No service. Cannot connect to local networks abroad
iPhone 6 I've used abroad before ok. Connected to a local network when I got off plane and received ee text about local usage and data packages. Bought a data package then just seeing 'no service' message. Checked roaming and EU settings and all fine. When I put carrier setting off automatic u can see local networks, connect to them but get no service displayed. Plenty of signal and business account which has worked fine before. Rebooted plenty of times. Can anyone help? Thanks
Hi .
Thanks for joining the community.
I have had this before myself and found turning the 4G off got me service.
Can you try this?
Also what country are you in?
Thanks.
Similar Messages
-
Never used airport and cannot connect to local network
hi,
i have an imac G5 and I have neverused the airport feature and am now at a location which has one and I can grab the local network name from the pulldown menu, and it asks for the WEP password, and I give it, and then I get a message that says "error connecting to network" or something like that. I tried moving the aiport to the top of the list and unchecking the other options but still to no avail.
help??The basic problem with WEP, other than it's no longer considered secure, is that it comes in a variety of "flavors" when it comes to accessing it with a password: password/passphrase, 40/128-ASCII key, or 40/128-bit hex key. In a mixed environment, it's best to use 128-bit hex, which would be a 26 hex character key. The WiFi you're trying to connect to may not be set up this way. What did the host for this WiFi tell you the WEP type is?
-
Cannot connect to local network while connected with EasyVPN
Hi All,
I'm looking on many forums for an answer, but I cannot get it working.
I have configured EasyVPN with CCP and also with CLI. I had it both working perfect, except the most important thing.
I can connect with the Cisco VPN client to the router, but i'm not able to connect or even ping a system inside the remote network. My laptop gets an IP address from the address pool of the router.
I really hope someone can help me before my manager is losing his patience :-)
Here is my config. (before someone is mentioning it, i have to clean up my config a bit...I mean, look at the acl's )
Current configuration : 13939 bytes
! Last configuration change at 12:26:53 UTC Thu Jan 9 2014 by admin
version 15.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Router
boot-start-marker
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 10240
logging console critical
enable secret 4 ********
aaa new-model
aaa authentication login local_authen local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec local_author local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa session-id common
no process cpu extended history
crypto pki trustpoint TP-self-signed-********
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-********
revocation-check none
rsakeypair TP-self-signed-********
crypto pki certificate chain TP-self-signed-********
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303239 34303934 3438301E 170D3133 30343032 30353436
31345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30323934
30393434 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B9C3 F8E6BD43 3351D861 68398114 D31AACC1 CE16CDDA 7F0876BC 6E55EA3C
5F258D90 20FC882D 42C90257 92DB9113 B461DD81 4080153F 6AE041AD E5BDDF7E
7C21BD1B 35F05CCB F6D34A4D 6B04C309 F39D8426 865E2BFE 9E8051F2 6F411A49
D71FBF0C 1AC85BEE 355563FB 2353D0C7 28D49071 840AF99B AF59D768 FCDCDF03
94FF0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 145ACD47 89D51095 70BE5400 595E826A 6A9E5E95 71301D06
03551D0E 04160414 5ACD4789 D5109570 BE540059 5E826A6A 9E5E9571 300D0609
2A864886 F70D0101 05050003 8181003B 1988FFCD 93112A99 707B7AD8 B56A08C0
C274B974 B076AA19 BAFCC868 F118AE7D 4D8A55E2 42D8F9A9 9D617093 7EF6D459
6BC0A990 BF5AF3E8 8E7F2787 41F4BFE2 65A1A3B0 D726033A 47A24D29 159ABF92
16DBCF5C EC6602C2 E6137C0B C1FC7125 37E9CE49 82B45E18 FAB31A36 990BB3BC
30D9EE8E 8B0A9F7C DC0B6C2B FA2740
quit
no ip source-route
ip cef
no ip bootp server
ip name-server ********
ip name-server ********
no ipv6 cef
parameter-map type protocol-info yahoo-servers
server name scs.msg.yahoo.com
server name scsa.msg.yahoo.com
server name scsb.msg.yahoo.com
server name scsc.msg.yahoo.com
server name scsd.msg.yahoo.com
server name cs16.msg.dcn.yahoo.com
server name cs19.msg.dcn.yahoo.com
server name cs42.msg.dcn.yahoo.com
server name cs53.msg.dcn.yahoo.com
server name cs54.msg.dcn.yahoo.com
server name ads1.vip.scd.yahoo.com
server name radio1.launch.vip.dal.yahoo.com
server name in1.msg.vip.re2.yahoo.com
server name data1.my.vip.sc5.yahoo.com
server name address1.pim.vip.mud.yahoo.com
server name edit.messenger.yahoo.com
server name messenger.yahoo.com
server name http.pager.yahoo.com
server name privacy.yahoo.com
server name csa.yahoo.com
server name csb.yahoo.com
server name csc.yahoo.com
parameter-map type protocol-info msn-servers
server name messenger.hotmail.com
server name gateway.messenger.hotmail.com
server name webmessenger.msn.com
parameter-map type protocol-info aol-servers
server name login.oscar.aol.com
server name toc.oscar.aol.com
server name oam-d09a.blue.aol.com
multilink bundle-name authenticated
license udi pid C3900-SPE100/K9 sn ********
username admin privilege 15 secret 4 ********
username guido privilege 15 secret 4 ********
redundancy
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect imap match-any ccp-app-imap
match invalid-command
class-map type inspect match-any ccp-cls-protocol-p2p
match protocol edonkey signature
match protocol gnutella signature
match protocol kazaa2 signature
match protocol fasttrack signature
match protocol bittorrent signature
class-map type inspect match-all sdm-nat-http-1
match access-group 101
match protocol http
class-map type inspect match-all sdm-nat-user-protocol--1-2
match access-group 102
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
