Network Address Translation in Java
Hi to all,
Can any one explain me if is possible to realize a NAT in java?!?
Are RFC's 3022 and 1918 useful for my purposes?!?
If it's possible, can anyone post the code or the link where I can find it?!?
Thanks...
To do NAT properly you need lower level access to the IP stack than Java provides. There are also a good variety of NAT servers available.
A good open source choice is Linux IPMasquerade. You can use an old surplus PC (pentium II 233 or better) with Linux and IPMasquerade and IPChains to build a quite respectable firewall and NAT server that is more secure than anything running under windows. I got over 100,000 hits on google for ip masquerade, eg. http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO.
Another choice is if you use a Linksys DSL router or similar device, this will connect you to cable or ADSL and do NAT for you. The router is less than $50.00 US.
Given these conditions a NAT in java is hardly worth it.
Similar Messages
-
Tuxedo and Network Address Translation(NAT) at Firewall
We made a sucessful connection through the firewall without Network Address Translation
(NAT)on the firewall, from one network to the other and what we found happened
was that the client machine makes a connection on port 8090 and then sets up a
successful connection to the server (WSL).The client then very soon afterward
makes another connection on
another high-port and everything works (WSH connection).
Whats not happening with NAT is that the second connection is not being made to
the firewall. The firewall and the router are not blocking the call. It is just
not being made.
Thanking you in advance!!!
NathanielNathaniel,
Take a look at the WSL -H option at
http://edocs.bea.com/tuxedo/tux80/atmi/rf540.htm#1534543
Regards,
Peter.
Got a Question? Ask BEA at http://askbea.bea.com
The views expressed in this posting are solely those of the author, and BEA
Systems, Inc. does not endorse any of these views.
BEA Systems, Inc. is not responsible for the accuracy or completeness of
the
information provided
and assumes no duty to correct, expand upon, delete or update any of the
information contained in this posting.
Nathaniel Sebolai wrote:
We made a sucessful connection through the firewall without Network Address Translation
(NAT)on the firewall, from one network to the other and what we found happened
was that the client machine makes a connection on port 8090 and then sets up a
successful connection to the server (WSL).The client then very soon afterward
makes another connection on
another high-port and everything works (WSH connection).
Whats not happening with NAT is that the second connection is not being made to
the firewall. The firewall and the router are not blocking the call. It is just
not being made.
Thanking you in advance!!!
Nathaniel -
GC 11G AND Network Address Translation
HI,
I have simple question , Is Network Address Translation supported with GC 11g. I know it is not on 9i.
thanks.I can't find anything on this on the internet. So creating a SR is an option.
The only note I found was: Agent Fails to Upload Through Load Balancer, Secures Successfully [ID 1149610.1] suggesting you can use NAT.
Eric -
Carrier Grade Network Address Translation (CG-NAT)
Hello,
I live in the UK. One of the largest ISPs, BT, has begun trialling carrier grade network address translation (CG-NAT). In a nutshell, this introduces double NAT - first your broadband router, then the ISP's "router". This is before the ISP has introduced IPv6.
I fear it is only a matter of time before my ISP also introduces CG-NAT. Will/does Skype work in a CG-NAT scenario? If not, what are my options?
Kind regards,
AnwarI am new to Oracle VM. The dom0 and domU are set up by someone else. So I don't know the details. In the domU, I can't even ping the 10.244.69.35 address of the dom0.
# ping 10.244.69.35
PING 10.244.69.35 (10.244.69.35) 56(84) bytes of data.
From 192.168.200.50 icmp_seq=2 Destination Host Unreachable
From 192.168.200.50 icmp_seq=3 Destination Host Unreachable
From 192.168.200.50 icmp_seq=4 Destination Host Unreachable
The Cisco switch on the 10.*.*.* network is owned by IT and I can't change anything on it. This is why I try to set up NAT on the dom0. I would appreciate any help so that I can access the 10.*.*.* network from the domU. -
Network Address Translation, Automatic Port Forwarding
Does the Airport Extreme do
Network Address Translation? Do I have to do something to make NAT functional?
