Not able HTTP servers outside firewall
Hi
I unable to connect external web server from my java program.
Even I used follwing code to in my java program. I am getting
some problem with encoding the password(base64Encode)
Please anyone can give code to bypass this corporate firewall
from my program(I know the password and user name).
System.getProperties().put( "proxySet", "true" );
System.getProperties().put( "proxyHost", "myProxyMachineName" );
System.getProperties().put( "proxyPort", "85" );
URLConnection connection = url.openConnection();
String password = "username:password";
String encodedPassword = base64Encode( password );
connection.setRequestProperty( "Proxy-Authorization",
encodedPassword );
Avanti
null
Things looks a little weird with the VLAN 2 interface having an IP address. Once you create the BVI interface that is where all of the layer 3 stuff should go.
I would so try adding IP NAT inside to the BVI interface.
Elton
Sent from Cisco Technical Support iPhone App
Similar Messages
-
Not able to connect HTTP web servers outside firewall
Hi
I unable to connect external web server from my java program.
Even I used follwing code to in my java program. I am getting
some problem with encoding the password(base64Encode)
Please anyone can give code to bypass this corporate firewall
from my program(I know the password and user name).
System.getProperties().put( "proxySet", "true" );
System.getProperties().put( "proxyHost", "myProxyMachineName" );
System.getProperties().put( "proxyPort", "85" );
URLConnection connection = url.openConnection();
String password = "username:password";
String encodedPassword = base64Encode( password );
connection.setRequestProperty( "Proxy-Authorization",
encodedPassword );
Avanti
nullCan you post this in the MapViewer forum ?
MapViewer -
Not able to get outside of network on wireless - 1811W Router
I have configured router to issue ip's on two vlan's. Vlan1 works fine, vlan2 is for the wirless issues the correct ip but not will not
let me go the internet.
Any help will be greatly appreciated.
Current configuration : 9574 bytes
! Last configuration change at 17:43:57 PCTime Fri Aug 30 2013
! NVRAM config last updated at 15:36:03 PCTime Fri Aug 30 2013 by patrick
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname St.Patricks
boot-start-marker
boot-end-marker
logging message-counter syslog
no logging buffered
enable secret 5 $1$lvNA$wGnkzv7kjLmif0RNDxf2g0
no aaa new-model
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
crypto pki trustpoint TP-self-signed-3607837666
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3607837666
revocation-check none
rsakeypair TP-self-signed-3607837666
crypto pki certificate chain TP-self-signed-3607837666
certificate self-signed 01
30820243 308201AC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33363037 38333736 3636301E 170D3133 30383239 30363232
34395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36303738
33373636 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E525 0425ECCD 2F904636 B21AF280 AD7993E4 8F79564C 6203B366 E769FAF5
62DACE0A 40CFD386 0F5BD78F FE7C6A7C EACC4A3C 3F84A48C AC7D3280 9FF029BE
D5BA4E83 00F7BD4B 11984721 76F5CCDF D03E6CD7 84195C8F 73D770C8 99734F0D
4F583941 0BE9FD8D 87F3D876 FFDB0588 2BECA057 79DA62D2 AC47D3ED 6AE5C7F4
B3AB0203 010001A3 6B306930 0F060355 1D130101 FF040530 030101FF 30160603
551D1104 0F300D82 0B53742E 50617472 69636B73 301F0603 551D2304 18301680
146385C7 4B02E815 B28909F2 2A604395 37FB3F60 21301D06 03551D0E 04160414
6385C74B 02E815B2 8909F22A 60439537 FB3F6021 300D0609 2A864886 F70D0101
04050003 81810067 7A20CF98 7D7FAC17 A5B73A4A 00BEAE11 3BFFF9BC 1A74E61A
E7DC833C FDBA0BB8 A0F74011 C3B1F3AA 0CF39238 66A9AF5F EB62E3C3 D92A4289
E6000537 D253E03F A1B95F7C A545EC84 14724057 E72DAEE2 568A7B40 174FEB03
1373CFAE 4BEC84B1 794E3E1B D56E2DDC DD2B1162 7B0A782C A4D2391E 83DA63D6
4CD7029D B9F668
quit
dot11 syslog
dot11 vlan-name Wireless_VLAN vlan 2
dot11 ssid St.Patricks_WiFi
vlan 2
authentication open
authentication key-management wpa
guest-mode
mbssid guest-mode
infrastructure-ssid optional
wpa-psk ascii 0 patrick1
ip source-route
ip dhcp excluded-address 10.10.10.1 10.10.10.99
ip dhcp excluded-address 10.10.11.1 10.10.11.99
ip dhcp pool DHCP_POOL
import all
network 10.10.10.0 255.255.255.0
dns-server 208.67.222.123 208.67.220.123
