Multiple PIX logging to single syslog server

Similar Messages

• How do I host multiple domains on a single Messaging Server?

  How do I host multiple domains on a single Messaging Server?
  <p>
  To host multiple domains on one Messaging Server, use the
  mailAlternateAddress attribute. If you want to host two domains
  (customer1.com and customer2.com) on your server mail1.domain.com,
  make sure that:
  The various domains (in DNS) point to the installed mail server
  (you must have the MX records that
  points mail for customer1.com to mail1.domain.com and
  customer2.com to mail1.domain.com)
  That each person receiving mail at customer1.com and
  customer2.com has an appropriate mailAlternateAddress
  attribute describing the appropriate email address. For
  instance, John Doe can have an email address (i.e. the value
  of the 'mail' attribute for the John Doe LDAP entry) of
  [email protected] and receive his mail on
  [email protected] (the value of the mailAlternateAddress
  attribute)
  With Messaging Server 3.5, mailAlternateAddress can take the
  form of @mail1.domain.com. If jdoe's mailAlternateAddress is
  set to @mail1.domain.com, mail sent to [email protected]
  will be delivered to [email protected]

  jaygatsby1123 wrote:
  So what exactly am I doing with virtual hosts?  There is a place for Aliases...  What would I put in the "Aliases" box?
  Any other host name that you want to resolve to the specified virtual host.  It's quite literally an alias.
  if you want www.example.com and www.example.org to end up at the same web site and you already have a virtual host — Apple refers to virtual hosts as sites — configured for www.example.com in Server.app, then you'd add www.example.org as an alias for the www.example.com virtual host (site).
  Virtual hosts are implemented in a web server using some details of the HTTP or HTTPS protocol, and what the web browser (client) specified.  The client gets handed an IP address or a domain name by the user, and the client then fetches the associated IP address for the target web server from the client's DNS services or local host database, and the client then connects to the IP address and passes over the text string that the user had requested — the IP address or domain name or even some local shortcut set up in the client system — via the HTTP or HTTPS protocol.  The web server receives and processes this arriving text string from the client, and uses it to select which web site to render back to the web client.   One subtle detail lurks here, too: the server's own DNS configuration really isn't involved in the selection of the virtual host.

• Multiple Import into Multiple schemas in a single Database server ?

  Is it possible to create a multiple import into multiple schema in a single DB server ?

  Hi,
  Yes, You can do it.. With Multiple Export File..it may cause some Performance issue, so need to check your Server configuration before do that..

• How to configure IPS 4240 - K9 to send log file to syslog server

  I am looking for the commands in how to configure IPS 4240-k9 to send log file to SYSLOG server. If anybody has or came across similer issue please advice.
  Thanks in advanced.

  Ali -
  I am sorry to tell you, but the Cisco IPS Sensors do not send Syslog messages. Your only options for sending signature event information are:
  SDEE (an TLS Encrypted XML formatted message) the sensor is the SDEE Host and your event receiver (MARS, IME, Intelitactics, etc) is the client.
  SNMP Traps - You need to set the "Action" on each signature you want the sensor to send a trap.
  - Bob

• Multiple Office365 tenants with single sync server filtered by OU possible?

  For what I currently know multiple O365 tenants synced by dirsync is only possible with multiple sync server where each sync server has an active filter for the OU for example. Correct me if I'm wrong.
  Now I'd like to use a single AD / ADFS with multiple OA so that each OA will be it's own O365 tenant. But the central AD FS should be used for SSO.
  The scenario looks a bit like this:
  * Parent company provides www.theparentcompany.com for ADFS federation
  * Subsidiary company A is an OU of the parents AD
  * Subsidiary company A owns www.imasubsidiary.com 
  * Users of company A want to log in by [email protected] but be federated by the ADFS behind theparentcompany.com
  * Subsidiary company B is an OU of the parents AD
  * Subsidiary company B owns www.anotherdomain.com 
  * Users of company B want to log in by [email protected] but be federated by the ADFS behind theparentcompany.com
  Is there a way to do this with a single sync server with the current tools? At least for what I see (connectors in FIM2010) it looks like it could be possible in theory. But I couldn't find any documentation that validates this kind of scenario. 
  Can FIM2010 for dir sync be used sync multiple connectors for multiple tenants or is the configuration/flow special to the DirSync installation so that a new installation is needed?
  Will the upcoming  AAD Connect support this scenario?
  Best regrads,
  Daniel

  I am afraid you may not be able to achieve this using DirSync or AADSync.
  For better assistance on FIM 2010, would suggest to discuss the same on:
  https://social.technet.microsoft.com/Forums/en-US/home?forum=ilm2
  Thank you,
  Arvind

• Multiple ESS access to single EP server from two backend servers.