Does the Airport Extreme automatically forward ports? Or is this something I have to do manually
sorry if this is discussed already but a Search of Forum did did not yield the information I need.Hi Barbara, welcome to the discussion area!
+Does the Airport Extreme do Network Address Translation?+
Yes
+Do I have to do something to make NAT functional?+
No, if you have the device configured as a router with the Connection Sharing settings set to Share a public IP address so that the AirPort Extreme is handling the chore of assigning IP addresses to connected devices.
If you have the AirPort Extreme configured as a "bridge", then NAT is handled by the router that is upstream of the AirPort Extreme.
+Does the Airport Extreme automatically forward ports? Or is this something I have to do manually+
Port forwarding must be setup manually on the AirPort Extreme using AirPort Utility, the application used to setup the AirPorts. -
How do I disable Network Address Translator on my macbook?
I am getting a notice that Back to my Mac will not work because I have more than one device on my network providing NAT (network address translation). It says to try disabling NAT on one of the devices. How do you do that?
Airport Extreme needs to be in Bridge Mode.
Here: http://support.apple.com/kb/TS1208 -
On UPnP and NAT (Network Address Translation)
Why UPnP is an often asked Question.
This article goes a long way to say why.
A couple of Quotes
*What is UPnP?*
Universal Plug and Play (UPnP) is an architecture for pervasive peer-to-peer network connectivity of PCs and intelligent devices or appliances, particularly within the home. UPnP builds on Internet standards and technologies, such as TCP/IP, HTTP, and XML, to enable these devices to automatically connect with one another and work together to make networking - particularly home networking - possible for more people.
*Are there other ways to solve the problem of NAT traversal? If so, why is using UPnP the best choice?*
Yes, there are other ways to solve this problem, but no other mechanism currently exists as an industry standard to address this problem in an automatic way for the consumer and in such a universally-applicable way for the developer.
Simply Automated Starter Package
Other approaches require either manual intervention by the user or they require special development efforts by the Internet gateway device vendor and the software developer to handle the NAT traversal needs of specific applications. As a result, UPnP is uniquely able to solve this important problem.
*Consumer does the work.* The manual intervention methods of NAT traversal require a consumer to use a browser, a graphical user interface-based tool on the PC, or a command line interface tool on the PC to change some settings on the Internet gateway device in the home. While some technical enthusiast users have little difficulty with this, many consumers do not feel comfortable doing this. Further, many consumers may not even realize that NAT traversal problems are interfering with their use of services across the Internet. _The user may be attempting to play a multi-player game or engage in some other peer-to-peer service but find he or she cannot connect for some reason._ This leads to troubleshooting, support calls, customer dissatisfaction, and reluctance on the part of the user to try new services or experiences in the future.
*Developer does the work.* To avoid requiring the consumer to solve this NAT traversal problem manually, some Internet gateway device vendors have written and included application layer gateway support into their devices. This application layer gateway software is designed with specific applications in mind. In other words, the device vendor writes and tests specific code that will automatically enable one application to go through the NAT. If the application software is updated, the application layer code the device vendor wrote may have to be updated and tested again. This one-at-a-time way of chasing the NAT traversal problem is manageable for device vendors when there are only a few peer-to-peer or relevant applications to consider, but this approach does not scale well to 100s or 1000s of applications, can be very expensive to pursue, and likely requires specific knowledge of how each of these applications function. The better way to approach this problem is to have the device vendor add software or firmware to their device once to understand UPnP and have other devices and software be able to communicate with the NAT device using this same technology. UPnP is uniquely able to fulfill this role today.
I have underlined a passage in the last.
I hope this helps in some way.