class-map type inspect smtp match-any ccp-app-smtp
match data-length gt 5000000
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-cls-protocol-im
match protocol ymsgr yahoo-servers
match protocol msnmsgr msn-servers
match protocol aol aol-servers
class-map type inspect match-all ccp-protocol-pop3
match protocol pop3
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-cls-insp-traffic
match protocol pptp
match protocol dns
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol tcp
match protocol udp
class-map type inspect pop3 match-any ccp-app-pop3
match invalid-command
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-imap
match protocol imap
class-map type inspect match-all sdm-nat-https-1
match access-group 101
match protocol https
class-map type inspect match-all ccp-protocol-smtp
match protocol smtp
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect match-any CCP_PPTP
match class-map SDM_GRE
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all ccp-protocol-p2p
match class-map ccp-cls-protocol-p2p
class-map type inspect match-all ccp-protocol-im
match class-map ccp-cls-protocol-im
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
policy-map type inspect pop3 ccp-action-pop3
class type inspect pop3 ccp-app-pop3
log
reset
policy-map type inspect smtp ccp-action-smtp
class type inspect smtp ccp-app-smtp
reset
policy-map type inspect ccp-pol-outToIn
class type inspect ccp-protocol-http
inspect
class type inspect CCP_PPTP
pass
class type inspect sdm-nat-http-1
inspect
class type inspect sdm-nat-https-1
inspect
class type inspect sdm-nat-user-protocol--1-1
inspect
class type inspect sdm-nat-user-protocol--1-2
inspect
class class-default
drop log
policy-map type inspect imap ccp-action-imap
class type inspect imap ccp-app-imap
log
reset
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-protocol-smtp
inspect
service-policy smtp ccp-action-smtp
class type inspect ccp-protocol-imap
inspect
service-policy imap ccp-action-imap
class type inspect ccp-protocol-pop3
inspect
service-policy pop3 ccp-action-pop3
class type inspect ccp-protocol-p2p
drop log
class type inspect ccp-protocol-im
drop log
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect ccp-permit
class class-default
pass
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security ccp-zp-out-zone-To-in-zone source out-zone destination in-zone
service-policy type inspect ccp-pol-outToIn
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration group jmgvpn
key ****
pool SDM_POOL_1
include-local-lan
max-users 10
netmask 255.255.255.0
crypto isakmp profile ciscocp-ike-profile-1
match identity group jmgvpn
client authentication list ciscocp_vpn_xauth_ml_1
isakmp authorization list ciscocp_vpn_group_ml_1
client configuration address respond
virtual-template 1
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
mode tunnel
crypto ipsec profile CiscoCP_Profile1
set transform-set ESP-3DES-SHA
set isakmp-profile ciscocp-ike-profile-1
interface Null0
no ip unreachables
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
interface GigabitEthernet0/0
description JMG$FW_INSIDE$
ip address 10.0.14.*** 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
glbp 10 ip 10.0.14.***
glbp 10 authentication text JMG
glbp 10 forwarder preempt delay minimum 100
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1
description Cloud$ETH-LAN$$FW_INSIDE$
ip address 10.3.15.*** 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
zone-member security in-zone
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/2
description Internet (Only in use on R01)$FW_OUTSIDE$$ETH-WAN$
ip address 46.144.***.*** 255.255.255.240
no ip redirects
no ip proxy-arp
ip verify unicast reverse-path
ip flow ingress
ip flow egress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
duplex auto
speed auto
media-type rj45
no mop enabled
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
ip local pool SDM_POOL_1 192.168.1.1 192.168.1.10
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 10 interface GigabitEthernet0/2 overload
ip nat inside source list 11 interface GigabitEthernet0/2 overload
ip nat inside source static tcp 10.0.14.*** 443 interface GigabitEthernet0/2 443
ip nat inside source static tcp 10.0.14.*** 80 interface GigabitEthernet0/2 80
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/2 permanent
ip route 10.0.0.0 255.0.0.0 GigabitEthernet0/1 permanent
ip route 10.1.14.*** 255.255.255.0 10.0.14.*** permanent
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
logging trap debugging
access-list 1 remark HTTP Access-class list
access-list 1 remark CCP_ACL Category=1
access-list 1 permit 10.3.15.24 0.0.0.3
access-list 1 permit 10.0.14.0 0.0.0.255
access-list 1 deny any
access-list 3 remark CCP_ACL Category=2
access-list 3 permit 10.5.14.0 0.0.0.255
access-list 3 permit 10.0.14.0 0.0.0.255
access-list 5 remark CCP_ACL Category=2
access-list 5 permit 10.0.14.0 0.0.0.255
access-list 6 remark CCP_ACL Category=2
access-list 6 permit 10.0.14.0 0.0.0.255
access-list 7 remark CCP_ACL Category=2
access-list 7 permit 10.0.14.0 0.0.0.255
access-list 8 remark CCP_ACL Category=2
access-list 8 permit 10.0.14.0 0.0.0.255
access-list 9 remark CCP_ACL Category=2
access-list 9 permit 10.0.14.0 0.0.0.255
access-list 10 remark CCP_ACL Category=2
access-list 10 permit 10.0.14.0 0.0.0.255
access-list 11 remark CCP_ACL Category=2
access-list 11 permit 10.0.14.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 192.168.253.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 10.0.14.153
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 10.0.14.173
no cdp run
control-plane
banner login ^CCCPlease login. Or leave if you have no right to be here.^C
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
access-class 23 in
authorization exec local_author
login authentication local_authen
transport input telnet ssh
scheduler allocate 20000 1000
scheduler interval 500
endRemove the ip nat outside command for a moment during a permitted downtime.
