Status: No display connected
and here is an error log:
Chat ended with error -22
2007-06-19 01:52:39 -0400: There is insufficient bandwidth to maintain the conference.
The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference. If this setting is incorrect, you can change it by going to the QuickTime System Preference and choosing the “Connection” tab.
Chat ended with error -22
Chat ended with error -22
2007-06-19 21:00:23 -0400: There is insufficient bandwidth to maintain the conference.
The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference. If this setting is incorrect, you can change it by going to the QuickTime System Preference and choosing the “Connection” tab.
Chat ended with error -22
Chat ended with error -22
2007-06-19 21:02:46 -0400: There is insufficient bandwidth to maintain the conference.
The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference. If this setting is incorrect, you can change it by going to the QuickTime System Preference and choosing the “Connection” tab.
Chat ended with error -22
Chat ended with error -22
and another error log:
Date/Time: 2007-06-19 22:29:26.891 -0400
OS Version: 10.4.9 (Build 8P4112)
Report Version: 4
iChat Connection Log:
AVChat started with ID 1164043861.
theactedguitar: State change from AVChatNoState to AVChatStateWaiting.
0x1c11f270: State change from AVChatNoState to AVChatStateInvited.
0x1c11f270: State change from AVChatStateInvited to AVChatStateConnecting.
theactedguitar: State change from AVChatStateWaiting to AVChatStateConnecting.
0x1c11f270: State change from AVChatStateConnecting to AVChatStateConnected.
theactedguitar: State change from AVChatStateConnecting to AVChatStateConnected.
0x1c11f270: State change from AVChatStateConnected to AVChatStateEnded.
2007-06-19 22:29:22 -0400: Participant 0x1c11f270: VC connection failed.The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference.Detected 0 kbps upstream and 0 kbps downstream bandwidth; 50 kbps required.
Chat ended with error -22
theactedguitar: State change from AVChatStateConnected to AVChatStateEnded.
Chat ended with error -22
Video Conference Error Report:
@:0 type=4 (00000000/22)
[VCBANDWIDTH_DETECTIONFAILURE]
[20]
@SIP/Transport.c:121 type=4 (00000000/0)
[OPTIONS sip:[email protected] SIP/2.0
From: <sip:[email protected]:5061>;tag=1c25233
To: sip:[email protected]:5060;tag=2104987787
Call-Id: s20020f0fd8c5c045
Cseq: 28209 OPTIONS
Contact: <sip:[email protected]:5061>
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Supported: replaces
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-0957b002002c;rport
Content-Length: 0
@SIP/Transport.c:121 type=4 (00000000/0)
[ACK sip:[email protected] SIP/2.0
Contact: <sip:[email protected]:5061>
From: <sip:[email protected]:5061>;tag=1c25233
To: <sip:[email protected]>;tag=2104987787
Call-Id: s20020f0fd8c5c045
Cseq: 28208 ACK
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
Content-Length: 0
@SIP/Transport.c:121 type=4 (00000000/0)
[ACK sip:[email protected] SIP/2.0
Contact: <sip:[email protected]:5061>
From: <sip:[email protected]:5061>;tag=1c25233
To: <sip:[email protected]>;tag=2104987787
Call-Id: s20020f0fd8c5c045
Cseq: 28208 ACK
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
Content-Length: 0
@SIP/Transport.c:121 type=4 (00000000/0)
[INVITE sip:[email protected]:5060 SIP/2.0
From: <sip:[email protected]:5061>;tag=1c25233
To: sip:[email protected]:5060
Call-Id: s20020f0fd8c5c045
Cseq: 28208 INVITE
Contact: <sip:[email protected]:5061>
Content-Type: application/sdp
Content-Length: 548
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Supported: replaces
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204;rport
[v=0
o=sipX 5 5 IN IP4 uen0.0
s=call
c=IN IP4 uen0.0
t=0 0
m=audio 16384 RTP/AVP 96 97 98 99 0 8 100 3 101 4
a=rtpmap:96 isac/16000/1
a=rtpmap:97 isaclc/16000/1
a=rtpmap:98 eg711u/8000/1
a=rtpmap:99 eg711a/8000/1
a=rtpmap:0 pcmu/8000/1
a=rtpmap:8 pcma/8000/1
a=rtpmap:100 ilbc/8000/1
a=fmtp:100 mode=30
a=rtpmap:3 gsm/8000/1
a=rtpmap:101 telephone-event/8000/1
a=rtpmap:4 g723/8000/1
m=video 16386 RTP/AVP 102 34
a=rtpmap:102 vp71/90000/1
a=fmtp:102 size:QCIF/SQCIF
a=rtpmap:34 h263/90000/1
a=fmtp:34 imagesize 0
@SIP/Transport.c:121 type=4 (00000000/0)
[OPTIONS sip:m.0 SIP/2.0
From: sip:uen0.0:5061;tag=2285325336
To: sip:m.0
Call-Id: 118230657112798-ping-uen0.0
Cseq: 2529 OPTIONS
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Contact: sip:uen0.0:5061
Via: SIP/2.0/UDP uen0.0:5061;rport
Content-Length: 0
@SIP/Transport.c:121 type=4 (00000000/0)
Video Conference Support Report:
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-0957b002002c
To: <sip:[email protected]>;tag=2104987787
From: <sip:[email protected]:5061>;tag=1c25233
Call-ID: s20020f0fd8c5c045
CSeq: 28209 OPTIONS
Contact: <sip:[email protected]>;isfocus
Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
Allow-Events: conference, refer
Accept: application/sdp, message/sipfrag, application/conference-info+xml
User-Agent: Viceroy 1.2
Content-Length: 0
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
To: <sip:[email protected]>;tag=2104987787
From: <sip:[email protected]:5061>;tag=1c25233
Call-ID: s20020f0fd8c5c045
CSeq: 28208 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 411
v=0
o=Liz 0 0 IN IP4 m.0
s=call
c=IN IP4 m.0
b=AS:2147483647
t=0 0
a=hwi:1028:2:2160
a=bandwidthDetection:NO
a=iChatEncryption:NO
m=audio 16386 RTP/AVP 3
a=rtcp:16387
a=rtpmap:3 GSM/8000
a=rtpID:1578979932
m=video 16384 RTP/AVP 34
a=rtcp:16387
a=RTCP:AUDIO 16387 VIDEO 16385
a=rtpmap:34 H263/90000
a=fmtp:34 imagesize 0 rules 10:176:144
a=framerate:10
a=rtpID:1797079687
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
To: <sip:[email protected]>;tag=2104987787
From: <sip:[email protected]:5061>;tag=1c25233
Call-ID: s20020f0fd8c5c045
CSeq: 28208 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 411
v=0
o=Liz 0 0 IN IP4 m.0
s=call
c=IN IP4 m.0
b=AS:2147483647
t=0 0
a=hwi:1028:2:2160
a=bandwidthDetection:NO
a=iChatEncryption:NO
m=audio 16386 RTP/AVP 3
a=rtcp:16387
a=rtpmap:3 GSM/8000
a=rtpID:1578979932
m=video 16384 RTP/AVP 34
a=rtcp:16387
a=RTCP:AUDIO 16387 VIDEO 16385
a=rtpmap:34 H263/90000
a=fmtp:34 imagesize 0 rules 10:176:144
a=framerate:10
a=rtpID:1797079687
@:0 type=2 (00000000/0)
[VCVIDEO_INCOMINGATTEMPT]
[3]
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 180 Ringing
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
To: <sip:[email protected]>;tag=2104987787
From: <sip:[email protected]:5061>;tag=1c25233
Call-ID: s20020f0fd8c5c045
CSeq: 28208 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Length: 0
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 100 Trying
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
To: <sip:[email protected]>
From: <sip:[email protected]:5061>;tag=1c25233
Call-ID: s20020f0fd8c5c045
CSeq: 28208 INVITE
User-Agent: Viceroy 1.2
Content-Length: 0
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.0:5061
To: <sip:m.0>;tag=700186355
From: <sip:uen0.0:5061>;tag=2285325336
Call-ID: 118230657112798-ping-uen0.0
CSeq: 2529 OPTIONS
Contact: <sip:[email protected]>;isfocus
Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
Allow-Events: conference, refer
Accept: application/sdp, message/sipfrag, application/conference-info+xml
User-Agent: Viceroy 1.2
Content-Length: 0
Video Conference User Report:
Binary Images Description for "iChat":
0x1000 - 0x17dfff com.apple.iChat 3.1.8 (445) /Applications/iChat.app/Contents/MacOS/iChat
0x67e000 - 0x67efff com.apple.osax.digihub 1.0 /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/MacOS/Digital Hub Scripting
0x6bc000 - 0x6e8fff com.apple.osax.standardadditions 1.10.7 (???) /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/Standa rdAdditions
0x15b64000 - 0x15b6dfff com.apple.IOFWDVComponents 1.9.0 /System/Library/Components/IOFWDVComponents.component/Contents/MacOS/IOFWDVComp onents
0x15b82000 - 0x15b87fff com.apple.audio.AppleHDAHALPlugIn 1.2.9 (1.2.9a4) /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAHALPlugIn.bun dle/Contents/MacOS/AppleHDAHALPlugIn
0x15bac000 - 0x15be8fff com.apple.QuickTimeFireWireDV.component 7.1.6 /System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/QuickTim eFireWireDV