6:58 PM Tuesday; January 1, 2008Look for bindAddr in the weblogic.properties doc.
weblogic.system.bindAddr
You can use a dns name instead of an ip address
Mike
David Chen <[email protected]> wrote:
>We are planning to add a client that needs to access our weblogic cluster
>through firewalls with IP address translation. According to the WebLogic
>(5.1) documentation, this could be done by opening port 7001 in the
>firewalls, and BIND WebLogic SERVER INSTANCES TO DNS NAMES. Does anyone
>know how to bind WebLogic server instances to DNS names? Should it be
>done in weblogic.properties?Thanks in advance,David [email protected]
-
How to disable Network Address Translation
how to disable Network Address Translation
Hi KalaiArasu.K,
As Chen V said, please tell us more detailed information about your requirement.
In addition, please refer to the two following links to learn how to disable Network and computer from Explorer Navigation Pane:
How to Add or Remove Network from the Windows 7 Navigation Pane
http://www.sevenforums.com/tutorials/39699-network-add-remove-navigation-pane.html
How to Remove “Computer” from Windows 7 Explorer Navigation Pane?
http://www.askvg.com/how-to-remove-computer-from-windows-7-explorers-navigation-pane/
Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information. What’s more, incorrectly editing the registry
may severely damage your system. Before making changes to the registry, you should back up any valued data.
For your infomation, plase refer to the following article to learn how to configure a Registry Item via GPO:
Configure a Registry Item
http://technet.microsoft.com/en-us/library/cc753092.aspx
Regards,
Lany Zhang -
ASA 5510 Network address translation through an internal network.
Is it possible to perform static Nat's through an internal network?
Here's my situation I have a ASA 5510 with a public outside interface (let’s call it 68.68.68.1), and I have an inside private IP address (192.168.1.2/24). The inside IP address leads to a 4900m with that interface being configured with a 192.168.1.1 (no switching). On the 4900 M I have several VLANs one of them is an internal DMZ of sorts. (192.168.2.0/24). Within this DMZ network are several Web servers which need to be associated a public IP address (68.68.68.x).
Every time I configure a static Nat to associating a public IP address with an internal IP address within the DMZ, packet Tracer on the ASA informs me that the packet gets dropped at the static Nat and I cannot figure out why this is so.
Safe it to say my question still stands is it possible to Nat (68.68.68.222 to and 92.168.2.60) given the configuration above, and how would I go about configuring in such the manner above so that I acn apply static nat through the 192.168.1.0 network to reach the 192.168.2.0 network.
Any help on this matter is greatly appreciated. Thank you.more information as requested
csc# sh int ip br
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 192.168.1.2 YES CONFIG up up
Ethernet0/1 172.16.2.3 YES CONFIG up up
Ethernet0/2 192.168.12.1 YES CONFIG up up
Ethernet0/3 68.68.68.1 YES CONFIG up up
Internal-Control0/0 127.0.1.1 YES unset up up
Internal-Data0/0 unassigned YES unset up up
Management0/0 192.168.19.1 YES manual administratively down down
csc-ssm# sh nameif
Interface Name Security
Ethernet0/0 inside 100
Ethernet0/1 %^&*%$ 100
Ethernet0/2 @#$%&*() 30
Ethernet0/3 outside 0
Management0/0 management 100
nat (inside) 0 access-list nat0
nat (inside) 1 serverNET 255.255.255.0
nat (inside) 1 Server 255.255.255.0
nat (inside) 1 192.168.8.0 255.255.255.0
nat (inside) 1 CorpVPN 255.255.255.0
nat (inside) 1 192.168.30.0 255.255.255.0
nat (Eng) 0 access-list ENG_nat0_outbound
nat (Eng) 1 172.16.2.0 255.255.255.0
nat (WiFi-Guest) 1 192.168.12.0 255.255.255.0
global (ENG) 2 172.16.2.10-172.16.2.50 netmask 255.255.255.0
global (outside) 1 interface -
Making internet sharing work (Issue with Network Address Translation)
Trying to use internet sharing to enable a BluRay player to get access to the internet for firmware updates, BDLive, etc.
