IPSec secured L2TPv3 - one way traffic in L2 tunnel

Similar Messages

• ASA 5505 VPN One Way Traffic

  I am currently having an issue with two ASA 5505s.  One would be representing a Central office for a small business operating a L2L IPsec VPN using a dynamic map for a remote site that does not have a static IP address.
  I stripped the configuration down to the minimal possible for testing to get this working but ran into an issue where although I have my ISAKMP SA and my IPsec SA the tunnel is only passing traffic from my remote site with the dynamic address to the Central site with a static IP address.  The Central site with the static IP address will not pass traffic to the remote site.
  During my troubleshooting I came across two different issues.  I could at some points get traffic coming from the Central site to hit my ACL as interesting traffic to the remote site, but it would then not hit the ACL for no NAT.  I just could not figure out why the no NAT ACL wasn't working.  My configuration matched a few configurations I found online, but no joy on getting it to actually bypass NAT to the remote site. 
  I have had the same type of set-up working on ISRs with no issue, but I do not have the same amount of experience with ASAs so any help would be appriciated.  The Configurations I am using for the basic testing are below with the Hub being the Static IP site and the Spoke being a dynamic IP address site.
  ASA Version 8.0(2)
  hostname ASAHUB
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.10.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 12.15.44.176 255.255.255.192
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  shutdown
  interface Ethernet0/2
  shutdown    
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  passwd 2KFQnbNIdI.2KYOU encrypted
  ftp mode passive
  access-list NONAT_INSIDE extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
  access-list VPN extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-713.bin
  no asdm history enable
  arp timeout 14400
  nat-control
  global (outside) 1 interface
  nat (inside) 0 access-list NONAT_INSIDE
  nat (inside) 1 0.0.0.0 0.0.0.0
  route outside 0.0.0.0 0.0.0.0 12.15.44.129 1
  route outside 192.168.20.0 255.255.255.0 12.15.44.129 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout uauth 0:05:00 absolute
  dynamic-access-policy-record DfltAccessPolicy
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set TEST esp-3des esp-md5-hmac
  crypto dynamic-map TEST 20 match address VPN
  crypto dynamic-map TEST 20 set transform-set TEST
  crypto map TEST 30 ipsec-isakmp dynamic TEST
  crypto map TEST interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  crypto isakmp policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto isakmp nat-traversal 10
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  tunnel-group DefaultL2LGroup ipsec-attributes
  pre-shared-key *
  ASA Version 8.2(1)
  hostname ASASPOKE
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.20.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  shutdown
  interface Ethernet0/2
  shutdown
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  ftp mode passive
  access-list NONAT_INSIDE extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
  access-list VPN extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list NONAT_INSIDE
  nat (inside) 1 0.0.0.0 0.0.0.0
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set TEST esp-3des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map VPN 10 match address VPN
  crypto map VPN 10 set peer 12.15.44.176
  crypto map VPN 10 set transform-set TEST
  crypto map VPN interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  crypto isakmp policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  tunnel-group 12.xx.xx.xx type ipsec-l2l
  tunnel-group 12.xx.xx.xx ipsec-attributes
  pre-shared-key *

  Well I had pretty much given up on this, but today had a few extra minutes so I grabbed some ASAs that I had wiped for a different project, copied my configs back on them and actually ended up with a functional VPN passing traffic in both directions.  The only change that was made from the above configurations was with NAT traversal. 
  On the Configurations above the NAT traversal was configured only on the HUB ASA.  When I got the configuration to work correctly it was with the NAT traversal configured only on the Spoke/Remote ASA.  Does anyone know why that made the difference? 
  The final configs for both of the devices I used for testing are below. 
  ASA Version 8.0(2)
  hostname HUB
  enable password 8Ry2YjIyt7RRXU24 encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.10.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 12.xx.xxx.xx 255.255.255.192
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  shutdown
  interface Ethernet0/2
  shutdown
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  passwd 2KFQnbNIdI.2KYOU encrypted
  ftp mode passive
  access-list NONAT_INSIDE extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
  access-list VPN extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-713.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list NONAT_INSIDE
  nat (inside) 1 0.0.0.0 0.0.0.0
  route outside 0.0.0.0 0.0.0.0 12.15.44.129 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout uauth 0:05:00 absolute
  dynamic-access-policy-record DfltAccessPolicy
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set TEST esp-3des esp-md5-hmac
  crypto dynamic-map TEST 20 match address VPN
  crypto dynamic-map TEST 20 set transform-set TEST
  crypto map TEST 30 ipsec-isakmp dynamic TEST
  crypto map TEST interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  crypto isakmp policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  threat-detection basic-threat
  threat-detection statistics access-list
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters  
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
  service-policy global_policy global
  tunnel-group DefaultL2LGroup ipsec-attributes
  pre-shared-key cisco
  prompt hostname context
  Cryptochecksum:ac4003df5144c618b70555bf31b56e03
  : end        
  ASA Version 8.2(1)
  hostname ASASPOKE
  enable password 8Ry2YjIyt7RRXU24 encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.20.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  shutdown    
  interface Ethernet0/2
  shutdown
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  ftp mode passive
  access-list NONAT_INSIDE extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
  access-list VPN extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list NONAT_INSIDE
  nat (inside) 1 0.0.0.0 0.0.0.0
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set TEST esp-3des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map VPN 10 match address VPN
  crypto map VPN 10 set peer 12.xx.xxx.xx
  crypto map VPN 10 set transform-set TEST
  crypto map VPN interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  crypto isakmp policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto isakmp nat-traversal 10
  track 10 rtr 10 reachability
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  tunnel-group 12.xx.xxx.xx type ipsec-l2l
  tunnel-group 12.xx.xxx.xx ipsec-attributes
  pre-shared-key cisco
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:50a9d87c794db95b0f4cac127ee3c0fe
  : end

• How to force one way traffic - JSP Servlet?

  JSP "A" displays one quiz question (retrieved out of the database).
  When the user hits submit, the "post" info is sent and processed by servlet "B".
  Servlet "B" also retrieves a new question out of the database, and sends that new question back to JSP "A" for display.
  User submits answer... back to servlet "B" where the process is repeated until the total questions hits 25.
  Then another JSP "C" displays the quiz score and that variable gets stored in the database.
  My question:
  I want to be able to detect if the user hits the back button because if he/she does, my scoring is not correct any longer. Also I want to prevent that the user can see and re-answer a previous question by using the backbutton (only one chance to answer).
  *Any ideas on how I can detect if the user hits the back button without using javascript?*
  I was told before to compare a hidden field on JSP "A" with a step variable stored in the user's session. Then if these 2 were off (because theback button was hit, the user would be directed to an error/warning page). Exactly what I need! However, I don't see how the value stored in the hidden field in the JSP can be compared to the session variable since the hidden field's value never changes. Correct??? Am I missing something?

  No, you'd give each question a number, and keep track on the user's side what questions they've already answered. If the user submits an already-answered question, you could then easily detect that.
  If you wanted to be extra paranoid, you could set a random number in another hidden field. When you retrieve the question from the database, select a random number (from a big range, so the user can't easily guess it) and store it in the user's session, and put it in the hidden field. When the user submits their answer, compare the two. If they're not the same, raise an error.
  If the user tries hitting the back button and re-submits...then at this point, you would have chosen a new number, but they would be seeing the old old. When they submit again, the numbers wouldn't match.
  Also: you should send an Expires: header when you send the JSP page, to prevent the page from being cached. That way, when the user goes to page A, they'll always see the latest question.
  A cheater could alter their browser (or use a proxy, or whatever) to cache regardless, but they can't change the fact that the server is tracking which questions have already been asked and what the paranoia number is.

• One way ping through new switch

  NetTechMike wrote:
  If a ping works one way, then it is almost always the firewall on the end of the connection
  PING isn't a one way traffic item. It is bi-directional.
  The ICMP echo request goes out and the reply is what you see at the command prompt when you get a "reply received"
  So, if PING really is replying with a proper response and not a "destination host unreachable" then there isn't a thing wrong on the routing side, it'll be the firewall.

  Hello!A few days back we installed a new switch (HP 1620-24G JG913A) for a new office inside our building. The switch is connected to the same one in our server room. The computers inside the office are functioning perfectly as far as the users are concirned. They can use network printers, open helpdesk tickets, access the intranet, internet, etc.
  However, even though everything was functioning well in the old office (the machines are the same ones), nothing going the other way can get through. They can't be pinged, Spiceworks doesn't recognize them (although they have agents installed), and, well, that's not nice.The two switches are configured identically, and googling for the solution hasn't turned up anything usable (for me). For now it's not a big issue, but I'd like to solve it, so that it wouldn't become a problem later.Any help...
  This topic first appeared in the Spiceworks Community

• SHAREPOINT QUESTION: One way SYNC of files from SharePoint cloud to hard-drive

  SHAREPOINT QUESTION: One way SYNC of files from SharePoint cloud to hard-drive
  How does a person enable Sales reps to SYNC literature files from a cloud library down to their computer,.... but then not be able to have them accidentally delete the files by accident if they delete a file from their computer and then have it
  sync upwards again.
  Permission Level
  "Read" allows to download individual files but not SYNC down and there are too many files for them to go and download each file every-time.
  "View Only" is only visible on the browser and not useful when reps are in remote parts of the world.
  "Contribute" allows the sales reps to SYNC but if they delete a file from their computer, then it deletes it for all which is to much.
  There must surely be a way to allow a one way (cloud-to-hard-drive) SYNC to avoid folks from deleting files.
  Does anybody know how to d this or if not, how do I have Microsoft consider such a perceived weakness compare to dropbox

  You can achieve the functionality which you describe using the OneDrive (SkyDrive Pro) in Sharepoint 2013. You can setup read only folders to sync to achieve "one way" traffic. You will need Office 2013 locally to avail the full features of
  the coauthoring environment if you are looking into that as well.
  Sharing with everyone (Read Only): http://community.office365.com/en-us/b/office_365_community_blog/archive/2013/07/15/ways-to-quot-share-with-everyone-quot-in-skydrive-pro.aspx
  Some benefits of using OneDrive include the following:
  Users can take their documents offline with them and have them synchronize when they are online again.
  Users' documents can be synchronized across all client devices and servers where the files are stored and synchronized.
  Multiple users (online or offline) can work on documents at the same time, and the OneDrive for Business Windows Sync client will synchronize the changes between the users. If there are conflicts, users are prompted to resolve the conflicts.
  Users can share and collaborate on documents.
  Users can work from many locations, either online or offline, and work from many devices.
  http://technet.microsoft.com/en-us/library/dn167720(v=office.15).aspx
  Thanks, Ransher Singh, MCP, MCTS | Click Vote As Helpful if you think that post is helpful in responding your question click Mark As Answer, if you think that this is your answer for your question.

• Traffic only allowed one-way for VPN connected computers

  Hello,
  I currently have an ASA 5505.  I have set it up as a remote access SSL VPN. My computers can connect to the VPN just fine.  They just can't access the internal LAN (192.168.250.0).  They can't ping the inside interface of the ASA, or any of the machines.  It seems like all traffic is blocked for them.  The strange thing is that when someone is connected to the VPN, I can ping that VPN-connect machine from the ASA and other machines inside the LAN.  It seems the traffic only allows one way.  I have messed with ACL's with no avail.  Any suggestions please?
  DHCP Pool: 192.168.250.20-50 --> For LAN
  VPN Pool: 192.168.250.100 and 192.168.250.101
  Outside interface grabs DHCP from modem
  Inside interface: 192.168.1.1
  Current Running Config:
  : Saved
  ASA Version 8.2(5)
  hostname HardmanASA
  enable password ###### encrypted
  passwd ####### encrypted
  names
  interface Ethernet0/0
  switchport access vlan 20
  interface Ethernet0/1
  switchport access vlan 10
  interface Ethernet0/2
  switchport access vlan 10
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown    
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  switchport access vlan 10
  interface Vlan1
  no nameif
  no security-level
  no ip address
  interface Vlan10
  nameif inside
  security-level 100
  ip address 192.168.250.1 255.255.255.0
  interface Vlan20
  nameif outside
  security-level 0
  ip address dhcp setroute
  ftp mode passive
  dns domain-lookup inside
  dns domain-lookup outside
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  ip local pool VPN_Pool 192.168.250.100-192.168.250.101 mask 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 10 interface
  nat (inside) 10 192.168.250.0 255.255.255.0
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa authentication ssh console LOCAL
  http server enable
  http 192.168.250.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  telnet timeout 5
  ssh 192.168.250.0 255.255.255.0 inside
  ssh timeout 5
  ssh version 2
  console timeout 0
  dhcpd dns 8.8.8.8
  dhcpd address 192.168.250.20-192.168.250.50 inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  enable outside
  svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
  svc image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
  svc image disk0:/anyconnect-linux-2.5.2014-k9.pkg 3
  svc enable
  tunnel-group-list enable
  group-policy DfltGrpPolicy attributes
  dns-server value 8.8.8.8
  vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
  tunnel-group AnyConnect type remote-access
  tunnel-group AnyConnect general-attributes
  address-pool VPN_Pool
  tunnel-group AnyConnect webvpn-attributes
  group-alias AnyConnect enable
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect ip-options
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:30fadff4b400e42e73e17167828e046f
  : end

  Hello,
  I seem to be having the same kind of issue although I cannot ping from either end.
  Ive set up a l2tp/ipsec vpn which I am able to connect to and get ip from my ip pool (radius authentication is working).
  I tried running:
  access-list NAT_0 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
  nat (inside) 0 access-list NAT_0
  but i get an error msg saying that the syntax of the nat command is deprecated. Im running ASA version 8.4.
  Ive fiddled around abit to find the correct syntax but have been unsuccessfull so far.
  Any help would be much appreciated
  This is a part of my config:
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network AD1
  host 192.168.1.31
  description AD/RADIUS
  object network NETWORK_OBJ_192.168.1.0_24
  subnet 192.168.1.0 255.255.255.0
  object network vpn_hosts
  subnet 192.168.2.0 255.255.255.0
  access-list AD_splitTunnelAcl standard permit 192.168.1.0 255.255.255.0
  access-list split-acl standard permit 192.168.1.0 255.255.255.0
  access-list inside_nat0_outbound extended permit ip any 192.168.1.0 255.255.255.0
  access-list inside_0_outbound extended permit ip object NETWORK_OBJ_192.168.1.0_24 object vpn_hosts
  ip local pool POOL2 192.168.2.2-192.168.2.10 mask 255.255.255.0
  nat (inside,outside) source static any any destination static NETWORK_OBJ_192.168.1.0_25 NETWORK_OBJ_192.168.1.0_25 no-proxy-arp route-lookup
  nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static NETWORK_OBJ_192.168.1.0_25 NETWORK_OBJ_192.168.1.0_25 no-proxy-arp route-lookup
  nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static vpn_hosts vpn_hosts
  object network obj_any
  nat (inside,outside) dynamic interface
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 ########## 1
  no vpn-addr-assign aaa
  no vpn-addr-assign dhcp

• How to configure a one-way L2L IPSec tunnel

  This may be a dumb question, since VPN is for communications between trusted parties and that most people would try to fix a one-way tunnel.
  But I am interested in turning a regular tunnel into one-way only, i.e., only traffic on my side can initiate the tunnel.
  We recently built this tunnel between our ASA5510 and our biz partner's ASA5510 in order to run critical apps on their non-Internet-facing web servers. I want to tie it down so that they can't initiate the VPN. I have the crypto ACL set to limit to a port address so they can only come to us from that port once the tunnel is established. We also have personal firewall installed on each host.
  Any idea on how to make the tunnel one way and also protect us better once the tunnel is up?