default-router 10.10.10.1
domain-name St.Patricks
ip dhcp pool WireLess_Pool
import all
network 10.10.11.0 255.255.255.0
domain-name St.Patricks_Wireless
dns-server 208.67.222.123 208.67.220.123
default-router 10.10.10.1
ip cef
ip name-server 208.67.222.123
ip name-server 208.67.220.123
no ipv6 cef
multilink bundle-name authenticated
username patrick privilege 15 secret 5 $1$MLJt$jLLnyQkm61ukzlwxHB/7f0
archive
log config
hidekeys
class-map type inspect match-any SDM_BOOTPC
match access-group name SDM_BOOTPC
class-map type inspect match-any SDM_HTTPS
match access-group name SDM_HTTPS
class-map type inspect match-any SDM_SSH
match access-group name SDM_SSH
class-map type inspect match-any SDM_SHELL
match access-group name SDM_SHELL
class-map type inspect match-any sdm-cls-access
match class-map SDM_HTTPS
match class-map SDM_SSH
match class-map SDM_SHELL
class-map type inspect match-any SDM_DHCP_CLIENT_PT
match class-map SDM_BOOTPC
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-any sdm-cls-bootps
match protocol bootps
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp extended
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-all sdm-access
match class-map sdm-cls-access
match access-group 101
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
policy-map type inspect ccp-permit
class class-default
drop
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
bridge irb
interface FastEthernet0
description WAN$FW_OUTSIDE$
ip address dhcp
ip nat outside
ip virtual-reassembly
zone-member security out-zone
duplex auto
speed auto
interface FastEthernet1
no ip address
shutdown
duplex auto
speed auto
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
interface FastEthernet5
interface FastEthernet6
interface FastEthernet7
interface FastEthernet8
interface FastEthernet9
interface Dot11Radio0
no ip address
no dot11 extension aironet
encryption vlan 2 mode ciphers tkip
broadcast-key vlan 2 change 30
ssid St.Patricks_WiFi
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
interface Dot11Radio0.2
encapsulation dot1Q 2 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1
no ip address
no dot11 extension aironet
encryption vlan 2 mode ciphers tkip
broadcast-key vlan 2 change 30
ssid St.Patricks_WiFi
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root
interface Dot11Radio1.2
encapsulation dot1Q 2 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Vlan1
description $FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
zone-member security in-zone
interface Vlan2
ip address 10.10.11.1 255.255.255.0
bridge-group 1
interface Async1
no ip address
encapsulation slip
interface BVI1
ip address 10.10.11.1 255.255.255.0
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet0 overload
ip access-list extended SDM_BOOTPC
remark CCP_ACL Category=0
permit udp any any eq bootpc
ip access-list extended SDM_HTTPS
remark CCP_ACL Category=1
permit tcp any any eq 443
ip access-list extended SDM_SHELL
remark CCP_ACL Category=1
permit tcp any any eq cmd
ip access-list extended SDM_SSH
remark CCP_ACL Category=1
permit tcp any any eq 22
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 1 remark Wireless
access-list 1 permit 10.10.11.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 remark CCP_ACL Category=128
access-list 101 permit ip any any
control-plane
bridge 1 protocol ieee
bridge 1 route ip
banner motd ^C
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
YOU ARE NO AUTHORIZED -------- SEE ADMINISTRATOR
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
^C
alias exec s show ip int br
alias exec sr show run
line con 0
exec-timeout 0 0
logging synchronous
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
login
transport input telnet ssh
endThings looks a little weird with the VLAN 2 interface having an IP address. Once you create the BVI interface that is where all of the layer 3 stuff should go.
I would so try adding IP NAT inside to the BVI interface.
Elton
Sent from Cisco Technical Support iPhone App -
VPN clients not able to ping Remote PCs & Servers : ASA 5520
VPN is connected successfully. But not able to ping any remote ip or fqdn from client pc. But able to ping ASA 5520 firewalls inside interface. Also some clients able to access, some clients not able to access. I new to these firewalls. I tried most of ways from internet, please any one can help asap.