I have a feeling you should do some NAT excemption for the VPN traffic (deny vpn traffic for nat policies). -
Cannot connect to local network: accidental setup
I just setup a home network, and I went in to give access to my tivo because I thought I needed to add it to the access control list of IP's. However, I never added my own local IP so now I cannot log into my own network because I'm not on the list. I have no idea how to reset my networking preferences back to default and set everything up from the beginning. Yes, I'm a douche. Any ideas?
Dual g5 1.8 Mac OS X (10.4.6)Couple of ideas -
Reset to Factory default and set up from the beginning,
or, if I understand correctly that you have a fixed IP address, you could change to Configure using DHCP, set the reservation, then go back to configure manually. -
from the xserv where i am setting up a website i cannot access local host which is preventing me from setting up phpmyadmin config file. I open safari and type in http://localhost/ and i get the error message cannot connect to local host. I can access the server using the ip (no domain setup yet). I am a novice at setting up web serves in the mac/apache environment so i may have missed a simple step somewhere. Any help would be appreciated.
Hi, and a warm welcome to the forums!
No expert here, but have you tried http://127.0.0.1 ?
Might get better help in the xserve, or Server forums here. -
Iphone 3GS "cannot connect to data network"
Ever since I updated to the new operating system, my phone (3GS) hasn't worked properly. Sometimes with 3 or even 4 bars of 3G I cannot make phone calls or send text messages or use the browser. I feel like I've tried everything; I have: restored it, restarted it, reset network settings. I receive the "cannot connect to data network" very often, extremely frustrating. If anyone has any fixing advice, it would be greatly appreciated. Thanks
If no change after restoring your iPhone with iTunes as a new iPhone or not from your iPhone's backup, there may be a problem with the SIM card. Contact your carrier which should be Rogers with a 3GS, and request a new SIM card.
-
I did everything recommended on apple store support site and still cannot connect to the network with my new iphone 5 but my co-workers and students (I work for the university) can keep connectivity all the time. I am very unhappy with my new phone
Be patient, Apple is coming out with a update soon, its been reported that they have sent the update to the carriers to test, which means it will be soon. And is suppose to address this issue.
-
Data service cannot connect to mover
Hello,
I have an installation of OSB that worked ok until last week.
From last week, the following message started appear, and I need your help to understand if this is a physical error or it is a OSB problem:
Error: data service cannot connect to mover - error connecting to another NDMP server (NDMP client)
Below a full example (it is a piece of osb job log):
2011/03/31.10:32:59 ______________________________________________________________________
2011/03/31.10:32:59
2011/03/31.10:32:59 Transcript for job oracle/3732.1 running on srvcmdstbyb
2011/03/31.10:32:59
Volume label:
Volume UUID: 869b6426-3de2-102e-969c-00137252621c
Volume ID: OSB-CATALOG-MF-009352
Volume sequence: 1
Volume set owner: root
Volume set created: Thu Mar 31 10:33:18 2011
Volume set closes: Thu Apr 07 10:33:18 2011 (no writes after this time)
Volume set expires: Thu Apr 21 10:33:18 2011
Media family: OSB-CATALOG-MF
Original UUID: 869b6426-3de2-102e-969c-00137252621c
Archive label:
File number: 1
File section: 1
Owner: root
Client host: srvcmd
Backup level: 0
S/w compression: no
Archive created: Thu Mar 31 10:33:18 2011
Backup piece name: arch_HCB1_3799_1_30_03_2011_747153724
Backup db name: hcb1
Backup db id: 660880637
Backup copy number: not applicable
Backup content: archivelog
Error: data service cannot connect to mover - error connecting to another NDMP server (NDMP client)
Backup statistics:
status 21
devices VS80
devices 1
volumes OSB-CATALOG-MF-009352
voltags (null)
file 1
host srvcmd
encryption off
start_time Thu Mar 31 2011 at 10:33:18 (1301578398)
end_time Thu Mar 31 2011 at 10:33:29 (1301578409)
backup_time Thu Mar 31 2011 at 10:33:18 (1301578398)
dev_kbytes 6
dev_iosecs 11
dev_iorate 605.1 B/S
wrt_iosecs 4
wrt_iorate 1.7 KB/S
physical_blks_written 0
write_errors 0
physical_blks_read 0
read_errors 0
error_rate 0%
2011/03/31.10:33:30 ______________________________________________________________________
Thank you in advance.
Best regards.
Ricardo Brambila.Can you include an "obtool lsh -l" please? You may also want to check that you can do an "obtool pingh" to the client and media servers that are being used. Maybe a service isn't accessible.