  Hi,
  You can use the following command:
  crypto map map-name seq-num set connection-type {answer-only | originate-only | bidirectional}
  This command defines whether the tunnel is originate-only or answer-only. If you set the tunnel on your side to originate-only, the asa will never accept the tunnel setup from your business partner. However, you can still initiate the vpn tunnel setup.
  Check out:
  http://www.cisco.com/en/US/partner/docs/security/asa/asa80/command/reference/c5.html#wp2152576
  Although the reference is for ASA8.0 I know it works for 7.2.x as well
  Hope this helps
  Kind regards
  Pieter-Jan

• One way audio over VPN

  I have 2 Cisco 1941 routers with a standard IPSec tunnel between them. Data works fine, but VoIP is encountering a one way audio issue where the remote site calling cannot be heard but they can hear me.  This seems to match what I'm seeing in encaps and decaps. The quesion I'm having is why would the remote site be encapsulating all packets but the office router isn't decaping these audio packets. I isolated one phone specifically so that's why the SA is for only 1 host.
  Thanks!
  OFFICE ROUTER
     protected vrf: (none)
     local  ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)
     remote ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)
     current_peer REMOTE_IP port 4500
       PERMIT, flags={origin_is_acl,}
      #pkts encaps: 4104, #pkts encrypt: 4104, #pkts digest: 4104
      #pkts decaps: 375, #pkts decrypt: 375, #pkts verify: 375
      #pkts compressed: 0, #pkts decompressed: 0
      #pkts not compressed: 0, #pkts compr. failed: 0
      #pkts not decompressed: 0, #pkts decompress failed: 0
      #send errors 1, #recv errors 0
       local crypto endpt.: 192.168.0.227, remote crypto endpt.: REMOTE_IP
       path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0
       current outbound spi: 0x69C77389(1774678921)
       PFS (Y/N): N, DH group: none
       inbound esp sas:
        spi: 0xEA4A3FF9(3930734585)
          transform: esp-3des esp-sha-hmac ,
          in use settings ={Tunnel UDP-Encaps, }
          conn id: 2095, flow_id: Onboard VPN:95, sibling_flags 80000046, crypto map: VPN_MAP
          sa timing: remaining key lifetime (k/sec): (4409444/1207)
          IV size: 8 bytes
          replay detection support: Y
          Status: ACTIVE
  REMOTE ROUTER
     protected vrf: (none)
     local  ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)
     remote ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)
     current_peer IP_OFFICE port 4500
       PERMIT, flags={origin_is_acl,}
      #pkts encaps: 4055, #pkts encrypt: 4055, #pkts digest: 4055
      #pkts decaps: 4099, #pkts decrypt: 4099, #pkts verify: 4099
      #pkts compressed: 0, #pkts decompressed: 0
      #pkts not compressed: 0, #pkts compr. failed: 0
      #pkts not decompressed: 0, #pkts decompress failed: 0
      #send errors 0, #recv errors 0
       local crypto endpt.: IP_REMOTE, remote crypto endpt.: IP_OFFICE
       path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0
       current outbound spi: 0xEA4A3FF9(3930734585)
       PFS (Y/N): N, DH group: none

  Thanks Michal.
  1) I have taken these buffer captures. The capture associated with "outside" is short when compared with the number of packets from the "inside" capture in the amount that is most likely associated with the call we placed.
  2) Not NAT at all.
  3) No CBAC or ZBF, unless some default that I'm not aware of. Not sure off hand how to disable those.
  I did get this case through to TAC but after 3 hours we are left at comparing the capture buffers.

• One way encryption, decrypting not encrypting ASA5505

  Hello All,
  I've been troubleshooting this issue and was hoping to get some more feed back and maybe point out an error if I'm not seeing it. I recently setup a remote access VPN on Cisco ASA 5505. Everything appeared to work at first and the IPsec client connect. However if you look at the packets being encrypted an decrypted on the Client side only the encrypted counter is incrementing and the decrypted stays at 0. The opposite is true on the ASA side the decrypted continures to increment and the encrypted stays at zero. My first thought was maybe a mis configured NAT 0 statement or not defining the correct Split tunnel ACL but I have verified that. I will post my config so maybe someone can point on the error. The asa version 8.2(5), I'll also list a packet-tracer I did from an inside host to VPN IP.
  Any help will be greatly appreacted, thanks in advance!
  ASA Version 8.2(5)
  terminal width 511
  hostname xyz
  domain-name xyz.local
  no names
  dns-guard
  interface Ethernet0/0
  description ISP Connection
  switchport access vlan 900
  interface Ethernet0/1
  switchport access vlan 10
  interface Ethernet0/2
  switchport access vlan 20
  interface Ethernet0/3
  switchport access vlan 30
  interface Ethernet0/4
  switchport access vlan 40
  interface Ethernet0/5
    switchport access vlan 50
  switchport trunk allowed vlan 10,20,30,40,350
  switchport trunk native vlan 10
  switchport mode trunk
  interface Ethernet0/6
  switchport trunk allowed vlan 10,20,30,40,350
  switchport trunk native vlan 10
  switchport mode trunk
  interface Ethernet0/7
  description WAP
  switchport trunk allowed vlan 10,20,30,40,350
  switchport trunk native vlan 10
  switchport mode trunk
  interface Vlan10
  description LAN
  nameif inside
  security-level 100
  ip address 10.10.254.1 255.255.0.0
  interface Vlan20
  description LAN
  nameif inside20
  security-level 100
  ip address 10.20.254.1 255.255.0.0
  interface Vlan30
  description LAN
  nameif inside30
  security-level 100
  ip address 10.30.254.1 255.255.0.0
  interface Vlan40
  description LAN
  nameif inside40
  security-level 100
  ip address 10.40.254.1 255.255.0.0
  interface Vlan350
  description Guest LAN
  nameif guest
  security-level 50
  ip address 10.3.50.254 255.255.255.0
  interface Vlan900
  description ISP Connection
  nameif outside
  security-level 0
  ip address x.x.x.x 255.255.255.252
  boot system disk0:/asa825-k8.bin
  ftp mode passive
  dns server-group DefaultDNS
  domain-name xyz.local
  same-security-traffic permit intra-interface
  access-list OUTSIDE-IN remark :
  access-list OUTSIDE-IN remark : Allow OUTSIDE to inside
  access-list OUTSIDE-IN remark :
  access-list OUTSIDE-IN remark Allow ICMP Replies
  access-list OUTSIDE-IN extended permit icmp any any echo-reply
  access-list OUTSIDE-IN extended permit icmp any any time-exceeded
  access-list OUTSIDE-IN extended permit icmp any any unreachable
  access-list NAT-0-INSIDE remark :
  access-list NAT-0-INSIDE remark : Do not NAT this traffic
  access-list NAT-0-INSIDE remark :
  access-list NAT-0-INSIDE remark Allow LAN to VPN Users
  access-list NAT-0-INSIDE extended permit ip 10.10.0.0 255.255.0.0 172.16.10.0 255.255.255.0
  access-list NAT-0-INSIDE extended permit ip 10.20.0.0 255.255.0.0 172.16.10.0 255.255.255.0
  access-list NAT-0-INSIDE extended permit ip 10.40.0.0 255.255.0.0 172.16.10.0 255.255.255.0
  access-list NAT-0-INSIDE extended permit ip 10.30.0.0 255.255.0.0 172.16.10.0 255.255.255.0
  access-list NAT-0-INSIDE extended permit ip 10.3.0.0 255.255.255.0 172.16.10.0 255.255.255.0
  access-list NAT-10-INSIDE remark :
  access-list NAT-10-INSIDE remark : Allow LAN NAT
  access-list NAT-10-INSIDE remark :
  access-list NAT-10-INSIDE extended permit ip 10.0.0.0 255.0.0.0 any
  access-list VPN-SPLIT-TUNNEL remark :
  access-list VPN-SPLIT-TUNNEL remark : Add Routes for these networks to the VPN clients
  access-list VPN-SPLIT-TUNNEL remark :
  access-list VPN-SPLIT-TUNNEL extended permit ip 10.10.0.0 255.255.0.0 any
  access-list VPN-SPLIT-TUNNEL extended permit ip 10.20.0.0 255.255.0.0 any
  access-list VPN-SPLIT-TUNNEL extended permit ip 10.30.0.0 255.255.0.0 any
  access-list VPN-SPLIT-TUNNEL extended permit ip 10.40.0.0 255.255.0.0 any
  access-list VPN-SPLIT-TUNNEL extended permit ip 10.3.0.0 255.255.255.0 any
  pager lines 40
  logging enable
  logging timestamp
  logging buffer-size 16384
  logging buffered debugging
  logging trap informational
  logging history errors
  logging asdm informational
  mtu inside 1500
  mtu inside20 1500
  mtu inside30 1500
  mtu inside40 1500
  mtu guest 1500
  mtu outside 1500
  ip local pool VPN-POOL 172.16.10.1-172.16.10.99 mask 255.255.255.0
  ip audit name IDSATTACK attack action alarm drop reset
  ip audit interface inside IDSATTACK
  ip audit interface inside20 IDSATTACK
  ip audit interface inside30 IDSATTACK
  ip audit interface inside40 IDSATTACK
  ip audit interface guest IDSATTACK
  ip audit interface outside IDSATTACK
  ip audit attack action alarm drop reset
  ip audit signature 2000 disable
  ip audit signature 2001 disable
  ip audit signature 2004 disable
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any inside
  icmp permit any inside20
  icmp permit any inside30
  icmp permit any inside40
  icmp permit any guest
  icmp permit any outside
  asdm image disk0:/asdm-649.bin
  asdm history enable
  arp timeout 14400
  global (outside) 10 interface
  nat (inside) 0 access-list NAT-0-INSIDE
  nat (inside) 10 access-list NAT-10-INSIDE
  nat (inside20) 0 access-list NAT-0-INSIDE
  nat (inside20) 10 access-list NAT-10-INSIDE
  nat (inside30) 0 access-list NAT-0-INSIDE
  nat (inside30) 10 access-list NAT-10-INSIDE
  nat (inside40) 0 access-list NAT-0-INSIDE
  nat (inside40) 10 access-list NAT-10-INSIDE
  nat (guest) 0 access-list NAT-0-INSIDE
  nat (guest) 10 access-list NAT-10-INSIDE
  access-group OUTSIDE-IN in interface outside
  route outside 0.0.0.0 0.0.0.0 x.x.x.y 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa-server TACACS+ protocol tacacs+
  aaa-server RADIUS protocol radius
  aaa-server RADIUS-AUTH protocol radius
  aaa authentication serial console LOCAL
  aaa authentication telnet console LOCAL
  aaa authentication ssh console LOCAL
  aaa authentication http console LOCAL
  aaa authentication enable console LOCAL
  aaa authentication secure-http-client
  http server enable 444
  http 0.0.0.0 0.0.0.0 outside
  http 0.0.0.0 0.0.0.0 inside
  sysopt noproxyarp inside
  sysopt noproxyarp inside20
  sysopt noproxyarp inside30
  sysopt noproxyarp inside40
  crypto ipsec transform-set AES-256-SHA-ENCRYPT esp-aes-256 esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map VPN-DYN-MAP 1 set transform-set AES-256-SHA-ENCRYPT
  crypto dynamic-map VPN-DYN-MAP 1 set security-association lifetime seconds 28800
  crypto dynamic-map VPN-DYN-MAP 1 set security-association lifetime kilobytes 4608000
  crypto map OUTSIDE-MAP 65535 ipsec-isakmp dynamic VPN-DYN-MAP
  crypto map OUTSIDE-MAP interface outside
  crypto isakmp identity hostname
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  telnet 0.0.0.0 0.0.0.0 inside
  telnet 0.0.0.0 0.0.0.0 outside
  telnet timeout 20
  ssh 0.0.0.0 0.0.0.0 inside
  ssh 0.0.0.0 0.0.0.0 outside
  ssh timeout 20
  console timeout 0
  dhcpd ping_timeout 750
  dhcpd address 10.10.1.1-10.10.1.99 inside
  dhcpd dns 4.2.2.2 interface inside
  dhcpd domain xyz.local interface inside
  dhcpd enable inside
  dhcpd address 10.20.1.1-10.20.1.99 inside20
  dhcpd dns 4.2.2.2 interface inside20
  dhcpd enable inside20
  dhcpd address 10.30.1.1-10.30.1.99 inside30
  dhcpd dns 4.2.2.2 interface inside30
  dhcpd enable inside30
  dhcpd address 10.40.1.1-10.40.1.99 inside40
  dhcpd dns 4.2.2.2 interface inside40
  dhcpd enable inside40
  dhcpd address 10.3.50.1-10.3.50.99 guest
  dhcpd dns 4.2.2.2 interface guest
  dhcpd enable guest
  threat-detection basic-threat
  threat-detection statistics host
  threat-detection statistics access-list
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  tunnel-group-list enable
  group-policy VPN-POLICY internal
  group-policy VPN-POLICY attributes
  vpn-simultaneous-logins 20
  vpn-idle-timeout 3600
  vpn-session-timeout 1440
  vpn-tunnel-protocol IPSec svc webvpn
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value VPN-SPLIT-TUNNEL
  default-domain value xyz.local
  split-dns value xyz.local
  tunnel-group secant type remote-access
  tunnel-group secant general-attributes
  address-pool VPN-POOL
  authentication-server-group (outside) LOCAL
  default-group-policy VPN-POLICY
  tunnel-group secant ipsec-attributes
  pre-shared-key *****
  class-map INSPECTION-DEFAULT
  description Complete Protocol Inspection List Class Map
  match default-inspection-traffic
  policy-map type inspect dns INSPECT-DNS-MAP
  parameters
    message-length maximum client auto
    message-length maximum 4096
  policy-map GLOBAL-INSPECTION-POLICY
  description Global Inspection Policy
  class INSPECTION-DEFAULT
    inspect ftp
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
    inspect http
    inspect ils
    inspect pptp
    inspect ipsec-pass-thru
    inspect icmp
    inspect dns INSPECT-DNS-MAP
    inspect ctiqbe
    inspect dcerpc
    inspect mgcp
    inspect icmp error
    inspect snmp
    inspect waas
    inspect h323 h225
    inspect h323 ras
  service-policy GLOBAL-INSPECTION-POLICY global
  A5505-1# packet-tracer input inside icmp 10.10.253.1 1 1 172.16.10.1 detailed
  Phase: 1
  Type: ROUTE-LOOKUP
  Subtype: input
  Result: ALLOW
  Config:
  Additional Information:
  in   172.16.10.1     255.255.255.255 outside
  Phase: 2
  Type: IP-OPTIONS
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xc96adb20, priority=0, domain=inspect-ip-options, deny=true
          hits=69511, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 3
  Type: INSPECT
  Subtype: np-inspect
  Result: ALLOW
  Config:
  class-map INSPECTION-DEFAULT
  description Complete Protocol Inspection List Class Map
  match default-inspection-traffic
  policy-map GLOBAL-INSPECTION-POLICY
  description Global Inspection Policy
  class INSPECTION-DEFAULT
    inspect icmp
  service-policy GLOBAL-INSPECTION-POLICY global
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xcc510638, priority=70, domain=inspect-icmp, deny=false
          hits=10388, user_data=0xcc510438, cs_id=0x0, use_real_addr, flags=0x0, protocol=1
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 4
  Type: INSPECT
  Subtype: np-inspect
  Result: ALLOW
  Config:
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xcc51dbb8, priority=70, domain=inspect-icmp-error, deny=false
          hits=10388, user_data=0xcc51d9b8, cs_id=0x0, use_real_addr, flags=0x0, protocol=1
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 5
  Type: DEBUG-ICMP
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xc97e7e30, priority=12, domain=debug-icmp-trace, deny=false
          hits=16500, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=1
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 6
  Type: NAT-EXEMPT
  Subtype:
  Result: ALLOW
  Config:
    match ip inside 10.10.0.0 255.255.0.0 outside 172.16.10.0 255.255.255.0
      NAT exempt
      translate_hits = 5, untranslate_hits = 796
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xc97b1d40, priority=6, domain=nat-exempt, deny=false
          hits=5, user_data=0xc9840640, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
          src ip=10.10.0.0, mask=255.255.0.0, port=0
          dst ip=172.16.10.0, mask=255.255.255.0, port=0, dscp=0x0
  Phase: 7
  Type: NAT
  Subtype:
  Result: ALLOW
  Config:
  nat (inside) 10 access-list NAT-10-INSIDE
    match ip inside 10.0.0.0 255.0.0.0 outside any
      dynamic translation to pool 10 (x.x.x.x [Interface PAT])
      translate_hits = 61470, untranslate_hits = 8513
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xc9950080, priority=2, domain=nat, deny=false
          hits=61604, user_data=0xc994ffc0, cs_id=0x0, flags=0x0, protocol=0
          src ip=10.0.0.0, mask=255.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 8
  Type: NAT
  Subtype: host-limits
  Result: ALLOW
  Config:
  nat (inside) 10 access-list NAT-10-INSIDE
    match ip inside 10.0.0.0 255.0.0.0 inside any
      dynamic translation to pool 10 (No matching global)
      translate_hits = 0, untranslate_hits = 0
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xc994d1e0, priority=2, domain=host, deny=false
          hits=69627, user_data=0xc994cdc8, cs_id=0x0, reverse, flags=0x0, protocol=0
          src ip=10.0.0.0, mask=255.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 9
  Type: VPN
  Subtype: encrypt
  Result: ALLOW
  Config:
  Additional Information:
  Forward Flow based lookup yields rule:
  out id=0xc983d570, priority=70, domain=encrypt, deny=false
          hits=777, user_data=0x4c2e4, cs_id=0x0, reverse, flags=0x0, protocol=0
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=172.16.10.1, mask=255.255.255.255, port=0, dscp=0x0
  Phase: 10
  Type: FLOW-CREATION
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  New flow created with id 102356, packet dispatched to next module
  Module information for forward flow ...
  snp_fp_tracer_drop
  snp_fp_inspect_ip_options
  snp_fp_inspect_icmp
  snp_fp_dbg_icmp
  snp_fp_adjacency
  snp_fp_encrypt
  snp_fp_fragment
  snp_ifc_stat
  Module information for reverse flow ...
  Result:
  input-interface: inside
  input-status: up
  input-line-status: up
  output-interface: outside
  output-status: up
  output-line-status: up
  Action: allow