MacBook Pro is setup with Airport (en1) enabled and connected to the internet.
Ethernet port (en2) is set to "Configure IPv4: Off."
I have configured the /etc/bootpd.plist file with the following configuration as mentioned in http://www.macosxhints.com/article.php?story=20071223001432304&query=xbox%2B360.
<key>replythresholdseconds</key>
<integer>0</integer>
After starting up Internet Sharing, the following is observed:
Ethernet port(en2) is reporting 192.168.2.1 as its IP address in Network Utility but not in the Network System Preferences Pane.
The Mac is responding to the DHCP request from the BluRay player and the BluRay is assigned an IP address of 192.168.2.2/24 with a default gateway and DNS of 192.168.2.1.
So you think there would be success with this but wrong. The system log is reporting that NATD "failed to write packet back (No route to host)" or "failed to write packet back (Host is down) and the connection test on the BluRay player is consistently failing.
Even manually configuring the ethernet port on the Mac is resulting in failure. Is there something else I'm overlooking?
Hoping someone can spread some light on this. Thanks.Ashy Larry wrote:
So you were able to get it to work then?
I ask because I want to get the Sony BDP-N460 Bluray player for my parents, as it's the only Sony player aside from the Playstation 3 that is Netflix capable. I'm not sure why their other wi-fi enabled player doesn't have Netflix on it. I suppose I could get them a Playstation 3, but they don't really need one.
More than likely that Sony is positioning its products that way so people do go for the PS3 and increase it install base and possibly get you to by a game or two.
I want to connect the player to an old iBook G3 that's running 10.4 and share its connection. I did this successfully with the iBook and my Xbox 360 and wanted to know if it was possible to do so with a Bluray player.
I would bet that you will be able to accomplish this if you were able to get a 360 running through it. Just ignore the Blu-Ray player's test connection tool and try to connect to Netflix. Just play it safe and buy it through a retailer like Amazon where returns are hassle free. -
Sticky load balancing not working because of Address Translation
This came up before - see below. I don't understand what the
soltion is/was.
WL Server puts it's ip address in the WebLogicSession cookie
which is an internal address 192.168.201.41
WL proxy knows WL Server only by an external address like 139.141.38.21. Since
it does not know of any WLS with an IP
address of 192.168.201.41, it round-robins the request instead
of sending it to the primary WLS.
Any help is much appreciated.
Mike Reiche
Robert Patrick <[email protected]> wrote:
>Hi,
>
>A very typical configuration is to put the web server in the DMZ (i.e.,
>between
>an outer and inner firewall) and proxy the requests from the web server
>to the
>WebLogic server (which sits behind the inner firewall). Since all of
>these
>proxied requests use HTTP and a single port, the only port that needs
>to be
>opened in the inner firewall is an HTTP port (the outer firewall will
>only need
>an HTTP and/or HTTPS port opened).
>
>Hope this helps,
>Robert
>
>Eytan Ben-Meir wrote:
>
>> Thanks Patrick,
>>
>> May be you can suggest options for securing a WLS behind a firewall?
>>
>> Thanks again,
>>
>> Eytan
>>
>> Robert Patrick wrote:
>>
>> > Hi,
>> >
>> > The problem is that we encode location information (e.g., IP address(es))
>> > in the session id. If the plugin sees a session id, it decodes the
>> > session id to find out where to route the request (i.e., which server
>in
>> > the cluster contains the HttpSession object for that session). Since
>the
>> > plugin cannot find the machine whose IP address is encoded in the
>session
>> > id (because of the network address translation), this will not work.
> In
>> > general, distributed application software needs to be modified to
>be
>> > capable of handling network address translation -- to my knowledge,
>> > WebLogic Server has not been modified to support this feature (though
>the
>> > Enterprise version of the product has had this support for years).