0x15bf4000 - 0x15c24fff com.apple.QuickTimeIIDCDigitizer 7.1.6 /System/Library/QuickTime/QuickTimeIIDCDigitizer.component/Contents/MacOS/Quick TimeIIDCDigitizer
0x15c2e000 - 0x15c6afff com.apple.QuickTimeUSBVDCDigitizer 1.7.5 /System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/Contents/MacOS/Qui ckTimeUSBVDCDigitizer
0x15c8e000 - 0x15de7fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Resources/GLEngine.bundle/GLEngine
0x15e13000 - 0x15e6cfff com.apple.driver.AppleIntelGMA950GLDriver 1.4.52 (4.5.2) /System/Library/Extensions/AppleIntelGMA950GLDriver.bundle/Contents/MacOS/Apple IntelGMA950GLDriver
0x15e73000 - 0x15e8ffff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLDriver.bundl e/GLDriver
0x15e96000 - 0x15ebafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLRendererFloa t.bundle/GLRendererFloat
0x161b4000 - 0x161b7fff com.apple.audio.AudioIPCPlugIn 1.0.2 /System/Library/Extensions/AudioIPCDriver.kext/Contents/Resources/AudioIPCPlugI n.bundle/Contents/MacOS/AudioIPCPlugIn
0x161d3000 - 0x161fdfff com.apple.audio.SoundManager.Components 3.9.2 /System/Library/Components/SoundManagerComponents.component/Contents/MacOS/Soun dManagerComponents
0x167e4000 - 0x167e4fff com.apple.SpotLightCM 1.0 (121.36) /System/Library/Contextual Menu Items/SpotlightCM.plugin/Contents/MacOS/SpotlightCM
0x17319000 - 0x1731bfff com.apple.AutomatorCMM 1.0.1 (87) /System/Library/Contextual Menu Items/AutomatorCMM.plugin/Contents/MacOS/AutomatorCMM
0x1733f000 - 0x17342fff com.apple.iokit.IOQTComponents 1.4 /System/Library/Components/IOQTComponents.component/Contents/MacOS/IOQTComponen ts
0x17558000 - 0x17571fff com.apple.AppleIntermediateCodec 1.1 (141) /Library/QuickTime/AppleIntermediateCodec.component/Contents/MacOS/AppleInterme diateCodec
0x17576000 - 0x1758ffff com.apple.applepixletvideo 1.2.9 (1.2d9) /System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixlet Video
0x176cd000 - 0x176d8fff com.apple.airport.diskmenu 1.1 (110.18) /System/Library/Contextual Menu Items/AirPort Disk Menu.plugin/Contents/MacOS/AirPort Disk Menu
0x176dd000 - 0x176e1fff com.apple.FolderActionsMenu 1.3.1 /System/Library/Contextual Menu Items/FolderActionsMenu.plugin/Contents/MacOS/FolderActionsMenu
0x70000000 - 0x700fbfff com.apple.audio.units.Components 1.4.5 /System/Library/Components/CoreAudio.component/Contents/MacOS/CoreAudio
0x8fe00000 - 0x8fe4afff dyld /usr/lib/dyld
0x90000000 - 0x90170fff libSystem.B.dylib /usr/lib/libSystem.B.dylib
0x901c0000 - 0x901c2fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib
0x901c4000 - 0x90201fff com.apple.CoreText 1.1.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreText.framework/Versions/A/CoreText
0x90228000 - 0x902fefff com.apple.ApplicationServices.ATS 2.0.6 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/ATS
0x9031e000 - 0x90773fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/CoreGraphics
0x9080a000 - 0x908d2fff com.apple.CoreFoundation 6.4.7 (368.28) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x90910000 - 0x90910fff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x90912000 - 0x90a05fff libicucore.A.dylib /usr/lib/libicucore.A.dylib
0x90a55000 - 0x90ad4fff libobjc.A.dylib /usr/lib/libobjc.A.dylib
0x90afd000 - 0x90b61fff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib
0x90bd0000 - 0x90bd7fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib
0x90bdc000 - 0x90c4ffff com.apple.framework.IOKit 1.4.6 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x90c64000 - 0x90c76fff libauto.dylib /usr/lib/libauto.dylib
0x90c7c000 - 0x90f22fff com.apple.CoreServices.CarbonCore 682.23 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonC ore.framework/Versions/A/CarbonCore
0x90f65000 - 0x90fcdfff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServi ces.framework/Versions/A/OSServices
0x91006000 - 0x91044fff com.apple.CFNetwork 129.20 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwo rk.framework/Versions/A/CFNetwork
0x91057000 - 0x91067fff com.apple.WebServices 1.1.3 (1.1.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServ icesCore.framework/Versions/A/WebServicesCore
0x91072000 - 0x910f1fff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchK it.framework/Versions/A/SearchKit
0x9112b000 - 0x91149fff com.apple.Metadata 10.4.4 (121.36) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Metadata
0x91155000 - 0x91163fff libz.1.dylib /usr/lib/libz.1.dylib
0x91166000 - 0x91305fff com.apple.security 4.5.2 (29774) /System/Library/Frameworks/Security.framework/Versions/A/Security
0x91403000 - 0x9140bfff com.apple.DiskArbitration 2.1.1 /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x91412000 - 0x91419fff libbsm.dylib /usr/lib/libbsm.dylib
0x9141d000 - 0x91443fff com.apple.SystemConfiguration 1.8.6 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
0x91455000 - 0x914cbfff com.apple.audio.CoreAudio 3.0.4 /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x9151c000 - 0x9151cfff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Application Services
0x9151e000 - 0x9154afff com.apple.AE 314 (313) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ AE.framework/Versions/A/AE
0x9155d000 - 0x91631fff com.apple.ColorSync 4.4.9 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ColorSync.framework/Versions/A/ColorSync
0x9166c000 - 0x916dffff com.apple.print.framework.PrintCore 4.6 (177.13) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ PrintCore.framework/Versions/A/PrintCore
0x9170d000 - 0x917b6fff com.apple.QD 3.10.24 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ QD.framework/Versions/A/QD
0x917dc000 - 0x91827fff com.apple.HIServices 1.5.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ HIServices.framework/Versions/A/HIServices
0x91846000 - 0x9185cfff com.apple.LangAnalysis 1.6.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LangAnalysis.framework/Versions/A/LangAnalysis
0x91868000 - 0x91883fff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ FindByContent.framework/Versions/A/FindByContent
0x9188e000 - 0x918cbfff com.apple.LaunchServices 182 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LaunchServices.framework/Versions/A/LaunchServices
0x918df000 - 0x918ebfff com.apple.speech.synthesis.framework 3.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x918f2000 - 0x91931fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/ImageIO
0x91944000 - 0x919f6fff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib
0x91a3c000 - 0x91a52fff libcups.2.dylib /usr/lib/libcups.2.dylib
0x91a57000 - 0x91a75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x91a7a000 - 0x91ad9fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x91aeb000 - 0x91aeffff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x91af1000 - 0x91b75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRaw.dylib
0x91b79000 - 0x91bb6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x91bbc000 - 0x91bd6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libPng.dylib
0x91bdb000 - 0x91bddfff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x91bdf000 - 0x91cbdfff libxml2.2.dylib /usr/lib/libxml2.2.dylib
0x91cda000 - 0x91cdafff com.apple.Accelerate 1.3.1 (Accelerate 1.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x91cdc000 - 0x91d6afff com.apple.vImage 2.5 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.fr amework/Versions/A/vImage
0x91d71000 - 0x91d71fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/vecLib
0x91d73000 - 0x91dccfff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvMisc.dylib
0x91dd5000 - 0x91df9fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvDSP.dylib
0x91e01000 - 0x9220afff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libBLAS.dylib
0x92244000 - 0x925f8fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libLAPACK.dylib
0x92625000 - 0x92712fff libiconv.2.dylib /usr/lib/libiconv.2.dylib
0x92714000 - 0x92791fff com.apple.DesktopServices 1.3.6 /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/Desk topServicesPriv
0x927d2000 - 0x92a02fff com.apple.Foundation 6.4.8 (567.29) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92b0e000 - 0x92b18fff com.apple.framework.AppleTalk 1.2.0 (???) /System/Library/Frameworks/AppleTalk.framework/Versions/A/AppleTalk