Please confirm you are using OSB 10.3.0.3.0 from "obtar -V"
You should also not really be writing your RMAN jobs to the OSB Catalog Media Family. You should instead use its own or the RMAN-DEFAULT one.
Thanks
Rich -
I have done the step 1 to 3,but still cannot connect the wireless network?
i have done the step 1 to 3,but still cannot connect the wireless network?
Step 1 to 3 of what? Can you elaborate on the issue?
-
ITunes 8 - Cannot connect to iStore - "network connection time out"
I've been running V7 with no problems. Updated to 8 (due wanting to use ipod Touch). Cannot connect to the iStore (everything else works fine). Receive the following message "iTunes could not connect to the iTunes Store. The network connection timed out."
I've read other posts and tried the various suggestions i.e. switching off Norton, flushing the DNS etc. but still have the problem. Just de-installed iTunes and re-installed but still the same problem.
Does anyone have any idea what may be wrong ?
Any help much appreciated.
Regards, ocy.
P.S. My internet connection is working fine.Hi,
I've run through the suggestions. The internet setting were ok, deleted itunes.exe in the Norton Internet Security firewall settings and attempted to add it back BUT it will not for whatever reason. Below is the diagnostics as requested.
I don't understand why v7 worked from day 1 and I had no problems, installed v8 and all these problems arise, there is someting wrong somewhere.
Microsoft Windows XP Professional Service Pack 2 (Build 2600)
IBM 2373KG9
iTunes 8.1.0.52
QuickTime 7.6
FairPlay 1.2.12
iPod Updater Library 8.1d19
CD Driver 2.1.0.0
CD Driver DLL 2.1.1.1
Apple Mobile Device 2.4.0.27
Apple Mobile Device Driver 1.29.0.0
Bonjour 1.0.6.2 (118.5)
iTunes Serial Number E14CF09951C61804
Current user is an administrator.
The current local date and time is 2009-03-28 04:15:06.
iTunes is not running in safe mode.
Video Display Information
ATI MOBILITY RADEON 7500
** External Plug-ins Information **
No external plug-ins installed.
** Network Connectivity Tests **
Network Adapter Information
Adapter Name: {84A845BD-1CFC-445B-97DE-B0D3A62FB177}
Description: Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport
IP Address: 0.0.0.0
Subnet Mask: 0.0.0.0
Default Gateway:
DHCP Enabled: No
DHCP Server: 192.168.1.1
Lease Obtained: Wed Dec 31 16:00:00 1969
Lease Expires: Wed Dec 31 16:00:00 1969
DNS Servers:
Adapter Name: {79474B55-BDC9-4C80-BF88-551B230CF120}
Description: 11a/b/g Wireless LAN Mini PCI Adapter - Packet Scheduler Miniport
IP Address: 192.168.1.121
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
DHCP Enabled: Yes
DHCP Server: 192.168.1.1
Lease Obtained: Sat Mar 28 03:43:04 2009
Lease Expires: Tue Mar 31 03:43:04 2009
DNS Servers: 212.23.3.100
212.23.3.100
212.23.6.100
Active Connection: LAN Connection
Connected: Yes
Online: Yes
Using Modem: No
Using LAN: Yes
Using Proxy: No
SSL 3.0 Support: Enabled
TLS 1.0 Support: Enabled
Firewall Information
Windows Firewall is off.
Connection attempt to Apple web site was unsuccessful.
The network connection timed out.
Connection attempt to iTunes Store was unsuccessful.
The network connection timed out.
Secure connection attempt to iTunes Store was unsuccessful.
The network connection timed out.
Secure connection attempt to iPhone activation server unsuccessful.
The network connection timed out.
Last successful store access was 2009-03-26 11:27:28.
Thanks for the help, hopefully we can find a solution.
Regards, ocy. -
Cisco ASA 5505 IPsec client VPN - Cannot connect to local hosts
I have created a Cisco IPsec vpn on my ASA using the VPN creation wizard. I am able to successfully connect to the vpn and seemingly join the network, but after I connect I am unable to connect to or ping any of the hosts on the network.
Checking the ASA I can see that a VPN session is open and my client reports that it is connected. If I attempt to ping the client from the ASA all packets are dropped.
I suspect it may be an issue with my firewall, but I am not really sure where to begin.
Here is a copy of my config, any pointers or tips are aprpeciated:
hostname mcfw
enable password Pt8fQ27yMZplioYq encrypted
passwd 2qaO2Gd6IBRkrRFm encrypted
names
interface Ethernet0/0
switchport access vlan 400
interface Ethernet0/1
switchport access vlan 400
interface Ethernet0/2
switchport access vlan 420
interface Ethernet0/3
switchport access vlan 420
interface Ethernet0/4
switchport access vlan 450
interface Ethernet0/5
switchport access vlan 450
interface Ethernet0/6
switchport access vlan 500
interface Ethernet0/7
switchport access vlan 500
interface Vlan400
nameif outside
security-level 0
ip address 58.13.254.10 255.255.255.248
interface Vlan420
nameif public
security-level 20
ip address 192.168.20.1 255.255.255.0
interface Vlan450
nameif dmz
security-level 50
ip address 192.168.10.1 255.255.255.0
interface Vlan500
nameif inside
security-level 100
ip address 192.168.0.1 255.255.255.0
ftp mode passive
clock timezone JST 9
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network DM_INLINE_NETWORK_1
network-object host 58.13.254.11
network-object host 58.13.254.13
object-group service ssh_2220 tcp
port-object eq 2220
object-group service ssh_2251 tcp
port-object eq 2251
object-group service ssh_2229 tcp
port-object eq 2229
object-group service ssh_2210 tcp
port-object eq 2210
object-group service DM_INLINE_TCP_1 tcp
group-object ssh_2210
group-object ssh_2220
object-group service zabbix tcp
port-object range 10050 10051
object-group service DM_INLINE_TCP_2 tcp
port-object eq www
group-object zabbix
port-object eq 9000
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service http_8029 tcp
port-object eq 8029
object-group network DM_INLINE_NETWORK_2
network-object host 192.168.20.10
network-object host 192.168.20.30
network-object host 192.168.20.60
object-group service imaps_993 tcp
description Secure IMAP
port-object eq 993
object-group service public_wifi_group
description Service allowed on the Public Wifi Group. Allows Web and Email.