Remote ip section : 192.168.1.0/24
VPN IP Pool : 192.168.5.0/24
Running Config :
ip address 192.168.1.2 255.255.255.0
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
no nameif
no security-level
no ip address
management-only
passwd z40TgSyhcLKQc3n1 encrypted
boot system disk0:/asa722-k8.bin
ftp mode passive
clock timezone GST 4
dns domain-lookup outside
dns domain-lookup inside
dns server-group DefaultDNS
name-server 213.42.20.20
domain-name default.domain.invalid
access-list outtoin extended permit tcp any host 83.111.113.114 eq 3389
access-list outtoin extended permit tcp any host 83.111.113.113 eq https
access-list outtoin extended permit tcp any host 83.111.113.114 eq smtp
access-list outtoin extended permit tcp any host 83.111.113.114 eq https
access-list outtoin extended permit tcp any host 83.111.113.114 eq www
access-list outtoin extended permit tcp any host 83.111.113.115 eq https
access-list outtoin extended permit tcp any host 94.56.148.98 eq 3389
access-list outtoin extended permit tcp any host 83.111.113.117 eq ssh
access-list fualavpn_splitTunnelAcl standard permit 192.168.1.0 255.255.255.0
access-list outside_nat0_outbound extended permit ip 192.168.5.0 255.255.255.0
92.168.1.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 1
2.168.5.0 255.255.255.0
access-list inet_in extended permit icmp any any time-exceeded
access-list inet_in extended permit icmp any any unreachable
access-list inet_in extended permit icmp any any echo-reply
access-list inet_in extended permit icmp any any echo
pager lines 24
logging enable
logging asdm informational
logging from-address [email protected]
logging recipient-address [email protected] level errors
logging recipient-address [email protected] level emergencies
logging recipient-address [email protected] level errors
mtu outside 1500
mtu inside 1500
ip local pool fualapool 192.168.5.10-192.168.5.50 mask 255.255.255.0
ip local pool VPNPool 192.168.5.51-192.168.5.150 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound outside
nat (inside) 1 192.168.1.0 255.255.255.0
static (inside,outside) 94.56.148.98 192.168.1.11 netmask 255.255.255.255
static (inside,outside) 83.111.113.114 192.168.1.111 netmask 255.255.255.255
access-group inet_in in interface outside
route outside 0.0.0.0 0.0.0.0 83.111.113.116 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
group-policy DfltGrpPolicy attributes
banner none
wins-server none
dns-server none
dhcp-network-scope none
vpn-access-hours none
vpn-simultaneous-logins 10
vpn-idle-timeout 30
vpn-session-timeout none
vpn-filter none
vpn-tunnel-protocol IPSec l2tp-ipsec webvpn
password-storage disable
ip-comp disable
re-xauth disable
group-lock none
pfs disable
ipsec-udp disable
ipsec-udp-port 10000
split-tunnel-policy tunnelall
split-tunnel-network-list none
default-domain none
split-dns none
intercept-dhcp 255.255.255.255 disable
secure-unit-authentication disable
user-authentication disable
user-authentication-idle-timeout 30
ip-phone-bypass disable
leap-bypass disable
nem disable
backup-servers keep-client-config
msie-proxy server none
msie-proxy method no-modify
msie-proxy except-list none
msie-proxy local-bypass disable
nac disable
nac-sq-period 300
nac-reval-period 36000
nac-default-acl none
address-pools none
client-firewall none
client-access-rule none
webvpn
functions url-entry
html-content-filter none
homepage none
keep-alive-ignore 4
http-comp gzip
filter none
url-list none
customization value DfltCustomization
port-forward none
port-forward-name value Application Access
sso-server none
deny-message value Login was successful, but because certain criteria have no
been met or due to some specific group policy, you do not have permission to u
e any of the VPN features. Contact your IT administrator for more information
svc none
svc keep-installer installed
svc keepalive none
svc rekey time none
svc rekey method none
svc dpd-interval client none
svc dpd-interval gateway none
svc compression deflate
group-policy fualavpn internal
group-policy fualavpn attributes
dns-server value 192.168.1.111 192.168.1.100
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value fualavpn_splitTunnelAcl
username test password I7ZgrgChfw4FV2AW encrypted privilege 0
username Mohamed password Vqmmt8cR/.Qu7LhU encrypted privilege 0
username Moghazi password GMr7xgdqmGEQ2SVR encrypted privilege 0
username Moghazi attributes
password-storage enable
username fualauaq password E6CgvoOpTKphiM2U encrypted privilege 0
username fualauaq attributes
password-storage enable
username fuala password IFtijSYb7LAOV/IW encrypted privilege 15
username Basher password Djf15nXIJXmayfjY encrypted privilege 0
username Basher attributes
password-storage enable
username fualafac password VGC/7cKXW1A6eyXS encrypted privilege 0
username fualafac attributes
password-storage enable
username fualaab password ONTH8opuP4RKgRXD encrypted privilege 0
username fualaab attributes
password-storage enable
username fualaadh2 password mNEgLxzPBeF4SyDb encrypted privilege 0
username fualaadh2 attributes
password-storage enable
username fualaain2 password LSKk6slwsVn4pxqr encrypted privilege 0
username fualaain2 attributes
password-storage enable
username fualafj2 password lE4Wu7.5s7VXwCqv encrypted privilege 0
username fualafj2 attributes
password-storage enable
username fualakf2 password 38oMUuwKyShs4Iid encrypted privilege 0
username fualakf2 attributes
password-storage enable
username fualaklb password .3AMGUZ1NWU1zzIp encrypted privilege 0
username fualaklb attributes