>> >
>> > Hope this helps,
>> > Robert
>> >
>> > Eytan Ben-Meir wrote:
>> >
>> > > Hi,
>> > >
>> > > Configuration:
>> > > WLS 4.5.1 on Solaris 2.7 inside a firewall.
>> > > SonicWall firewall with NAT (Network Address Translation).
>> > > Netscape Enterprise Server 4.0 outside the firewall with Weblogic
>> > > NSAPI-BRIDGE (sp 5)
>> > >
>> > > The problem:
>> > > When a browser request is sent to the NE web-erver (directed to
>the
>> > > firewall who then redirects to a Weblogic servlet).
>> > > IF The servlet creates a httpsession (with or without cookies)
>the
>> > > request fails (the firewall blocks a request directed directly
>at the
>> > > non-routable ip address of the Weblogic machine inside the firewall.
>> > > IF on the other hand the servlet does not create a http session,
>all
>> > > works fine.??????????
>> > > Does any body know something about this????
>> > >
>> > > Thanks,
>> > >
>> > > Eytan
>
This isn't my problem.
"Mike Reiche" <[email protected]> wrote:
>
>This came up before - see below. I don't understand what the
>soltion is/was.
>
>WL Server puts it's ip address in the WebLogicSession cookie
> which is an internal address 192.168.201.41
>
>WL proxy knows WL Server only by an external address like 139.141.38.21.
> Since
>it does not know of any WLS with an IP
>address of 192.168.201.41, it round-robins the request instead
>of sending it to the primary WLS.
>
>Any help is much appreciated.
>
>Mike Reiche
>
>Robert Patrick <[email protected]> wrote:
>>Hi,
>>
>>A very typical configuration is to put the web server in the DMZ (i.e.,
>>between
>>an outer and inner firewall) and proxy the requests from the web server
>>to the
>>WebLogic server (which sits behind the inner firewall). Since all of
>>these
>>proxied requests use HTTP and a single port, the only port that needs
>>to be
>>opened in the inner firewall is an HTTP port (the outer firewall will
>>only need
>>an HTTP and/or HTTPS port opened).
>>
>>Hope this helps,
>>Robert
>>
>>Eytan Ben-Meir wrote:
>>
>>> Thanks Patrick,
>>>
>>> May be you can suggest options for securing a WLS behind a firewall?
>>>
>>> Thanks again,
>>>
>>> Eytan
>>>
>>> Robert Patrick wrote:
>>>
>>> > Hi,
>>> >
>>> > The problem is that we encode location information (e.g., IP address(es))
>>> > in the session id. If the plugin sees a session id, it decodes
>the
>>> > session id to find out where to route the request (i.e., which server
>>in
>>> > the cluster contains the HttpSession object for that session).
>Since
>>the
>>> > plugin cannot find the machine whose IP address is encoded in the
>>session
>>> > id (because of the network address translation), this will not work.
>> In
>>> > general, distributed application software needs to be modified to
>>be
>>> > capable of handling network address translation -- to my knowledge,
>>> > WebLogic Server has not been modified to support this feature (though
>>the
>>> > Enterprise version of the product has had this support for years).
>>> >
>>> > Hope this helps,
>>> > Robert
>>> >
>>> > Eytan Ben-Meir wrote:
>>> >
>>> > > Hi,
>>> > >
>>> > > Configuration:
>>> > > WLS 4.5.1 on Solaris 2.7 inside a firewall.
>>> > > SonicWall firewall with NAT (Network Address Translation).
>>> > > Netscape Enterprise Server 4.0 outside the firewall with Weblogic
>>> > > NSAPI-BRIDGE (sp 5)
>>> > >
>>> > > The problem:
>>> > > When a browser request is sent to the NE web-erver (directed to
>>the
>>> > > firewall who then redirects to a Weblogic servlet).
>>> > > IF The servlet creates a httpsession (with or without cookies)
>>the
>>> > > request fails (the firewall blocks a request directed directly
>>at the
>>> > > non-routable ip address of the Weblogic machine inside the firewall.