  Hi Experts,
  I have one concern regarding ESS.
  Can we do or can we make   two ESS access (R3 server1 and R3 Server2)  from one Portal server.
  I heard  that from one portal server (ESS)  we can connect multiple clients which are from backend R3 (example client 100 and client 200)
  My requirement is  :
  We have two R3 backend servers and one EP(ESS) server.
  Can we access two backend systems from one EP server with Two ESS tabs.
  I am expecting Multiple jco settings, multiple SSo, Multiple SLD, Multiple SPRO Menu settings, UWL settings.
  Multiple service specific settings to be access  by using  single EP server(Multiple ESS Tabs)
  Please help me for doing this.
  Regards
  Kumar.

  yes you can do so As Pooja indicated also refer
  Please have a look  at the Note 596698
  Thanks for clearing that up, Now if I understand the issue
  correctly :
  1 Portal, Two backend R/3 System, This can be done, Now then
  if you dont want the particular application disable that
  r/3 as you are aware that the links appear from V_T7XSSSERRES.
  Here you can also make sure some applications appear or no.
  Accessing multiple Backends in WebDynpro:
  How it can be done?
  1) Define different JCO Destinations
    The logical System names have to be defined in the Web Dynpro Content
  Administrator.
    Different clients or completely different Systems can be accessed
  given that the function modules called exist in those systemsThe logical System to be used can be passed to the Web Dynpro
  Application by using a URL Parameter
    The URL Parameter can be easily maintained in the iView Property when
  using the portal.
  The standard way to handle this is to create copies (via delta-link) of
  all the business package iviews and change the 'System' property in the
  newly created iviews to point to the correct system Alias. From the
  portal point of view this is all that is required in order to point an
  view to a different system
  Refer these links for further information:
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.
  docs/library/webas/webdynpro/How%20to%20Use%20the%20Web%20Dynpro%20Conte
  nt%20Administrator.pdf

• Multiple BI instances on single BI  Server

  Hello,
  I want to know if we can have multiple instances of BI run on single installation
  i.e on single installation
  I would like to run two different rpds and two different webcatalogs.
  Can this be done?
  If this can be done does oracle support this kind of installation?
  Regards,
  Deep

  Hi,
  Technically, I think you can run two mutually exclusive services on one server. You need an web application layer for managing like OC4J, weblogic, etc wherein you deploy two instance of presentation services with different port and each of these have DSN to different RPD's. I doubt you will be able to run on an IIS server (web layer).
  As far with the support, I think oracle supports single instance of Presentation services, but check with your oracle sales person on that.
  Regards,
  Bharath

• Multiple Weblogic nodes on single Windows server  - Dispatcher question?

  Hi All,
  My experience is with other J2EE web servers (SAP's Netweaver predominantly) and typical installations on this platform include the installation of a dispatcher J2EE node which balances load across potentially multiple J2EE nodes on a single server. Does Weblogic have a similar set-up, as it appears when you create multiple nodes in Weblogic, you need to set-up a load balancer to achieve this same effect (that is installed by default on other platforms).
  Obviously creating a single node is pretty useless for the majority of production installations; hence what is the recommended option (without setting up a dedicated load balancer) to achieve this on a single (albeit large) server?
  Thanks,
  Matt