password-storage enable
username fualastr password RDXSdBgMaJxNLnaH encrypted privilege 0
username fualastr attributes
password-storage enable
username fualauaq2 password HnjodvZocYhDKrED encrypted privilege 0
username fualauaq2 attributes
password-storage enable
username fualastore password wWDVHfUu9pdM9jGj encrypted privilege 0
username fualastore attributes
password-storage enable
username fualadhd password GK8k1MkMlIDluqF4 encrypted privilege 0
username fualadhd attributes
password-storage enable
username fualaabi password eYL0j16kscNhhci4 encrypted privilege 0
username fualaabi attributes
password-storage enable
username fualaadh password GTs/9BVCAU0TRUQE encrypted privilege 0
username fualaadh attributes
password-storage enable
username fualajuh password b9QGJ1GHhR88reM1 encrypted privilege 0
username fualajuh attributes
password-storage enable
username fualadah password JwVlqQNIellNgxnZ encrypted privilege 0
username fualadah attributes
password-storage enable
username fualarak password UE41e9hpvcMeChqx encrypted privilege 0
username fualarak attributes
password-storage enable
username fualasnk password ZwZ7fVglexrCWFUH encrypted privilege 0
username fualasnk attributes
password-storage enable
username rais password HrvvrIw5tEuam/M8 encrypted privilege 0
username rais attributes
password-storage enable
username fualafuj password yY2jRMPqmNGS.3zb encrypted privilege 0
username fualafuj attributes
password-storage enable
username fualamaz password U1YUfQzFYrsatEzC encrypted privilege 0
username fualamaz attributes
password-storage enable
username fualashj password gN4AXk/oGBTEkelQ encrypted privilege 0
username fualashj attributes
password-storage enable
username fualabdz password tg.pB7RXJx2CWKWi encrypted privilege 0
username fualabdz attributes
password-storage enable
username fualamam password uwLjc0cV7LENI17Y encrypted privilege 0
username fualamam attributes
password-storage enable
username fualaajm password u3yLk0Pz0U1n.Q0c encrypted privilege 0
username fualaajm attributes
password-storage enable
username fualagrm password mUt3A60gLJ8N5HVr encrypted privilege 0
username fualagrm attributes
password-storage enable
username fualakfn password ceTa6jmvnzOFNSgF encrypted privilege 0
username fualakfn attributes
password-storage enable
username Fualaain password Yyhr.dlc6/J7WvF0 encrypted privilege 0
username Fualaain attributes
password-storage enable
username fualaban password RCJKLGTrh7VM2EBW encrypted privilege 0
username John password D9xGV1o/ONPM9YNW encrypted privilege 15
username John attributes
password-storage disable
username wrkshopuaq password cFKpS5e6Whp0A7TZ encrypted privilege 0
username wrkshopuaq attributes
password-storage enable
username Talha password 3VoAABwXxVonLmWi encrypted privilege 0
username Houssam password Cj/uHUqsj36xUv/R encrypted privilege 0
username Faraj password w2qYfE3DkYvS/oPq encrypted privilege 0
username Faraj attributes
password-storage enable
username gowth password HQhALLeiQXuIzptCnTv1rA== nt-encrypted privilege 15
username Hameed password 0Kr0N1VRmLuWdoDE encrypted privilege 0
username Hameed attributes
password-storage enable
username Hassan password Uy4ASuiNyEd70LCw encrypted privilege 0
username cisco password IPVBkPI1GLlHurPD encrypted privilege 15
username Karim password 5iOtm58EKMyvruZA encrypted privilege 0
username Shakir password BESX2bAvlbqbDha/ encrypted privilege 0
username Riad password iB.miiOF7qMESlCL encrypted privilege 0
username Azeem password 0zAqiCG8dmLyRQ8f encrypted privilege 15
username Azeem attributes
password-storage disable
username Osama password xu66er.7duIVaP79 encrypted privilege 0
username Osama attributes
password-storage enable
username Mahmoud password bonjr0B19aOQSpud encrypted privilege 0
username alpha password x8WO0aiHL3pVFy2E encrypted privilege 15
username Wissam password SctmeK/qKVNLh/Vv encrypted privilege 0
username Wissam attributes
password-storage enable
username Nabil password m4fMvkTgVwK/O3Ms encrypted privilege 0
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 outside
http 192.168.1.4 255.255.255.255 inside
http 192.168.1.100 255.255.255.255 inside
http 192.168.1.111 255.255.255.255 inside
http 192.168.1.200 255.255.255.255 inside
http 83.111.113.117 255.255.255.255 outside
http 192.168.1.17 255.255.255.255 inside
http 192.168.1.16 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set pfs
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
tunnel-group fualavpn type ipsec-ra
tunnel-group fualavpn type ipsec-ra
tunnel-group fualavpn general-attributes
address-pool fualapool
address-pool VPNPool
default-group-policy fualavpn
tunnel-group fualavpn ipsec-attributes
pre-shared-key *
tunnel-group fualavpn ppp-attributes
authentication pap
authentication ms-chap-v2
authentication eap-proxy
telnet 0.0.0.0 0.0.0.0 outside
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
management-access inside
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
inspect icmp error
service-policy global_policy global
prompt hostname context
Cryptochecksum:38e41e83465d37f69542355df734db35
: endHi,
What about translating the traffic on the local ASA (Active unit) for traffic received from the VPN tunnel to the internal interface IP address? You can try something like nat (outside,inside) source dynamic obj-VpnRemoteTraffic interface destination static StandbyIP StandbyIP
Regards, -
Not able to restart managed servers after password change in console
im doin the following steps,am i doin anything wrong?