  Hi Alan,
  Please make the following changes:
  access-list VPN_SPLIT_ACL remark :
  access-list VPN_SPLIT_ACL remark : Add Routes for these networks to the VPN clients
  access-list VPN_SPLIT_ACL remark :
  access-list VPN_SPLIT_ACL  permit  10.10.0.0 255.255.0.0
  access-list VPN_SPLIT_ACL  permit  10.20.0.0 255.255.0.0
  access-list VPN_SPLIT_ACL  permit  10.30.0.0 255.255.0.0
  access-list VPN_SPLIT_ACL  permit  10.40.0.0 255.255.0.0
  access-list VPN_SPLIT_ACL  permit  10.3.0.0 255.255.255.0
  group-policy VPN-POLICY attributes
       split-tunnel-network-list value VPN_SPLIT_ACL
  crypto isakmp nat-traversal 30
  capture capin interface inside match ip 10.10.0.0 255.255.0.0 172.16.10.0 255.255.255.0
  Then connect and try to ping any IP within the 10.10.0.0 /16 range.
  Once done, issue:
  show capture capin
  HTH.
  Portu.
  Please rate any helpful posts

• Remote Management of Hyper-V Across One-Way Trust

  In order to abstract our hardware from the platform, we would like to virtualize all of our physical machines, installing Hyper-V server and just running one VM on Hyper-V. We hope this will allow us to quickly migrate machines that currently cannot be on
  our virtual environment for whatever reason.
  We set up a management domain for all of the Hyper-V servers separate from our main domain. A one way trust was established between the main domain and the management domain, with the management domain trusting the main domain. On the management domain,
  we created a domain local group, called Management Domain Admins, which contains the foreign security principals from the main domain. The Management Domain Admins group is added to the Hyper-V built in Administrators group.
  Now here is the problem, from a workstation in the main domain, we can manage every part of that server except for adding a virtual hard disk. We can manage the firewall, we can look through the event log, we can create virtual machines and connect them
  to existing virtual hard disks, but we cannot create a virtual hard disk. The log returns:
  The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
  We disabled the firewall on both the workstation and the server with the same result. Using a workstation WITHIN the management domain, logging in with an account from the main domain, we can create a virtual hard disk. We have also tried enabling anonymous
  DCOM and adding the Hyper-V server to the Trusted Hosts list in WinRM to no avail. Also, using inline authentication, we can create virtual hard disks on the server BEFORE adding it to the domain. But as soon as it's added to the domain, we can no longer create
  hard disks.
  Appreciate any insight!

  I hope it isn't the trust and it's something dumb I forgot to set. I checked again and "cscript .\hvremote.wsf /anondcom:grant" returns "INFO: Nothing to do - ANONYMOUS LOGON already has remote access"
  Thanks!
  The event is generate from DCOM, 10028
  DCOM was unable to communicate with the computer <myserver> using any of the configured protocols; requested by PID      a34 (C:\Windows\system32\mmc.exe).
  The full trace is:
  2013-07-24 07:59:24.988 [15] USER_ACTION_INITIATED Wizards NewVirtualHardDiskWizard:CreateVirtualHardDiskOnBackgroundThread() Creating new virtual hard disk ...
  2013-07-24 07:59:24.997 [15] USER_ACTION_INITIATED VirtMan ImageManagementServiceView:BeginCreateVirtualHardDisk() Starting creating dynamic virtual hard disk 'D:\Hyper-V\Virtual Hard Disks\test.vhdx' (size = '136365211648')
  2013-07-24 07:59:26.645 [15] ERROR Wizards VMWizardForm:PerformWizardActionInternal() Failed to perform wizard action!
      The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
         at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
     at System.Management.ManagementScope.InitializeGuts(Object o)
     at System.Management.ManagementScope.Initialize()
     at System.Management.ManagementObject.Initialize(Boolean getObject)
     at System.Management.ManagementBaseObject.get_wbemObject()
     at System.Management.ManagementClass.CreateInstance()
     at Microsoft.Virtualization.Client.Management.VirtualHardDiskSettingData.GetVirtualHardDiskSettingDataEmbeddedInstance(String serverName, String namespacePath)
     at Microsoft.Virtualization.Client.Management.ImageManagementServiceView.BeginCreateVirtualHardDisk(VirtualHardDiskType type, VirtualHardDiskFormat format, String path, String parentPath, Int64 maxInternalSize)
     at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.CreateVirtualHardDiskOnBackgroundThread(Server server, VirtualHardDiskFormat hardDiskFormat, VirtualHardDiskType hardDiskType, String filePath, ConfigurationInfo configBase)
     at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.PerformWizardAction(Object stateObj)
     at Microsoft.Virtualization.Client.Wizards.VMWizardForm.PerformWizardActionInternal(Object stateObj)
  2013-07-24 07:59:26.754 [16] ERROR Wizards VMWizardForm:WizardActionFailed() Wizard action failed!
      The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
         at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
     at System.Management.ManagementScope.InitializeGuts(Object o)
     at System.Management.ManagementScope.Initialize()
     at System.Management.ManagementObject.Initialize(Boolean getObject)
     at System.Management.ManagementBaseObject.get_wbemObject()
     at System.Management.ManagementClass.CreateInstance()
     at Microsoft.Virtualization.Client.Management.VirtualHardDiskSettingData.GetVirtualHardDiskSettingDataEmbeddedInstance(String serverName, String namespacePath)
     at Microsoft.Virtualization.Client.Management.ImageManagementServiceView.BeginCreateVirtualHardDisk(VirtualHardDiskType type, VirtualHardDiskFormat format, String path, String parentPath, Int64 maxInternalSize)
     at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.CreateVirtualHardDiskOnBackgroundThread(Server server, VirtualHardDiskFormat hardDiskFormat, VirtualHardDiskType hardDiskType, String filePath, ConfigurationInfo configBase)
     at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.PerformWizardAction(Object stateObj)
     at Microsoft.Virtualization.Client.Wizards.VMWizardForm.PerformWizardActionInternal(Object stateObj)
  2013-07-24 07:59:26.755 [16] ERROR Client InformationDisplayer:GetErrorInformationFromException() Application encountered a non-VirtMan exception! Not going to display non-localized message to user.
  2013-07-24 07:59:26.756 [16] ERROR Client UnhandledExceptionHandler:HandleThreadExceptionInternal() Application encountered an unexpected exception!
      The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
         at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
     at System.Management.ManagementScope.InitializeGuts(Object o)
     at System.Management.ManagementScope.Initialize()
     at System.Management.ManagementObject.Initialize(Boolean getObject)
     at System.Management.ManagementBaseObject.get_wbemObject()
     at System.Management.ManagementClass.CreateInstance()
     at Microsoft.Virtualization.Client.Management.VirtualHardDiskSettingData.GetVirtualHardDiskSettingDataEmbeddedInstance(String serverName, String namespacePath)
     at Microsoft.Virtualization.Client.Management.ImageManagementServiceView.BeginCreateVirtualHardDisk(VirtualHardDiskType type, VirtualHardDiskFormat format, String path, String parentPath, Int64 maxInternalSize)
     at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.CreateVirtualHardDiskOnBackgroundThread(Server server, VirtualHardDiskFormat hardDiskFormat, VirtualHardDiskType hardDiskType, String filePath, ConfigurationInfo configBase)
     at Microsoft.Virtualization.Client.Wizards.NewVhd.NewVirtualHardDiskWizard.PerformWizardAction(Object stateObj)
     at Microsoft.Virtualization.Client.Wizards.VMWizardForm.PerformWizardActionInternal(Object stateObj)