  Hi,
  I had just remembered another option, we can set up weblogic as webserver which does the load balancing. Below are the two ways you can do that.
  1. While creating the domain using "config.sh" you will get an option to set up "weblogic server as webserver". This option is enabled only on condition "cluster must be created, and few managed servers needs to assigned to cluster". For example if we create 3 managed servers and we assign 2 managed to cluster then "Http Proxt screen" would be enabled where remaining server can be set up as "http proxy webserver".
  2. Below is the lengthy procedure.
  a. Create a standalone weblogic server.
  b. We need to create a dummy war, which just contains below "web.xml" adn "weblogic.xml", let me know if you have trouble creating this war file.
  Contents of "web.xml"
  <?xml version='1.0' encoding='UTF-8'?>
  <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <servlet>
  <!-- Add HTTPClusterServlet -->
  <servlet-name>HttpClusterServlet</servlet-name>
  <servlet-class>weblogic.servlet.proxy.HttpClusterServlet</servlet-class>
  <init-param>
  <param-name>WebLogicCluster</param-name>
  <param-value>127.0.0.1:7003|127.0.0.1:7005|127.0.0.1:7007</param-value>
  </init-param>
  </servlet>
  <!-- Add HTTPClusterServlet Mapping elements -->
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>/</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>*.jsp</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>*.htm</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>*.html</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>browsestore</url-pattern>
  </servlet-mapping>
  </web-app>
  Contents of "weblogic.xml" . This deployment descriptor is used to deploy this application as "default application".
  <?xml version='1.0' encoding='UTF-8'?>
  <weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/90" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <!-- Add the context root here -->
  <context-root>/</context-root>
  </weblogic-web-app>
  c. Now deploy this war file to standalone weblogic server.
  d. Lets suppose you had deploy application "vas.war" on managed server "VASMS1", "VASMS2", which are running on host "vasunix1" and "vasunix2" on ports 8002. You can access the application directly "http://vasunix1:8001/vas" or "http://vasunix2:8002/vas".
  Now since you had set up "http proxy webserver" which does the load balancing, you can directly hit "http proxy webserver" url and it redirects traffic to "VASMS1" or "VASMS2". Lets suppose "Http proxy webserver" "VASMS3" is running on "vasunix1" on port "8003". You can access the application "http://vasunix1:8003/vas", this request is directed to MS1 or MS2.
  I hope this is what you are looking for. Have great day.
  Vijay Bheemineni.

• Multiple SAP system on single physical server.

  Hello Experts.
  We are in process of implementaing SAP solution withLandscpe having systems ECC 6.0, SolMan 4.0, BI. We are planning to have 3 Sytem landscape for all.
  Now but currently we are having only one Physical server
  Is it possible to Install 6 SAP system on single server?(DEV and QAS for ECC, Solman, BI respectively). The server is having sufficient hardware for 6 system as per sap standered. Planne OS is RHEL and DB MaxDB. Initially we are having 16 GB RAM extendable.
  Will SAP support such kind of landscape?

  Hi Nikhil
  Just my two cents:
  Never put non-prod/prod systems on the same server, how would you test os patches, what if system wide components cause problems, what if - for example - you want to upgrade your database on the dev system, but you need a new library, which is not compatible to the version needed by the prod system.
  Your single linux box will not be big enough to hold all these systems, trust me. And x86_64 hw is sooo cheap ))
  Regards, Michael