>>> > > IF on the other hand the servlet does not create a http session,
>>all
>>> > > works fine.??????????
>>> > > Does any body know something about this????
>>> > >
>>> > > Thanks,
>>> > >
>>> > > Eytan
>>
>
-
PL/SQL Network Address Type Functions
Hi,
I'm wondering if anyone knows of a PL/SQL package(s) that provides similar capabilities as the following postgreSQL network address type functions:
http://www.sql.org/sql-database/postgresql/manual/functions-net.html
I don't see anything in the standard Oracle 10g packages, so I'm wondering if anyone else has dealt with this problem and posted the package.
Thanks,
- Greg.I think the easiest way of getting some of this functionality would be to write a PL/SQL wrapper to a Java Stored Procedure that implements calls to the Java InetAddress class. It doesn't haven't the full set of operators but I'm not sure what 'less than' actually means in the context of an IP address . If you really need them you could always extend the InetAddress class to implement such tests.
Cheers, APC -
ACS Database Replication over VPN with overlapping Network Addresses
We currently have two co-locations each situated in different provinces. We have two ACS servers which we want to deploy at each co-location. All our network equipments are behind PIX/ASA devices. Getting them to replicate over the VPN should be easy but in our case we have overlapping Network Addresses at both ends of the tunnels.
As per Cisco data does not transit a NAT device when the two Cisco Secure ACS servers communicate and a successful database replication can occur only if the secondary ACS server perceives no change in the IP header or content of the data it receives. So that means we will not be able to Implement NAT to achiever this.
Has any one of you faced this problem of replicating ACS Database over the VPN with overlapping Network Addresses and was anyone able to successfully solve this issue using a work around ?
All provided info and comments are greatly appreciated.I can help with the 3005 setup if you decide to go that route.
You will need to add 2 network list entries under Configuration>Policy Management>Traffic Management>Network Lists.
You will need to configure a local and remote address. The local will be one of the public ip's for the site.(Provided by your ISP)The remote will be the device you are connecting to on the other end.
You will also need to add a Nat Lan to Lan rule under Configuration>Policy Management>Traffic Management>Nat>Lan to Lan.
Use a static Nat type. The rest will look similar to my example.
Source(Local address)Translated(Public Ip Address used in the network local list)Remote(Ip address of the device on the other end)
Now just create an Ipsec lan to lan tunnel. You will need to agree with the ISP on des type and auth type. Use you local and remote networks you created earlier. -
Static Port Address Translation 8.4
Hello Experts,
Is the static Port Address Translation is bidirectional in 8.4 ???
I have configured static port address translation for the 2 server with same Public IP for the port 80 and 23. The strange thing is when they initiate a connection to the outside world they are allowed access to the internet as they are not included in the Dynamic Port address translation pool.
object network inside network.
subnet 192.168.10.0 255.255.255.0
Can anybody help me.
ThanksHello Dears
Packet tracer for the Static port redirection server IP's.