• One-way video chat failure

  How do I set up one way video chat between iChatAV and AIM Pro on a PC?
  I'm using the Mac and iChat, and my buddy is using AIM Pro on Microsoft Windows. I'm the one with the camera (which is the built-in one on my MacBook).
  No Camera on the PC but starting on the PC end and then using the Buddy List menu items to start a Video chat to the Mac with a camera. I've never had video success at all, so even starting on the PC end wouldn't work.
  I'm pretty good at understanding how to get around a computer, but the data information is very confusing. So the log reports make no sense to me.
  but here is the information on my computer, because i have concluded that the problem is on my side of the connection. I also have wireless internet, my buddy i do believe is connected via cable.
  Model Name: Mac
  Model Identifier: MacBook2,1
  Processor Name: Intel Core 2 Duo
  Processor Speed: 2.16 GHz
  Number Of Processors: 1
  Total Number Of Cores: 2
  L2 Cache (per processor): 4 MB
  Memory: 2 GB
  Bus Speed: 667 MHz
  Boot ROM Version: MB21.00A5.B06
  SMC Version: 1.17f0
  Serial Number: W87222RAYA8
  Sudden Motion Sensor:
  State: Enabled
  My Airport ID: 00:1b:63:c2:bb:e6
  My Ethernet ID: 00:1b:63:2e:1e:c8
  AirPort Card Information:
  Wireless Card Type: AirPort Extreme (0x168C, 0x87)
  Wireless Card Locale: USA
  Wireless Card Firmware Version: 1.0.47
  Current Wireless Network: linksys
  Wireless Channel: 6
  My iChat version: 3.1.8 (v445)
  iChat:
  Version: 3.1.8
  Last Modified: 4/28/07 2:34 AM
  Kind: Universal
  Get Info String: iChat 3.1.8, Copyright © 2000-2007 Apple Inc. All Rights Reserved.
  Location: /Applications/iChat.app
  server: login.oscar.aol.com
  port: 5190
  Built-in iSight:
  Version: 1.84
  Bus Power (mA): 500
  Speed: Up to 480 Mb/sec
  Manufacturer: Micron
  Product ID: 0x8501
  Vendor ID: 0x05ac (Apple Computer, Inc.)
  Built-in FireWire:
  Type: FireWire
  Hardware: FireWire
  BSD Device Name: fw0
  IPv4:
  Configuration Method: DHCP
  IPv6:
  Configuration Method: Automatic
  Proxies:
  Proxy Configuration Method: Manual
  ExcludeSimpleHostnames: 0
  FTP Passive Mode: Yes
  Auto Discovery Enabled: No
  Ethernet:
  MAC Address: 00:1b:63:ff:fe:6e:bc:ea
  Media Options: Full Duplex
  Media Subtype: autoselect
  Intel GMA 950:
  Chipset Model: GMA 950
  Type: Display
  Bus: Built-In
  VRAM (Total): 64 MB of shared system memory
  Vendor: Intel (0x8086)
  Device ID: 0x27a2
  Revision ID: 0x0003
  Displays:
  Color LCD:
  Display Type: LCD
  Resolution: 1280 x 800
  Depth: 32-bit Color
  Built-In: Yes
  Core Image: Supported
  Main Display: Yes
  Mirror: Off
  Online: Yes
  Quartz Extreme: Supported
  Display:
  Status: No display connected
  and here is an error log:
  Chat ended with error -22
  2007-06-19 01:52:39 -0400: There is insufficient bandwidth to maintain the conference.
  The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference. If this setting is incorrect, you can change it by going to the QuickTime System Preference and choosing the “Connection” tab.
  Chat ended with error -22
  Chat ended with error -22
  2007-06-19 21:00:23 -0400: There is insufficient bandwidth to maintain the conference.
  The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference. If this setting is incorrect, you can change it by going to the QuickTime System Preference and choosing the “Connection” tab.
  Chat ended with error -22
  Chat ended with error -22
  2007-06-19 21:02:46 -0400: There is insufficient bandwidth to maintain the conference.
  The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference. If this setting is incorrect, you can change it by going to the QuickTime System Preference and choosing the “Connection” tab.
  Chat ended with error -22
  Chat ended with error -22
  and another error log:
  Date/Time: 2007-06-19 22:29:26.891 -0400
  OS Version: 10.4.9 (Build 8P4112)
  Report Version: 4
  iChat Connection Log:
  AVChat started with ID 1164043861.
  theactedguitar: State change from AVChatNoState to AVChatStateWaiting.
  0x1c11f270: State change from AVChatNoState to AVChatStateInvited.
  0x1c11f270: State change from AVChatStateInvited to AVChatStateConnecting.
  theactedguitar: State change from AVChatStateWaiting to AVChatStateConnecting.
  0x1c11f270: State change from AVChatStateConnecting to AVChatStateConnected.
  theactedguitar: State change from AVChatStateConnecting to AVChatStateConnected.
  0x1c11f270: State change from AVChatStateConnected to AVChatStateEnded.
  2007-06-19 22:29:22 -0400: Participant 0x1c11f270: VC connection failed.The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference.Detected 0 kbps upstream and 0 kbps downstream bandwidth; 50 kbps required.
  Chat ended with error -22
  theactedguitar: State change from AVChatStateConnected to AVChatStateEnded.
  Chat ended with error -22
  Video Conference Error Report:
  @:0 type=4 (00000000/22)
  [VCBANDWIDTH_DETECTIONFAILURE]
  [20]
  @SIP/Transport.c:121 type=4 (00000000/0)
  [OPTIONS sip:[email protected] SIP/2.0
  From: <sip:[email protected]:5061>;tag=1c25233
  To: sip:[email protected]:5060;tag=2104987787
  Call-Id: s20020f0fd8c5c045
  Cseq: 28209 OPTIONS
  Contact: <sip:[email protected]:5061>
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Supported: replaces
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-0957b002002c;rport
  Content-Length: 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  [ACK sip:[email protected] SIP/2.0
  Contact: <sip:[email protected]:5061>
  From: <sip:[email protected]:5061>;tag=1c25233
  To: <sip:[email protected]>;tag=2104987787
  Call-Id: s20020f0fd8c5c045
  Cseq: 28208 ACK
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
  Content-Length: 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  [ACK sip:[email protected] SIP/2.0
  Contact: <sip:[email protected]:5061>
  From: <sip:[email protected]:5061>;tag=1c25233
  To: <sip:[email protected]>;tag=2104987787
  Call-Id: s20020f0fd8c5c045
  Cseq: 28208 ACK
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
  Content-Length: 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  [INVITE sip:[email protected]:5060 SIP/2.0
  From: <sip:[email protected]:5061>;tag=1c25233
  To: sip:[email protected]:5060
  Call-Id: s20020f0fd8c5c045
  Cseq: 28208 INVITE
  Contact: <sip:[email protected]:5061>
  Content-Type: application/sdp
  Content-Length: 548
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Supported: replaces
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204;rport
  [v=0
  o=sipX 5 5 IN IP4 uen0.0
  s=call
  c=IN IP4 uen0.0
  t=0 0
  m=audio 16384 RTP/AVP 96 97 98 99 0 8 100 3 101 4
  a=rtpmap:96 isac/16000/1
  a=rtpmap:97 isaclc/16000/1
  a=rtpmap:98 eg711u/8000/1
  a=rtpmap:99 eg711a/8000/1
  a=rtpmap:0 pcmu/8000/1
  a=rtpmap:8 pcma/8000/1
  a=rtpmap:100 ilbc/8000/1
  a=fmtp:100 mode=30
  a=rtpmap:3 gsm/8000/1
  a=rtpmap:101 telephone-event/8000/1
  a=rtpmap:4 g723/8000/1
  m=video 16386 RTP/AVP 102 34
  a=rtpmap:102 vp71/90000/1
  a=fmtp:102 size:QCIF/SQCIF
  a=rtpmap:34 h263/90000/1
  a=fmtp:34 imagesize 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  [OPTIONS sip:m.0 SIP/2.0
  From: sip:uen0.0:5061;tag=2285325336
  To: sip:m.0
  Call-Id: 118230657112798-ping-uen0.0
  Cseq: 2529 OPTIONS
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Contact: sip:uen0.0:5061
  Via: SIP/2.0/UDP uen0.0:5061;rport
  Content-Length: 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  Video Conference Support Report:
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-0957b002002c
  To: <sip:[email protected]>;tag=2104987787
  From: <sip:[email protected]:5061>;tag=1c25233
  Call-ID: s20020f0fd8c5c045
  CSeq: 28209 OPTIONS
  Contact: <sip:[email protected]>;isfocus
  Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
  Allow-Events: conference, refer
  Accept: application/sdp, message/sipfrag, application/conference-info+xml
  User-Agent: Viceroy 1.2
  Content-Length: 0
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
  To: <sip:[email protected]>;tag=2104987787
  From: <sip:[email protected]:5061>;tag=1c25233
  Call-ID: s20020f0fd8c5c045
  CSeq: 28208 INVITE
  Contact: <sip:[email protected]>;isfocus
  User-Agent: Viceroy 1.2
  Content-Type: application/sdp
  Content-Length: 411
  v=0
  o=Liz 0 0 IN IP4 m.0
  s=call
  c=IN IP4 m.0
  b=AS:2147483647
  t=0 0
  a=hwi:1028:2:2160
  a=bandwidthDetection:NO
  a=iChatEncryption:NO
  m=audio 16386 RTP/AVP 3
  a=rtcp:16387
  a=rtpmap:3 GSM/8000
  a=rtpID:1578979932
  m=video 16384 RTP/AVP 34
  a=rtcp:16387
  a=RTCP:AUDIO 16387 VIDEO 16385
  a=rtpmap:34 H263/90000
  a=fmtp:34 imagesize 0 rules 10:176:144
  a=framerate:10
  a=rtpID:1797079687
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
  To: <sip:[email protected]>;tag=2104987787
  From: <sip:[email protected]:5061>;tag=1c25233
  Call-ID: s20020f0fd8c5c045
  CSeq: 28208 INVITE
  Contact: <sip:[email protected]>;isfocus
  User-Agent: Viceroy 1.2
  Content-Type: application/sdp
  Content-Length: 411
  v=0
  o=Liz 0 0 IN IP4 m.0
  s=call
  c=IN IP4 m.0
  b=AS:2147483647
  t=0 0
  a=hwi:1028:2:2160
  a=bandwidthDetection:NO
  a=iChatEncryption:NO
  m=audio 16386 RTP/AVP 3
  a=rtcp:16387
  a=rtpmap:3 GSM/8000
  a=rtpID:1578979932
  m=video 16384 RTP/AVP 34
  a=rtcp:16387
  a=RTCP:AUDIO 16387 VIDEO 16385
  a=rtpmap:34 H263/90000
  a=fmtp:34 imagesize 0 rules 10:176:144
  a=framerate:10
  a=rtpID:1797079687
  @:0 type=2 (00000000/0)
  [VCVIDEO_INCOMINGATTEMPT]
  [3]
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 180 Ringing
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
  To: <sip:[email protected]>;tag=2104987787
  From: <sip:[email protected]:5061>;tag=1c25233
  Call-ID: s20020f0fd8c5c045
  CSeq: 28208 INVITE
  Contact: <sip:[email protected]>;isfocus
  User-Agent: Viceroy 1.2
  Content-Length: 0
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 100 Trying
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-ee65cb024204
  To: <sip:[email protected]>
  From: <sip:[email protected]:5061>;tag=1c25233
  Call-ID: s20020f0fd8c5c045
  CSeq: 28208 INVITE
  User-Agent: Viceroy 1.2
  Content-Length: 0
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.0:5061
  To: <sip:m.0>;tag=700186355
  From: <sip:uen0.0:5061>;tag=2285325336
  Call-ID: 118230657112798-ping-uen0.0
  CSeq: 2529 OPTIONS
  Contact: <sip:[email protected]>;isfocus
  Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
  Allow-Events: conference, refer
  Accept: application/sdp, message/sipfrag, application/conference-info+xml
  User-Agent: Viceroy 1.2
  Content-Length: 0
  Video Conference User Report:
  Binary Images Description for "iChat":
  0x1000 - 0x17dfff com.apple.iChat 3.1.8 (445) /Applications/iChat.app/Contents/MacOS/iChat
  0x67e000 - 0x67efff com.apple.osax.digihub 1.0 /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/MacOS/Digital Hub Scripting
  0x6bc000 - 0x6e8fff com.apple.osax.standardadditions 1.10.7 (???) /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/Standa rdAdditions
  0x15b64000 - 0x15b6dfff com.apple.IOFWDVComponents 1.9.0 /System/Library/Components/IOFWDVComponents.component/Contents/MacOS/IOFWDVComp onents
  0x15b82000 - 0x15b87fff com.apple.audio.AppleHDAHALPlugIn 1.2.9 (1.2.9a4) /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAHALPlugIn.bun dle/Contents/MacOS/AppleHDAHALPlugIn
  0x15bac000 - 0x15be8fff com.apple.QuickTimeFireWireDV.component 7.1.6 /System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/QuickTim eFireWireDV
  0x15bf4000 - 0x15c24fff com.apple.QuickTimeIIDCDigitizer 7.1.6 /System/Library/QuickTime/QuickTimeIIDCDigitizer.component/Contents/MacOS/Quick TimeIIDCDigitizer
  0x15c2e000 - 0x15c6afff com.apple.QuickTimeUSBVDCDigitizer 1.7.5 /System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/Contents/MacOS/Qui ckTimeUSBVDCDigitizer
  0x15c8e000 - 0x15de7fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Resources/GLEngine.bundle/GLEngine
  0x15e13000 - 0x15e6cfff com.apple.driver.AppleIntelGMA950GLDriver 1.4.52 (4.5.2) /System/Library/Extensions/AppleIntelGMA950GLDriver.bundle/Contents/MacOS/Apple IntelGMA950GLDriver
  0x15e73000 - 0x15e8ffff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLDriver.bundl e/GLDriver
  0x15e96000 - 0x15ebafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLRendererFloa t.bundle/GLRendererFloat
  0x161b4000 - 0x161b7fff com.apple.audio.AudioIPCPlugIn 1.0.2 /System/Library/Extensions/AudioIPCDriver.kext/Contents/Resources/AudioIPCPlugI n.bundle/Contents/MacOS/AudioIPCPlugIn
  0x161d3000 - 0x161fdfff com.apple.audio.SoundManager.Components 3.9.2 /System/Library/Components/SoundManagerComponents.component/Contents/MacOS/Soun dManagerComponents
  0x167e4000 - 0x167e4fff com.apple.SpotLightCM 1.0 (121.36) /System/Library/Contextual Menu Items/SpotlightCM.plugin/Contents/MacOS/SpotlightCM
  0x17319000 - 0x1731bfff com.apple.AutomatorCMM 1.0.1 (87) /System/Library/Contextual Menu Items/AutomatorCMM.plugin/Contents/MacOS/AutomatorCMM
  0x1733f000 - 0x17342fff com.apple.iokit.IOQTComponents 1.4 /System/Library/Components/IOQTComponents.component/Contents/MacOS/IOQTComponen ts
  0x17558000 - 0x17571fff com.apple.AppleIntermediateCodec 1.1 (141) /Library/QuickTime/AppleIntermediateCodec.component/Contents/MacOS/AppleInterme diateCodec
  0x17576000 - 0x1758ffff com.apple.applepixletvideo 1.2.9 (1.2d9) /System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixlet Video
  0x176cd000 - 0x176d8fff com.apple.airport.diskmenu 1.1 (110.18) /System/Library/Contextual Menu Items/AirPort Disk Menu.plugin/Contents/MacOS/AirPort Disk Menu
  0x176dd000 - 0x176e1fff com.apple.FolderActionsMenu 1.3.1 /System/Library/Contextual Menu Items/FolderActionsMenu.plugin/Contents/MacOS/FolderActionsMenu
  0x70000000 - 0x700fbfff com.apple.audio.units.Components 1.4.5 /System/Library/Components/CoreAudio.component/Contents/MacOS/CoreAudio
  0x8fe00000 - 0x8fe4afff dyld /usr/lib/dyld
  0x90000000 - 0x90170fff libSystem.B.dylib /usr/lib/libSystem.B.dylib
  0x901c0000 - 0x901c2fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib
  0x901c4000 - 0x90201fff com.apple.CoreText 1.1.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreText.framework/Versions/A/CoreText
  0x90228000 - 0x902fefff com.apple.ApplicationServices.ATS 2.0.6 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/ATS
  0x9031e000 - 0x90773fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/CoreGraphics
  0x9080a000 - 0x908d2fff com.apple.CoreFoundation 6.4.7 (368.28) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
  0x90910000 - 0x90910fff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
  0x90912000 - 0x90a05fff libicucore.A.dylib /usr/lib/libicucore.A.dylib
  0x90a55000 - 0x90ad4fff libobjc.A.dylib /usr/lib/libobjc.A.dylib
  0x90afd000 - 0x90b61fff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib
  0x90bd0000 - 0x90bd7fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib
  0x90bdc000 - 0x90c4ffff com.apple.framework.IOKit 1.4.6 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
  0x90c64000 - 0x90c76fff libauto.dylib /usr/lib/libauto.dylib
  0x90c7c000 - 0x90f22fff com.apple.CoreServices.CarbonCore 682.23 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonC ore.framework/Versions/A/CarbonCore
  0x90f65000 - 0x90fcdfff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServi ces.framework/Versions/A/OSServices
  0x91006000 - 0x91044fff com.apple.CFNetwork 129.20 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwo rk.framework/Versions/A/CFNetwork
  0x91057000 - 0x91067fff com.apple.WebServices 1.1.3 (1.1.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServ icesCore.framework/Versions/A/WebServicesCore
  0x91072000 - 0x910f1fff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchK it.framework/Versions/A/SearchKit
  0x9112b000 - 0x91149fff com.apple.Metadata 10.4.4 (121.36) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Metadata
  0x91155000 - 0x91163fff libz.1.dylib /usr/lib/libz.1.dylib
  0x91166000 - 0x91305fff com.apple.security 4.5.2 (29774) /System/Library/Frameworks/Security.framework/Versions/A/Security
  0x91403000 - 0x9140bfff com.apple.DiskArbitration 2.1.1 /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
  0x91412000 - 0x91419fff libbsm.dylib /usr/lib/libbsm.dylib
  0x9141d000 - 0x91443fff com.apple.SystemConfiguration 1.8.6 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
  0x91455000 - 0x914cbfff com.apple.audio.CoreAudio 3.0.4 /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
  0x9151c000 - 0x9151cfff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Application Services
  0x9151e000 - 0x9154afff com.apple.AE 314 (313) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ AE.framework/Versions/A/AE
  0x9155d000 - 0x91631fff com.apple.ColorSync 4.4.9 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ColorSync.framework/Versions/A/ColorSync
  0x9166c000 - 0x916dffff com.apple.print.framework.PrintCore 4.6 (177.13) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ PrintCore.framework/Versions/A/PrintCore
  0x9170d000 - 0x917b6fff com.apple.QD 3.10.24 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ QD.framework/Versions/A/QD
  0x917dc000 - 0x91827fff com.apple.HIServices 1.5.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ HIServices.framework/Versions/A/HIServices
  0x91846000 - 0x9185cfff com.apple.LangAnalysis 1.6.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LangAnalysis.framework/Versions/A/LangAnalysis
  0x91868000 - 0x91883fff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ FindByContent.framework/Versions/A/FindByContent
  0x9188e000 - 0x918cbfff com.apple.LaunchServices 182 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LaunchServices.framework/Versions/A/LaunchServices
  0x918df000 - 0x918ebfff com.apple.speech.synthesis.framework 3.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesis
  0x918f2000 - 0x91931fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/ImageIO
  0x91944000 - 0x919f6fff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib
  0x91a3c000 - 0x91a52fff libcups.2.dylib /usr/lib/libcups.2.dylib
  0x91a57000 - 0x91a75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJPEG.dylib
  0x91a7a000 - 0x91ad9fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJP2.dylib
  0x91aeb000 - 0x91aeffff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libGIF.dylib
  0x91af1000 - 0x91b75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRaw.dylib
  0x91b79000 - 0x91bb6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libTIFF.dylib
  0x91bbc000 - 0x91bd6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libPng.dylib
  0x91bdb000 - 0x91bddfff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRadiance.dylib
  0x91bdf000 - 0x91cbdfff libxml2.2.dylib /usr/lib/libxml2.2.dylib
  0x91cda000 - 0x91cdafff com.apple.Accelerate 1.3.1 (Accelerate 1.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
  0x91cdc000 - 0x91d6afff com.apple.vImage 2.5 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.fr amework/Versions/A/vImage
  0x91d71000 - 0x91d71fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/vecLib
  0x91d73000 - 0x91dccfff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvMisc.dylib
  0x91dd5000 - 0x91df9fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvDSP.dylib
  0x91e01000 - 0x9220afff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libBLAS.dylib
  0x92244000 - 0x925f8fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libLAPACK.dylib
  0x92625000 - 0x92712fff libiconv.2.dylib /usr/lib/libiconv.2.dylib
  0x92714000 - 0x92791fff com.apple.DesktopServices 1.3.6 /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/Desk topServicesPriv
  0x927d2000 - 0x92a02fff com.apple.Foundation 6.4.8 (567.29) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
  0x92b0e000 - 0x92b18fff com.apple.framework.AppleTalk 1.2.0 (???) /System/Library/Frameworks/AppleTalk.framework/Versions/A/AppleTalk
  0x92b1c000 - 0x92b33fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
  0x92b3e000 - 0x92b96fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
  0x92baa000 - 0x92baafff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
  0x92bac000 - 0x92bbcfff com.apple.ImageCapture 3.0.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture. framework/Versions/A/ImageCapture
  0x92bcb000 - 0x92bd3fff com.apple.speech.recognition.framework 3.6 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecogni tion.framework/Versions/A/SpeechRecognition
  0x92bd9000 - 0x92bdffff com.apple.securityhi 2.0.1 (24742) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.fr amework/Versions/A/SecurityHI
  0x92be5000 - 0x92c76fff com.apple.ink.framework 101.2.1 (71) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework /Versions/A/Ink
  0x92c8a000 - 0x92c8efff com.apple.help 1.0.3 (32.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framewor k/Versions/A/Help
  0x92c91000 - 0x92caffff com.apple.openscripting 1.2.5 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting .framework/Versions/A/OpenScripting
  0x92cc1000 - 0x92cc7fff com.apple.print.framework.Print 5.2 (192.4) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framewo rk/Versions/A/Print
  0x92ccd000 - 0x92d30fff com.apple.htmlrendering 66.1 (1.1.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering .framework/Versions/A/HTMLRendering
  0x92d57000 - 0x92d98fff com.apple.NavigationServices 3.4.4 (3.4.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationSer vices.framework/Versions/A/NavigationServices
  0x92dbf000 - 0x92dcdfff com.apple.audio.SoundManager 3.9.1 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.f ramework/Versions/A/CarbonSound
  0x92dd4000 - 0x92dd9fff com.apple.CommonPanels 1.2.3 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels. framework/Versions/A/CommonPanels
  0x92dde000 - 0x930d3fff com.apple.HIToolbox 1.4.9 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.fra mework/Versions/A/HIToolbox
  0x931d9000 - 0x931e4fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
  0x931e9000 - 0x93204fff com.apple.DirectoryService.Framework 3.3 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryServi ce
  0x93254000 - 0x93254fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
  0x93256000 - 0x9390cfff com.apple.AppKit 6.4.8 (824.42) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
  0x93c8d000 - 0x93d08fff com.apple.CoreData 91 (92.1) /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
  0x93d41000 - 0x93dfbfff com.apple.audio.toolbox.AudioToolbox 1.4.5 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
  0x93e3e000 - 0x93e3efff com.apple.audio.units.AudioUnit 1.4.3 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
  0x93e40000 - 0x94001fff com.apple.QuartzCore 1.4.12 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
  0x94047000 - 0x94088fff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib
  0x94090000 - 0x940cafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dyl ib
  0x940cf000 - 0x940e5fff com.apple.CoreVideo 1.4 /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
  0x9412b000 - 0x94173fff com.apple.bom 8.5 (86.3) /System/Library/PrivateFrameworks/Bom.framework/Versions/A/Bom
  0x9417d000 - 0x941bbfff com.apple.vmutils 4.0.2 (93.1) /System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils
  0x941ff000 - 0x94210fff com.apple.securityfoundation 2.2.1 (28150) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoun dation
  0x9421e000 - 0x9425cfff com.apple.securityinterface 2.2.1 (27695) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInter face
  0x94278000 - 0x94287fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
  0x9428e000 - 0x94299fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
  0x942e5000 - 0x942fffff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
  0x94305000 - 0x94604fff com.apple.QuickTime 7.1.6 /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime
  0x94786000 - 0x948ccfff com.apple.AddressBook.framework 4.0.4 (485.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
  0x94958000 - 0x94967fff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWra ppers
  0x9496e000 - 0x94997fff com.apple.LDAPFramework 1.4.2 (69.1.1) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
  0x9499d000 - 0x949acfff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib
  0x949b0000 - 0x949d5fff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib
  0x949e1000 - 0x949fefff libresolv.9.dylib /usr/lib/libresolv.9.dylib
  0x94a05000 - 0x94a6bfff com.apple.Bluetooth 1.7.14 (1.7.14f14) /System/Library/Frameworks/IOBluetooth.framework/Versions/A/IOBluetooth
  0x94baa000 - 0x94c82fff edu.mit.Kerberos 5.5.24 /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
  0x94d2a000 - 0x94dbcfff com.apple.WebKit 419 /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit
  0x94e16000 - 0x94e98fff com.apple.JavaScriptCore 418.3 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/JavaScriptCor e.framework/Versions/A/JavaScriptCore
  0x94ed1000 - 0x951b0fff com.apple.WebCore 418.21 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.frame work/Versions/A/WebCore
  0x9532f000 - 0x95352fff libxslt.1.dylib /usr/lib/libxslt.1.dylib
  0x955c8000 - 0x955ccfff com.apple.URLMount 2.1.7 /System/Library/PrivateFrameworks/URLMount.framework/Versions/A/URLMount
  0x95ac1000 - 0x95ac2fff libCyrillicConverter.dylib /System/Library/CoreServices/Encodings/libCyrillicConverter.dylib
  0x95ac4000 - 0x95ac5fff libGreekConverter.dylib /System/Library/CoreServices/Encodings/libGreekConverter.dylib
  0x95ac9000 - 0x95adffff libJapaneseConverter.dylib /System/Library/CoreServices/Encodings/libJapaneseConverter.dylib
  0x95ae1000 - 0x95b02fff libKoreanConverter.dylib /System/Library/CoreServices/Encodings/libKoreanConverter.dylib
  0x95b0f000 - 0x95b1dfff libSimplifiedChineseConverter.dylib /System/Library/CoreServices/Encodings/libSimplifiedChineseConverter.dylib
  0x95b22000 - 0x95b23fff libThaiConverter.dylib /System/Library/CoreServices/Encodings/libThaiConverter.dylib
  0x95b25000 - 0x95b37fff libTraditionalChineseConverter.dylib /System/Library/CoreServices/Encodings/libTraditionalChineseConverter.dylib
  0x964da000 - 0x964dafff com.apple.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
  0x969c1000 - 0x969e3fff com.apple.speech.LatentSemanticMappingFramework 2.5 /System/Library/PrivateFrameworks/LatentSemanticMapping.framework/Versions/A/La tentSemanticMapping
  0x96a54000 - 0x96b2bfff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgramma bility.dylib
  0x96b46000 - 0x96b47fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLSystem.dy lib
  0x96b49000 - 0x96b4efff com.apple.agl 2.5.9 (AGL-2.5.9) /System/Library/Frameworks/AGL.framework/Versions/A/AGL
  0x96ca5000 - 0x96ca5fff com.apple.MonitorPanelFramework 1.1.1 /System/Library/PrivateFrameworks/MonitorPanel.framework/Versions/A/MonitorPane l
  0x96e5f000 - 0x96e73fff com.apple.AppleShareClient 1.5.2 /System/Library/Frameworks/AppleShareClient.framework/Versions/A/AppleShareClie nt
  0x96e7c000 - 0x96ebbfff com.apple.AppleShareClientCore 1.5.2 /System/Library/Frameworks/AppleShareClientCore.framework/Versions/A/AppleShare ClientCore
  0x97407000 - 0x974f0fff com.apple.viceroy.framework 278.3.10 /System/Library/PrivateFrameworks/VideoConference.framework/Versions/A/VideoCon ference
  0x97c34000 - 0x97c36fff com.apple.DisplayServicesFW 1.8.2 /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayS ervices
  0x97e63000 - 0x98b38fff com.apple.QuickTimeComponents.component 7.1.6 /System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/QuickTim eComponents
  0x98d84000 - 0x98d86fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264
  0x98d88000 - 0x98f30fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/Resources/QuickTimeH 264.scalar
  0x98fa0000 - 0x99063fff com.apple.QuickTimeMPEG4.component 7.1.6 /System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG 4
  0x994fa000 - 0x99505fff com.apple.IMFramework 3.1.4 (429) /System/Library/Frameworks/InstantMessage.framework/Versions/A/InstantMessage
  0x9950f000 - 0x9967bfff com.apple.MessageFramework 2.1.1 (752.3) /System/Library/Frameworks/Message.framework/Versions/B/Message