0x92b1c000 - 0x92b33fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x92b3e000 - 0x92b96fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x92baa000 - 0x92baafff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x92bac000 - 0x92bbcfff com.apple.ImageCapture 3.0.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture. framework/Versions/A/ImageCapture
0x92bcb000 - 0x92bd3fff com.apple.speech.recognition.framework 3.6 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecogni tion.framework/Versions/A/SpeechRecognition
0x92bd9000 - 0x92bdffff com.apple.securityhi 2.0.1 (24742) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.fr amework/Versions/A/SecurityHI
0x92be5000 - 0x92c76fff com.apple.ink.framework 101.2.1 (71) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework /Versions/A/Ink
0x92c8a000 - 0x92c8efff com.apple.help 1.0.3 (32.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framewor k/Versions/A/Help
0x92c91000 - 0x92caffff com.apple.openscripting 1.2.5 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting .framework/Versions/A/OpenScripting
0x92cc1000 - 0x92cc7fff com.apple.print.framework.Print 5.2 (192.4) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framewo rk/Versions/A/Print
0x92ccd000 - 0x92d30fff com.apple.htmlrendering 66.1 (1.1.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering .framework/Versions/A/HTMLRendering
0x92d57000 - 0x92d98fff com.apple.NavigationServices 3.4.4 (3.4.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationSer vices.framework/Versions/A/NavigationServices
0x92dbf000 - 0x92dcdfff com.apple.audio.SoundManager 3.9.1 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.f ramework/Versions/A/CarbonSound
0x92dd4000 - 0x92dd9fff com.apple.CommonPanels 1.2.3 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels. framework/Versions/A/CommonPanels
0x92dde000 - 0x930d3fff com.apple.HIToolbox 1.4.9 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.fra mework/Versions/A/HIToolbox
0x931d9000 - 0x931e4fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x931e9000 - 0x93204fff com.apple.DirectoryService.Framework 3.3 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryServi ce
0x93254000 - 0x93254fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x93256000 - 0x9390cfff com.apple.AppKit 6.4.8 (824.42) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x93c8d000 - 0x93d08fff com.apple.CoreData 91 (92.1) /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x93d41000 - 0x93dfbfff com.apple.audio.toolbox.AudioToolbox 1.4.5 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x93e3e000 - 0x93e3efff com.apple.audio.units.AudioUnit 1.4.3 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x93e40000 - 0x94001fff com.apple.QuartzCore 1.4.12 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x94047000 - 0x94088fff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib
0x94090000 - 0x940cafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dyl ib
0x940cf000 - 0x940e5fff com.apple.CoreVideo 1.4 /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
0x9412b000 - 0x94173fff com.apple.bom 8.5 (86.3) /System/Library/PrivateFrameworks/Bom.framework/Versions/A/Bom
0x9417d000 - 0x941bbfff com.apple.vmutils 4.0.2 (93.1) /System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils
0x941ff000 - 0x94210fff com.apple.securityfoundation 2.2.1 (28150) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoun dation
0x9421e000 - 0x9425cfff com.apple.securityinterface 2.2.1 (27695) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInter face
0x94278000 - 0x94287fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
0x9428e000 - 0x94299fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x942e5000 - 0x942fffff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x94305000 - 0x94604fff com.apple.QuickTime 7.1.6 /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime
0x94786000 - 0x948ccfff com.apple.AddressBook.framework 4.0.4 (485.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x94958000 - 0x94967fff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWra ppers
0x9496e000 - 0x94997fff com.apple.LDAPFramework 1.4.2 (69.1.1) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
0x9499d000 - 0x949acfff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib
0x949b0000 - 0x949d5fff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib
0x949e1000 - 0x949fefff libresolv.9.dylib /usr/lib/libresolv.9.dylib
0x94a05000 - 0x94a6bfff com.apple.Bluetooth 1.7.14 (1.7.14f14) /System/Library/Frameworks/IOBluetooth.framework/Versions/A/IOBluetooth
0x94baa000 - 0x94c82fff edu.mit.Kerberos 5.5.24 /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
0x94d2a000 - 0x94dbcfff com.apple.WebKit 419 /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit
0x94e16000 - 0x94e98fff com.apple.JavaScriptCore 418.3 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/JavaScriptCor e.framework/Versions/A/JavaScriptCore
0x94ed1000 - 0x951b0fff com.apple.WebCore 418.21 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.frame work/Versions/A/WebCore
0x9532f000 - 0x95352fff libxslt.1.dylib /usr/lib/libxslt.1.dylib
0x955c8000 - 0x955ccfff com.apple.URLMount 2.1.7 /System/Library/PrivateFrameworks/URLMount.framework/Versions/A/URLMount
0x95ac1000 - 0x95ac2fff libCyrillicConverter.dylib /System/Library/CoreServices/Encodings/libCyrillicConverter.dylib
0x95ac4000 - 0x95ac5fff libGreekConverter.dylib /System/Library/CoreServices/Encodings/libGreekConverter.dylib
0x95ac9000 - 0x95adffff libJapaneseConverter.dylib /System/Library/CoreServices/Encodings/libJapaneseConverter.dylib
0x95ae1000 - 0x95b02fff libKoreanConverter.dylib /System/Library/CoreServices/Encodings/libKoreanConverter.dylib
0x95b0f000 - 0x95b1dfff libSimplifiedChineseConverter.dylib /System/Library/CoreServices/Encodings/libSimplifiedChineseConverter.dylib
0x95b22000 - 0x95b23fff libThaiConverter.dylib /System/Library/CoreServices/Encodings/libThaiConverter.dylib
0x95b25000 - 0x95b37fff libTraditionalChineseConverter.dylib /System/Library/CoreServices/Encodings/libTraditionalChineseConverter.dylib
0x964da000 - 0x964dafff com.apple.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
0x969c1000 - 0x969e3fff com.apple.speech.LatentSemanticMappingFramework 2.5 /System/Library/PrivateFrameworks/LatentSemanticMapping.framework/Versions/A/La tentSemanticMapping
0x96a54000 - 0x96b2bfff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgramma bility.dylib
0x96b46000 - 0x96b47fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLSystem.dy lib
0x96b49000 - 0x96b4efff com.apple.agl 2.5.9 (AGL-2.5.9) /System/Library/Frameworks/AGL.framework/Versions/A/AGL
0x96ca5000 - 0x96ca5fff com.apple.MonitorPanelFramework 1.1.1 /System/Library/PrivateFrameworks/MonitorPanel.framework/Versions/A/MonitorPane l
0x96e5f000 - 0x96e73fff com.apple.AppleShareClient 1.5.2 /System/Library/Frameworks/AppleShareClient.framework/Versions/A/AppleShareClie nt
0x96e7c000 - 0x96ebbfff com.apple.AppleShareClientCore 1.5.2 /System/Library/Frameworks/AppleShareClientCore.framework/Versions/A/AppleShare ClientCore
0x97407000 - 0x974f0fff com.apple.viceroy.framework 278.3.10 /System/Library/PrivateFrameworks/VideoConference.framework/Versions/A/VideoCon ference
0x97c34000 - 0x97c36fff com.apple.DisplayServicesFW 1.8.2 /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayS ervices
0x97e63000 - 0x98b38fff com.apple.QuickTimeComponents.component 7.1.6 /System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/QuickTim eComponents
0x98d84000 - 0x98d86fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264
0x98d88000 - 0x98f30fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/Resources/QuickTimeH 264.scalar
0x98fa0000 - 0x99063fff com.apple.QuickTimeMPEG4.component 7.1.6 /System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG 4
0x994fa000 - 0x99505fff com.apple.IMFramework 3.1.4 (429) /System/Library/Frameworks/InstantMessage.framework/Versions/A/InstantMessage
0x9950f000 - 0x9967bfff com.apple.MessageFramework 2.1.1 (752.3) /System/Library/Frameworks/Message.framework/Versions/B/MessageDate/Time: 2007-06-19 21:00:38.307 -0400
OS Version: 10.4.9 (Build 8P4112)
Report Version: 4
iChat Connection Log:
AVChat started with ID 2658061728.