ciscoasa(config)# sh conn
1 in use, 1 most used
TCP outside 1.1.1.1:23 inside 2.2.2.2:28826, idle 0:00:09, bytes 149, flags UIO
ciscoasa(config)# sh xlate
2 in use, 3 most used
Flags: D - DNS, i - dynamic, r - portmap, s - static, I - identity, T - twice
TCP PAT from inside:2.2.2.2 23-23 to outside:3.3.3.3 23-23
flags sr idle 2:11:34 timeout 0:00:00
TCP PAT from inside:10.10.10.1 8080-8080 to outside:3.3.3.3 80-80
flags sr idle 2:11:34 timeout 0:00:00
ciscoasa(config)# sh local-host
Interface management: 0 active, 0 maximum active, 0 denied
Interface inside: 1 active, 2 maximum active, 0 denied
local host: <2.2.2.2>,
TCP flow count/limit = 1/unlimited
TCP embryonic count to host = 0
TCP intercept watermark = unlimited
UDP flow count/limit = 0/unlimited
Conn:
TCP outside 1.1.1.1:23 inside 2.2.2.2:28826, idle 0:00:21, bytes 149, flags UIO
Interface outside: 1 active, 1 maximum active, 0 denied
local host: <1.1.1.1>,
TCP flow count/limit = 1/unlimited
TCP embryonic count to host = 0
TCP intercept watermark = unlimited
UDP flow count/limit = 0/unlimited
Conn:
TCP outside 1.1.1.1:23 inside 2.2.2.2:28826, idle 0:00:21, bytes 149, flags UIO
ciscoasa(config)# packet-tracer input inside tcp 2.2.2.2 28826 1.1.1.1 23
Phase: 1
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found flow with id 15, using existing flow
Result:
input-interface: inside
input-status: up
input-line-status: up
Action: allow
ciscoasa(config)# sh conn
1 in use, 1 most used
TCP outside 1.1.1.1:23 inside 10.10.10.1:31862, idle 0:00:18, bytes 149, flags UIO
ciscoasa(config)# sh xlate
2 in use, 3 most used
Flags: D - DNS, i - dynamic, r - portmap, s - static, I - identity, T - twice
TCP PAT from inside:2.2.2.2 23-23 to outside:3.3.3.3 23-23
flags sr idle 2:15:10 timeout 0:00:00
TCP PAT from inside:10.10.10.1 8080-8080 to outside:3.3.3.3 80-80
flags sr idle 2:15:10 timeout 0:00:00
ciscoasa(config)# sh local-host
Interface management: 0 active, 0 maximum active, 0 denied
Interface inside: 1 active, 2 maximum active, 0 denied
local host: <10.10.10.1>,
TCP flow count/limit = 1/unlimited
TCP embryonic count to host = 0
TCP intercept watermark = unlimited
UDP flow count/limit = 0/unlimited
Conn:
TCP outside 1.1.1.1:23 inside 10.10.10.1:31862, idle 0:00:36, bytes 149, flags UIO
Interface outside: 1 active, 1 maximum active, 0 denied
local host: <1.1.1.1>,
TCP flow count/limit = 1/unlimited
TCP embryonic count to host = 0
TCP intercept watermark = unlimited
UDP flow count/limit = 0/unlimited
Conn:
TCP outside 1.1.1.1:23 inside 10.10.10.1:31862, idle 0:00:36, bytes 149, flags UIO
ciscoasa(config)# packet-tracer input inside tcp 10.10.10.1 31862 1.1.1.1 23
Phase: 1
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found flow with id 17, using existing flow
Result:
input-interface: inside
input-status: up
input-line-status: up
Action: allow
Thanks -
Windows XP failing to acquire network address whether wired or wireless
Hi guys,
I initially asked this question elsewhere because it was happening in OSX as well, though now that the OSX side of things has been fixed it is purely a Windows XP problem, and is a different problem to the one in Mac OSX.
The problem seems simple enough, in that Windows XP just refuses to acquire a network address when connecting to the internet whether wired or wirelessly. I spent the best part of 7 hours on this on Monday, and after trawling through countless web pages I seemed to establish that there was an error with the AFD Driver (which, as I understand, is one of three required for the DHCP Client service to run). I was on the verge of probably doing something monumentally stupid and trying to repair/replace that driver when in a moment of genius (which should have arrived significantly sooner in the day) I asked my fiancee when the last time was that she could remember the internet working properly. She said it was the day before just after she agreed to install SP3, but the installation failed. So I used System Restore and rolled the system back to before that point, et voila. Everything was fine.
Not appreciating the path taken to fix her iMac, my fiancee then tried to install SP3 again and the same problem reoccurred. Another System Restore fixed it. The problem now is that on startup Windows XP seems to revert back to the same state, and will refuse to acquire an IP address. A System Restore back to the same time will fix it. However, whilst this takes little longer than an actual startup, I was wondering whether or not anybody had any bright ideas for a permanent fix to this problem.