  Date/Time: 2007-06-19 21:00:38.307 -0400
  OS Version: 10.4.9 (Build 8P4112)
  Report Version: 4
  iChat Connection Log:
  AVChat started with ID 2658061728.
  theactedguitar: State change from AVChatNoState to AVChatStateWaiting.
  0x1c1384f0: State change from AVChatNoState to AVChatStateInvited.
  0x1c1384f0: State change from AVChatStateInvited to AVChatStateConnecting.
  theactedguitar: State change from AVChatStateWaiting to AVChatStateConnecting.
  0x1c1384f0: State change from AVChatStateConnecting to AVChatStateConnected.
  theactedguitar: State change from AVChatStateConnecting to AVChatStateConnected.
  0x1c1384f0: State change from AVChatStateConnected to AVChatStateEnded.
  2007-06-19 21:00:23 -0400: Participant 0x1c1384f0: VC connection failed.The QuickTime Preference for Connection Speed is configured as 0 Kbps, which is too slow for a conference.Detected 0 kbps upstream and 0 kbps downstream bandwidth; 50 kbps required.
  Chat ended with error -22
  theactedguitar: State change from AVChatStateConnected to AVChatStateEnded.
  Chat ended with error -22
  Video Conference Error Report:
  @SIP/Transport.c:121 type=4 (00000000/0)
  [OPTIONS sip:[email protected] SIP/2.0
  From: <sip:[email protected]:5061>;tag=1c9406
  To: sip:[email protected]:5060;tag=1802682038
  Call-Id: s200278131c2a636f
  Cseq: 21740 OPTIONS
  Contact: <sip:[email protected]:5061>
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Supported: replaces
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-e6854b1ff1ac;rport
  Content-Length: 0
  @:0 type=4 (00000000/2)
  [VCBANDWIDTH_DETECTIONFAILURE]
  [20]
  @SIP/Transport.c:121 type=4 (00000000/0)
  [ACK sip:[email protected] SIP/2.0
  Contact: <sip:[email protected]:5061>
  From: <sip:[email protected]:5061>;tag=1c9406
  To: <sip:[email protected]>;tag=1802682038
  Call-Id: s200278131c2a636f
  Cseq: 21739 ACK
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Via: SIP/2.0/UDP uen0.1:5061;branch=z9hG4bK-2c8df72b5983
  Content-Length: 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  [ACK sip:[email protected] SIP/2.0
  Contact: <sip:[email protected]:5061>
  From: <sip:[email protected]:5061>;tag=1c9406
  To: <sip:[email protected]>;tag=1802682038
  Call-Id: s200278131c2a636f
  Cseq: 21739 ACK
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
  Content-Length: 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  [INVITE sip:[email protected]:5060 SIP/2.0
  From: <sip:[email protected]:5061>;tag=1c9406
  To: sip:[email protected]:5060
  Call-Id: s200278131c2a636f
  Cseq: 21739 INVITE
  Content-Type: application/sdp
  Content-Length: 563
  Max-Forwards: 70
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Supported: replaces
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983;rport
  Contact: sip:[email protected]:5061
  [v=0
  o=sipX 5 5 IN IP4 uen0.0
  s=call
  c=IN IP4 uen0.0
  t=0 0
  m=audio 16384 RTP/AVP 96 97 98 99 0 8 100 3 101 4
  a=rtpmap:96 isac/16000/1
  a=rtpmap:97 isaclc/16000/1
  a=rtpmap:98 eg711u/8000/1
  a=rtpmap:99 eg711a/8000/1
  a=rtpmap:0 pcmu/8000/1
  a=rtpmap:8 pcma/8000/1
  a=rtpmap:100 ilbc/8000/1
  a=fmtp:100 mode=30
  a=rtpmap:3 gsm/8000/1
  a=rtpmap:101 telephone-event/8000/1
  a=rtpmap:4 g723/8000/1
  m=video 16386 RTP/AVP 102 34
  a=rtpmap:102 vp71/90000/1
  a=fmtp:102 size:VGA/CIF/QVGA/QCIF/SQCIF
  a=rtpmap:34 h263/90000/1
  a=fmtp:34 imagesize 1
  @SIP/Transport.c:121 type=4 (00000000/0)
  [OPTIONS sip:m.0 SIP/2.0
  From: sip:uen0.1:5061;tag=258066396
  To: sip:m.0
  Call-Id: 11823012313477-ping-uen0.1
  Cseq: 10171 OPTIONS
  User-Agent: COOL/4.6.8.5225 SIPxua/2.9.2.1008 (WinNT)
  Contact: sip:uen0.1:5061
  Via: SIP/2.0/UDP uen0.1:5061;rport
  Content-Length: 0
  @SIP/Transport.c:121 type=4 (00000000/0)
  Video Conference Support Report:
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-e6854b1ff1ac
  To: <sip:[email protected]>;tag=1802682038
  From: <sip:[email protected]:5061>;tag=1c9406
  Call-ID: s200278131c2a636f
  CSeq: 21740 OPTIONS
  Contact: <sip:[email protected]>;isfocus
  Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
  Allow-Events: conference, refer
  Accept: application/sdp, message/sipfrag, application/conference-info+xml
  User-Agent: Viceroy 1.2
  Content-Length: 0
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
  To: <sip:[email protected]>;tag=1802682038
  From: <sip:[email protected]:5061>;tag=1c9406
  Call-ID: s200278131c2a636f
  CSeq: 21739 INVITE
  Contact: <sip:[email protected]>;isfocus
  User-Agent: Viceroy 1.2
  Content-Type: application/sdp
  Content-Length: 412
  v=0
  o=Liz 0 0 IN IP4 m.0
  s=call
  c=IN IP4 m.0
  b=AS:2147483647
  t=0 0
  a=hwi:1028:2:2160
  a=bandwidthDetection:NO
  a=iChatEncryption:NO
  m=audio 16386 RTP/AVP 3
  a=rtcp:16387
  a=rtpmap:3 GSM/8000
  a=rtpID:-360567252
  m=video 16384 RTP/AVP 34
  a=rtcp:16387
  a=RTCP:AUDIO 16387 VIDEO 16385
  a=rtpmap:34 H263/90000
  a=fmtp:34 imagesize 1 rules 10:352:288
  a=framerate:10
  a=rtpID:-1868264839
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
  To: <sip:[email protected]>;tag=1802682038
  From: <sip:[email protected]:5061>;tag=1c9406
  Call-ID: s200278131c2a636f
  CSeq: 21739 INVITE
  Contact: <sip:[email protected]>;isfocus
  User-Agent: Viceroy 1.2
  Content-Type: application/sdp
  Content-Length: 412
  v=0
  o=Liz 0 0 IN IP4 m.0
  s=call
  c=IN IP4 m.0
  b=AS:2147483647
  t=0 0
  a=hwi:1028:2:2160
  a=bandwidthDetection:NO
  a=iChatEncryption:NO
  m=audio 16386 RTP/AVP 3
  a=rtcp:16387
  a=rtpmap:3 GSM/8000
  a=rtpID:-360567252
  m=video 16384 RTP/AVP 34
  a=rtcp:16387
  a=RTCP:AUDIO 16387 VIDEO 16385
  a=rtpmap:34 H263/90000
  a=fmtp:34 imagesize 1 rules 10:352:288
  a=framerate:10
  a=rtpID:-1868264839
  @:0 type=2 (00000000/0)
  [VCVIDEO_INCOMINGATTEMPT]
  [3]
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 180 Ringing
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
  To: <sip:[email protected]>;tag=1802682038
  From: <sip:[email protected]:5061>;tag=1c9406
  Call-ID: s200278131c2a636f
  CSeq: 21739 INVITE
  Contact: <sip:[email protected]>;isfocus
  User-Agent: Viceroy 1.2
  Content-Length: 0
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 100 Trying
  Via: SIP/2.0/UDP uen0.0:5061;branch=z9hG4bK-2c8df72b5983
  To: <sip:[email protected]>
  From: <sip:[email protected]:5061>;tag=1c9406
  Call-ID: s200278131c2a636f
  CSeq: 21739 INVITE
  User-Agent: Viceroy 1.2
  Content-Length: 0
  @SIP/Transport.c:1218 type=1 (00000000/0)
  [SIP/2.0 200 OK
  Via: SIP/2.0/UDP uen0.1:5061;received=uen0.0
  To: <sip:m.0>;tag=1532390844
  From: <sip:uen0.1:5061>;tag=258066396
  Call-ID: 11823012313477-ping-uen0.1
  CSeq: 10171 OPTIONS
  Contact: <sip:[email protected]>;isfocus
  Allow: INVITE, ACK, OPTIONS, BYE, CANCEL, MESSAGE, REFER, SUBSCRIBE, NOTIFY, INFO
  Allow-Events: conference, refer
  Accept: application/sdp, message/sipfrag, application/conference-info+xml
  User-Agent: Viceroy 1.2
  Content-Length: 0
  Video Conference User Report:
  Binary Images Description for "iChat":
  0x1000 - 0x17dfff com.apple.iChat 3.1.8 (445) /Applications/iChat.app/Contents/MacOS/iChat
  0x67e000 - 0x67efff com.apple.osax.digihub 1.0 /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/MacOS/Digital Hub Scripting
  0x6bc000 - 0x6e8fff com.apple.osax.standardadditions 1.10.7 (???) /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/Standa rdAdditions
  0x15b64000 - 0x15b6dfff com.apple.IOFWDVComponents 1.9.0 /System/Library/Components/IOFWDVComponents.component/Contents/MacOS/IOFWDVComp onents
  0x15b82000 - 0x15b87fff com.apple.audio.AppleHDAHALPlugIn 1.2.9 (1.2.9a4) /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAHALPlugIn.bun dle/Contents/MacOS/AppleHDAHALPlugIn
  0x15bac000 - 0x15be8fff com.apple.QuickTimeFireWireDV.component 7.1.6 /System/Library/QuickTime/QuickTimeFireWireDV.component/Contents/MacOS/QuickTim eFireWireDV
  0x15bf4000 - 0x15c24fff com.apple.QuickTimeIIDCDigitizer 7.1.6 /System/Library/QuickTime/QuickTimeIIDCDigitizer.component/Contents/MacOS/Quick TimeIIDCDigitizer
  0x15c2e000 - 0x15c6afff com.apple.QuickTimeUSBVDCDigitizer 1.7.5 /System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/Contents/MacOS/Qui ckTimeUSBVDCDigitizer
  0x15c8e000 - 0x15de7fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Resources/GLEngine.bundle/GLEngine
  0x15e13000 - 0x15e6cfff com.apple.driver.AppleIntelGMA950GLDriver 1.4.52 (4.5.2) /System/Library/Extensions/AppleIntelGMA950GLDriver.bundle/Contents/MacOS/Apple IntelGMA950GLDriver
  0x15e73000 - 0x15e8ffff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLDriver.bundl e/GLDriver
  0x15e96000 - 0x15ebafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLRendererFloa t.bundle/GLRendererFloat
  0x161b4000 - 0x161b7fff com.apple.audio.AudioIPCPlugIn 1.0.2 /System/Library/Extensions/AudioIPCDriver.kext/Contents/Resources/AudioIPCPlugI n.bundle/Contents/MacOS/AudioIPCPlugIn
  0x161d3000 - 0x161fdfff com.apple.audio.SoundManager.Components 3.9.2 /System/Library/Components/SoundManagerComponents.component/Contents/MacOS/Soun dManagerComponents
  0x167e4000 - 0x167e4fff com.apple.SpotLightCM 1.0 (121.36) /System/Library/Contextual Menu Items/SpotlightCM.plugin/Contents/MacOS/SpotlightCM
  0x17319000 - 0x1731bfff com.apple.AutomatorCMM 1.0.1 (87) /System/Library/Contextual Menu Items/AutomatorCMM.plugin/Contents/MacOS/AutomatorCMM
  0x1733f000 - 0x17342fff com.apple.iokit.IOQTComponents 1.4 /System/Library/Components/IOQTComponents.component/Contents/MacOS/IOQTComponen ts
  0x17558000 - 0x17571fff com.apple.AppleIntermediateCodec 1.1 (141) /Library/QuickTime/AppleIntermediateCodec.component/Contents/MacOS/AppleInterme diateCodec
  0x17576000 - 0x1758ffff com.apple.applepixletvideo 1.2.9 (1.2d9) /System/Library/QuickTime/ApplePixletVideo.component/Contents/MacOS/ApplePixlet Video
  0x176cd000 - 0x176d8fff com.apple.airport.diskmenu 1.1 (110.18) /System/Library/Contextual Menu Items/AirPort Disk Menu.plugin/Contents/MacOS/AirPort Disk Menu
  0x176dd000 - 0x176e1fff com.apple.FolderActionsMenu 1.3.1 /System/Library/Contextual Menu Items/FolderActionsMenu.plugin/Contents/MacOS/FolderActionsMenu
  0x70000000 - 0x700fbfff com.apple.audio.units.Components 1.4.5 /System/Library/Components/CoreAudio.component/Contents/MacOS/CoreAudio
  0x8fe00000 - 0x8fe4afff dyld /usr/lib/dyld
  0x90000000 - 0x90170fff libSystem.B.dylib /usr/lib/libSystem.B.dylib
  0x901c0000 - 0x901c2fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib
  0x901c4000 - 0x90201fff com.apple.CoreText 1.1.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreText.framework/Versions/A/CoreText
  0x90228000 - 0x902fefff com.apple.ApplicationServices.ATS 2.0.6 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ATS.framework/Versions/A/ATS
  0x9031e000 - 0x90773fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/CoreGraphics
  0x9080a000 - 0x908d2fff com.apple.CoreFoundation 6.4.7 (368.28) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
  0x90910000 - 0x90910fff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
  0x90912000 - 0x90a05fff libicucore.A.dylib /usr/lib/libicucore.A.dylib
  0x90a55000 - 0x90ad4fff libobjc.A.dylib /usr/lib/libobjc.A.dylib
  0x90afd000 - 0x90b61fff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib
  0x90bd0000 - 0x90bd7fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib
  0x90bdc000 - 0x90c4ffff com.apple.framework.IOKit 1.4.6 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
  0x90c64000 - 0x90c76fff libauto.dylib /usr/lib/libauto.dylib
  0x90c7c000 - 0x90f22fff com.apple.CoreServices.CarbonCore 682.23 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonC ore.framework/Versions/A/CarbonCore
  0x90f65000 - 0x90fcdfff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServi ces.framework/Versions/A/OSServices
  0x91006000 - 0x91044fff com.apple.CFNetwork 129.20 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwo rk.framework/Versions/A/CFNetwork
  0x91057000 - 0x91067fff com.apple.WebServices 1.1.3 (1.1.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/WebServ icesCore.framework/Versions/A/WebServicesCore
  0x91072000 - 0x910f1fff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchK it.framework/Versions/A/SearchKit
  0x9112b000 - 0x91149fff com.apple.Metadata 10.4.4 (121.36) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Metadata
  0x91155000 - 0x91163fff libz.1.dylib /usr/lib/libz.1.dylib
  0x91166000 - 0x91305fff com.apple.security 4.5.2 (29774) /System/Library/Frameworks/Security.framework/Versions/A/Security
  0x91403000 - 0x9140bfff com.apple.DiskArbitration 2.1.1 /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
  0x91412000 - 0x91419fff libbsm.dylib /usr/lib/libbsm.dylib
  0x9141d000 - 0x91443fff com.apple.SystemConfiguration 1.8.6 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
  0x91455000 - 0x914cbfff com.apple.audio.CoreAudio 3.0.4 /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
  0x9151c000 - 0x9151cfff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Application Services
  0x9151e000 - 0x9154afff com.apple.AE 314 (313) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ AE.framework/Versions/A/AE
  0x9155d000 - 0x91631fff com.apple.ColorSync 4.4.9 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ColorSync.framework/Versions/A/ColorSync
  0x9166c000 - 0x916dffff com.apple.print.framework.PrintCore 4.6 (177.13) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ PrintCore.framework/Versions/A/PrintCore
  0x9170d000 - 0x917b6fff com.apple.QD 3.10.24 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ QD.framework/Versions/A/QD
  0x917dc000 - 0x91827fff com.apple.HIServices 1.5.2 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ HIServices.framework/Versions/A/HIServices
  0x91846000 - 0x9185cfff com.apple.LangAnalysis 1.6.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LangAnalysis.framework/Versions/A/LangAnalysis
  0x91868000 - 0x91883fff com.apple.FindByContent 1.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ FindByContent.framework/Versions/A/FindByContent
  0x9188e000 - 0x918cbfff com.apple.LaunchServices 182 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LaunchServices.framework/Versions/A/LaunchServices
  0x918df000 - 0x918ebfff com.apple.speech.synthesis.framework 3.5 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesis
  0x918f2000 - 0x91931fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/ImageIO
  0x91944000 - 0x919f6fff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib
  0x91a3c000 - 0x91a52fff libcups.2.dylib /usr/lib/libcups.2.dylib
  0x91a57000 - 0x91a75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJPEG.dylib
  0x91a7a000 - 0x91ad9fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libJP2.dylib
  0x91aeb000 - 0x91aeffff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libGIF.dylib
  0x91af1000 - 0x91b75fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRaw.dylib
  0x91b79000 - 0x91bb6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libTIFF.dylib
  0x91bbc000 - 0x91bd6fff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libPng.dylib
  0x91bdb000 - 0x91bddfff com.apple.ImageIO.framework 1.5.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/Resources/libRadiance.dylib
  0x91bdf000 - 0x91cbdfff libxml2.2.dylib /usr/lib/libxml2.2.dylib
  0x91cda000 - 0x91cdafff com.apple.Accelerate 1.3.1 (Accelerate 1.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
  0x91cdc000 - 0x91d6afff com.apple.vImage 2.5 /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.fr amework/Versions/A/vImage
  0x91d71000 - 0x91d71fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/vecLib
  0x91d73000 - 0x91dccfff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvMisc.dylib
  0x91dd5000 - 0x91df9fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libvDSP.dylib
  0x91e01000 - 0x9220afff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libBLAS.dylib
  0x92244000 - 0x925f8fff com.apple.Accelerate.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.fr amework/Versions/A/libLAPACK.dylib
  0x92625000 - 0x92712fff libiconv.2.dylib /usr/lib/libiconv.2.dylib
  0x92714000 - 0x92791fff com.apple.DesktopServices 1.3.6 /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/Desk topServicesPriv
  0x927d2000 - 0x92a02fff com.apple.Foundation 6.4.8 (567.29) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
  0x92b0e000 - 0x92b18fff com.apple.framework.AppleTalk 1.2.0 (???) /System/Library/Frameworks/AppleTalk.framework/Versions/A/AppleTalk
  0x92b1c000 - 0x92b33fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
  0x92b3e000 - 0x92b96fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
  0x92baa000 - 0x92baafff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
  0x92bac000 - 0x92bbcfff com.apple.ImageCapture 3.0.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture. framework/Versions/A/ImageCapture
  0x92bcb000 - 0x92bd3fff com.apple.speech.recognition.framework 3.6 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecogni tion.framework/Versions/A/SpeechRecognition
  0x92bd9000 - 0x92bdffff com.apple.securityhi 2.0.1 (24742) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.fr amework/Versions/A/SecurityHI
  0x92be5000 - 0x92c76fff com.apple.ink.framework 101.2.1 (71) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework /Versions/A/Ink
  0x92c8a000 - 0x92c8efff com.apple.help 1.0.3 (32.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framewor k/Versions/A/Help
  0x92c91000 - 0x92caffff com.apple.openscripting 1.2.5 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting .framework/Versions/A/OpenScripting
  0x92cc1000 - 0x92cc7fff com.apple.print.framework.Print 5.2 (192.4) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framewo rk/Versions/A/Print
  0x92ccd000 - 0x92d30fff com.apple.htmlrendering 66.1 (1.1.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HTMLRendering .framework/Versions/A/HTMLRendering
  0x92d57000 - 0x92d98fff com.apple.NavigationServices 3.4.4 (3.4.3) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/NavigationSer vices.framework/Versions/A/NavigationServices
  0x92dbf000 - 0x92dcdfff com.apple.audio.SoundManager 3.9.1 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.f ramework/Versions/A/CarbonSound
  0x92dd4000 - 0x92dd9fff com.apple.CommonPanels 1.2.3 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels. framework/Versions/A/CommonPanels
  0x92dde000 - 0x930d3fff com.apple.HIToolbox 1.4.9 (???) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.fra mework/Versions/A/HIToolbox
  0x931d9000 - 0x931e4fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
  0x931e9000 - 0x93204fff com.apple.DirectoryService.Framework 3.3 /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryServi ce
  0x93254000 - 0x93254fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
  0x93256000 - 0x9390cfff com.apple.AppKit 6.4.8 (824.42) /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
  0x93c8d000 - 0x93d08fff com.apple.CoreData 91 (92.1) /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
  0x93d41000 - 0x93dfbfff com.apple.audio.toolbox.AudioToolbox 1.4.5 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
  0x93e3e000 - 0x93e3efff com.apple.audio.units.AudioUnit 1.4.3 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
  0x93e40000 - 0x94001fff com.apple.QuartzCore 1.4.12 /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
  0x94047000 - 0x94088fff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib
  0x94090000 - 0x940cafff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dyl ib
  0x940cf000 - 0x940e5fff com.apple.CoreVideo 1.4 /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
  0x9412b000 - 0x94173fff com.apple.bom 8.5 (86.3) /System/Library/PrivateFrameworks/Bom.framework/Versions/A/Bom
  0x9417d000 - 0x941bbfff com.apple.vmutils 4.0.2 (93.1) /System/Library/PrivateFrameworks/vmutils.framework/Versions/A/vmutils
  0x941ff000 - 0x94210fff com.apple.securityfoundation 2.2.1 (28150) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoun dation
  0x9421e000 - 0x9425cfff com.apple.securityinterface 2.2.1 (27695) /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInter face
  0x94278000 - 0x94287fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCGATS.A.dylib
  0x9428e000 - 0x94299fff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib
  0x942e5000 - 0x942fffff com.apple.CoreGraphics 1.258.75 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib
  0x94305000 - 0x94604fff com.apple.QuickTime 7.1.6 /System/Library/Frameworks/QuickTime.framework/Versions/A/QuickTime
  0x94786000 - 0x948ccfff com.apple.AddressBook.framework 4.0.4 (485.1) /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
  0x94958000 - 0x94967fff com.apple.DSObjCWrappers.Framework 1.1 /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWra ppers
  0x9496e000 - 0x94997fff com.apple.LDAPFramework 1.4.2 (69.1.1) /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
  0x9499d000 - 0x949acfff libsasl2.2.dylib /usr/lib/libsasl2.2.dylib
  0x949b0000 - 0x949d5fff libssl.0.9.7.dylib /usr/lib/libssl.0.9.7.dylib
  0x949e1000 - 0x949fefff libresolv.9.dylib /usr/lib/libresolv.9.dylib
  0x94a05000 - 0x94a6bfff com.apple.Bluetooth 1.7.14 (1.7.14f14) /System/Library/Frameworks/IOBluetooth.framework/Versions/A/IOBluetooth
  0x94baa000 - 0x94c82fff edu.mit.Kerberos 5.5.24 /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
  0x94d2a000 - 0x94dbcfff com.apple.WebKit 419 /System/Library/Frameworks/WebKit.framework/Versions/A/WebKit
  0x94e16000 - 0x94e98fff com.apple.JavaScriptCore 418.3 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/JavaScriptCor e.framework/Versions/A/JavaScriptCore
  0x94ed1000 - 0x951b0fff com.apple.WebCore 418.21 /System/Library/Frameworks/WebKit.framework/Versions/A/Frameworks/WebCore.frame work/Versions/A/WebCore
  0x9532f000 - 0x95352fff libxslt.1.dylib /usr/lib/libxslt.1.dylib
  0x955c8000 - 0x955ccfff com.apple.URLMount 2.1.7 /System/Library/PrivateFrameworks/URLMount.framework/Versions/A/URLMount
  0x95ac1000 - 0x95ac2fff libCyrillicConverter.dylib /System/Library/CoreServices/Encodings/libCyrillicConverter.dylib
  0x95ac4000 - 0x95ac5fff libGreekConverter.dylib /System/Library/CoreServices/Encodings/libGreekConverter.dylib
  0x95ac9000 - 0x95adffff libJapaneseConverter.dylib /System/Library/CoreServices/Encodings/libJapaneseConverter.dylib
  0x95ae1000 - 0x95b02fff libKoreanConverter.dylib /System/Library/CoreServices/Encodings/libKoreanConverter.dylib
  0x95b0f000 - 0x95b1dfff libSimplifiedChineseConverter.dylib /System/Library/CoreServices/Encodings/libSimplifiedChineseConverter.dylib
  0x95b22000 - 0x95b23fff libThaiConverter.dylib /System/Library/CoreServices/Encodings/libThaiConverter.dylib
  0x95b25000 - 0x95b37fff libTraditionalChineseConverter.dylib /System/Library/CoreServices/Encodings/libTraditionalChineseConverter.dylib
  0x964da000 - 0x964dafff com.apple.vecLib 3.3.1 (vecLib 3.3.1) /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib
  0x969c1000 - 0x969e3fff com.apple.speech.LatentSemanticMappingFramework 2.5 /System/Library/PrivateFrameworks/LatentSemanticMapping.framework/Versions/A/La tentSemanticMapping
  0x96a54000 - 0x96b2bfff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgramma bility.dylib
  0x96b46000 - 0x96b47fff com.apple.opengl 1.4.16 /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLSystem.dy lib
  0x96b49000 - 0x96b4efff com.apple.agl 2.5.9 (AGL-2.5.9) /System/Library/Frameworks/AGL.framework/Versions/A/AGL
  0x96ca5000 - 0x96ca5fff com.apple.MonitorPanelFramework 1.1.1 /System/Library/PrivateFrameworks/MonitorPanel.framework/Versions/A/MonitorPane l
  0x96e5f000 - 0x96e73fff com.apple.AppleShareClient 1.5.2 /System/Library/Frameworks/AppleShareClient.framework/Versions/A/AppleShareClie nt
  0x96e7c000 - 0x96ebbfff com.apple.AppleShareClientCore 1.5.2 /System/Library/Frameworks/AppleShareClientCore.framework/Versions/A/AppleShare ClientCore
  0x97407000 - 0x974f0fff com.apple.viceroy.framework 278.3.10 /System/Library/PrivateFrameworks/VideoConference.framework/Versions/A/VideoCon ference
  0x97c34000 - 0x97c36fff com.apple.DisplayServicesFW 1.8.2 /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayS ervices
  0x97e63000 - 0x98b38fff com.apple.QuickTimeComponents.component 7.1.6 /System/Library/QuickTime/QuickTimeComponents.component/Contents/MacOS/QuickTim eComponents
  0x98d84000 - 0x98d86fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/MacOS/QuickTimeH264
  0x98d88000 - 0x98f30fff com.apple.QuickTimeH264.component 7.1.6 /System/Library/QuickTime/QuickTimeH264.component/Contents/Resources/QuickTimeH 264.scalar
  0x98fa0000 - 0x99063fff com.apple.QuickTimeMPEG4.component 7.1.6 /System/Library/QuickTime/QuickTimeMPEG4.component/Contents/MacOS/QuickTimeMPEG 4
  0x994fa000 - 0x99505fff com.apple.IMFramework 3.1.4 (429) /System/Library/Frameworks/InstantMessage.framework/Versions/A/InstantMessage
  0x9950f000 - 0x9967bfff com.apple.MessageFramework 2.1.1 (752.3) /System/Library/Frameworks/Message.framework/Versions/B/Message