theactedguitar: State change from AVChatNoState to AVChatStateWaiting.
0x1c1384f0: State change from AVChatNoState to AVChatStateInvited.
0x1c1384f0: State change from AVChatStateInvited to AVChatStateConnecting.
theactedguitar: State change from AVChatStateWaiting to AVChatStateConnecting.
0x1c1384f0: State change from AVChatStateConnecting to AVChatStateConnected.
theactedguitar: State change from AVChatStateConnecting to AVChatStateConnected.
0x1c1384f0: State change from AVChatStateConnected to AVChatStateEnded.
2007-06-19 21:00:23 -0400: Participant 0x1c1384f0: VC connection failed.The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference.Detected 0 kbps upstream and 0 kbps downstream bandwidth; 50 kbps required.
Chat ended with error -22
theactedguitar: State change from AVChatStateConnected to AVChatStateEnded.
Chat ended with error -22
Video Conference Error Report:
@SIP/Transport.c:121 type=4 (00000000/0)
[OPTIONS sip:[email protected] SIP/2.0
From: <sip:[email protected]:5061>;tag=1c9406
To: sip:[email protected]:5060;tag=1802682038
Call-Id: s200278131c2a636f
Cseq: 21740 OPTIONS
Contact: <sip:[email protected]:5061>
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Supported: replaces
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-e6854b1ff1ac;rport
Content-Length: 0
@:0 type=4 (00000000/2)
[VCBANDWIDTH_DETECTIONFAILURE]
[20]
@SIP/Transport.c:121 type=4 (00000000/0)
[ACK sip:[email protected] SIP/2.0
Contact: <sip:[email protected]:5061>
From: <sip:[email protected]:5061>;tag=1c9406
To: <sip:[email protected]>;tag=1802682038
Call-Id: s200278131c2a636f
Cseq: 21739 ACK
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Via: SIP/2.0/UDP uen0.1:5061;branch=z9hG4bK-2c8df72b5983
Content-Length: 0
@SIP/Transport.c:121 type=4 (00000000/0)
[ACK sip:[email protected] SIP/2.0
Contact: <sip:[email protected]:5061>
From: <sip:[email protected]:5061>;tag=1c9406
To: <sip:[email protected]>;tag=1802682038
Call-Id: s200278131c2a636f
Cseq: 21739 ACK
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
Content-Length: 0
@SIP/Transport.c:121 type=4 (00000000/0)
[INVITE sip:[email protected]:5060 SIP/2.0
From: <sip:[email protected]:5061>;tag=1c9406
To: sip:[email protected]:5060
Call-Id: s200278131c2a636f
Cseq: 21739 INVITE
Content-Type: application/sdp
Content-Length: 563
Max-Forwards: 70
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Supported: replaces
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983;rport
Contact: sip:[email protected]:5061
[v=0
o=sipX 5 5 IN IP4 uen0.0
s=call
c=IN IP4 uen0.0
t=0 0
m=audio 16384 RTP/AVP 96 97 98 99 0 8 100 3 101 4
a=rtpmap:96 isac/16000/1
a=rtpmap:97 isaclc/16000/1
a=rtpmap:98 eg711u/8000/1
a=rtpmap:99 eg711a/8000/1
a=rtpmap:0 pcmu/8000/1
a=rtpmap:8 pcma/8000/1
a=rtpmap:100 ilbc/8000/1
a=fmtp:100 mode=30
a=rtpmap:3 gsm/8000/1
a=rtpmap:101 telephone-event/8000/1
a=rtpmap:4 g723/8000/1
m=video 16386 RTP/AVP 102 34
a=rtpmap:102 vp71/90000/1
a=fmtp:102 size:VGA/CIF/QVGA/QCIF/SQCIF
a=rtpmap:34 h263/90000/1
a=fmtp:34 imagesize 1
@SIP/Transport.c:121 type=4 (00000000/0)
[OPTIONS sip:m.0 SIP/2.0
From: sip:uen0.1:5061;tag=258066396
To: sip:m.0
Call-Id: 11823012313477-ping-uen0.1
Cseq: 10171 OPTIONS
User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
Contact: sip:uen0.1:5061
Via: SIP/2.0/UDP uen0.1:5061;rport
Content-Length: 0
@SIP/Transport.c:121 type=4 (00000000/0)
Video Conference Support Report:
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-e6854b1ff1ac
To: <sip:[email protected]>;tag=1802682038
From: <sip:[email protected]:5061>;tag=1c9406
Call-ID: s200278131c2a636f
CSeq: 21740 OPTIONS
Contact: <sip:[email protected]>;isfocus
Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
Allow-Events: conference, refer
Accept: application/sdp, message/sipfrag, application/conference-info+xml
User-Agent: Viceroy 1.2
Content-Length: 0
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
To: <sip:[email protected]>;tag=1802682038
From: <sip:[email protected]:5061>;tag=1c9406
Call-ID: s200278131c2a636f
CSeq: 21739 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 412
v=0
o=Liz 0 0 IN IP4 m.0
s=call
c=IN IP4 m.0
b=AS:2147483647
t=0 0
a=hwi:1028:2:2160
a=bandwidthDetection:NO
a=iChatEncryption:NO
m=audio 16386 RTP/AVP 3
a=rtcp:16387
a=rtpmap:3 GSM/8000
a=rtpID:-360567252
m=video 16384 RTP/AVP 34
a=rtcp:16387
a=RTCP:AUDIO 16387 VIDEO 16385
a=rtpmap:34 H263/90000
a=fmtp:34 imagesize 1 rules 10:352:288
a=framerate:10
a=rtpID:-1868264839
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
To: <sip:[email protected]>;tag=1802682038
From: <sip:[email protected]:5061>;tag=1c9406
Call-ID: s200278131c2a636f
CSeq: 21739 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 412
v=0
o=Liz 0 0 IN IP4 m.0
s=call
c=IN IP4 m.0
b=AS:2147483647
t=0 0
a=hwi:1028:2:2160
a=bandwidthDetection:NO
a=iChatEncryption:NO
m=audio 16386 RTP/AVP 3
a=rtcp:16387
a=rtpmap:3 GSM/8000
a=rtpID:-360567252
m=video 16384 RTP/AVP 34
a=rtcp:16387
a=RTCP:AUDIO 16387 VIDEO 16385
a=rtpmap:34 H263/90000
a=fmtp:34 imagesize 1 rules 10:352:288
a=framerate:10
a=rtpID:-1868264839
@:0 type=2 (00000000/0)
[VCVIDEO_INCOMINGATTEMPT]
[3]
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 180 Ringing
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
To: <sip:[email protected]>;tag=1802682038
From: <sip:[email protected]:5061>;tag=1c9406
Call-ID: s200278131c2a636f
CSeq: 21739 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Length: 0
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 100 Trying
Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
To: <sip:[email protected]>
From: <sip:[email protected]:5061>;tag=1c9406
Call-ID: s200278131c2a636f
CSeq: 21739 INVITE
User-Agent: Viceroy 1.2
Content-Length: 0
@SIP/Transport.c:1218 type=1 (00000000/0)
[SIP/2.0 200 OK
Via: SIP/2.0/UDP uen0.1:5061;received=uen0.0
To: <sip:m.0>;tag=1532390844
From: <sip:uen0.1:5061>;tag=258066396
Call-ID: 11823012313477-ping-uen0.1
CSeq: 10171 OPTIONS
Contact: <sip:[email protected]>;isfocus
Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
Allow-Events: conference, refer
Accept: application/sdp, message/sipfrag, application/conference-info+xml
User-Agent: Viceroy 1.2
Content-Length: 0
Video Conference User Report:
Binary Images Description for "iChat":
0x1000 - 0x17dfff com.apple.iChat 3.1.8 (445) /Applications/iChat.app/Contents/MacOS/iChat
0x67e000 - 0x67efff com.apple.osax.digihub 1.0 /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/MacOS/Digital Hub Scripting
0x6bc000 - 0x6e8fff com.apple.osax.standardadditions 1.10.7 (???) /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/Standa rdAdditions
0x15b64000 - 0x15b6dfff com.apple.IOFWDVComponents 1.9.0 /System/Library/Components/IOFWDVComponents.component/Contents/MacOS/IOFWDVComp onents
0x15b82000 - 0x15b87fff com.apple.audio.AppleHDAHALPlugIn 1.2.9 (1.2.9a4) /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAHALPlugIn.bun dle/Contents/MacOS/AppleHDAHALPlugIn
0x15bac000 - 0x15be8fff com.apple.QuickTimeFireWireDV.component 7.1.6 /System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/QuickTim eFireWireDV
0x15bf4000 - 0x15c24fff com.apple.QuickTimeIIDCDigitizer 7.1.6 /System/Library/QuickTime/QuickTimeIIDCDigitizer.component/Contents/MacOS/Quick TimeIIDCDigitizer
0x15c2e000 - 0x15c6afff com.apple.QuickTimeUSBVDCDigitizer 1.7.5 /System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/Contents/MacOS/Qui ckTimeUSBVDCDigitizer
0x15c8e000 - 0x15de7fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Resources/GLEngine.bundle/GLEngine
0x15e13000 - 0x15e6cfff com.apple.driver.AppleIntelGMA950GLDriver 1.4.52 (4.5.2) /System/Library/Extensions/AppleIntelGMA950GLDriver.bundle/Contents/MacOS/Apple IntelGMA950GLDriver
0x15e73000 - 0x15e8ffff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLDriver.bundl e/GLDriver