1)shutdown all managed servers
2)change pwd in admin console
3)edit boot.properties file with new pwd in admin server
4)copy these boot file to every managed server
5)now restart admin server.(able to do it succesfully)
6)not able to restart managed servers (im getting the following error.
Can any help me out plz very urgent?
<Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
<Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>Hi,
*1)In order to export the user data on to the server,do we have to create a specific directory to save this data into the server.*
Yes ....you can give any Existing Directory Path in the AdminConsole Export Page.... Any Directory in your File System.
*2)Is there any other way by not exporting or importing the data?*
That is the only way to prevent the Data Loss....There are some other ways to do it without using Admin Console like Using WLST or Using JMX you can export the Data but all these techniques will exactly do the same thing ... The AdminConsole is the easiest way to do it.
Thanks
Jay SenSharma
http://middlewaremagic.com/weblogic/ (Middleware Magic Is Here) -
I tried to update the App that I purchased but the message told me that my Apple account is not valid for use outside of US and I must switch back to US store to able to do it. How can I switch the account from foreign countries back to US?
On your phone (from http://support.apple.com/kb/ht1311):
Change your iTunes Store country
Sign in to the account for the iTunes Store region you'd like to use. Tap Settings > iTunes & App Stores > Apple ID: > View Apple ID > Country/Region.
Follow the onscreen process to change your region, agree to the terms and conditions for the region if necessary, and then change your billing information. -
Not able to install sccm agent in sccm 2012 servers after cu3 update
not able to install sccm agent in sccm 2012 servers after cu3 update
MSI: Setup was unable to register the CCM_Service_HostingConfiguration endpoint
The error code is 80041002 ,below URl specify fix to uninstall Management point ,but in sccm 2012 secondary site canot unintall management point ,please help to install agent in config manager servers
https://blogs.technet.com/b/configurationmgr/archive/2013/11/25/hotfix-quot-error-25150-setup-was-unable-to-register-the-ccm-service-hostingconfiguration-endpoint-quot-when-you-try-to-install-the-client-agent-in-configuration-manager.aspx
ankithExcellent Article!!!!!! Pls check here, Follow the same steps
http://eskonr.com/2013/09/sccm-configmgr-2012-sp1-cu3-installationcollections-upgrade-clients/
This too
http://it.peikkoluola.net/2013/11/18/update-sccm-2012-to-sp1-cu3/
Thanks, Prabha G -
I have an iMac 20 inch early 2009 software osx 10.8.1(12b19)...i am not able to use my internet, outlook, or any messenger. tried troubleshooting, reseting safari, disabling norton firewall, deleted intego...still no internet. i did delete intego without uninstalling so im wondering if that caused the problem. everytime i try to open safari it displays this: Safari can't open the page: "http://www.yahoo.com/". the error is: "the operation couldn't be completed. Operation not permitted" (NSPOSIXErrorDomain:1)
Like nearly all antivirus utilities for OS X, Norton a/k/a Symantec and Intego are worthless junk that will cripple your Mac. Remants of one or both are most likely preventing Safari from communicating.
Search the forums for techniques to eradicate them - simply disabling them or dragging their apps to the Trash is not likely to be sufficient. Start by reading this procedure from Symantec:
http://www.symantec.com/business/support/index?page=content&id=TECH103489
For Intego: http://support2.intego.com/kb/index.php?x=&mod_id=2&id=214
... i did delete intego without uninstalling so im wondering if that caused the problem.
I believe you are correct. Download and run its uninstaller. -
Problem Using HTTP Dispatcher -- Could Not able to get the data in JSP
Hi, I am using HTTP Dispatcher to send my events to particular URL which is a JSP page. I am trying to populate the received event through URL and populate to a oracle data base. But could not able to get the data in Oracle database.
