Open port 916/udp not closeable

A nmap scan from the Internet (WAN) against a Cisco RV120W shows an open port 916/udp. This port remains open even if one writes an explicit access rule for the firewall.
A quick googling shows that this port is probably used to access the firmware of the router from the outside as well as it has been involved in security problems some years ago. See http://osvdb.org/show/osvdb/34520
How can this port be closed?
Michael

Dear Michael,
Thank you for reaching the Small Business Support Community.
I would first suggest you to upgrade to the latest firmware release version 1.0.4.10;
http://software.cisco.com/download/release.html?mdfid=282981372&softwareid=282487380&release=1.0.4.10
If nmap still shows the port opened, I then suggest you to disable the remote management to determine if this is the root of the problem, then contact the Small Business Support Center to have a TAC engineer figure this out;
https://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
Please do not hesitate to reach me back if there is anything I may assist you with.
Kind regards,
Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer
*Please rate the Post so other will know when an answer has been found.

Similar Messages

RMI firewall issue - opening port 1099 is not enough

Hello,
We have a distributed java desktop app that uses RMI with callbacks to communicate amongst the clients. It all works really well at our dev site and at 2 trial sites.
We are about to deploy out to more customer sites - so I have been doing more testing with firewalls etc and discovered some issues. Our customers are small businesses and typically have between 1 and 10 desktop clients that connect to the server via RMI. These customers are "very NOT technical", so we need to give them set-and-forget firewalls etc.
This is all on a LAN, with RMI using port 1099. On the firewalls (of the various PCs) we open ports 1099 (RMI) and 5432 (for the Postgres DB).
Also, I was using "CurrPorts" and "SmartSniff" to monitor the traffic at each PC - so I had a reasonable view of proceedings.
Basically, opening port 1099 on the server is necessary, but it is NOT ENOUGH. The RMI moves off to ports other than 1099, and the server firewall does not allow the connection.
Procedure ...
(1) start the "server" app - which starts the RMI registry - the "localhost" desktop app also starts and it works well to both the database and the RMI.
(2) start another client - it connects to the DB Server, but NOT the RMI server.
(3) open the server firewall to all traffic for a few seconds - then the client connects successfully.
From CurrPort logging I could watch the RMI comms progress over those first few minutes ...
Initially the comms do include port 1099 on the initial call to the server, but there after there are always 2 or 3 "channels" open, but not to 1099.
I notice that the Postgres DB keeps using port 5432 for all of its active channels - so it does not have the same firewall issue.
After we have opened the firewall for a few seconds - to enable the link - then we can turn the client on and off and the client re-connects without issue - so it would seem to be only an issue with the initial connection.
I am sure that this is all completely standard and correct RMI behavior.
QUESTIONS:
1. Can RMI be "forced" to always use port 1099 for connections, and not move to other ports? (like the database uses 5432)
2. Are there any suggestions for getting around this seemingly standard RMI behaviour?
Other comments ...
The firewall lets me open individual ports (say 1099) - BUT I can not justify opening ALL ports.
The firewall lets me open all ports to an application, say "C:\Program Files\Java\jre6\bin\java.exe", but that app will occasionally change at a customer's site as they will update their java version and suddenly our app will stop working.
Any guidance is appreciated.
Many Thanks,
-Damian

1. Can RMI be "forced" to always use port 1099 for connectionsYes. Export all your servers on the same port. See UnicastRemoteObject constructor that takes an int, or UnicastRemoteObject.exportObject(int). If the RMI Registry is a separate process you can't re-use 1099 for this purpose, but see below.
2. Are there any suggestions for getting around this seemingly standard RMI behaviour?Yes. Start the RMI Registry in the same JVM as the code, then you only need to use 1099 for everything.
If you are using server socket factories, make sure they have an equals() method, or use the same instance for all remote objects.

DPC3825 / CAN OPEN PORT 3306 BUT NOT OTHERS

I am trying to open port 80, 3306, 30000, and 30001 .... I did everything properly, I have a static IP address, I am hooked directly to my cisco router, but when I go to this website http://www.whatsmyip.org/port-scanner/ and scan to see if my ports are open, only port 3306 shows that is open, all the other ports time out... Please help me.

Hi Bertrude,
The DPC3825 is an internet service provider (ISP) supported product. You will need to contact them or your technology reseller from where you purchased the device to assist you with your question.

Open port issues with Direct Print functionality

Hi, I have been fighting with HP call support about the Photosmart 7525 printer.
Originally I setup and had performed all the functions to enable both web support and WIFI.
Within an hour the printer would not respond to wireless communication, though it had its wireless indecator showing it was connected.
I was told by HP support that the issue will be resolved in March, as there will be a firmware update to fix the issue.
Now that I had the printer install the new firmware I still get the issue.
Though I found through some sniffing, that there are a number of ports enabled and open that are over and beyond print requirements.
Funny thing I can send my printer into instant lockup with all lights flashing with a simple UDP ping sniff. I would think I can do this with other new HP printers using Eprint functions. I will find HP web based printers that are open for public printing and test my theory that HP Eprinters are open to hacking and denyal of service attempts. My Hp print app on andriod list three in my area, and one is at my local Walmart. This would be cool to find this, as I am usually not the first to point such matters out.
I assume some are for Apple devices to print.
Here is my sniffing report:
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 07:57 Central Daylight TimeNSE: Loaded 110 scripts for scanning.NSE: Script Pre-scanning.Initiating ARP Ping Scan at 07:57Scanning 192.168.223.1 [1 port]Completed ARP Ping Scan at 07:57, 0.23s elapsed (1 total hosts)Initiating Parallel DNS resolution of 1 host. at 07:57Completed Parallel DNS resolution of 1 host. at 07:58, 16.50s elapsedInitiating SYN Stealth Scan at 07:58Scanning 192.168.223.1 [1000 ports]Discovered open port 445/tcp on 192.168.223.1Discovered open port 139/tcp on 192.168.223.1Discovered open port 80/tcp on 192.168.223.1Discovered open port 443/tcp on 192.168.223.1Discovered open port 8080/tcp on 192.168.223.1Discovered open port 9220/tcp on 192.168.223.1Discovered open port 6839/tcp on 192.168.223.1Discovered open port 631/tcp on 192.168.223.1Discovered open port 7435/tcp on 192.168.223.1Discovered open port 8089/tcp on 192.168.223.1Discovered open port 9100/tcp on 192.168.223.1Completed SYN Stealth Scan at 07:58, 1.71s elapsed (1000 total ports)Initiating UDP Scan at 07:58Scanning 192.168.223.1 [1000 ports]Discovered open port 5353/udp on 192.168.223.1Completed UDP Scan at 07:58, 1.82s elapsed (1000 total ports)Initiating Service scan at 07:58Scanning 20 services on 192.168.223.1Discovered open port 161/udp on 192.168.223.1Discovered open|filtered port 161/udp on 192.168.223.1 is actually open
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 07:51 Central Daylight TimeNmap scan report for 192.168.223.1Host is up (0.0025s latency).Not shown: 93 closed portsPORT     STATE SERVICE     VERSION80/tcp   open http        HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)139/tcp open tcpwrapped443/tcp open ssl/http    HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)445/tcp open netbios-ssn631/tcp open http        HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)8080/tcp open http        HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)9100/tcp open jetdirect?MAC Address: A03:C1:BD:C8:34 (Unknown)Device type: printer|general purposeRunning: HP embedded, Wind River VxWorksOS CPE: cpe:/h:hp:laserjet_cm1415fnw cpe:/h:hp:laserjet_cp1525nw cpe:/h:hp:laserjet_1536dnf cpe:/o:windriver:vxworksOS details: HP LaserJet CM1415fnw, CP1525nw, or 1536dnf printer, VxWorksNetwork Distance: 1 hopService Info: Device: printer; CPE: cpe:/h:hphotosmart_7520OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 34.11 seconds