0x15e96000 - 0x15ebafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLRendererFloa t.bundle/GLRendererFloat
0x161b4000 - 0x161b7fff com.apple.audio.AudioIPCPlugIn 1.0.2 /System/Library/Extensions/AudioIPCDriver.kext/Contents/Resources/AudioIPCPlugI n.bundle/Contents/MacOS/AudioIPCPlugIn
0x161d3000 - 0x161fdfff com.apple.audio.SoundManager.Components 3.9.2 /System/Library/Components/SoundManagerComponents.component/Contents/MacOS/Soun dManagerComponents
0x167e4000 - 0x167e4fff com.apple.SpotLightCM 1.0 (121.36) /System/Library/Contextual Menu Items/SpotlightCM.plugin/Contents/MacOS/SpotlightCM
0x17319000 - 0x1731bfff com.apple.AutomatorCMM 1.0.1 (87) /System/Library/Contextual Menu Items/AutomatorCMM.plugin/Contents/MacOS/AutomatorCMM
0x1733f000 - 0x17342fff com.apple.iokit.IOQTComponents 1.4 /System/Library/Components/IOQTComponents.component/Contents/MacOS/IOQTComponen ts
0x17558000 - 0x17571fff com.apple.AppleIntermediateCodec 1.1 (141) /Library/QuickTime/AppleIntermediateCodec.component/Contents/MacOS/AppleInterme diateCodec
0x17576000 - 0x1758ffff com.apple.applepixletvideo 1.2.9 (1.2d9) /System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixlet Video
0x176cd000 - 0x176d8fff com.apple.airport.diskmenu 1.1 (110.18) /System/Library/Contextual Menu Items/AirPort Disk Menu.plugin/Contents/MacOS/AirPort Disk Menu
0x176dd000 - 0x176e1fff com.apple.FolderActionsMenu 1.3.1 /System/Library/Contextual Menu Items/FolderActionsMenu.plugin/Contents/MacOS/FolderActionsMenu
0x70000000 - 0x700fbfff com.apple.audio.units.Components 1.4.5 /System/Library/Components/CoreAudio.component/Contents/MacOS/CoreAudio
0x8fe00000 - 0x8fe4afff dyld /usr/lib/dyld
0x90000000 - 0x90170fff libSystem.B.dylib /usr/lib/libSystem.B.dylib
0x901c0000 - 0x901c2fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib
0x901c4000 - 0x90201fff com.apple.CoreText 1.1.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreText.framework/Versions/A/CoreText
0x90228000 - 0x902fefff com.apple.ApplicationServices.ATS 2.0.6 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/ATS
0x9031e000 - 0x90773fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/CoreGraphics
0x9080a000 - 0x908d2fff com.apple.CoreFoundation 6.4.7 (368.28) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x90910000 - 0x90910fff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x90912000 - 0x90a05fff libicucore.A.dylib /usr/lib/libicucore.A.dylib
0x90a55000 - 0x90ad4fff libobjc.A.dylib /usr/lib/libobjc.A.dylib
0x90afd000 - 0x90b61fff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib
0x90bd0000 - 0x90bd7fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib
0x90bdc000 - 0x90c4ffff com.apple.framework.IOKit 1.4.6 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x90c64000 - 0x90c76fff libauto.dylib /usr/lib/libauto.dylib
0x90c7c000 - 0x90f22fff com.apple.CoreServices.CarbonCore 682.23 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonC ore.framework/Versions/A/CarbonCore
0x90f65000 - 0x90fcdfff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServi ces.framework/Versions/A/OSServices
0x91006000 - 0x91044fff com.apple.CFNetwork 129.20 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwo rk.framework/Versions/A/CFNetwork
0x91057000 - 0x91067fff com.apple.WebServices 1.1.3 (1.1.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServ icesCore.framework/Versions/A/WebServicesCore
0x91072000 - 0x910f1fff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchK it.framework/Versions/A/SearchKit
0x9112b000 - 0x91149fff com.apple.Metadata 10.4.4 (121.36) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Metadata
0x91155000 - 0x91163fff libz.1.dylib /usr/lib/libz.1.dylib
0x91166000 - 0x91305fff com.apple.security 4.5.2 (29774) /System/Library/Frameworks/Security.framework/Versions/A/Security
0x91403000 - 0x9140bfff com.apple.DiskArbitration 2.1.1 /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x91412000 - 0x91419fff libbsm.dylib /usr/lib/libbsm.dylib
0x9141d000 - 0x91443fff com.apple.SystemConfiguration 1.8.6 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
0x91455000 - 0x914cbfff com.apple.audio.CoreAudio 3.0.4 /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x9151c000 - 0x9151cfff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Application Services
0x9151e000 - 0x9154afff com.apple.AE 314 (313) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ AE.framework/Versions/A/AE
0x9155d000 - 0x91631fff com.apple.ColorSync 4.4.9 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ColorSync.framework/Versions/A/ColorSync
0x9166c000 - 0x916dffff com.apple.print.framework.PrintCore 4.6 (177.13) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ PrintCore.framework/Versions/A/PrintCore
0x9170d000 - 0x917b6fff com.apple.QD 3.10.24 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ QD.framework/Versions/A/QD
0x917dc000 - 0x91827fff com.apple.HIServices 1.5.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ HIServices.framework/Versions/A/HIServices
0x91846000 - 0x9185cfff com.apple.LangAnalysis 1.6.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LangAnalysis.framework/Versions/A/LangAnalysis
0x91868000 - 0x91883fff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ FindByContent.framework/Versions/A/FindByContent
0x9188e000 - 0x918cbfff com.apple.LaunchServices 182 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LaunchServices.framework/Versions/A/LaunchServices
0x918df000 - 0x918ebfff com.apple.speech.synthesis.framework 3.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x918f2000 - 0x91931fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/ImageIO
0x91944000 - 0x919f6fff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib
0x91a3c000 - 0x91a52fff libcups.2.dylib /usr/lib/libcups.2.dylib
0x91a57000 - 0x91a75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x91a7a000 - 0x91ad9fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x91aeb000 - 0x91aeffff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x91af1000 - 0x91b75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRaw.dylib
0x91b79000 - 0x91bb6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x91bbc000 - 0x91bd6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libPng.dylib
0x91bdb000 - 0x91bddfff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x91bdf000 - 0x91cbdfff libxml2.2.dylib /usr/lib/libxml2.2.dylib
0x91cda000 - 0x91cdafff com.apple.Accelerate 1.3.1 (Accelerate 1.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x91cdc000 - 0x91d6afff com.apple.vImage 2.5 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.fr amework/Versions/A/vImage
0x91d71000 - 0x91d71fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/vecLib
0x91d73000 - 0x91dccfff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvMisc.dylib
0x91dd5000 - 0x91df9fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvDSP.dylib
0x91e01000 - 0x9220afff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libBLAS.dylib
0x92244000 - 0x925f8fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libLAPACK.dylib
0x92625000 - 0x92712fff libiconv.2.dylib /usr/lib/libiconv.2.dylib
0x92714000 - 0x92791fff com.apple.DesktopServices 1.3.6 /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/Desk topServicesPriv
0x927d2000 - 0x92a02fff com.apple.Foundation 6.4.8 (567.29) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x92b0e000 - 0x92b18fff com.apple.framework.AppleTalk 1.2.0 (???) /System/Library/Frameworks/AppleTalk.framework/Versions/A/AppleTalk
0x92b1c000 - 0x92b33fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x92b3e000 - 0x92b96fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x92baa000 - 0x92baafff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
0x92bac000 - 0x92bbcfff com.apple.ImageCapture 3.0.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture. framework/Versions/A/ImageCapture