• Secure LDAP with Multiple DPS's on Single Physical Server

  I am having an issue connecting to the directory server over SSL via the directory proxy server. I have enabled SSL and tested successfully in some situations, however this situation is unique.
  DPS 5.2 patch 4
  Directory Server patch 4
  I have applied the neccessary hotfixes from sun to resolve the SSL issues.
  There are 3 physical servers. 2 of those servers each have 2 instances of directory proxy server running. The 3rd server has 2 separate Directory Server instances running (1 for enterprise authentication, 1 for Access Manager). Each physical proxy server has 1 instance running for each Directory server instance (1 enterprise LDAP, 1 AM LDAP). All 4 proxy instances can connect successfully to the Directory Masters over the unsecure ports (389 for enterprise LDAP, 55389 for AM LDAP). On the proxy servers, only the initial proxy instance can connect to the secure port successfully. For instance, on server 1 first the DPS for enterprise LDAP was installed then a DPS for AM LDAP was added. Only the enterprise proxy instance can connect successfully over SSL. On server 2 initially the AM LDAP instance was installed and then an enterprise LDAP instance was added. In this case only the AM LDAP instance can connect successfully.
  For both instances of the proxy the appropriate certificates have been installed and verified. I can use the dps-instance-cert8.db for the working and non working DPS instances and successfully connect to the Directory Master using ldapsearch from the directory proxy server.
  When I do ldapsearch I receive the following error on the second instances:
  ldap_simple_bind: Can't contact LDAP server
  SSL error -12271 (SSL peer cannot verify your certificate.)
  Certificates:
  bash-2.05$ /jes/ds52/shared/bin/certutil -L -d /jes/ds52/alias -P dps-instance1-
  LDAP Development Pu,u,u
  CMS SUN CERTIFICATE AUTH 2023 CT,,
  bash-2.05$ /jes/ds52/shared/bin/certutil -L -d /jes/ds52/alias -P dps-instance2-
  LDAP Development Pu,u,u
  CMS SUN CERTIFICATE AUTH 2023 CT,,
  Each use the same server cert, the host is �*.test.com�, using the asterisk so the hostname shouldn�t matter.
  DPS INSTANCE 1 � Success
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385609] TCP_NODELAY was set on socket 3
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   310200] Success with enabling socket 16 for blocking
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   323705] ( xxx.xx.xxx.xx+ 636) syncConnection success.
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385609] TCP_NODELAY was set on socket 16
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [TRACE] [   520503] Connection established to condo101.cms.hhs.gov
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300771] Promoting socket 16 via socket 1.
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300751] Socket 16, success with SSL_HANDSHAKE_AS_CLIENT
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385701] Success with sessionPromote to SSL for socket 16.
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385704] Success with setting SSL_AuthCertificateHook callback
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385705] Success with setting SSL_BadCertHook callback
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385706] Success with setting SSL_HandshakeCallBack
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   302019] Success with SSL_SetPKCS11PinArg (socket 16)
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385748] SSL_SetURL skipped on socket 16 (null url)
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385803] Success with SSL_ResetHandshake as client (socket 16)
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385739] Certificate possesses valid times on socket 16
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385745] For socket 16, pinArg does possess a value.
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   302024] Success with CERT_VerifyCertNow (checking signature, usage: "certUsageSSLServer").
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385725] Certificate accepted on socket 16
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300754] Success with handshake on socket 16
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385746] SSL_ForceHandshake success on socket 16
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [TRACE] [   171210] [client(       xxx.xxx.xxx.xxx,   3)] [server(  xxx.xx.xxx.xx+  636,  16)] Connection via SSL session
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [STAT/CONN] [   171211] [client(       xxx.xxx.xxx.xxx,   3)] Accepting connection via network-group-1
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   310200] Success with enabling socket 3 for blocking
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300771] Promoting socket 3 via socket 0.
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300750] Socket 3, success with SSL_HANDSHAKE_AS_SERVER
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385701] Success with sessionPromote to SSL for socket 3.
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385704] Success with setting SSL_AuthCertificateHook callback
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385705] Success with setting SSL_BadCertHook callback
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385706] Success with setting SSL_HandshakeCallBack
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300801] Success with setting SSL_REQUEST_CERTIFICATE (1)
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300802] Success with setting SSL_REQUIRE_CERTIFICATE (0)
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300405] Success with SSL configuration on socket 3
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385803] Success with SSL_ResetHandshake as server (socket 3)
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300406] Success with SSL promotion on socket 3
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [TRACE] [   390307] [client(       xxx.xxx.xxx.xxx,   3)] [server(  xxx.xx.xxx.xx+  636,  16)] Success with OnSSLEstablished rule... continuing