OK now I am able to run a full scan on TCP ports without causing a lock up of the printer.
I found that having the printer connect to a router that has been setup to use channel 5, 6 or 7 will cause port scanning issues with the printer.
It is obvious that there are 18 ports that are seen as open, whether they are used or not. Two of which are active but have no service connected to them. Some are just dead like port 25, but over half are active enough to recieve data and lock network connectivity within the printer.
As the firmware states some other laser jets may be affected depending on how the configuration can be set.
I moved my routers channel to channel 1 as it is the only other option I have in a highly congested location. It is not as good as channel 6, but the printer seems to have channel 6 locked in for direct printing.
Here is the latest full scan with UDP enabled, it is the furthest and most complete scan I am able to complete, with UDP ports enabled. The TCP port scan has a bit more and I have placed a simple list below the information given here:
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 13:27 Central Daylight Time
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 13:27
Scanning 192.168.1.211 [1 port]
Completed ARP Ping Scan at 13:27, 0.44s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:27
Completed Parallel DNS resolution of 1 host. at 13:27, 0.03s elapsed
Initiating SYN Stealth Scan at 13:27
Scanning 192.168.1.211 [1000 ports]
Discovered open port 443/tcp on 192.168.1.211
Discovered open port 80/tcp on 192.168.1.211
Discovered open port 139/tcp on 192.168.1.211
Discovered open port 8080/tcp on 192.168.1.211
Discovered open port 445/tcp on 192.168.1.211
Discovered open port 631/tcp on 192.168.1.211
Discovered open port 9100/tcp on 192.168.1.211
Discovered open port 7435/tcp on 192.168.1.211
Discovered open port 9220/tcp on 192.168.1.211
Discovered open port 6839/tcp on 192.168.1.211
Completed SYN Stealth Scan at 13:27, 5.25s elapsed (1000 total ports)
Initiating UDP Scan at 13:27
Scanning 192.168.1.211 [1000 ports]
Discovered open port 137/udp on 192.168.1.211
Completed UDP Scan at 13:27, 4.46s elapsed (1000 total ports)
Initiating Service scan at 13:27
Scanning 16 services on 192.168.1.211
Discovered open port 161/udp on 192.168.1.211
Discovered open|filtered port 161/udp on 192.168.1.211 is actually open
Completed Service scan at 13:29, 82.51s elapsed (17 services on 1 host)
Initiating OS detection (try #1) against 192.168.1.211
NSE: Script scanning 192.168.1.211.
Initiating NSE at 13:29
Completed NSE at 13:30, 82.29s elapsed
Nmap scan report for 192.168.1.211
Host is up (0.023s latency).
Not shown: 1983 closed ports
PORT     STATE         SERVICE      VERSION
80/tcp   open          http         HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
139/tcp open          tcpwrapped
443/tcp open          ssl/http     HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=HPPS7525/organizationName=HP/stateOrProvinceName=Washington/countryName=US
| Issuer: commonName=HPPS7525/organizationName=HP/stateOrProvinceName=Washington/countryName=US
| Public Key type: rsa
| Public Key bits: 1024
| Not valid before: 2014-02-25T10:12:24+00:00
| Not valid after: 2034-02-20T10:12:24+00:00
| MD5:   9144 ca3b 557e 09cc aba0 8387 2732 2375
|_SHA-1: a6b2 95c0 b72a 7201 578c 32de 662a e6fe b082 48ca
|_ssl-date: 2014-03-21T13:30:09+00:00; -4h59m12s from local time.
445/tcp open          netbios-ssn
631/tcp open          http         HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
6839/tcp open          tcpwrapped
7435/tcp open          tcpwrapped
8080/tcp open          http         HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
9100/tcp open          jetdirect?
9220/tcp open          hp-gsg       HP Generic Scan Gateway 1.0
137/udp open          netbios-ns   Samba nmbd (workgroup: HPPS7525)
138/udp open|filtered netbios-dgm
161/udp open          snmp         SNMPv1 server (public)
| snmp-hh3c-logins:
|_ baseoid: 1.3.6.1.4.1.25506.2.12.1.1.1
| snmp-interfaces:
|   Wifi0
|     IP address: 192.168.1.211 Netmask: 255.255.255.0
|     MAC address: a0:d3:c1:bd:c8:32 (Unknown)
|     Type: ethernetCsmacd Speed: 10 Mbps
|     Status: up
|_    Traffic stats: 6.16 Mb sent, 3.43 Mb received
| snmp-netstat:
|   TCP 0.0.0.0:7435         0.0.0.0:0
|   TCP 192.168.1.211:56076 15.201.145.52:5222
|   UDP 0.0.0.0:3702         *:*
|   UDP 127.0.0.1:666        *:*
|_ UDP 192.168.223.1:67     *:*
| snmp-sysdescr: HP ETHERNET MULTI-ENVIRONMENT
|_ System uptime: 0 days, 3:34:23.28 (1286328 timeticks)
| snmp-win32-shares:
|_ baseoid: 1.3.6.1.4.1.77.1.2.27
1022/udp open|filtered exp2
1023/udp open|filtered unknown
3702/udp open|filtered ws-discovery
5355/udp open|filtered llmnr
MAC Address: A03:C1:BD:C8:32 (Unknown)
Device type: general purpose
Running: Wind River VxWorks
OS CPE: cpe:/o:windriver:vxworks
OS details: VxWorks
Uptime guess: 0.150 days (since Fri Mar 21 09:55:04 2014)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=255 (Good luck!)
IP ID Sequence Generation: Busy server or unknown class
Service Info: Hosts: HPA0D3C1BDC832, HPPS7525; Device: printer; CPE: cpe:/h:hphotosmart_7520
Host script results:
| nbstat:
|   NetBIOS name: HPA0D3C1BDC832, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
|   Names
|     HPA0D3C1BDC832<00>   Flags: <unique><active><permanent>
|     MSHOME<00>           Flags: <group><active><permanent>
|     HPA0D3C1BDC832<20>   Flags: <unique><active><permanent>
|     HPPS7525<00>         Flags: <unique><active><permanent>
|_    HPPS7525<20>         Flags: <unique><active><permanent>
| smb-security-mode:
|   Account that was used for smb scripts: guest
|   User-level authentication
|   SMB Security: Challenge/response passwords supported
|_ Message signing disabled (dangerous, but default)
TRACEROUTE
HOP RTT      ADDRESS
1   23.26 ms 192.168.1.211
NSE: Script Post-scanning.
Read data files from: F:\Progs\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 180.90 seconds
           Raw packets sent: 2030 (74.829KB) | Rcvd: 2921 (149.377KB)
+++++++++++++++++++++++++++++++++++++++++++++++++++++===
Full TCP port scan without UDP scanning of all ports, showing up as open... * designates open and active.
192.168.223.1Discovered open port 25/tcp on
*192.168.223.1Discovered open port 80/tcp on
*192.168.223.1Discovered open port 110/tcp on
*192.168.223.1Discovered open port 119/tcp on
*192.168.223.1Discovered open port 139/tcp on
192.168.223.1Discovered open port 143/tcp on
*192.168.223.1Discovered open port 443/tcp on
*192.168.223.1Discovered open port 445/tcp on
192.168.223.1Discovered open port 465/tcp on
192.168.223.1Discovered open port 563/tcp on
192.168.223.1Discovered open port 587/tcp on
*192.168.223.1Discovered open port 631/tcp on
192.168.223.1Discovered open port 993/tcp on
192.168.223.1Discovered open port 995/tcp on
*192.168.223.1Discovered open port 7435/tcp on
*192.168.223.1Discovered open port 6839/tcp on
*192.168.223.1Discovered open port 8080/tcp on
192.168.223.1Discovered open port 8089/tcp on
*192.168.223.1Discovered open port 9100/tcp on
*192.168.223.1Discovered open port 9220/tcp on