0x92bcb000 - 0x92bd3fff com.apple.speech.recognition.framework 3.6 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecogni tion.framework/Versions/A/SpeechRecognition
0x92bd9000 - 0x92bdffff com.apple.securityhi 2.0.1 (24742) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.fr amework/Versions/A/SecurityHI
0x92be5000 - 0x92c76fff com.apple.ink.framework 101.2.1 (71) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework /Versions/A/Ink
0x92c8a000 - 0x92c8efff com.apple.help 1.0.3 (32.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framewor k/Versions/A/Help
0x92c91000 - 0x92caffff com.apple.openscripting 1.2.5 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting .framework/Versions/A/OpenScripting
0x92cc1000 - 0x92cc7fff com.apple.print.framework.Print 5.2 (192.4) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framewo rk/Versions/A/Print
0x92ccd000 - 0x92d30fff com.apple.htmlrendering 66.1 (1.1.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering .framework/Versions/A/HTMLRendering
0x92d57000 - 0x92d98fff com.apple.NavigationServices 3.4.4 (3.4.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationSer vices.framework/Versions/A/NavigationServices
0x92dbf000 - 0x92dcdfff com.apple.audio.SoundManager 3.9.1 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.f ramework/Versions/A/CarbonSound
0x92dd4000 - 0x92dd9fff com.apple.CommonPanels 1.2.3 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels. framework/Versions/A/CommonPanels
0x92dde000 - 0x930d3fff com.apple.HIToolbox 1.4.9 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.fra mework/Versions/A/HIToolbox
0x931d9000 - 0x931e4fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x931e9000 - 0x93204fff com.apple.DirectoryService.Framework 3.3 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryServi ce
0x93254000 - 0x93254fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x93256000 - 0x9390cfff com.apple.AppKit 6.4.8 (824.42) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x93c8d000 - 0x93d08fff com.apple.CoreData 91 (92.1) /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x93d41000 - 0x93dfbfff com.apple.audio.toolbox.AudioToolbox 1.4.5 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x93e3e000 - 0x93e3efff com.apple.audio.units.AudioUnit 1.4.3 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x93e40000 - 0x94001fff com.apple.QuartzCore 1.4.12 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x94047000 - 0x94088fff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib
0x94090000 - 0x940cafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dyl ib
0x940cf000 - 0x940e5fff com.apple.CoreVideo 1.4 /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
0x9412b000 - 0x94173fff com.apple.bom 8.5 (86.3) /System/Library/PrivateFrameworks/Bom.framework/Versions/A/Bom
0x9417d000 - 0x941bbfff com.apple.vmutils 4.0.2 (93.1) /System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils
0x941ff000 - 0x94210fff com.apple.securityfoundation 2.2.1 (28150) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoun dation
0x9421e000 - 0x9425cfff com.apple.securityinterface 2.2.1 (27695) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInter face
0x94278000 - 0x94287fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
0x9428e000 - 0x94299fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
0x942e5000 - 0x942fffff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
0x94305000 - 0x94604fff com.apple.QuickTime 7.1.6 /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime
0x94786000 - 0x948ccfff com.apple.AddressBook.framework 4.0.4 (485.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
0x94958000 - 0x94967fff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWra ppers
0x9496e000 - 0x94997fff com.apple.LDAPFramework 1.4.2 (69.1.1) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
0x9499d000 - 0x949acfff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib
0x949b0000 - 0x949d5fff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib
0x949e1000 - 0x949fefff libresolv.9.dylib /usr/lib/libresolv.9.dylib
0x94a05000 - 0x94a6bfff com.apple.Bluetooth 1.7.14 (1.7.14f14) /System/Library/Frameworks/IOBluetooth.framework/Versions/A/IOBluetooth
0x94baa000 - 0x94c82fff edu.mit.Kerberos 5.5.24 /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
0x94d2a000 - 0x94dbcfff com.apple.WebKit 419 /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit
0x94e16000 - 0x94e98fff com.apple.JavaScriptCore 418.3 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/JavaScriptCor e.framework/Versions/A/JavaScriptCore
0x94ed1000 - 0x951b0fff com.apple.WebCore 418.21 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.frame work/Versions/A/WebCore
0x9532f000 - 0x95352fff libxslt.1.dylib /usr/lib/libxslt.1.dylib
0x955c8000 - 0x955ccfff com.apple.URLMount 2.1.7 /System/Library/PrivateFrameworks/URLMount.framework/Versions/A/URLMount
0x95ac1000 - 0x95ac2fff libCyrillicConverter.dylib /System/Library/CoreServices/Encodings/libCyrillicConverter.dylib
0x95ac4000 - 0x95ac5fff libGreekConverter.dylib /System/Library/CoreServices/Encodings/libGreekConverter.dylib
0x95ac9000 - 0x95adffff libJapaneseConverter.dylib /System/Library/CoreServices/Encodings/libJapaneseConverter.dylib
0x95ae1000 - 0x95b02fff libKoreanConverter.dylib /System/Library/CoreServices/Encodings/libKoreanConverter.dylib
0x95b0f000 - 0x95b1dfff libSimplifiedChineseConverter.dylib /System/Library/CoreServices/Encodings/libSimplifiedChineseConverter.dylib
0x95b22000 - 0x95b23fff libThaiConverter.dylib /System/Library/CoreServices/Encodings/libThaiConverter.dylib
0x95b25000 - 0x95b37fff libTraditionalChineseConverter.dylib /System/Library/CoreServices/Encodings/libTraditionalChineseConverter.dylib
0x964da000 - 0x964dafff com.apple.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
0x969c1000 - 0x969e3fff com.apple.speech.LatentSemanticMappingFramework 2.5 /System/Library/PrivateFrameworks/LatentSemanticMapping.framework/Versions/A/La tentSemanticMapping
0x96a54000 - 0x96b2bfff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgramma bility.dylib
0x96b46000 - 0x96b47fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLSystem.dy lib
0x96b49000 - 0x96b4efff com.apple.agl 2.5.9 (AGL-2.5.9) /System/Library/Frameworks/AGL.framework/Versions/A/AGL
0x96ca5000 - 0x96ca5fff com.apple.MonitorPanelFramework 1.1.1 /System/Library/PrivateFrameworks/MonitorPanel.framework/Versions/A/MonitorPane l
0x96e5f000 - 0x96e73fff com.apple.AppleShareClient 1.5.2 /System/Library/Frameworks/AppleShareClient.framework/Versions/A/AppleShareClie nt
0x96e7c000 - 0x96ebbfff com.apple.AppleShareClientCore 1.5.2 /System/Library/Frameworks/AppleShareClientCore.framework/Versions/A/AppleShare ClientCore
0x97407000 - 0x974f0fff com.apple.viceroy.framework 278.3.10 /System/Library/PrivateFrameworks/VideoConference.framework/Versions/A/VideoCon ference
0x97c34000 - 0x97c36fff com.apple.DisplayServicesFW 1.8.2 /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayS ervices
0x97e63000 - 0x98b38fff com.apple.QuickTimeComponents.component 7.1.6 /System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/QuickTim eComponents
0x98d84000 - 0x98d86fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264
0x98d88000 - 0x98f30fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/Resources/QuickTimeH 264.scalar
0x98fa0000 - 0x99063fff com.apple.QuickTimeMPEG4.component 7.1.6 /System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG 4
0x994fa000 - 0x99505fff com.apple.IMFramework 3.1.4 (429) /System/Library/Frameworks/InstantMessage.framework/Versions/A/InstantMessage
0x9950f000 - 0x9967bfff com.apple.MessageFramework 2.1.1 (752.3) /System/Library/Frameworks/Message.framework/Versions/B/Message -
Bizarre! One-Way Audio all of a sudden.