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   300754] Success with handshake on socket 3
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385713] Read on socket 3. Received 42 byte(s)
  May 10 2007 09:44:18 server123 SunONEDPS[ 24710]: [DETAIL_TRACE] [   385716] ber_get_next (socket 3) returned complete PDU
  DPS INSTANCE 2 � FAILING
  ldapsearch -h server123 -p 55636 -P /<serverroot>/alias/dps-server123-cert8.db -D "cn=directory manager" -s base -w adminjes -b dc=cms,dc=hhs,dc=gov objectclass=*
  ldap_simple_bind: Can't contact LDAP server
  SSL error -12271 (SSL peer cannot verify your certificate.)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   300901] Successful match of xxx.xxx.xxx.xxx+36383 against ALL
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   110999] In permit_connection_from_ip(), The counter for IP:xxx.xxx.xxx.xxx is now 2 and the limit is 0
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385609] TCP_NODELAY was set on socket 15
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   310200] Success with enabling socket 16 for blocking
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   323705] ( xxx.xx.xxx.xx+55636) syncConnection success.
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385609] TCP_NODELAY was set on socket 16
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   520503] Connection established to condo101.cms.hhs.gov
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300771] Promoting socket 16 via socket 1.
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300751] Socket 16, success with SSL_HANDSHAKE_AS_CLIENT
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385701] Success with sessionPromote to SSL for socket 16.
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385704] Success with setting SSL_AuthCertificateHook callback
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385705] Success with setting SSL_BadCertHook callback
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385706] Success with setting SSL_HandshakeCallBack
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   302019] Success with SSL_SetPKCS11PinArg (socket 16)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385748] SSL_SetURL skipped on socket 16 (null url)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385803] Success with SSL_ResetHandshake as client (socket 16)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385739] Certificate possesses valid times on socket 16
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385745] For socket 16, pinArg does possess a value.
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   302024] Success with CERT_VerifyCertNow (checking signature, usage: "certUsageSSLServer").
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385725] Certificate accepted on socket 16
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300754] Success with handshake on socket 16
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385746] SSL_ForceHandshake success on socket 16
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   171210] [client(       xxx.xxx.xxx.xxx,  15)] [server(  xxx.xx.xxx.xx+55636,  16)] Connection via SSL session
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   310200] Success with enabling socket 15 for blocking
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300771] Promoting socket 15 via socket 0.
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300750] Socket 15, success with SSL_HANDSHAKE_AS_SERVER
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385701] Success with sessionPromote to SSL for socket 15.
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385704] Success with setting SSL_AuthCertificateHook callback
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385705] Success with setting SSL_BadCertHook callback
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385706] Success with setting SSL_HandshakeCallBack
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300801] Success with setting SSL_REQUEST_CERTIFICATE (1)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300802] Success with setting SSL_REQUIRE_CERTIFICATE (1)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300405] Success with SSL configuration on socket 15
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385803] Success with SSL_ResetHandshake as server (socket 15)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   300406] Success with SSL promotion on socket 15
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   390307] [client(       xxx.xxx.xxx.xxx,  15)] [server(  xxx.xx.xxx.xx+55636,  16)] Success with OnSSLEstablished rule... continuing
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [NOTICE] [   385721] Read on socket 15 failed.
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [NOTICE] [   385721] SSL_ERROR_BASE + 3, NSPR error: -12285 (0xffffd003). Native errno is: 11
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385714] ber_get_next (socket 15) returned LBER_DEFAULT
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   385714] SSL_ERROR_BASE + 3, NSPR error: -12285 (0xffffd003). Native errno is: 11
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [EXCEPTION] [   301006] Unexpected error on socket 15. (Error: -12285).
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   190401] [server(  xxx.xx.xxx.xx+55636,  16)] Input was not a BER encoding or connection closed: source( xxx.xxx.xxx.xxx, 15)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   190401] [server(  xxx.xx.xxx.xx+55636,  16)] SSL_ERROR_BASE + 3, NSPR error: -12285 (0xffffd003). Native errno is: 11
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   171505] [server(  xxx.xx.xxx.xx+55636,  16)] Entering recycle_inner_connection
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   301201] Closing connection to: xxx.xx.xxx.xx+55636 (socket 16)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [DETAIL_TRACE] [   301201] Closing connection to: xxx.xxx.xxx.xxx (socket 15)
  May 10 2007 10:05:17 server123 SunONEDPS[ 26275]: [TRACE] [   110998] In done_connection_from_ip(), The counter for IP:xxx.xxx.xxx.xxx is now 1 and the limit is 0