Monitoring open ports and IP adresses on Windows clients

I'm using SCOM 2012 for monitoring system.
I cannot find how to monitor open ports (TCP, UDP) and IP addresses on Windows based PCs. I need that kind of report for Internal auditors and Security officer.
Is it possible to get Windows Firewall State, collect it in SCOM and prepare report on monthly base?
tnx in advance

I have found a possibility to do this. Hope you understand this and it is helpful. This is a two step process but guess will definitely server the purpose.
Scope: We will be running a tool which will monitor a port (TCP or UDP) for a specific host / IP and will throw a log file.
SCOM will monitor the log file and will throw a alert if the log file contains the string NOT LISTENING (Port not working or unable to open the port) which the program will create the log with the results.
First download the program named: PortQry Command Line Port Scanner Version 2.0 from microsoft using the below link. It is a command line tool.
http://www.microsoft.com/en-in/download/details.aspx?id=17148
Run it using by making a batch file or powershell script using task scheduler as per your time requirement (Every 5 min or 1Hr).
Use this command to monitor a ip / hostname and its port with TCP or UDP.
I have pasted the command file of the program in C:\Port_checker directory so i am using the below syntax
C:\Port_checker\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Port_checker\Result.log /y
-N = Hostname / FQDN of agent or Ip address
-E = Port # what you want to monitor
-P = Protocol (TCP or UDP)
-L = Generate log on the following location and name
/Y = To replace the existing log file name to fresh one without prompt.
The result in the log file will be as follows:
============================
For successful port open:
PortQry Version 2.0 Log File
System Date: Tue Oct 07 09:42:32 2014
Command run:
C:\PortQryV2\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Portqryv2\Result.log /y
Local computer name:
192.168.1.2
Querying target system called:
192.168.1.1
Attempting to resolve name to IP address...
Name resolved to 192.168.1.1
querying...
UDP port 5723 (unknown service): LISTENING
========= end of log file =========
PortQry developed by Tim Rains
For failure port open:
PortQry Version 2.0 Log File
System Date: Tue Oct 07 09:42:32 2014
Command run:
C:\PortQryV2\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Portqryv2\Result.log /y
Local computer name:
192.168.1.2
Querying target system called:
192.168.1.1
Attempting to resolve name to IP address...
Name resolved to 192.168.1.1
querying...
UDP port 5723 (unknown service): NOT
LISTENING
========= end of log file =========
PortQry developed by Tim Rains
Now as per the above results NOT LISTENING Port is blocked or is not opened and LISTENINGmeans
working or port is opened.
So now using SCOM you will monitor the log file Result.log in the location C:\Port_checker\ saying
if NOT LISTENING comes in the log file throw me a alert in SCOM consle or via email.
To configure that alert you need to create a Generic text log alerting Rule which will throw a alert if any thing added in that log which is not to be added and if it is added like NOT
LISTENING then it will throw a alert.
Refer this link on how to open a Generic text log alerting Rule.
http://blogs.technet.com/b/kevinholman/archive/2009/06/20/using-a-generic-text-log-rule-to-monitor-an-ascii-text-file-even-when-the-file-is-a-unc-path.aspx
Gautam.75801