I have a 7940 connected to an ASA5505 version 9.1(4) (originally connected on a DOCSIS 3 cable modem) which has a site-to-site VPN tunnel that terminates on a Cisco 1841 and CCM 6.1 it's been working perfectly forever.
Recently I switched to a fibre optic connection (instead of the cable modem) and now I have one-way audio. Everything else works perfectly (access to CIFS/SMB file shares, FTP, telnet, SSH) though the tunnel and it behaves as it always did except a lot faster on fibre (80 ms ping down to 6 ms). The fibre ISP delivers various services (IPTV, Internet, etc.) via different VLANs so their Internet vlan is 802.1q tag 35.
So the configuration was:
interface Ethernet0/0
switchport access vlan 6
interface Vlan6
nameif outside
security-level 0
ip address dhcp setroute
and now it is:
interface Ethernet0/0
switchport trunk allowed vlan 33-36
switchport mode trunk
interface Vlan35
mac-address 109f.xxxx.xxxx
nameif outside
security-level 0
ip address dhcp setroute
and now I have one-way audio (I can hear the other end but they can't hear me). Everything else works perfectly (e.g. call setup, dialling touch tones, etc.). As the change is so subtle (just the outside interface) I am baffled and don't know where to begin troubleshooting this. In fact when it happened I was sure it was just a problem with the handset cord but I can "hear" my voice echoing back a bit. I'm keeping the DOCSIS 3 cable Internet until I get this sorted out but of course now paying for two Internet connections so don't want to have to do that any longer than I have to.
Any insight or suggestions on how to proceed very much appreciated.Well I sort of found the problem but not yet the solution. I had to switch to an ASA5505 with the Security Plus license to get the trunk I needed. If I take out the trunk (so the same configuration will work on an ASA with the base license) and get raw Internet connectivity another way (so I don't need the trunk) I have one ASA that works and one that doesn't.
They both are running 9.1(4) and have identical configurations (copied to both with TFTP).
The ASA with the Security Plus license has one way audio, the base license ASA does not.
I also uploaded both configurations to a unix box and did a diff:
< switchport trunk allowed vlan 33-36
< switchport mode trunk
> switchport access vlan 6
39a39,43
> interface Vlan6
> nameif outside
> security-level 0
> ip address dhcp setroute
> !
46,51d49
< interface Vlan35
< mac-address 109f.a943.f36a
< nameif outside
< security-level 0
< ip address dhcp setroute
< !
86d83
< mtu dmz 1500
88c85
< no failover
> mtu dmz 1500
So it's a bug, revealed by the security plus license as they have identical software and identical configurations and act differently. Not sure how to work around it yet as I have to use another router temporarily to not require the trunk and the performance is less than stellar with that in the mix. I also upgraded 9.1(4) to 9.2(1) on both - no joy, still the same. -
One way trust relationship between different domain windows server 2012 in different forest
I'd like to build trust correctly between the domains A.local and B.int. A.local is on a Windows 2012 . B.int is on a Windows 2012 . Both machines are
connected to the same LAN. The forest level in A.local
machine is Windows Server 2008 and The forest level in B.int
is Windows server 2012.
I want a one-way trust relationship, i.e. users from A.local gain access to B.local.
my problem it i create the trust put when i go to validate the trust between A.Local and B.int give me this error :
The secure channel (SC) reset on Active Directory Domain Controller \\dc2.B.int of domain B.int to domain A.Local failed with error: There are currently no logon servers available to service the logon request.
NOTE : Recently I
UPGRADE THE Active Directory FROM 2008 R2 TO 2012 and i ping on A.local to B.int
it is ping by name and IP but from b.int ping by IP JUST >>>
ihabHi,
yes i already do it the setup conditional forwarding between the 2 domains and
the firewall it is off
ihab -
IP SLA stats - one-way latency / MOS score 4.34 not updating
I'm trying to use Cisco IP SLA to bench mark voice traffic peformance before and after I apply QoS to the network.
* I've setup IP SLA in both directions over a DSL connection between a 7600, and an 1801
* I've setup IP SLA in both directions over an Ethernet WAN link between a 7200 and another 7200
ip sla 1
udp-jitter 10.101.1.1 32770 source-ip 10.101.2.1 source-port 32770 codec g711alaw
frequency 30
ip sla schedule 1 life forever start-time now
ip sla responder
I have a problem in that I'm not getting any meaningful data from the IP SLA statistics for Voice Score Values:, or any data for Latency one-way time: for any of my tests(x 4).
After a day of testing it seems the MOS score never changes from 4.34, and the ICPIF never changes from 1
Is there something wrong with my config? Is this working properly or could this be a bug?