Code is :
<h1>JSP Page</h1>
<%
long type = 0;
String tagId = null;
String timeStr = "0";
String deviceName = "";
// Get Event Parameters
// Available Parameters: id, siteName, deviceName, data, time, type, subtype, sourceName, correlationId
try
type = Long.parseLong(request.getParameter("type")); // Get type
tagId = request.getParameter("id"); // Get tagId
timeStr = request.getParameter("time"); // Get time
deviceName = request.getParameter("deviceName");
catch (Exception e)
out.println( "Error: "+e.getMessage() );
// Write into DB.
try {
if ((tagId == null) || (type != 200) ){
// Do Nothing
//return;
} else {
OracleDataSource ods = new OracleDataSource();
String URL = "jdbc:oracle:thin:@//3.235.173.16:1525/vislocal";
ods.setURL(URL);
ods.setUser("cus");
ods.setPassword("cus");
Connection myConn = ods.getConnection();
Statement stmt = myConn.createStatement();
String selectQuery =
"SELECT MAX(rfid_raw_reads_id) as max_id FROM "+
"cus.rfid_raw_reads ";
ResultSet rs = stmt.executeQuery(selectQuery);
String maxId = "1";
if (rs.next()) {
maxId = rs.getString(1);
String selectMaxTagIDQuery =
"SELECT MAX(rfid_raw_reads_id) as max_id FROM "+
"cus.rfid_raw_reads WHERE tag_id = '" + tagId + "'" ;
stmt = myConn.createStatement();
rs = stmt.executeQuery(selectMaxTagIDQuery);
String maxTagId = "1";
if (rs.next()) {
maxTagId = rs.getString(1);
long primaryKey = 1;
long tagKey = 1;
try {
primaryKey = Long.parseLong(maxId) + 1;
tagKey = Long.parseLong(maxTagId) + 1;
} catch (Exception e) {
long currentTime = System.currentTimeMillis();
long updateKey = (tagKey - 1);
String updateQuery = " UPDATE cus.rfid_raw_reads SET read_end_time = " + currentTime + " WHERE rfid_raw_reads_id = " + updateKey;
Statement updateStmt = myConn.createStatement();
updateStmt.execute(updateQuery);
String query =
"INSERT INTO cus.rfid_raw_reads (rfid_raw_reads_id, tag_id,device_name,read_start_time) VALUES ("+ primaryKey + ",'" + tagId + "'," + deviceName + "'," + System.currentTimeMillis() + " )" ;
Statement insertStmt = myConn.createStatement();
insertStmt.execute(query);
myConn.commit();
myConn.close();
} catch (Exception e) {
%>
<p>For browser debug:
<%
out.println( "Type="+type+" ID="+tagId +" time="+timeStr );
%>
Kindly suggest where is the problem...
Thanks and regards
Mohammad Nasim AkhtarHI Prabhat,
Thanx for your reply, I worked out and able to receive the data in oracle database, Actually there was some problem in insert Query. Now I have tested the same... and able to edit the same in the Database.....
But I am facing a new problem, Http Dispatcher in SES console is displaying all the Events generated as well as event in Que but there is no events in the Event Send. I guess it is not able to send the events.....?????
Event statical is showing like this
Events Received: 0 (0.00/sec)
Events Generated: 311 (0.19/sec)
Events Sent: 2 (0.19/sec)
Queued Events: 309 (0.19/sec)
Kindly suggest where is the problem, Is it a JSP problem or OSES end problem.....
Thanks and regards
Nasim -
Notification mailer is not able to send mails to Outside domain i.e gmail
Hi All,
We are in 12.1.3 EBS application with 11.1.0.7 DB on Aix 64 bit platform:
resently we configured notification mailer with out any issues
But the issue is notifications are delivered to with in the domain itself but not to outside the domain i.e gmail and yahoo
SMTP server host name is owa.craftsmanautomation.com the same we used to configure the Notification mailer
Even we verified from os level using telnet utility as follows:
$ telnet owa.craftsmanautomation.com 25
Trying...
Connected to 192.168.5.8.
Escape character is '^]'.
220 Capl-cas01.CRAFTSMAN.LOCAL Microsoft ESMTP MAIL Service ready at Thu, 12 Jul 2012 14:03:47 +0530
EHLO CAPL-PROD
250-Capl-cas01.CRAFTSMAN.LOCAL Hello [192.168.5.12]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
MAIL FROM: [email protected]
250 2.1.0 Sender OK
RCPT TO: [email protected]
250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
Subject: Test message
Test message body
250 2.6.0 <[email protected]> [InternalId=85753] Queued mail for delivery
quit
221 2.0.0 Service closing transmission channel
Connection closed.