After upgrade to 10.6 Apache is running but port 80 is not open

Hello,
I just upgraded from 10.5 to 10.6. The server is a simple set up that is only used for web hosting. Everything appears to work fine except the browser can't connect. Server Admin and Activity Monitor shows Apache running. Port scan from another machine does not show 80 or 8080 as open ports. However it does show ftp 21, ssh 22 and others open. I double-checked firewall settings and even turn of the firewall software and it still does not work. The 10.5 setup was a clean install and manual migration from 10.4 so I don't that has anything to do with it. I'm not sure what to try next.
Below is the Setup.log created during the upgrade process:
10:34:56.152 local KDC set up
10:34:56.292 Beginning setup migration extras
10:34:57.828 Starting migration extras with arguments:
--sourceRoot /Previous System --targetRoot / --purge 1 --language en --sourceVersion 10.5.8 --sourceType System
10:34:58.656 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/1_SystemKeychainReady.sh
RESULT CODE: 0
STDOUT: certs = emptydictionary
accounts:error = <62706c69 73743030 d4010203 04050626 27582476 65727369 6f6e5824 6f626a65 63747359 24617263 68697665 72542474 6f701200 0186a0a8 07081112 1a1b1c22 55246e75 6c6cd409 0a0b0c0d 0e0f1058 4e53446f 6d61696e 5a4e5355 73657249 6e666f56 4e53436f 64655624 636c6173 73800280 031103e8 80075f10 1c636f6d 2e617070 6c652e73 65727665 726d6772 5f616363 6f756e74 73d30c13 14151618 574e532e 6b657973 5a4e532e 6f626a65 63747380 06a11780 04a11980 055f1016 4e534c6f 63616c69 7a656444 65736372 69707469 6f6e5f10 164e6f20 4c444150 206d6173 74657220 70726573 656e74d2 1d1e1f20 5a24636c 6173736e 616d6558 24636c61 73736573 5c4e5344 69637469 6f6e6172 79a21f21 584e534f 626a6563 74d21d1e 2324574e 53457272 6f72a225 21574e53 4572726f 725f100f 4e534b65 79656441 72636869 766572d1 28295472 6f6f7480 01000800 11001a00 23002d00 32003700 40004600 4f005800 63006a00 71007300 75007800 7a009900 a000a800 b300b500 b700b900 bb00bd00 d600ef00 f400ff01 08011501 18012101 26012e01 31013901 4b014e01 53000000 00000002 01000000 00000000 2a000000 00000000 00000000 00000001 55>
accounts:errorDescription = "No LDAP master present"
accounts:errorCode = 1000
STDERR: 2009-10-15 10:34:58.407 serveradmin[607:903] -[CertsRequestHandler(KeychainOpenSSLExport) existingPassphraseInKeychainForSha1DigestString:]: SecKeychainFindGenericPassword(5151426A4CB1E7F5E1D9817914F586474E2A0241) status: -25300
2009-10-15 10:34:58.547 serveradmin[607:903] --Module NSBundle </usr/share/servermgrd/bundles/servermgr_certs.bundle> (loaded)'s response has retain count of 3.
2009-10-15 10:34:58.620 serveradmin[609:903] -[AccountsRequestHandler(AccountsOpenDirectoryHelpers) openLocalLDAPNodeIfNeeded]: dsLocalLDAP = (null), error = Error Domain=com.apple.OpenDirectory Code=2000 UserInfo=0x10050cc80 "Unable to open Directory node with name /LDAPv3/127.0.0.1."
2009-10-15 10:34:58.632 serveradmin[609:903] -[AccountsRequestHandler(AccountsOpenDirectoryHelpers) openLocalLDAPNodeIfNeeded]: dsLocalLDAP = (null), error = Error Domain=com.apple.OpenDirectory Code=2000 UserInfo=0x100217b70 "Unable to open Directory node with name /LDAPv3/127.0.0.1."
10:34:58.945 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/10_dnsconfigmigrator.sh
RESULT CODE: 0
STDOUT: /System/Library/ServerSetup/MigrationExtras/10_dnsconfigmigrator.sh: Migrating DNS config files...
/System/Library/ServerSetup/MigrationExtras/10_dnsconfigmigrator.sh: Ensuring DNS configuration files are the correct version...
dns:configuration:acls:array_index:0:addressMatchList:_arrayindex:0 = "localnets"
dns:configuration:acls:arrayindex:0:name = "com.apple.ServerAdmin.DNS.public"
dns:configuration:views:arrayid:BD7790B8-2EEC-4FDD-A1D3-D8BAF698CA69:secondaryZones = emptyarray
dns:configuration:views:arrayid:BD7790B8-2EEC-4FDD-A1D3-D8BAF698CA69:reverseZones = emptyarray
dns:configuration:views:arrayid:BD7790B8-2EEC-4FDD-A1D3-D8BAF698CA69:primaryZones = emptyarray
dns:configuration:views:arrayid:BD7790B8-2EEC-4FDD-A1D3-D8BAF698CA69:allow-recursion = ""com.apple.ServerAdmin.DNS.public";"
dns:configuration:views:arrayid:BD7790B8-2EEC-4FDD-A1D3-D8BAF698CA69:name = "com.apple.ServerAdmin.DNS.public"
dns:configuration:isBonjourClientBrowsingEnabled = no
dns:configuration:loggingLevel = "info"
dns:upgradeSuccess = yes
dns:readStatus = 0
dns:dnsConfigurationFileVersion = 2
/System/Library/ServerSetup/MigrationExtras/10_dnsconfigmigrator.sh: Migrating the launchd plist state...
/System/Library/ServerSetup/MigrationExtras/10_dnsconfigmigrator.sh: /Previous System/private/var/db/launchd.db/com.apple.launchd/overrides.plist not found
/System/Library/ServerSetup/MigrationExtras/10_dnsconfigmigrator.sh: no launchd overrides file: /Previous System/private/var/db/launchd.db/com.apple.launchd/overrides.plist; checking state in launchd plist
/System/Library/ServerSetup/MigrationExtras/10_dnsconfigmigrator.sh: named disabled in /Previous System/System/Library/LaunchDaemons/org.isc.named.plist; not starting
STDERR:
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:34:59.411 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/30-afctlmigrator.pl
RESULT CODE: 0
STDOUT: AFCTL_DISABLED = true AFCTL_ENABLED = disabled AFCTL_STATE =
state = false
STDERR: Print: Entry, ":Disabled", Does Not Exist
mv: rename //private/var/db/af/whitelist to //private/var/db/af/whitelist.previous: No such file or directory
mv: rename //private/var/db/af/blacklist to //private/var/db/af/blacklist.previous: No such file or directory
mv: rename /Previous System/private/var/db/af/whitelist to //private/var/db/af/whitelist: No such file or directory
mv: rename /Previous System/private/var/db/af/blacklist to //private/var/db/af/blacklist: No such file or directory
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:34:59.727 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/30-dsmconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR: Print: Entry, ":Disabled", Does Not Exist
purge: 1
sourceRoot: /Previous System
sourceType:
sourceVersion:
targetRoot: /
language:
10:35:00.664 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/30-ftpconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR: Print: Entry, ":Disabled", Does Not Exist
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:35:01.463 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/30-ipfilterconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR:
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:35:01.778 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/30-natconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR:
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:35:02.456 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/30-snmpconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR: launchctl: Error unloading: org.net-snmp.snmpd
10:35:04.637 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/42_odconfigmigrator
RESULT CODE: 0
STDOUT: /usr/sbin/slapconfig -migrateldapserver 1 /Previous System / 10.5.8 System en
STDERR: sso_util command failed with status 2
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
Not an ldapmaster so there is no local node users to copy.
10:35:04.829 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/45-restoreUsersFolder.pl
RESULT CODE: 0
STDOUT:
STDERR:
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:35:05.614 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/50-vpnconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR: launchctl: Error unloading: com.apple.ppp.l2tp
launchctl: Error unloading: com.apple.ppp.pptp
10:35:05.695 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/51_afpconfigmigrator
RESULT CODE: 0
STDOUT:
STDERR: No old afp settings record to update