ADSL-R1#show ip sla statistics 1 details
Round Trip Time (RTT) for Index 1
Latest RTT: 48 milliseconds
Latest operation start time: *09:27:48.435 UTC Thu Jul 5 2012
Latest operation return code: OK
Over thresholds occurred: FALSE
RTT Values:
Number Of RTT: 999 RTT Min/Avg/Max: 45/48/89 milliseconds
Latency one-way time:
Number of Latency one-way Samples: 0
Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds
Destination to Source Latency one way Min/Avg/Max: 0/0/0 milliseconds
Source to Destination Latency one way Sum/Sum2: 0/0
Destination to Source Latency one way Sum/Sum2: 0/0
Jitter Time:
Number of Jitter Samples: 997
Source to Destination Jitter Min/Avg/Max: 1/2/26 milliseconds
Destination to Source Jitter Min/Avg/Max: 1/1/18 milliseconds
Source to destination positive jitter Min/Avg/Max: 1/2/26 milliseconds
Source to destination positive jitter Number/Sum/Sum2: 348/793/4295
Source to destination negative jitter Min/Avg/Max: 1/2/16 milliseconds
Source to destination negative jitter Number/Sum/Sum2: 346/802/3742
Destination to Source positive jitter Min/Avg/Max: 1/1/18 milliseconds
Destination to Source positive jitter Number/Sum/Sum2: 330/611/2051
Destination to Source negative jitter Min/Avg/Max: 1/1/18 milliseconds
Destination to Source negative jitter Number/Sum/Sum2: 318/606/1992
Interarrival jitterout: 0 Interarrival jitterin: 0
Packet Loss Values:
Loss Source to Destination: 0 Loss Destination to Source: 1
Out Of Sequence: 0 Tail Drop: 0 Packet Late Arrival: 0
Voice Score Values:
Calculated Planning Impairment Factor (ICPIF): 1
MOS score: 4.34
Number of successes: 72
Number of failures: 0
Operation time to live: Forever
Operational state of entry: Active
Last time this entry was reset: Never
7200-R2#show ip sla statistics details
Round Trip Time (RTT) for Index 1
Type of operation: jitter
Latest RTT: 6 ms
Latest operation start time: 08:08:31.349 UTC Thu Jul 5 2012
Latest operation return code: OK
RTT Values
Number Of RTT: 1000
RTT Min/Avg/Max: 2/6/199 ms
Latency one-way time milliseconds
Number of Latency one-way Samples: 0
Source to Destination Latency one way Min/Avg/Max: 0/0/0 ms
Destination to Source Latency one way Min/Avg/Max: 0/0/0 ms
Source to Destination Latency one way Sum/Sum2: 0/0
Destination to Source Latency one way Sum/Sum2: 0/0
Jitter time milliseconds
Number of SD Jitter Samples: 999
Number of DS Jitter Samples: 999
Source to Destination Jitter Min/Avg/Max: 0/2/13 ms
Destination to Source Jitter Min/Avg/Max: 0/1/195 ms
Source to destination positive jitter Min/Avg/Max: 1/1/13 ms
Source to destination positive jitter Number/Sum/Sum2: 342/638/2142
Source to destination negative jitter Min/Avg/Max: 1/1/11 ms
Source to destination negative jitter Number/Sum/Sum2: 335/638/1886
Destination to Source positive jitter Min/Avg/Max: 1/2/195 ms
Destination to Source positive jitter Number/Sum/Sum2: 198/408/38510
Destination to Source negative jitter Min/Avg/Max: 1/2/128 ms
Destination to Source negative jitter Number/Sum/Sum2: 203/408/20720
Interarrival jitterout: 0 Interarrival jitterin: 0
Over thresholds occurred: FALSE
Packet Loss Values
Loss Source to Destination: 0 Loss Destination to Source: 0
Out Of Sequence: 0 Tail Drop: 0 Packet Late Arrival: 0
Packet Skipped: 0
Voice Score Values
Calculated Planning Impairment Factor (ICPIF): 1
MOS score: 4.34
Number of successes: 19
Number of failures: 0
Operation time to live: Forever
Operational state of entry: Active
Last time this entry was reset: 15:59:31.345 UTC Wed Jul 4 2012Update (RESOVLED)
The MOS and ICPIF scores do change. I saturated the WAN link with FTP down/upload traffic inducing packet loss,increased jitter and delay. The scores degraded accordingling show ip sla statistics 10 details
R#show ip sla statistics 10
Round Trip Time (RTT) for Index 10
Type of operation: jitter
Latest RTT: 292 ms
Latest operation start time: 19:07:12.358 UTC Tue Jul 17 2012
Latest operation return code: OK
RTT Values
Number Of RTT: 979
RTT Min/Avg/Max: 58/292/487 ms
Latency one-way time milliseconds
Number of Latency one-way Samples: 1
Source to Destination Latency one way Min/Avg/Max: 1/1/1 ms
Destination to Source Latency one way Min/Avg/Max: 112/112/112 ms
Jitter time milliseconds
Number of SD Jitter Samples: 958
Number of DS Jitter Samples: 958
Source to Destination Jitter Min/Avg/Max: 0/1/6 ms
Destination to Source Jitter Min/Avg/Max: 0/11/151 ms
Packet Loss Values
Loss Source to Destination: 0 Loss Destination to Source: 21
Out Of Sequence: 0 Tail Drop: 0
Packet Late Arrival: 0 Packet Skipped: 0
Voice Score Values
Calculated Planning Impairment Factor (ICPIF): 10
MOS score: 4.09
Number of successes: 32
Number of failures: 0
Operation time to live: Forever
Source to Destination Latency one way Sum/Sum2: 9591/94681
Destination to Source Latency one way Sum/Sum2: 346227/125286895
Jitter time milliseconds
Number of SD Jitter Samples: 999
Number of DS Jitter Samples: 999
Source to Destination Jitter Min/Avg/Max: 0/2/11 ms
Destination to Source Jitter Min/Avg/Max: 0/10/48 ms
Source to destination positive jitter Min/Avg/Max: 1/2/11 ms
Source to destination positive jitter Number/Sum/Sum2: 231/513/2789
Source to destination negative jitter Min/Avg/Max: 1/2/10 ms
Source to destination negative jitter Number/Sum/Sum2: 232/512/2724
Destination to Source positive jitter Min/Avg/Max: 1/15/48 ms
Destination to Source positive jitter Number/Sum/Sum2: 305/4762/93106
Destination to Source negative jitter Min/Avg/Max: 1/6/42 ms
Destination to Source negative jitter Number/Sum/Sum2: 682/4717/43395
Interarrival jitterout: 0 Interarrival jitterin: 0
Over thresholds occurred: FALSE
Packet Loss Values
Loss Source to Destination: 0 Loss Destination to Source: 0
Out Of Sequence: 0 Tail Drop: 0 Packet Late Arrival: 0
Packet Skipped: 0
Voice Score Values
Calculated Planning Impairment Factor (ICPIF): 5
MOS score: 4.24
Number of successes: 43
Number of failures: 0
Operation time to live: Forever
Operational state of entry: Active
Last time this entry was reset: 17:51:41.945 BST Fri Jul 20 2012 -
Users see all applications in RDS 2012 Web access in one-way trust domain environment
Hello!
We have RDS 2012 deployment in domainA.local. There is a one-way trust between domainA.local and domainB.local: A trusts B and B doesn't trust A.
A user from domainB.local authenticates in Web-access interface (wa.domainA.local) and sees
every published application in every collection in the deployment independently of UserGroups setting of collections and applications. This occurs for any domainB user.
In the security log of wa.domainA.local we can find an event :
An account failed to log on.
Subject:
Security ID: IIS APPPOOL\RDWebAccess
Account Name: RDWebAccess
Account Domain: IIS APPPOOL
Logon ID: 0x2C7B16
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name:
Account Domain:
Failure Information:
Failure Reason: An error occurred during logon
Status: 0xC000005E
Sub Status: 0x0
Also in network trace on wa.domainA.local kerberos error could be found:
On TGS-REQ for krbtgt/[email protected] there is an answer: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7), server name krbtgt/domainB.
How to deal with this issue? The aim is to show only specified applications to domainB users.
Any help would be appreciated.Hi,
Thank you for your posting in Windows Server Forum.
Please check below links might useful for your case.
“After adding the RDS server’s computer account to the Builtin Windows Authorization Access Group domain group, the RemoteApp icons displayed perfectly.” (Quoted from
this article)
1. Remote APP list empty
2. RD
Web Access unable to access Source (RD Server)
In respect to Kerberos Error, refer this link for troubleshooting.
1. Troubleshooting Kerberos Authentication problems – Name resolution issues
2. Kerberos Authentication problems – Service Principal Name (SPN) issues - Part 2
Hope it helps!
Thanks,
Dharmesh
Maybe you are looking for
-
Authorization Object is not working when report is modified.
Hi BW Guru's We have Company Code as Authorization Object .and we have 3 company Codes (xxxx,yyyy,zzzz).where the users under Company code xxxx are not supposed to view company code yyyy,zzzz data etc. I modified an existing Report and transported to
-
How to check dependency of assets in adobe lc application?
Hi, while creating .lca of the application, i see my assets in the application references to another asset of another application. so when i take lca, it creates dependent assets also. Is there any ways where we can check the reference dependencies o
-
Macbook to Monitor problem!!
I have the new macbook pro 13 and I just purchased an asus led 1080p monitor but when hooking it up to with hdmi it only displays in 480p. Any ideas what I need to do? I have tried selecting 1080p in system preferences and its just a black screen.
-
Trackpad & Connection Lost Issue
I'm not sure whether this post belongs in the connectivity area or this one, but since I'm not trying to connect anything I think it belongs here. My laptop started to concern me today as my trackpad started to act up. I have been experiencing episod
-
Flash player and excessive popups
Yes, I was once plagued by flash player based ads opening tons of popups so I set flash player to ask for activation, solved my problem.... BUT, I managed to press "Allow and remember" instead of just "Allow now", so my question is, where to do I fin