  In these situations it's important to separate SSL level issues from LDAP issues. I've had good results using "openssl s_client" to investigate and debug SSL/TLS level issues. I point it at the LDAP server and it sets up a connection handling the SSL layers and giving lots of diagnostics about SSL and the X.509 certificates in use.
  Try looking for things like whether the SubjectAltName and/or Issuer's CN contain the same hostname you are using to connect.
  After giving you the diagnostics it will be waiting with your stdin/stdout connected to the application via SSL (which could make you think it's hanging). Since you're probably not going to be typing the LDAP protocol by hand you want to abort s_client at this point (or type something that Directory Server will reject as a LDAP protocol error).
  You can get openssl from the usual places: blastwave.org & sunfreeware.com.
  Hopefuly this will help,
  -Scott-

• Start multiple domains simultaneously on 1 Weblogic server installation?

  Is it okay to start and run multiple domains simultaneously. Better yet, when having multiple domains on 1 WLS server, should each domain have a different port number in order to be run simultaneously?
  Here's my scenario - I installed Oracle Business Intellgence, which by default installs and configures WLS server for certain Business Intelligence applications (BI Publisher). This instance was running fine and good and still is.
  Then I had another application, Oracle Data Integrator, which has a Console piece that requires a domain on WLS. So instead of modifying the existing domain for Oracle Business Intelligence, I created a new domain via the Configuration Wizard and selected those components for Oracle Data Integrator.
  therefore current domains:
  ...\domains\bifoundation_domain --> installed automatically as part of Oracle Business Intelligence
  ...\domains\odi11g --> I created this domain after I
  Now I have 2 domains under 1 WLS Server (windows 7 64bit), but if I startWeblogic.cmd for the bifoundation_domain, and I startWeblogic.cmd for the odi11g...then only the components for the bifoundation_domain become available via the WLS Console.
  Questions:
  - Can I run both domains simultaneously?
  - Should I have modified the bifoundation_domain to include Oracle Data Integrator component; therefore only having 1 domain but having everything run under that domain?
  - Does the Port for each domain matter? both bifounddation_domain and odi11g domain use ports 7001
  Are there any other considerations? Thanks much.

  Hi,
  It is perfectly OK to run multiple domains on a single Weblogic server installation. Only constraint would be you have enough capacity available on your server to start multiple instances.
  Things to note is, if your domain1 is running on listen address : port { localhost : 7001 } then your other domain should be configured on a different port say {localhost : 8001 }. If you want both domain to run on same port then go for virtual IP's to be plumbed on your physical network interface and configure as,
  domain1 - { ip1 : 7001 }
  domain2 - { ip2 : 7001 }
  this way you will can access both domain admin console on same port.
  Remember, Weblogic resources cannot be shared between domain, however a single nodemanager will be enough to monitor both the domains.
  * rank it if answer is helpful :) *
  Thanks,
  Ranjan

• SEND ALL MESSAGES TO SYSLOG SERVER

  HI, I WANT SEE ALL INFORMATIONS THAT WHO CONNECT TO ROUTER OR SWITCH AND  WHICH COMMAND USE DURING CONNECTION, AT THE SYSLOG SERVER. FOR EXAMPLE :"SH RUN", "SH INT FA0/0", "ENABLE", "CONF T".....
  HOW CAN I DO THAT?
  THX

  HI,
  I used that config over my routers
  logging buffered 4096 informatinal
  logging trap 5
  archive--->for take config changes to syslog server
  log config
  logging enable
  logging size 200
  notify syslog
  hidekeys
  logging origin-id hostname
  logging 10.10.1.119
  logging 128.1.14.193
  logging source-interface FastEthernet0/0.10
  I see log messages on syslog server, but ı want see also failed authentications on syslog server,
  I think I have to use these conmmands
  login block-for 60 attempts 3 within 60
  login delay 1
  login on-failure log every 3
  login on-success log
  but these commands do not support on my routers, I use "c2800nm-adventerprisek9-mz.124-11.T4.bin"
  Which IOS does support these commands?
  THX
  Gürcan Başural
  Assistant Manager
  IT Systems and Network Management Department
  IT and Operations Division
  T. +90 212 225 0500 - 1308 F. +90 212 225 0526
  @. [email protected] W. http://www.atbank.com.tr
  Bu e-posta ve muhtemel eklerinde verilen bilgiler kişiye özel ve gizli olup, yalnızca mesajda belirlenen alıcı ile ilgilidir. Bu mesajda bulunan tüm fikir ve görüşler ve ekindeki dosyalar sadece adres sahip(ler)ine ait olup, Arap Türk Bankası A.Ş. hiçbir şekilde sorumlu tutulamaz. Şirketimiz mesajın ve bilgilerinin size değişikliğe uğrayarak veya geç ulaşmasından, bütünlüğünün ve gizliliğinin korunamamasından, virüs içermesinden ve bilgisayar sisteminize verebileceği herhangi bir zarardan sorumlu tutulamaz.
  This message and attachments are confidential and intended solely for the individual(s) stated in this message. This e-mail is not intended to impose nor shall it be construed as imposing any legally binding obligation upon Arap Türk Bankası A.Ş. and/or any of its subsidiaries or associated companies. Neither Arap Türk Bankası A.Ş. nor any of its subsidiaries or associated companies gives any representation or warranty as to the accuracy or completeness of the contents of this e-mail. Arap Türk Bankası A.Ş. shall not be held liable to any person resulting from the use of any information contained in this e-mail and shall not be liable to any person who acts or omits to do anything in reliance upon it.