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:35:08.617 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/58_jabbermigrator.pl
RESULT CODE: 0
STDOUT: Warning, /usr/libexec/jabberconfigmigrator.pl returned error status: 256:
STDERR: Print: Entry, ":org.jabber.jabberd:Disabled", Does Not Exist
Print: Entry, ":org.jabber.jabberd:Disabled", Does Not Exist
10:35:10.501 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/59_calendarmigrator.py
RESULT CODE: 0
STDOUT:
STDERR:
10:35:15.088 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/60_mysqlconfigmigrator
RESULT CODE: 0
STDOUT: mysql:upgradeStatus = 0
STDERR:
10:35:15.508 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/60_printconfigmigrator
RESULT CODE: 0
STDOUT: print:status = 0
STDERR:
10:35:16.672 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/60_swupdateconfigmigrator
RESULT CODE: 0
STDOUT: swupdate:upgradeStatus = 0
STDERR:
10:35:16.830 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/61migrate_cyrusdb
RESULT CODE: 0
STDOUT: Nothing to migrate
STDERR: grep: /etc/imapd.conf: No such file or directory
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: * Web Service SnowLeopard migration start *
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: /System/Library/ServerSetup/MigrationExtras/61_webconfigmigrator.rb --purge 1 --sourceRoot /Previous System --targetRoot / --sourceType System --sourceVersion 10.5.8 --language en
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/httpd.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard main config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Added userdir module directives, disabled
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Removed spotlight module
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Adjusted the set of LoadModule directives
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Changed user from www to _www
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Changed group from www to _www
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Removed spotlight-search handler
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Added dmgpart mime type
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Added mobileconfig mime type
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Added m3u8 mime type
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Added ts mime type
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Removed <IfModule> block for Spotlight
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: De-activated reference to WO Adaptor
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/0000any_80.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/0000any_80.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/000169.7.39.129_80rolandsystemsgroup.com.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/000169.7.39.129_80rolandsystemsgroup.com.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Appended port number to host in ServerName directive
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/000269.7.39.129_443admin.rolandsystemsgroup.com.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/000269.7.39.129_443admin.rolandsystemsgroup.com.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Appended port number to host in ServerName directive
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/000369.7.39.129_80edirol.com.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/000369.7.39.129_80edirol.com.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Appended port number to host in ServerName directive
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/000469.7.39.129_80rssamerica.com.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/000469.7.39.129_80rssamerica.com.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Appended port number to host in ServerName directive
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/000569.7.39.129_80rolandsystemsgroup.ca.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/000569.7.39.129_80rolandsystemsgroup.ca.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Appended port number to host in ServerName directive
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/000669.7.39.129_80v-mixingsystem.com.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/000669.7.39.129_80v-mixingsystem.com.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Appended port number to host in ServerName directive
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Processing: /etc/apache2/sites/000769.7.39.129_80personalmixing.com.conf.saved-Pre-SnowLeopard-unmodified
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: ...Creating: /etc/apache2/sites/000769.7.39.129_80personalmixing.com.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Checksum indicates customized Apache 2.2 Leopard vhost config file. Updating for SnowLeopard.
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Appended port number to host in ServerName directive
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Replaced SSL directives with more secure protocol and cipher suite
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Deleted Include for httpd_directory.conf
Thu Oct 15 10:35:18 2009: 61_webconfigmigrator.rb: Designating wild card vhost as collaboration site
Thu Oct 15 10:35:21 2009: 61_webconfigmigrator.rb: Updated Apache configuration is valid
Thu Oct 15 10:35:22 2009: 61_webconfigmigrator.rb: Migrated default wiki theme, set to com.apple.block.green.banner
Thu Oct 15 10:35:22 2009: 61_webconfigmigrator.rb: Migrated max wiki attachment size, set to 52428800
Thu Oct 15 10:35:22 2009: 61_webconfigmigrator.rb: The launchd plist for org.apache.tomcat has been unloaded based on pre-upgrade status
Thu Oct 15 10:35:24 2009: 61_webconfigmigrator.rb: The launchd plist for org.apache.httpd has been loaded based on pre-upgrade status
Thu Oct 15 10:35:24 2009: 61_webconfigmigrator.rb: The launchd plist for org.apache.htcacheclean has been unloaded based on pre-upgrade status
Thu Oct 15 10:35:26 2009: 61_webconfigmigrator.rb: The launchd plist for com.apple.wikid has been loaded based on pre-upgrade status
Thu Oct 15 10:35:26 2009: 61_webconfigmigrator.rb: * Web Service SnowLeopard migration end *
10:35:26.388 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/61_webconfigmigrator.rb
RESULT CODE: 0
STDOUT:
STDERR:
10:35:26.774 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/62upgrade_cyrusopts
RESULT CODE: 0
STDOUT:
STDERR:
2009-10-15 10:35:26 -0700: 62_wikiCreatorMigrator: * Starting migration of wiki creators
2009-10-15 10:35:26 -0700: 62_wikiCreatorMigrator: Migrating from sourceVersion = "10.5.8" sourceRoot="/Previous System" to targetRoot="/"
2009-10-15 10:35:27 -0700: 62_wikiCreatorMigrator: Wiki Creators have not been migrated from the previous system. You must use Server Admin Web to add them. Specific problem:WhitePages framework cannot find vhost for GUID: 7580C977-5C04-458B-8FD1-752152324E84
10:35:27.777 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/62_wikiCreatorMigrator
RESULT CODE: 0
STDOUT:
STDERR: 2009-10-15 10:35:27.771 62_wikiCreatorMigrator[935:903] * -[WPSession createRecordWithType:attributes:inNode:resolveNamingConflict:error:]: * Warning: the record of type dsRecTypeStandard:Config was created successfully, but OpenDirectoryFramework cannot find it. More info: recordName 'ServicesInformation' in /Local/Default
2009-10-15 10:35:27.772 62_wikiCreatorMigrator[935:903] * -[WPWebServices createServicesInformationRecordInLocalNodeWithSession:]: couldn't create the Computer record in /Local/Default. Reason: (null)
10:35:27.907 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/63notificationmigrator.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:35:43.528 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/64postfixmigrator
RESULT CODE: 0
STDOUT: Upgrading Postfix...
STDERR:
10:37:05.578 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/65mailmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR:
10:37:05.741 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/66clamavmigrator
RESULT CODE: 0
STDOUT:
STDERR:
10:37:05.835 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/66spam_assassinmigrator
RESULT CODE: 0
STDOUT:
STDERR: crontab: no crontab for root
10:37:05.869 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/67_CreateABSACLIfNeeded.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:37:06.142 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/70_smbconfigmigrator
RESULT CODE: 0
STDOUT:
STDERR:
10:37:07.307 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/80_radiusconfigmigrator.pl
RESULT CODE: 0
STDOUT: 80_radiusconfigmigrator.pl: Migrating RADIUS configuration...
80_radiusconfigmigrator.pl: Migrating certificate parameters into eap.conf...
80_radiusconfigmigrator.pl: extracting eap.conf dictionary from radius dictionary
80_radiusconfigmigrator.pl: extracting certificate params from eap.conf dictionary
80_radiusconfigmigrator.pl: No certificates in eap.conf, nothing to install
80_radiusconfigmigrator.pl: Done migrating certificate parameters into eap.conf
80_radiusconfigmigrator.pl: RADIUS migration complete
STDERR:
10:38:04.002 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/90_CertificateMigrator.sh
RESULT CODE: 0
STDOUT: certs = emptydictionary
STDERR: 2009-10-15 10:38:03.746 serveradmin[2358:903] --Module NSBundle </usr/share/servermgrd/bundles/servermgr_certs.bundle> (loaded)'s response has retain count of 9.
10:38:04.227 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/91_qtssmigrator
RESULT CODE: 0
STDOUT: /System/Library/ServerSetup/MigrationExtras/91_qtssmigrator: removing /Previous System/Library/QuickTimeStreaming
STDERR:
Thu Oct 15 10:38:04 2009: 93_pcastmigrator.rb: * Podcast Service Leopard->SnowLeopard migration start *
Thu Oct 15 10:38:04 2009: 93_pcastmigrator.rb: Error: Unable to copy all files from the source system: unknown file type: /Previous System/Library/Preferences/com.apple.pcastserverd.plist
Thu Oct 15 10:38:05 2009: 93_pcastmigrator.rb: pcastserverd has been unloaded based on pre-upgrade status
10:38:05.027 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/93_pcastmigrator.rb
RESULT CODE: 0
STDOUT:
STDERR:
10:38:07.634 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/94-wiki-group-migrator.py
RESULT CODE: 0
STDOUT:
STDERR: 2009-10-15 10:38:07.561 Python[3052:d0f] * -[NSAutoreleasePool release]: This pool has already been released, do not drain it (double release).
10:38:08.667 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/95-wikicalendarmigrator.py
RESULT CODE: 0
STDOUT: Logging to /Library/Logs/ServerAssistant.log
Starting
Options: {'wiki': None, 'sourceWikiPath': 'Library/Collaboration/Groups', 'guid': None, 'verbose': 1, 'language': 'en', 'targetRoot': '/', 'sourceCalendarPath': 'Library/CalendarServer/Documents', 'sourceRoot': '/Previous System', 'purge': True, 'output': None, 'calendar': None, 'sourceVersion': '10.5.8', 'targetCalendarPath': 'Library/CalendarServer/Documents', 'sourceType': 'System'}
Looking for wiki group plists in /Library/Collaboration/Groups
Found group plists: []
Chowning /Library/CalendarServer/Documents to 93:93
Done
STDERR:
10:38:10.365 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/95migratedhcp.pl
RESULT CODE: 0
STDOUT: 95migratedhcp.pl: Migrating DHCP and NetBoot configuration...
95migratedhcp.pl: migrating etc/bootpd.plist
95migratedhcp.pl: migrating private/tftpboot
95migratedhcp.pl: migrating System/Library/LaunchDaemons/bootps.plist
95migratedhcp.pl: DHCP is disabled for all interfaces
95migratedhcp.pl: netboot_enabled not found in bootpd.plist
95migratedhcp.pl: DHCP and NetBoot are both disabled in //etc/bootpd.plist: not loading //System/Library/LaunchDaemons/bootps.plist
95migratedhcp.pl: DHCP and NetBoot migration complete
STDERR:
10:38:11.125 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/99-wikipermissionsfixer.py
RESULT CODE: 0
STDOUT:
STDERR:
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:38:11.270 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/111-alfconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR:
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
Missing: /Previous System/private/etc/syslog.conf
10:38:11.331 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/111-syslogconfigmigrator.pl
RESULT CODE: 0
STDOUT:
STDERR:
purge: 1
sourceRoot: /Previous System
sourceType: System
sourceVersion: 10.5.8
targetRoot: /
language: en
10:38:11.440 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/111-webobjects.pl
RESULT CODE: 0
STDOUT:
STDERR:
10:38:15.054 Migration extra succeeded:
path: /System/Library/ServerSetup/MigrationExtras/BlojsomMigration.py
RESULT CODE: 0
STDOUT:
STDERR: /System/Library/Frameworks/Python.framework/Versions/2.6/Extras/lib/python/zope /_init_.py:1: UserWarning: Module twisted was already imported from /usr/share/caldavd/lib/python/twisted/_init_.pyc, but /System/Library/Frameworks/Python.framework/Versions/2.6/Extras/lib/python is being added to sys.path
_import__('pkg_resources').declare_namespace(__name_)
10:38:15.241 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/AddAppServerUserToAppServerGroups.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:15.492 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/carddav.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:15.693 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/DisableBootP.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:15.718 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/EnableDSProxy.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:15.981 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/GenerateRNDCKey.sh
RESULT CODE: 0
STDOUT:
STDERR: wrote key file "/private/etc/rndc.key"
10:38:16.040 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/MarkServerFolderAsLocalizable.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:16.559 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/SetAFPEncoding.rb
RESULT CODE: 0
STDOUT:
STDERR:
10:38:16.637 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/SetDefaultNFSThreadCount.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:16.886 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/SetSMBCodePage.rb
RESULT CODE: 0
STDOUT:
STDERR:
10:38:17.060 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/setupsecurityproxymail.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:17.346 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/SetupClamAV.sh
RESULT CODE: 0
STDOUT: Configuring Anti-Virus scanner...
done.
STDERR:
10:38:17.372 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/SetUpFTPSharePoints.sh
RESULT CODE: 0
STDOUT:
STDERR:
10:38:17.672 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/SetupMailman.sh
RESULT CODE: 0
STDOUT: Configuring mailman for this host...
done.
Compiling mailman...
Listing /usr/share/mailman/Mailman ...
Listing /usr/share/mailman/Mailman/Archiver ...
Listing /usr/share/mailman/Mailman/Bouncers ...
Listing /usr/share/mailman/Mailman/Cgi ...
Listing /usr/share/mailman/Mailman/Commands ...
Compiling /usr/share/mailman/Mailman/Defaults.py ...
Listing /usr/share/mailman/Mailman/Gui ...
Listing /usr/share/mailman/Mailman/Handlers ...
Listing /usr/share/mailman/Mailman/Logging ...
Listing /usr/share/mailman/Mailman/MTA ...
Listing /usr/share/mailman/Mailman/Queue ...
Compiling /usr/share/mailman/Mailman/mm_cfg.py ...
done.
STDERR:
10:38:17.750 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/SetUpNetBoot
RESULT CODE: 0
STDOUT:
STDERR:
10:38:17.964 Setup extra succeeded:
path: /System/Library/ServerSetup/CommonExtras/websetup
RESULT CODE: 0
STDOUT:
STDERR:
10:38:22.136 touching AppleSetupDone