service-object tcp-udp eq domain
service-object tcp-udp eq www
service-object tcp eq https
service-object tcp-udp eq 993
service-object tcp eq imap4
service-object tcp eq 587
service-object tcp eq pop3
service-object tcp eq smtp
access-list outside_access_in remark http traffic from outside
access-list outside_access_in extended permit tcp any object-group DM_INLINE_NETWORK_1 eq www
access-list outside_access_in remark ssh from outside to web1
access-list outside_access_in extended permit tcp any host 58.13.254.11 object-group ssh_2251
access-list outside_access_in remark ssh from outside to penguin
access-list outside_access_in extended permit tcp any host 58.13.254.10 object-group ssh_2229
access-list outside_access_in remark http from outside to penguin
access-list outside_access_in extended permit tcp any host 58.13.254.10 object-group http_8029
access-list outside_access_in remark ssh from outside to hub & studio
access-list outside_access_in extended permit tcp any host 58.13.254.13 object-group DM_INLINE_TCP_1
access-list outside_access_in remark dns service to hub
access-list outside_access_in extended permit object-group TCPUDP any host 58.13.254.13 eq domain
access-list dmz_access_in extended permit ip 192.168.10.0 255.255.255.0 any
access-list dmz_access_in extended permit tcp any host 192.168.10.251 object-group DM_INLINE_TCP_2
access-list public_access_in remark Web access to DMZ websites (mediastudio/civicrm)
access-list public_access_in extended permit object-group TCPUDP any object-group DM_INLINE_NETWORK_2 eq www
access-list public_access_in remark General web access. (HTTP, DNS & ICMP and Email)
access-list public_access_in extended permit object-group public_wifi_group any any
access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.255.0 192.168.10.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.255.0 192.168.20.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip any 192.168.0.80 255.255.255.240
access-list inside_nat0_outbound extended permit ip any 192.168.0.64 255.255.255.192
pager lines 24
logging enable
logging timestamp
logging buffered notifications
logging trap notifications
logging asdm debugging
logging from-address [email protected]
logging recipient-address [email protected] level warnings
logging host dmz 192.168.10.90 format emblem
logging permit-hostdown
mtu outside 1500
mtu public 1500
mtu dmz 1500
mtu inside 1500
ip local pool OfficePool 192.168.0.80-192.168.0.90 mask 255.255.255.0
ip local pool VPN_Pool 192.168.0.91-192.168.0.99 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 60
global (outside) 1 interface
global (dmz) 2 interface
nat (public) 1 0.0.0.0 0.0.0.0
nat (dmz) 1 0.0.0.0 0.0.0.0
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface 2229 192.168.0.29 2229 netmask 255.255.255.255
static (inside,outside) tcp interface 8029 192.168.0.29 www netmask 255.255.255.255
static (dmz,outside) 58.13.254.13 192.168.10.10 netmask 255.255.255.255 dns
static (dmz,outside) 58.13.254.11 192.168.10.30 netmask 255.255.255.255 dns
static (inside,dmz) 192.168.10.0 192.168.0.0 netmask 255.255.255.0 dns
static (dmz,inside) 192.168.0.251 192.168.10.251 netmask 255.255.255.255
static (dmz,public) 192.168.20.30 192.168.10.30 netmask 255.255.255.255 dns
static (dmz,public) 192.168.20.10 192.168.10.10 netmask 255.255.255.255 dns
access-group outside_access_in in interface outside
access-group public_access_in in interface public
access-group dmz_access_in in interface dmz
route outside 0.0.0.0 0.0.0.0 58.13.254.9 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.0.0 255.255.255.0 inside
http 59.159.40.188 255.255.255.255 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp dmz
sysopt noproxyarp inside
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto map public_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map public_map interface public
crypto isakmp enable outside
crypto isakmp enable public
crypto isakmp enable inside
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 10
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 59.159.40.188 255.255.255.255 outside
ssh 192.168.0.0 255.255.255.0 inside
ssh timeout 20
console timeout 0
dhcpd dns 61.122.112.97 61.122.112.1
dhcpd auto_config outside
dhcpd address 192.168.20.200-192.168.20.254 public
dhcpd enable public
dhcpd address 192.168.10.190-192.168.10.195 dmz
dhcpd enable dmz
dhcpd address 192.168.0.200-192.168.0.254 inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics host number-of-rate 2
no threat-detection statistics tcp-intercept
ntp server 130.54.208.201 source public
webvpn
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
dns-server value 61.122.112.97 61.122.112.1
vpn-tunnel-protocol l2tp-ipsec
group-policy CiscoASA internal
group-policy CiscoASA attributes
dns-server value 61.122.112.97 61.122.112.1
vpn-tunnel-protocol IPSec
username mcit password 4alT9CZ8ayD8O8Xg encrypted privilege 15
tunnel-group DefaultRAGroup general-attributes
address-pool VPN_Pool
default-group-policy DefaultRAGroup
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *****
tunnel-group ocmc type remote-access
tunnel-group ocmc general-attributes
address-pool OfficePool
tunnel-group ocmc ipsec-attributes
pre-shared-key *****
tunnel-group CiscoASA type remote-access
tunnel-group CiscoASA general-attributes
address-pool VPN_Pool
default-group-policy CiscoASA
tunnel-group CiscoASA ipsec-attributes
pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
smtp-server 192.168.10.10
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:222d6dcb583b5f5abc51a2251026f7f2
: end
asdm location 192.168.10.10 255.255.255.255 inside
asdm location 192.168.0.29 255.255.255.255 inside
asdm location 58.13.254.10 255.255.255.255 inside
no asdm history enableHi Conor,
What is your local net ? I see only one default route for outside network. Dont you need a route inside for your local network.