• Configuration required in Cat 4006 to forward errors to syslog server

  Hi,
  I have setup a Kiwi syslog server. I want to configure in my Cat 4006 switch to forward the following messages to my syslog server
  1. configuration changes
  2. Vlan creation /modification
  3. Power supply failures/module failures/temperature
  4. When the processor utlization exceeds more than 75% , it should send a alert message to syslog server
  5. Switch restart
  6. Trap for any changes in Uplink ports only. There are 4 uplinks to other Switches from 4006. If any problem with these ports (uplink), it should send message to syslog server , not for all ports
  Thanks in advance
  Raju

  Hi
  I feel this link will be of some help to u in configuring different severity levels for different facilities available.
  http://www.cisco.com/en/US/partner/products/hw/switches/ps663/products_configuration_guide_chapter09186a00800d81c8.html
  By default for abnormal temp conditions u will get logs in the syslog server if u have already pointed the logs to the syslog server..
  regds

• Can we have Multi BI Scheduler in single obiee server

  Hi,
  Is it possible to have multiple OBIEE schdeuler in single obiee server in 10g. we are currently using multi RPD and webcatalog in single server, is it possible get scheduler running the same way. If yes please help
  some thing like : http://debaatobiee.wordpress.com/2009/10/01/multiple-rpd-multiple-presentation-service-instance-on-single-bi-server/
  Please Suggest,
  Regards,
  AP

  I don’t think this can be done since the Scheduler changes are override(OracleBIData\scheduler\config\instanceconfig.xml)
  by each other based on the rpd job manager config changes.
  If we have separate DSN for RPD or Virtual dir as Analtyics this may be possible.
  More over the below tag from OracleBIData\web\config\instanceconfig.xml points same host
  <ScheduleServer>localhost</ScheduleServer>
  Let me know updates

• Trap messages to syslog server cisco WS-C4503 - 3750x

  All,
  I have issue  with respect to  SNMP trap  , below is the histroy
  SW1 -- trunk port Gi 2/11  ( old switch )
  SW2-  trunk port  Gi 1/0/2 ( old switch)
  recently  SW2 got replaced 
  SW1 -- trunk port Gi 2/11  ( old switch )
  SW2-  trunk port  Gi 1/1/2 ( new switch)
  SYSLOG server still recieving  trap message saying that trunk port between  SW1 2/11  to SW2 Gi 1/0/2  is down , however SW2 trunk currently on the new port  Gi 1/1/2  . bit wondering on this .  the new switch Gi 1/0/2 which is currently access port and it is not connected to any host machine since installed and no logging port flap information  ( sh logging output)  is something need to be done at switches to clear log message at server . please advice
  below is the port configuration
  SW1  ( OLD)
  interface GigabitEthernet2/11
  description *******
    switchport mode trunk
  switchport nonegotiate
  SW1#sh run | in trap
  logging trap debugging
  snmp-server enable traps snmp linkdown linkup coldstart warmstart
  snmp-server enable traps envmon fan shutdown supply temperature
  snmp-server enable traps hsrp
  snmp-server enable traps mac-notification change move threshold
  SW2 ( NEW switch )
  interface GigabitEthernet1/0/2
  switchport mode access
  switchport nonegotiate
  load-interval 30
  spanning-tree portfast
  spanning-tree bpduguard enable
  spanning-tree guard root
  SW2#sh run | in trap
  snmp-server enable traps snmp authentication
  snmp-server enable traps config
  snmp-server enable traps hsrp
  snmp-server enable traps bridge newroot topologychange
  snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
  snmp-server enable traps vtp
  snmp-server enable traps vlancreate
  snmp-server enable traps vlandelete
  snmp-server enable traps flash insertion removal
  snmp-server enable traps envmon fan shutdown supply temperature status
  snmp-server enable traps vlan-membership

  Hi
  I feel this link will be of some help to u in configuring different severity levels for different facilities available.
  http://www.cisco.com/en/US/partner/products/hw/switches/ps663/products_configuration_guide_chapter09186a00800d81c8.html
  By default for abnormal temp conditions u will get logs in the syslog server if u have already pointed the logs to the syslog server..
  regds