• Bizarre! One-Way Audio all of a sudden.

  I have a 7940 connected to an ASA5505 version 9.1(4) (originally connected on a DOCSIS 3 cable modem)  which has a site-to-site VPN tunnel that terminates on a Cisco 1841 and CCM 6.1 it's been working perfectly forever.
  Recently I switched to a fibre optic connection (instead of the cable modem) and now I have one-way audio.  Everything else works perfectly (access to CIFS/SMB file shares, FTP, telnet, SSH) though the tunnel and it behaves as it always did except a lot faster on fibre (80 ms ping down to 6 ms). The fibre ISP delivers various services (IPTV, Internet, etc.) via different VLANs so their Internet vlan is 802.1q tag 35.
  So the configuration was:
  interface Ethernet0/0
   switchport access vlan 6
  interface Vlan6
   nameif outside
   security-level 0
   ip address dhcp setroute
  and now it is:
  interface Ethernet0/0
   switchport trunk allowed vlan 33-36
   switchport mode trunk
  interface Vlan35
   mac-address 109f.xxxx.xxxx
   nameif outside
   security-level 0
   ip address dhcp setroute
  and now I have one-way audio (I can hear the other end but they can't hear me). Everything else works perfectly (e.g. call setup, dialling touch tones, etc.). As the change is so subtle (just the outside interface) I am baffled and don't know where to begin troubleshooting this.  In fact when it happened I was sure it was just a problem with the handset cord but I can "hear" my voice echoing back a bit.  I'm keeping the DOCSIS 3 cable Internet until I get this sorted out but of course now paying for two Internet connections so don't want to have to do that any longer than I have to.
  Any insight or suggestions on how to proceed very much appreciated.