In the above command in place of FROM and TO mail-id's if we use any personal mail-id's getting error message as "Unable to Relay".Please suggest is there any changes we need to done at SMTP server Level or OS level or Application Level.
Thanks in Advance925263 wrote:
Hi Hussein,
Thanks Alot for your reply.
Currently we changed the SMTP Server(mail.craftsmanautomation.com).we used anoth SMTP server to configure Notification Mailer.Because previous one(owa.craftsmanautomation.com) is not able to send mail's to outside domains.
But in this case we got the below error message while testing.Below error message we captured from the output file of the script Oracle Workflow ATG Support: R12 Java Mailer Setup Diagnostic Test.
ERROR
[Nov 10, 2012 1:32:45 PM GMT+05:30]:1352534565017:-1:-1:capl-prod.craftsmanautomation.com:192.168.5.13:-1:-1:1:20420:SYSADMIN(0):-1:Thread[outboundThreadGroup1,5,outboundThreadGroup]:192.168.5.13:84096:1352529863628:11:ERROR:[SVC-GSM-WFMLRSVC-110812-10006 : oracle.apps.fnd.wf.mailer.SMTPOutboundProcessor.send(Message)]:Problem encountered when sending to {[[WFTEST <[email protected]>]]} -> javax.mail.SendFailedException: Invalid Addresses;
nested exception is:
class javax.mail.SendFailedException: 554 5.7.1 <[email protected]>: Sender address rejected: Access denied
Please see these docs.
Email Not Received javax.mail.SendFailedException: Invalid Addresses [ID 876835.1]
Workflow Notification Mailer Unable to Send E-Mail Notifications [ID 374804.1]
Unable to Email Proposal Documents to an 'External Address' [ID 1126223.1]
How to address Email Center: Outbox Processor Error: Invalid Addresses [ID 1399427.1]
Thanks,
Hussein -
I am not able to access to iphone updates/store; it displays the message under diagnostics 'secure link to itunes store failed'.
I tried to turn firewall off, reinstall itunes and other troubleshoot options but none of them works......
Please help.Update: I tried the "Toshiba Recovery Wizard" after everything else either fizzled out or hung up. After going all the way thru the recovery process (up to 100%), I finally got an error message.....it didn't work. And now, when I fire up the computer, I don't even get to that menu with the recovery options....the only thing I can boot into is the screens with the various ways to run your OS (in "safe mode", "safe mode with networking", etc).
I'm not a techie, but I'm guessing at this point, the part of my hard drive that got damaged in the fall was, at the very least, the partition with the recovery data. Couple that with the fact that this cheapo Toshiba laptop didn't even come with recovery disk (or ANY kind of disk, even basic installation software!), I'm screwed: I don't see any way to get a workable computer now without some kind of disk to boot from. So NOW my concern is more about spending the $$ for a new OS and THEN finding out the hard drive has other problems too...is broken in some other way to boot.
How to check this? As I said, I did run "chkdsk" back when I could get into the recovery menu and run the fix-it programs. It didn't note any problems. Thinking of taking this opportunity to upgrade to Windows 7 from Vista (which I never liked), but I have to know that the computer is otherwise ok....how to be sure? -
Not able to access parent instance variable in outside of methods in child
Hi,
I am not getting why i am not able to access parent class instance variable outside the child class intance methods.
class Parent
int a;
class Child extends Parent
a = 1; // Here i am getting a compilation error that Syntax error on token "a", VariableDeclaratorId expected after this token
void someMethod()
a = 1; // Here i am not getting any compilation error while accessing parent class variable
}Can any one please let me know exact reason for this and what is the error talks about?
Thanks,
Uday
Edited by: Udaya Shankara Gandhi on Jun 13, 2012 3:30 AMYou can only put assignments or expressions inside methods, constructors or class initializors, or when declaring a variable.
It has nothing to the with Child extending Parent.