Thanks for your help.
I discovered that there was an issue with the virtual host config files. I am not sure why but the problem passed the Apache startup routine. I discovered the offending VH config file by turning them all off and reactivating them one at a time. The real head scratcher is why I couldn't scan or ping port 80 during the problem.

DirectAccess - TCP open port not reachable

Hello,
I did a little experiment with my DirectAccess connectivity.
I have a laptop with DirectAccess connectivity enabled with my domain username.
I logged in to my laptop with my local administrator account. Thus, DirectAccess mounts the IPSec ESP tunnel infrastructure and it is possible to querry DNS requests to my Intranet (even if I'm not authenticated with my domain account).
I realize I was able to netcat to the web servers (and more generally, to use netcat to connect to any TCP opened ports on the intranet). Here there are two things I do not understand.
- I know there are two DA servers in a DMZ. I guess the fact I am able to netcat where I want on the Intranet is due to a lack of firewalling. But is it, or is it just a consequence of the way DA works?
- Then, when seeing I could netcat to open ports, I tried to connect to the web server with my browser, but the connection timeout. I thought it was strange. I should mention that when querrying the web server with a GET request in netcat, I only receives
HTTP headers qith a body length of 0. However, I do not understand why the browser querry timeout, and not the netcat one.
Thank you!

Hi
When you log on your laptop with your local administrator account, this account cannot be used for the user IPSEC tunnel. So you only have the IPSEC infrastructure tunnel established by your laptop. With this tunnel, you have access to all ressources declared
as allowed in the infrastructure tunnel.
BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

EA4500 router not opening ports even in DMZ

I have a EA4500 router running the following firmware: http://puu.sh/4l2Hb.jpg
I want to forward the following ports to host a game server: http://puu.sh/4l2Jb.png
In case you are wondering device ip# is correct and my computer has a static ip: http://puu.sh/4l2KQ.png (picture taken from the ipconfig command)
I made an exception for each and every one of these ports through windows firewall: http://puu.sh/4l2VU.png
more proof of the ports having an exception: http://puu.sh/4l2Xl.png
what happens when i check to see if the port is open: http://puu.sh/4l30O.png (ip adress hiden)
I have done everything correctly to my knowledge yet the ports are still not open. I have called my isp and they claim to not be stopping me from blocking ports. If it is the ISP's problem could someone explain to me exactly what I should ask them or tell them to do the next time I call their support line?
Also when I put the router in dMZ mode (a mode that i understand to open all my ports) my ports still remain closed which I really do not understand at all.
Solved!
Go to Solution.

Hi,
The IP address that you removed from here http://puu.sh/4l30O.png , is it the same with the WAN IP (Internet IP Address) displayed on the router? If it's not, then you have a double NAT issue. But if you have the same IP and still not opening the ports, you may try to check it directly to the modem. There are some ISPs that blocks uncommon ports and you may have to contact them to open it.
If everyone needs to believe in something, I believe I'll have another beer..

HH2 and HH3 not opening ports

Hi Guys
This is more of an FYI post rather than a oh dear whats wrong post.
We've had the HH2 for about a 2 years or so now and lately have been having some interesting, shall we say, personality traits with our HH2.
Often, for no reason, the HH2 will drop all wireless signals and will not allow anyone to connect, new devices, old devices or ethernet devices. Only a press of the restart button will resolve this.
Now thats not too annoying apart from the hassle but another (major) issue we're having is port opening/gaming.
Last week i decided to start playing a game i hadnt played it years, upon completion of downloading and installation i tried to connect, may i note weve never had any problems with gaming whatsoever with the HH2 in the 2 years weve had it, unfortunately i kept getting connection errors. So being an IT guy myself i decided to pull up the ports for the game and proceeded to open them up in the HH2's manager and assign them to my device.
Tried to reconnect and still got the error.. i was a bit crosseyed here so i thought well i shall try a port scanner and check to make sure my ports have been opened. They hadnt.. i checked the hub again, ports were listed as open and available in the application sharing section and also assigned to my device.
I proceeded to disable firewalls and DMZ my laptop, risky i know but i am an IT guy and know what i am doing. Anyways i restarted the HH2 again to make sure the firewall selection and DMZ applied. I waited and checked the HH2 was up and rechecked the settings all ok.
I ran the port scan again, the ports were still NOT open. Now this is quite annoying. I went to work and tested the game there on a bog standard ADSL line and the game worked fine. Take it home and not a peep.
I have spoken to BT and we're getting a HH3 free of charge to fix the problem but i just wanted you all to know that there could be some serious issues with the HH2 and it not opening ports, nor allowing DMZ to function correctly!
Thanks everyone, have a nice day and apologies on my wall of text.

Ok i think this thread is going to turn into a help me thread... in fact i dont think.. i know...
HELP ME!!!
I have received the new HH3 and with furvour decided to get into the hub, setup the wireless and put the ports in the forward list... i excitedly restarted the hub and connected...
and guess what.. still no joy.. ports are ALL closed... i have even DMZ'd my laptop and that isnt working.. im not getting the IP address im still getting an internal 192 address...
Can anyone give me a clue as to whats going on here? pulling my hair out now!

Port forwarding UDP 500 not consistent

I have a WRT400N setup to port forward UDP 500 (IKE) to a VPN device on my LAN. It works for a few hours, and then stops forwarding. If I reboot the WRT400N, it starts forwarding again. Has anyone seen this behavior?
Other ports I'm forwarding, such as 443 (HTTPS) work OK all the time.

Try to re-flash the firmware on your router and see if that works.
Connect the computer with the Ethernet cable to the router.
Download the latest firmware from Linksys website and save it on your computer. Open the setup page of the router. Click on Administration tab and go to Firmware upgrade sub tab. Browse the firmware file that you have already downloaded and upgrade it on your router.
After upgrading the firmware on the router, it is recommended that you should reset the router and reconfigure it. Press and hold the reset button on the router for 30 seconds. Release the reset button and wait for 30 seconds. Power cycle the router and reconfigure it.

Remote Connectivity Analyzer opens port 443 successfully but fails.."Net. conn. not available"

Trying to set up a client with external access. I just got their Edge off the domain and in the DMZ, and supposedly the appropriate firewall ports are opened. They have a RP running IIS ARR.
Microsoft Remote Connectivity Analyzer (testconnectivity.Microsoft.com) does the following for three tests:
1. When I do Lync Server Remote Connectivity Test and choose Autodiscover, it is able to open port 443 and it validates the cert. But it says "Operation failed because the network connection was not available".
2. When I do the same Lync Server Remote Connectivity Test and manually enter the Access Edge service FQDN and choose port 5061, it is able to resolve the name in DNS but it then fails testing TCP port 5061 with "The specified port is either blocked,
not listening, or not producing the expected response".
3. When I do the Lync Autodiscover Web Service Remote Connectivity Test, it fails when trying to open port 443 on the Lyncdiscover URL.
So, that seems to indicate to me that port 443 might be open on the Edge but not the Reverse Proxy, since that's where the autodiscover URL points. And it seems 5061 is not open but 443 is on the Edge. What else could I check on the Edge to get
443 working?
Thanks for the help and sorry for any vague information. Any help is appreciated!
Brandon

Okay, I can now telnet to lyncdiscover.mydomain.dom on port 443 successfully, and I can telnet to sip.mydomain.com on 5061 successfully.
Now when I do the remote connectivity test:
Using Autodiscover to detect server settings, I get "Operation failed because the network connection was not available". It opens port 443 fine it looks like.
Manually choosing lync.mydomain.com as the FQDN and port 5061, I get "The endpoint was unable to register. See the ErrorCode for specific reason". Response code is 504 and response message is Server Time-out
Doing the Lync Autodiscover Web Service Remote Connectivity Test I get "HTTP 403 error was received because ISA server denied the specified URL".
Looks to me like a rule might not be set right on the firewall if ISA is denying the connection, right?(they are using TMG on a server running Server 2008 as the firewall). I can't ping the reverse proxy from the firewall (but I can ping the Edge).
What else can I check?
Thanks for all the help so far, I really appreciate it.
Brandon

WRTG54G does not open ports

Hi,
I've got a problem that recently occured.
I used to host games and a FTP server, and for that i needed to open some ports. It used to work all the time, but recently people couldn't connect to me anymore.
I've tested some things online (open port scanners) and it seems that all my ports are closed.
It used to work fine, but now it doesnt anymore. I didn't change anything. What could be the problem here?
Thanks, Neil
Solved!
Go to Solution.