Regards,
Umair -
Cannot connect to Store - Network connection timed out - Help!!!
Please can someone give me a little help, I've recently updated my Itunes and now cannot connect to the store. I have checked Network connections etc.. and all is fine, my internet works as normal.
I've uninstalled all Anti-virus/spyware software and double checked the Windows Firewall.
When I run a diagnostic from the itunes help menu, I get the following:
Microsoft Windows XP Professional Service Pack 2 (Build 2600)
Sony Corporation VGN-FE21S
iTunes 7.4.1.2
Current user is an administrator.
Network Adapter Information
Adapter Name: {1CB9EE56-7F9B-4B15-ACB3-28BE159EB621}
Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
IP Address: 192.168.1.2
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
DHCP Enabled: Yes
DHCP Server: 192.168.1.1
Lease Obtained: Sat Sep 08 16:02:19 2007
Lease Expires: Sun Sep 09 16:02:19 2007
DNS Servers: 192.168.1.1
Adapter Name: {FD313ACD-BDEE-489A-AB3E-DD931458D876}
Description: Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport
IP Address: 0.0.0.0
Subnet Mask: 0.0.0.0
Default Gateway:
DHCP Enabled: Yes
DHCP Server: 61.8.9.254
Lease Obtained: Sat Jul 22 23:23:22 2006
Lease Expires: Sun Jul 23 02:23:22 2006
DNS Servers:
Adapter Name: {302D7F6B-B995-4E44-99B1-1A5158EF7090}
Description: Bluetooth Personal Area Network from TOSHIBA - Packet Scheduler Miniport
IP Address: 0.0.0.0
Subnet Mask: 0.0.0.0
Default Gateway:
DHCP Enabled: Yes
DHCP Server:
Lease Obtained: Sun Jul 23 02:23:22 2006
Lease Expires: Sun Jul 23 02:23:22 2006
DNS Servers:
Network Connection Information
Active Connection: LAN Connection
Connected: Yes
Online: Yes
Using Modem: No
Using LAN: Yes
Using Proxy: No
SSL 3.0 Support: Enabled
TLS 1.0 Support: Enabled
Firewall Information
Windows Firewall is on.
iTunes is enabled in Windows Firewall.
Connection attempt to Apple web site was unsuccessful.
The network connection timed out.
Connection attempt to iTunes Store was unsuccessful.
The network connection timed out.
Secure connection attempt to iTunes Store was unsuccessful.
The network connection timed out.
Any advice would be very much appreciated.
Thanks very much.I have been experiencing this as well for about a month and just about five minutes ago I resolved it! I have done everything! You need to unistall iTunes and Quicktime. Don't think you will loose your music as it is on you PC. Trust me. _Follow the links_ on unistalling everything, download it again with the following link and all you music automatically uploads again. It was amazing!
How to uninstall QuickTime on a Windows PC
http://www.info.apple.com/kbnum/n60342
Removing iTunes For Windows
http://www.info.apple.com/kbnum/n93698
Note: Titles you purchased from the iTunes Store or imported from CDs are saved in your iTunes folder by default and are not deleted by uninstalling iTunes.
If you have difficulty removing iTunes, you may find this helpful:
Microsoft's Windows Installer CleanUp Utility:
http://support.microsoft.com/default.aspx?kbid=290301
After successfully uninstalling iTunes and QuickTime, install the latest version of iTunes for Windows, which comes with QuickTime:
http://www.apple.com/itunes/download
If you continue to experience difficulty with this issue, you will need to call Apple technical support (there may be a fee associated with the call). To find the appropriate phone number, please visit:
http://www.apple.com/support/contact/phone_contacts.html -
Domain users cannot connect to the network folders when logged in via rds remote apps
Hi,
recently I setup an RDS farm for remote apps on server 2012 r2.
all users can connect to the apps published. no problems there.
but when users connect via rds they cannot connect to the networkfolders and cannot store the resultance of there work (docx and xlsx files)
all users are normally connected to the networkfolders using a small login batch file handing down the unc path needed. when I log in as domain admin, also using a login batch, connections are setup correctly. It seems to me to be an security issue on the
rds session host.
how to alter this?
greetz, Fons
Fons system and network engineer Balie AmsterdamHi,
Thank you for posting in Windows Server Forum.