All ideas, solutions and pearls of wisdom welcomes with open arms.Crazy Jamie wrote:
Hi guys,
I initially asked this question elsewhere because it was happening in OSX as well, though now that the OSX side of things has been fixed it is purely a Windows XP problem, and is a different problem to the one in Mac OSX.
The problem seems simple enough, in that Windows XP just refuses to acquire a network address when connecting to the internet whether wired or wirelessly. I spent the best part of 7 hours on this on Monday, and after trawling through countless web pages I seemed to establish that there was an error with the AFD Driver (which, as I understand, is one of three required for the DHCP Client service to run). I was on the verge of probably doing something monumentally stupid and trying to repair/replace that driver when in a moment of genius (which should have arrived significantly sooner in the day) I asked my fiancee when the last time was that she could remember the internet working properly. She said it was the day before just after she agreed to install SP3, but the installation failed. So I used System Restore and rolled the system back to before that point, et voila. Everything was fine.
Not appreciating the path taken to fix her iMac, my fiancee then tried to install SP3 again and the same problem reoccurred. Another System Restore fixed it. The problem now is that on startup Windows XP seems to revert back to the same state, and will refuse to acquire an IP address. A System Restore back to the same time will fix it. However, whilst this takes little longer than an actual startup, I was wondering whether or not anybody had any bright ideas for a permanent fix to this problem.
All ideas, solutions and pearls of wisdom welcomes with open arms.
Try using a system that is able to connect to the internet in Windows. Then go to http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2FCDE6CE-B5FB-4488-8 C50-FE22559D164E and then download SP3 to the hard drive of that system. Then using the CD/DVD burning of your choice that you have for Windows burn the disc image file to CD/DVD and then insert it to the system that has the issue and upgrade it to SP3 that way.
I used to use Windows update to get service pack, but one time it did not download and install correctly on an HP system. Since then I have went to Microsoft and downloaded the Service Pack and when it said that it installed successfully I deleted the file I downloaded. I never had issues when I get them and install them that way. The only Service Pack I had issues with was Service Pack 1 for Windows 7. I downloaded it from Microsoft to the hard drive and after it said it was installed successfully I deleted the file. I used it for a while then I shut the system completely down. Then when I booted into Windows I went to put in my password and nothing happened. I tried moving the mouse nothing happened. Then I did a hard reset, booted into Mac OS X, used Boot Cap Assistant, removed the partition, downgraded to Windows XP 32-bit and now miss all the features that come with 64-bit Operating Systems. I am now able to use 2.5GB of RAM out of the 8GB that is in my system. I thought with Windows 32-bit that 4GB what the most that could be used.
Maybe you are looking for
-
Installation failed installation completed through some components failed to instal correctly
Hello i've been really exited to donload photoshop and so i decided to try the free version i downloaded creative cloud and went into th eapps and click on photoshop try it free i waited a few 30 mins and it stopped and told me this installation fail
-
Dear all, I am using oracle application server 10.1.2.0.2 and database 9.2.0.7.0 An ora-92101 error appeared when I tried to add a new form to the existing application with buttons that generate reports would you help me please to solve this problem
-
TS1368 can't connect to itunes due to password error on aol
Has anyone had problems after updating your phone then not being able to access ITunes? This has happened to me and the Apple support can not fix it. We tried changing my password but it still isn't working. Aol is suppose to be trying to resolve
-
OBIEE: Cannot Do Subtraction between Two Columns
I would like to see the difference of a customer's spending in the current Vs. previous period. So each row contains the data of one customer. And my first field (column A) lists out the customer's spending in the current period and second field (col
-
Changing values in custom item renderer
I have an xml feed that I am using to populate a List control. The list control has it's itemRenderer property set to CustomListItem which a custom component built by me to display various pieces of data from the xml along with an icon. At certain po