  Well I sort of found the problem but not yet the solution. I had to switch to an ASA5505 with the Security Plus license to get the trunk I needed. If I take out the trunk (so the same configuration will work on an ASA with the base license) and get raw Internet connectivity another way (so I don't need the trunk) I have one ASA that works and one that doesn't.
  They both are running 9.1(4) and have identical configurations (copied to both with TFTP).
  The ASA with the Security Plus license has one way audio, the base license ASA does not.
  I also uploaded both configurations to a unix box and did a diff:
  <  switchport trunk allowed vlan 33-36
  <  switchport mode trunk
  >  switchport access vlan 6
  39a39,43
  > interface Vlan6
  >  nameif outside
  >  security-level 0
  >  ip address dhcp setroute
  > !
  46,51d49
  < interface Vlan35
  <  mac-address 109f.a943.f36a
  <  nameif outside
  <  security-level 0
  <  ip address dhcp setroute
  < !
  86d83
  < mtu dmz 1500
  88c85
  < no failover
  > mtu dmz 1500
  So it's a bug, revealed by the security plus license as they have identical software and identical configurations and act differently.  Not sure how to work around it yet as I have to use another router temporarily to not require the trunk and the performance is less than stellar with that in the mix. I also upgraded 9.1(4) to 9.2(1) on both - no joy, still the same.

• One way trust relationship between different domain windows server 2012 in different forest

  I'd like to build trust correctly between the domains A.local and B.int. A.local is on a Windows 2012 . B.int is on a Windows 2012 . Both machines are
  connected to the same LAN. The forest level in A.local
  machine is Windows Server 2008 and The forest level in B.int
  is Windows server 2012.
  I want a one-way trust relationship, i.e. users from A.local gain access to B.local.
  my problem it i create the trust put when i go to validate the trust between A.Local and B.int give me this error :
   The secure channel (SC) reset on Active Directory Domain Controller \\dc2.B.int of domain B.int to domain A.Local failed with error: There are currently no logon servers available to service the logon request.
  NOTE : Recently I
  UPGRADE THE Active Directory FROM 2008 R2 TO 2012 and i ping on A.local to B.int
  it is ping by name and IP but from b.int ping by IP JUST >>>
  ihab

  Hi,
  yes i already do it the setup conditional forwarding between the 2 domains and
  the firewall it is off 
  ihab

• IP SLA stats - one-way latency / MOS score 4.34 not updating

  I'm trying to use Cisco IP SLA to bench mark voice traffic peformance before and after I apply QoS to the network. 
  *  I've setup IP SLA in both directions over a DSL connection between a 7600, and an 1801
  *  I've setup IP SLA in both directions over an Ethernet WAN link between a 7200 and another 7200
  ip sla 1
  udp-jitter 10.101.1.1 32770 source-ip 10.101.2.1 source-port 32770 codec g711alaw
  frequency 30
  ip sla schedule 1 life forever start-time now
  ip sla responder
  I have a problem in that I'm not getting any meaningful data from the IP SLA statistics for Voice Score Values:, or any data for Latency one-way time: for any of my tests(x 4).
  After a day of testing it seems the MOS score never changes from 4.34, and the ICPIF never changes from 1
  Is there something wrong with my config?  Is this working properly or could this be a bug?
  ADSL-R1#show ip sla statistics 1 details
  Round Trip Time (RTT) for       Index 1
          Latest RTT: 48 milliseconds
  Latest operation start time: *09:27:48.435 UTC Thu Jul 5 2012
  Latest operation return code: OK
  Over thresholds occurred: FALSE
  RTT Values:
          Number Of RTT: 999              RTT Min/Avg/Max: 45/48/89 milliseconds
  Latency one-way time:
          Number of Latency one-way Samples: 0
          Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds
          Destination to Source Latency one way Min/Avg/Max: 0/0/0 milliseconds
          Source to Destination Latency one way Sum/Sum2: 0/0
          Destination to Source Latency one way Sum/Sum2: 0/0
  Jitter Time:
          Number of Jitter Samples: 997
          Source to Destination Jitter Min/Avg/Max: 1/2/26 milliseconds
          Destination to Source Jitter Min/Avg/Max: 1/1/18 milliseconds
          Source to destination positive jitter Min/Avg/Max: 1/2/26 milliseconds
          Source to destination positive jitter Number/Sum/Sum2: 348/793/4295
          Source to destination negative jitter Min/Avg/Max: 1/2/16 milliseconds
          Source to destination negative jitter Number/Sum/Sum2: 346/802/3742
          Destination to Source positive jitter Min/Avg/Max: 1/1/18 milliseconds
          Destination to Source positive jitter Number/Sum/Sum2: 330/611/2051
          Destination to Source negative jitter Min/Avg/Max: 1/1/18 milliseconds
          Destination to Source negative jitter Number/Sum/Sum2: 318/606/1992
          Interarrival jitterout: 0       Interarrival jitterin: 0
  Packet Loss Values:
          Loss Source to Destination: 0           Loss Destination to Source: 1
          Out Of Sequence: 0      Tail Drop: 0    Packet Late Arrival: 0
  Voice Score Values:
          Calculated Planning Impairment Factor (ICPIF): 1
  MOS score: 4.34
  Number of successes: 72
  Number of failures: 0
  Operation time to live: Forever
  Operational state of entry: Active
  Last time this entry was reset: Never
  7200-R2#show ip sla statistics details
  Round Trip Time (RTT) for       Index 1
  Type of operation: jitter
          Latest RTT: 6 ms
  Latest operation start time: 08:08:31.349 UTC Thu Jul 5 2012
  Latest operation return code: OK
  RTT Values
          Number Of RTT: 1000
          RTT Min/Avg/Max: 2/6/199 ms
  Latency one-way time milliseconds
          Number of Latency one-way Samples: 0
          Source to Destination Latency one way Min/Avg/Max: 0/0/0 ms
          Destination to Source Latency one way Min/Avg/Max: 0/0/0 ms
          Source to Destination Latency one way Sum/Sum2: 0/0
          Destination to Source Latency one way Sum/Sum2: 0/0
  Jitter time milliseconds
          Number of SD Jitter Samples: 999
          Number of DS Jitter Samples: 999
          Source to Destination Jitter Min/Avg/Max: 0/2/13 ms
          Destination to Source Jitter Min/Avg/Max: 0/1/195 ms
          Source to destination positive jitter Min/Avg/Max: 1/1/13 ms
          Source to destination positive jitter Number/Sum/Sum2: 342/638/2142
          Source to destination negative jitter Min/Avg/Max: 1/1/11 ms
          Source to destination negative jitter Number/Sum/Sum2: 335/638/1886
          Destination to Source positive jitter Min/Avg/Max: 1/2/195 ms
          Destination to Source positive jitter Number/Sum/Sum2: 198/408/38510
          Destination to Source negative jitter Min/Avg/Max: 1/2/128 ms
          Destination to Source negative jitter Number/Sum/Sum2: 203/408/20720
          Interarrival jitterout: 0       Interarrival jitterin: 0
          Over thresholds occurred: FALSE
  Packet Loss Values
          Loss Source to Destination: 0           Loss Destination to Source: 0
          Out Of Sequence: 0      Tail Drop: 0    Packet Late Arrival: 0
          Packet Skipped: 0
  Voice Score Values
          Calculated Planning Impairment Factor (ICPIF): 1
  MOS score: 4.34
  Number of successes: 19
  Number of failures: 0
  Operation time to live: Forever
  Operational state of entry: Active
  Last time this entry was reset: 15:59:31.345 UTC Wed Jul 4 2012

  Update (RESOVLED)
  The MOS and ICPIF scores do change.  I saturated the WAN link with FTP down/upload traffic inducing packet loss,increased jitter and delay.  The scores degraded accordingling show ip sla statistics 10 details
  R#show ip sla statistics 10
  Round Trip Time (RTT) for       Index 10
  Type of operation: jitter
          Latest RTT: 292 ms
  Latest operation start time: 19:07:12.358 UTC Tue Jul 17 2012
  Latest operation return code: OK
  RTT Values
          Number Of RTT: 979
          RTT Min/Avg/Max: 58/292/487 ms
  Latency one-way time milliseconds
          Number of Latency one-way Samples: 1
          Source to Destination Latency one way Min/Avg/Max: 1/1/1 ms
          Destination to Source Latency one way Min/Avg/Max: 112/112/112 ms
  Jitter time milliseconds
          Number of SD Jitter Samples: 958
          Number of DS Jitter Samples: 958
          Source to Destination Jitter Min/Avg/Max: 0/1/6 ms
          Destination to Source Jitter Min/Avg/Max: 0/11/151 ms
  Packet Loss Values
          Loss Source to Destination: 0           Loss Destination to Source: 21
          Out Of Sequence: 0      Tail Drop: 0
          Packet Late Arrival: 0  Packet Skipped: 0
  Voice Score Values
          Calculated Planning Impairment Factor (ICPIF): 10
  MOS score: 4.09
  Number of successes: 32
  Number of failures: 0
  Operation time to live: Forever
          Source to Destination Latency one way Sum/Sum2: 9591/94681
          Destination to Source Latency one way Sum/Sum2: 346227/125286895
  Jitter time milliseconds
          Number of SD Jitter Samples: 999
          Number of DS Jitter Samples: 999
          Source to Destination Jitter Min/Avg/Max: 0/2/11 ms
          Destination to Source Jitter Min/Avg/Max: 0/10/48 ms
          Source to destination positive jitter Min/Avg/Max: 1/2/11 ms
          Source to destination positive jitter Number/Sum/Sum2: 231/513/2789
          Source to destination negative jitter Min/Avg/Max: 1/2/10 ms
          Source to destination negative jitter Number/Sum/Sum2: 232/512/2724
          Destination to Source positive jitter Min/Avg/Max: 1/15/48 ms
          Destination to Source positive jitter Number/Sum/Sum2: 305/4762/93106
          Destination to Source negative jitter Min/Avg/Max: 1/6/42 ms
          Destination to Source negative jitter Number/Sum/Sum2: 682/4717/43395
          Interarrival jitterout: 0       Interarrival jitterin: 0
          Over thresholds occurred: FALSE
  Packet Loss Values
          Loss Source to Destination: 0           Loss Destination to Source: 0
          Out Of Sequence: 0      Tail Drop: 0    Packet Late Arrival: 0
          Packet Skipped: 0
  Voice Score Values
          Calculated Planning Impairment Factor (ICPIF): 5
  MOS score: 4.24
  Number of successes: 43
  Number of failures: 0
  Operation time to live: Forever
  Operational state of entry: Active
  Last time this entry was reset: 17:51:41.945 BST Fri Jul 20 2012

• Users see all applications in RDS 2012 Web access in one-way trust domain environment

  Hello!
  We have RDS 2012 deployment in domainA.local. There is a one-way trust between domainA.local and domainB.local: A trusts B and B doesn't trust A.
  A user from domainB.local authenticates in Web-access interface (wa.domainA.local) and sees
  every published application in every collection in the deployment independently of UserGroups setting of collections and applications. This occurs for any domainB user.
  In the security log of wa.domainA.local we can find an event :
  An account failed to log on.
  Subject:
  Security ID:                IIS APPPOOL\RDWebAccess
  Account Name:                RDWebAccess
  Account Domain:                IIS APPPOOL
  Logon ID:                0x2C7B16
  Logon Type:                        3
  Account For Which Logon Failed:
  Security ID:                NULL SID
  Account Name:                
  Account Domain:                
  Failure Information:
  Failure Reason:                An error occurred during logon
  Status:                        0xC000005E
  Sub Status:                0x0
  Also in network trace on wa.domainA.local kerberos error could be found:
  On TGS-REQ for krbtgt/[email protected] there is an answer: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7), server name krbtgt/domainB.
  How to deal with this issue? The aim is to show only specified applications to domainB users.
  Any help would be appreciated.

  Hi,
  Thank you for your posting in Windows Server Forum.
  Please check below links might useful for your case.
  “After adding the RDS server’s computer account to the Builtin Windows Authorization Access Group domain group, the RemoteApp icons displayed perfectly.” (Quoted from
  this article)
  1. Remote APP list empty
  2. RD
  Web Access unable to access Source (RD Server)
  In respect to Kerberos Error, refer this link for troubleshooting.
  1. Troubleshooting Kerberos Authentication problems – Name resolution issues
  2. Kerberos Authentication problems – Service Principal Name (SPN) issues - Part 2
  Hope it helps! 
  Thanks,
  Dharmesh