We use WMI to communicate with the RDSH server. Various issues can cause WMI to deny access or return error codes. Here's a few things you can try:
1. Check if the "TS Web Access Computers" security group on the RDSH server has incorrect permissions in DCOM and/or WMI:
For checking DCOM security settings:
1. Start the Component Services MMC snapin
2. Navigate to Component Services -> Computers -> My Computer
3. Right-click on My Computer and select properties
4. Go to the COM Security tab
5. Under Access Permissions, click the Edit Limits button
6. Ensure that TS Web Access Computers is in the list, with all of the permissions set to “allow”.
7. Under Launch and Activation Permissions, click the Edit Limits button
8. Ensure that TS Web Access Computers is in the list, with all of the permissions set to “allow”.
For checking WMI security settings:
1. Start the WMI Control MMC snapin
2. Right-click the WMI Control node and select properties
3. Go to the Security tab
4. Navigate to Root->CIMV2->TerminalServices
5. With TerminalServices selected, click the Security button
6. Ensure that TS Web Access Computers is in the list with Execute Methods, Enable Account, and Remote Enable set to "allow"
2. Verify the RD Session Host server's firewall allows WMI calls.
3. Verify that the RD Connection Broker hasn't lost its trust relationship with the domain.
4. See if non-RDS related WMI calls can be successfully made to the RDSH server. This can help differentiate between a general WMI issue and an issue calling the RDS WMI provider.
(Quoted from following thread.)
RemoteApp Source not working from RDWeb
http://social.technet.microsoft.com/Forums/windowsserver/en-US/173d4546-e12f-47c1-ac66-8b4f69826892/remoteapp-source-not-working-from-rdweb?forum=winserverTS
Hope it helps!
Thanks.
Dharmesh Solanki -
Web Service - Cannot Deploy on Local OC4J
We get the following error when trying to deploy the following code as a web service to the local OC4J.
The parameter of domDoc of type oracle.xml.parser.v2.XMLDocument cannot be serialized into XML, and no custom serializer has been defined for it.
All we want to do with this service is connect to the database and return the results of the query in XML. We have tried a string, but it returns a string of XML and we need it to return the XML.
The code compiles, runs, and looks as though it is returning what it is suppose to if we write the return out, but the code will not deploy as a web service.
Thanx so much
Pam
This is the code:
package getuserform;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import oracle.xml.parser.v2.XMLDocument;
import oracle.xml.sql.query.OracleXMLQuery;
public class getUserInfo {
public int GetUserInfo(XMLDocument domDoc){
try {
DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
} catch (SQLException e) {
// TODO
return(-1);
String url = "jdbc:oracle:thin:@db:1521:v9it";
Connection myCon;
try {
myCon = DriverManager.getConnection(url,"user","password");
} catch (SQLException e) {
// TODO
return(-1);
OracleXMLQuery qry = new OracleXMLQuery (myCon,
"select upper(t.u_name_frst) || ' ' || upper(t.u_name_last) U_Name," +
" t.user_id, " +
" t.active Active, " +
" to_char(t.termination_dt, 'DD-MON-YYYY') Termination_DT, " +
" '(' || t.area_code || ') ' || t.phone_no Phone, " +
" t.email Email, " +
" t.city City, " +
" (select dpl_desc from schema.dept_pay_locations dpl where dpl.dpl_num = t.pay_location) Pay_Location, " +
" t.LOCATION Location " +
" from schema.users t " +
" where upper(t.user_id) like upper ('u227%')");
// xmlStr = qry.getXMLString(); works.
// return (qry.getXMLString()); works
// !work
domDoc = (XMLDocument)qry.getXMLDOM();
qry.close();
return(0);
}Hi Pam,
It is using Element as the method return that is causing the problem. As you've seen this means that the Data Control has no concrete schema types to associate with the fields so it fails.
I have a couple of possible workarounds.
1. Is it a requirement to write your SQL query in the method? Perhaps they are to be dynamic?
If not, have you considered using the database to do the query and publishing that as the service. This would work around the problem. You can use JDeveloper to do all of this if you 'wrap' the query in a PL/SQL package in the database. Then use the 'Web Service from PL/SQL Package' wizard to generate the web service including wrapper Java classes for the package and DB connection/mgmt classes.
Or you can publish the actual Query as a service - using the command line (unfortunately you can't use JDEV to do this)
2. You mentioned the XSD for the query - if you have that then you can use a custom serializer and map your XSD to the return type of your method - the org.w3c.dom.Element class:
a. if your web service is already generated - open properties (Web Services Editor)
b. go to Custom Mappings page
c. click Add
d. for Java Class type in org.w3c.dom.Element
e. for XML Qualified Name add your XSD
f. add your serializer class - here is one I made earlier!
package project3;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import oracle.webservices.SOAPUtil;
import oracle.webservices.databinding.SOAPElementSerializer;
import org.w3c.dom.Element;
public class DummyElementSerialiser implements SOAPElementSerializer
public void init(Map map)
public SOAPElement serialize(QName qName, Object object)
try
return SOAPUtil.toSOAPElement((Element) object);
catch (SOAPException ex)
return null;
if you're generating the service from scratch this same mapping page comes up as part of the wizard
Now you should be able to create your data control
rgds
Susan -
Topology services cannot connect with multihomed LMS 3.2
Hi,
I'd like to ask for you help. I've installed LMS 3.2 on a server with 2 NICs and we're having a problem executing Topology Service from a remote host.