Well, if you did not change anything, it could be:
1. The port forwardings in the router may be missing. (The router reset to factory default due to a power failure or similar).
2. You did not set up the server with a static IP address. The server gets the IP address from the DHCP server on the router. You kept the server running for a long time and the server always got the same IP address from the router. Now, for whatever reason, the server was assigned a different IP address and your forwarding is not working anymore.
3. You run a firewall on your server and one of the latest updates closed down all ports.
4. Your ISP may started blocking incoming connections.

The EA3500 Smart Wi/Fi Will Not Open Port Forewarding

I have a windows 2012 essentials server that is on the network that requires port forwarding for HTTPS 443 and HTTP 80. The route that was working on the network without any issues was the WRT54GL on port forwarding.
The reason for the upgrade was the LAN port from 100Mbps to 1000Mbps to connect to a switch that has 1000Mbps so that the company intranet could transfer data at a faster rate.
This part works without any issues, the issue is the port forwarding on the route will not open the open the port need for the server.
I was on the chat with Linksys support and ask me to reflash the route with the firmware from the Linksys site and still no open ports

The way the windows 2012 essentials server is contacted from the remote web page is by service call Anywhere Access and port 443 needs to be open to get access to the remote web page and if you are using VPN it also access port 443 to connect to the server.
My internet provide is COX and port 443 is not blocked.
The problem is the route service port forwarding that I program to open up the port 443 will not pass traffic. The EA3500 route shows block.
I was on the phone off and on working with support for two days to try and correct this issue. Support had me restore factory settings, reflash the router with the firmware from their support web page, and rebuild the port forwarding port 443 and to the point of telling me to returning the router to company that I bought it from and getting a replacement.

I have a game on my xbox one that is telling me I need to open ports in order to play it I am not all that tech savvy and have no idea how to do this

I have an airport extreme and I am trying to play a new game on my xbox one and it keeps kicking me I have comcast internet that is more than fast enough so I went to the games site and it says I need to either create a static ip or to open ports no idea how to do either of these or what that does any help would be appreciated.

There are heaps of posts here about how to open ports on apple routers specifically for xboxes.
AirPort Extreme and xbox 360

Help open port on ASA5510 (version 8.3)

Hi all,
I configured ASA to open port 21, 3389, 5900 (outside access in) but when i check port just success : 21 and 3389, Error: 5900
If i configured with only one port 5900 or 3389, is't ok, i don't undesrtand what 's the problem?
ASA5510>
ASA5510> ena
Password: ***********************
ASA5510# show run
: Saved
ASA Version 8.3(1)
hostname ASA5510
domain-name lohoi.local
enable password *********************** encrypted
passwd *********************** encrypted
names
interface Ethernet0/0
description Connect_to_Modem
nameif outside
security-level 0
ip address 10.0.0.2 255.255.255.0
interface Ethernet0/1
description Connect_to_Router2911
nameif inside
security-level 100
ip address 172.16.17.2 255.255.255.240
interface Ethernet0/2
shutdown
no na
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
description Management
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
ftp mode passive
clock timezone ICT 7
dns server-group DefaultDNS
domain-name lohoi.local
object network obj-any
subnet 0.0.0.0 0.0.0.0
object network ftpserver
host 192.168.88.90
description FTP server
object network Remote_Desktop
host 192.168.100.29
object network VNC
host 192.168.100.4
access-list 101 extended permit icmp any any
access-list 101 extended permit icmp any any echo-reply
access-list 101 extended permit tcp any any
access-list outside_access_in extended permit tcp any object ftpserver eq ftp
access-list outside_in extended permit tcp any host 192.168.100.29
access-list outside_in extended permit tcp any host 192.168.100.4
pager lines 24
mtu outside 1500
mtu inside 1500
mtu management 1500
icmp unreachable rate-limit 1 burst
asdm image disk0:/asdm-631.bin
asdm history enable
arp timeout 14400
object network obj-any
nat (inside,outside) dynamic interface
object network ftpserver
nat (inside,outside) static interface service tcp ftp ftp
object network Remote_Desktop
nat (inside,outside) static interface service tcp 3389 3389
object network VNC
nat (inside,outside) static interface service tcp 5900 5900
access-group outside_in in interface outside
route outside 0.0.0.0 0.0.0.0 10.0.0.1 1
route inside 192.168.88.64 255.255.255.224 1
route inside 192.168.100.0 255.255.255.0 172.16.17.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
http authentication-certificate inside
http authentication-certificate management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 192.168.100.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
username admin password *********************** encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DD
CEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:667cb3ec729681c78ccab9a57abd89df
: end
ASA5510#

ASA5510# show run
: Saved
ASA Version 8.3(1)
hostname ASA5510
domain-name lohoi.local
enable password ****************** encrypted
passwd ****************** encrypted
names
interface Ethernet0/0
description Connect_to_Modem
nameif outside
security-level 0
ip address 10.0.0.2 255.255.255.0
interface Ethernet0/1
description Connect_to_Router2911
nameif inside
security-level 100
ip address 172.16.17.2 255.255.255.240
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
description Management
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
ftp mode passive
clock timezone ICT 7
dns server-group DefaultDNS
domain-name lohoi.local
object network obj-any
subnet 0.0.0.0 0.0.0.0
object network ftpserver
host 192.168.88.90
description FTP server
object network remote_desktop
host 192.168.100.2
object network remote_vnc
host 192.168.100.4
access-list 101 extended permit icmp any any
access-list 101 extended permit icmp any any echo-reply
access-list 101 extended permit tcp any any
access-list outside_access_in extended permit tcp any object ftpserver eq ftp
access-list outside_access_in extended permit tcp any host 192.168.100.4 eq 5900
access-list outside_access_in extended permit tcp any host 192.168.100.2 eq 3389
pager lines 24
mtu outside 1500
mtu inside 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asd
asdm history enable
arp timeout 14400
object network obj-any
nat (inside,outside) dynamic interface
object network ftpserver
nat (inside,outside) static interface service tcp ftp ftp
object network remote_desktop
nat (inside,outside) static interface service tcp 3389 3389
object network remote_vnc
nat (inside,outside) static interface service tcp 5900 5900
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 10.0.0.1 1
route inside 192.168.88.64 255.255.255.224 172.16.17.1 1
route inside 192.168.100.0 255.255.255.0 172.16.17.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
http authentication-certificate inside
http authentication-certificate management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 192.168.100.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
username admin password ****************** encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DD
CEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:4f061a213185354518601f754e41494c
: end
ASA5510#
So i configured again, but i'm not to access to 5900 port

Open port 916/udp not closeable

Similar Messages

Maybe you are looking for