class Parent {
int a = 1;
{ a = 1; }
public Parent() {
a = 1;
public void method() {
a = 1;
} -
Not able to enable web access (http server) on 5500
Hi
i have 5500 Swtich iam not able to enable http server in it
the message show below
Core-Switch> (enable) show ip http
HTTP Information
HTTP server: disabled
HTTP port: 800
Web Interface: Not supported
HTTP active sessions: 0
Core-Switch> (enable) show ver
WS-C5500 Software, Version McpSW: 5.5(18) NmpSW: 5.5(18)
Copyright (c) 1995-2002 by Cisco Systems
NMP S/W compiled on Dec 16 2002, 15:34:48
MCP S/W compiled on Dec 16 2002, 15:30:03
System Bootstrap Version: 3.1.2
Hardware Version: 1.4 Model: WS-C5500 Serial #: 069062010
Mod Port Model Serial # Versions
1 2 WS-X5530 008731527 Hw : 1.8
Fw : 3.1.2
Fw1: 4.1(1)
Sw : 5.5(18)
WS-F5520 008715296 Hw : 1.1
WS-U5533 009612560 Hw : 1.0
2 2 WS-X5530 008146970 Hw : 1.5
Fw : 3.1.2
Fw1: 3.1(2)
Sw : 5.5(18)
WS-F5520 007590229 Hw : 1.0
WS-U5533 009613415 Hw : 1.0
3 24 WS-X5234 022374107 Hw : 1.0
Fw : 4.5(2)
Sw : 5.5(18)
4 24 WS-X5234 018022744 Hw : 1.0
Fw : 4.5(2)
Sw : 5.5(18)
5 24 WS-X5234 018025296 Hw : 1.0
Fw : 4.5(2)
Sw : 5.5(18)
6 24 WS-X5234 017582607 Hw : 1.0
Fw : 4.5(2)
Sw : 5.5(18)
7 24 WS-X5234 017919621 Hw : 1.0
Fw : 4.5(2)
Sw : 5.5(18)
10 1 WS-X5304 024975347 Hw : 7.7
Fw : 20.22
Fw1: 3.1(1)
Sw : 12.1(20)have you run the 'set ip http server enable' command at the CatOS CLI of the 5500?
as you've shown above, it is currently disabled
does the switch have an ip address assigned to interface SC0? does SC0 belong to an inactive VLAN?
if the switch OS does not support it, it should display an error as follows when you type in the command: (as shown below)
console> set ip http server enable
Feature not supported on the system. -
HTTP 500 - Internal server error - not able to Export BI report to Excel
Hi,
We just upgraded to HFM 9.3.1.4. Unfortunately we are not able to Export BI report to Excel (in Workspace and in BI Studio). We receive the error message "HTTP 500 - Internal server error" (this worked fine in 411).
We are able to preview in PDF and HTML, but not Export to Excel. We also just restarted the services for workspace and web analysis, but still the same issue.
Anyone have any idea what is wrong?
Thanks for your help!Hi Varun,
We just restarted the financial reporting services, but still receive the same error message.
Any other idea?
Thank you for any help. -
Able to play live video by rtmp but not by http
Hi Experts ,
I need some help in proceeding further on my HDS live streaming setup .
i have adobe flash media server 4.5 and adobe flash media live encoder 3.2 . followed all the steps provided in the following link
http://help.adobe.com/en_US/flashmediaserver/devguide/WSeb6b7485f9649bf23d103e5512e08f3a33 8-8000.html.
can somehelp help me out . am i missing some this . i would ideally need the live video play with http syntax .
mtp://2.68.1.5/livepkgr/livestream?adbe-live-event=liveevent -
http://2.68.1.5/livepgr/livestream?adbe-live-event==livestream doesnt workThanks Hparmar , i tried the above links still Iam not able to stream single live link .
i see .bootstrap , .control , .meta , f4f,f4x and .stream files .
on my encoder Fms url is rtmp://localhost/livepkgr and stream is livestreamnow .
on browser url when i try http://serverip/hds-live/livepkgr/_definst_/liveevents/livestreamnow.f4m - it says f4m document contains errors URL missing from tag " .
my manifest file
<manifest xmlns="http://ns.adobe.com/f4m/2.0">
<baseURL>http://</baseURL>
<media href="http://2.68.1.8/hds-live/livepkgr/_definst_/liveevent/livestreamnow.f4m" bitrate="650"/>
xml in browser displays this
manifest><id>
livepkgr/events/_definst_/liveevent
</id><streamType>
live
</streamType><duration>
0
</duration></manifest> .
can someone help me with this , how to proceed further ?
Maybe you are looking for
-
I've been using VAJ [visualage for java by ibm] with great success and absolutely love it, however it only supports java version 2, and I need to use some of the new Image editing classes introduced in later java versions. Which IDE is most like VAJ?
-
In 1992 my lab purchased a Particle Size Analyzer (Microtrac series 9200) that came with a Compaq computer (DOS 5.0, Win3.1) and a printer. Due to proprietary software restrictions I currently need to keep the analyzer software operating on the DOS
-
Can you hide a dimension value but display one of it's attributes?
Can you hide a dimension value but display one of it's attributes in a query output?
-
Hello Everybody , There is someone who can help me with a bean that crop a part an image and then save it in DB with more informations?? Please i need ur helps .
-
I wanted to know if anyone else has had issues with downloading recordings with this extention lately. I'm having a problem downloading our recordings as a zip. I'm sending you the screen shot of the recording playback after having used the zip opti