When I try to launch Topology-Services I get the following error:
Campus Manager Error: "Cannot connect to ANIServer: ANIServer6.0-<hostname>"
Probable cause: "Unknown hostname..."
Recommended Action: "Check wether the ANIServer6.0-<hoostname> process is up and running"
I can see in the java trace that the host communicates correctly with the primary NIC and I don't know for what reason, it uses the second NIC IP of the LMS server when it has to connnect to the OSAGENT service (port 42342 ).
basic: JNLP2ClassLoader.findClass: com.sun.corba.se.impl.presentation.rmi.bcel.StubFactoryFactoryBCELImpl: try again ..
basic: JNLP2ClassLoader.findClass: com.sun.corba.se.impl.presentation.rmi.bcel.StubFactoryFactoryBCELImpl: try again ..
basic: JNLP2ClassLoader.findClass: com.cisco.nm.ani.share.idl.AniClientModule.AniClientHelper: try again ..
basic: JNLP2ClassLoader.findClass: com.cisco.nm.ani.share.idl.AniClientModule.AniClient: try again ..
basic: JNLP2ClassLoader.findClass: com.cisco.nm.ani.share.idl.AniClientModule._AniClientStub: try again ..
network: Cache entry found [url: https://<IP_NIC_primary>:443/CSCOcm/classpath/NS_Ref, version: null] prevalidated=false/0
network: Connecting https://<IP_NIC_primary>:443/CSCOcm/classpath/NS_Ref with proxy=DIRECT
network: ResponseCode for https://<IP_NIC_primary>:443/CSCOcm/classpath/NS_Ref : 304
network: Encoding for https://<IP_NIC_primary>:443/CSCOcm/classpath/NS_Ref : null
network: Disconnect connection to https://<IP_NIC_primary>:443/CSCOcm/classpath/NS_Ref
network: Connecting socket://<IP_NIC_secondary>:42342 with proxy=SOCKS @ <proxy>:8080
For security reasons, the host is strictely not allowed to communicate with the secondary NIC (it is not routable).
- Is it possible to bind all the communications of the "remote client" to the primary NIC IP ?
- How can I force the java client to use the primary NIC when it concerns the OSAGENT service ?
- Is Topology Services supported with multi homed configuration ?
Thanks in advance for your answers.
Regards.Kindly check if the hostname of the server is resolveable properly with the correct IP address on the client machine and port 42342 is not blocked between server and client in any way.
Its must that client must resolve the hostname of the LMS server with the correct IP Address. If DNS is not configured on the client machine, then you need to do manual entry in the host file of the client machine. I hope you are able to launch the topology from the LMS server.
Also check this :-
To run Topology on a multi-homed machine, there are two requirements.
•All IP addresses must be configured in DNS.
•Owing to restrictions with CORBA, only one IP address can be used by the client or browser to access the server. You must select one IP address as the external address, with which the client will login to the CiscoWorks server.
To select an IP address, modify the gatekeeper file located in NMSROOT\lib\vbroker\gatekeeper.cfg
where NMSROOT is the directory (opt/CSCOpx by default) in which CiscoWorks is installed.
Replace every instance of external-IP-address with the external IP address you choose, and remove the "#" character, from the following:
•#vbroker.gatekeeper.backcompat.callback.host=external-IP-address
•#vbroker.se.exterior.host=external-IP-address
•#vbroker.se.iiop_tp.host=external-IP-address
•#vbroker.se.interior.host=external-IP-address
After modifying the gatekeeper file, restart the Daemon Manager. To do this, first stop the Daemon Manager by entering:
net stop crmdmgtd
Now, start the Daemon Manager by entering:
net start crmdmgtd
Hope it helps
Thanks
Gaganjeet
Maybe you are looking for
-
Error while importing to production through CMS Transport Studio
Hi, I am trying to transport my application from development to Production using CMS tracks. All DC's are getting properly consolidated,Assembled and Approved. But while importing into the Production, it is throwing following error : *************ERR
-
A space in xml-document is stored in database as New line feed instead of n
Hello, I have got the following problem: An xml-document is inserted by an xsql servlet into an object view. First this document is translated by an xsl file. Then an instead of trigger inserts the values into the right tables. When a space is presen
-
My Photoshop elements has suddenly appeared in German!
I had to re-download my version of Photoshop Elements 10 from the App Store onto my Mac. It's downloaded in German! How do I change this?
-
Significant performance change in spatial join
Hi, I have 2 spatial tables in Oracle 10g: one (PT_SOURCE) has a point column with over a half million records and another (TRJ_TMP_BUF) has a polygon column with 2 records. 2 spatial R-tree indexes were built on the 2 table respectively. I tried a s
-
MDT Deployment share and SQL Share on different servers
Hello Technet, I would like help to figure out how to deal with my MDT Deployment share being on a different server than my SQL Share. I am trying to use the MDT Database in MDT 2013 and SQL Server Express 2014. My deployment share is located on a Li