[OT] Cuchara de palo....Ya no!!!
Hola amiguetes,
Pues a ver qué os parece la web que toy haciendo. (la
nuestra)
Aún le queda bastante, (algún flash, idiomas, y
chorradas varias), pero el
concepto ya está listo.
www.ikomma.com
YaC
This is a multi-part message in MIME format.
------=_NextPart_000_00A8_01C77C38.E7262CC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Todo lo dicho es de buen rollo... trankilidad absoluta...
seguro ke el =
resultado final es una pasada... no lo dudo...
"Lucas Sevilla" <[email protected]> escribi=F3 en el
mensaje =
news:[email protected]...
Markus tranquilo que YaC no lo har=E1 as=ED, tendr=E1 su
men=FA y sus =
cosas.
"Markus" <[email protected]_no_spam> escribi=F3 en el
mensaje =
news:[email protected]...
Gr=E0ficamente muy bien...
Usabilidad poca... si tus clientes son como los m=EDos
seguramente =
se kedan en=20
la p=E1gina de la direcci=F3n sin ver lo dem=E1s... el
scrolll =
horizontal es=20
original entre gente que conoce el entorno pero para los
dem=E1s si =
lo=20
compruebas ver=E1s que no lo detectar=E1n o les costar=E1 el
tiempo =
suficiente=20
como para poder haber cambiado de p=E1gina si estan
navegando viendo =
varias=20
cosas a la vez.
Multim=E9dia: falta algo de movimiento que eso vende mucho
sobretodo =
si haces=20
multim=E9dia y 3d (supongo ke como bien dices estas en
ello... pero =
no te=20
olvides). Webs chulas gr=E0ficamente hay muchas pero ke
aparte =
impacten y=20
recuerdes pocas. Te recomiendo explotar la tortuga cahonda
del final =
de la=20
web... promete mucho y puede ser si lo kieres un elemento =
identificativo de=20
tu marca.
En la home para que no se viera simpre lo mismo al acceder =
mostrar=EDa los=20
proyectos m=E1s recientes, una muestra cambiando
aleatoriamente.. =
pues tu=20
cliente final seguramente le interesar=E1 saber en ke estas
=
trabajando... dar=E1=20
una imagen de t=EDo okupado y ke kurra mucho... a la gente
le da =
seguridad de=20
ke trata con alguien ke sabe un mont=F3n ;-) pero sobretodo
como en =
el resto=20
de la web... no digas lo ke haces (todo el mundo hace de
todo) sino =
ke=20
ense=F1a mejor lo ke haces (si tus trabajos molan... solo =
ense=F1ando una=20
muestra... se vender=E1 solo)
Todo lo dicho tan solo es una cr=EDtica personal qu=E9date
con lo =
que realmente=20
creas conveniente (te recomiendo testear con gente a tu
lado) y si =
no te=20
kedas kon nada aki no ha pasado nada... y tan amigos :-P
"Temporis Creations" <[email protected]>
escribi=F3 en el =
mensaje=20
news:[email protected]...
> Felicidades YaC, seg=FAn los "grandes estad=EDstas", un
usuario =
decide en=20
> mil=E9sima de segundo si le gusta una web, as=ED como
el tiempo =
que va estar=20
> en ella. Creo que este proyecto invita a disfrutar de
muchos =
minutos=20
> delante del mismo.
>
> Felicidades. Buenos Bytes.
>
> "YaC" <[email protected]> escribi=F3 en
el mensaje=20
> news:[email protected]...
>> Hola amiguetes,
>> Pues a ver qu=E9 os parece la web que toy haciendo.
(la nuestra)
>> A=FAn le queda bastante, (alg=FAn flash, idiomas, y
chorradas =
varias), pero=20
>> el
>> concepto ya est=E1 listo.
>> www.ikomma.com
>>
>> YaC
>>
>>
>
>=20
------=_NextPart_000_00A8_01C77C38.E7262CC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0
Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.6000.16414"
name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Todo lo dicho es
de buen rollo... =
trankilidad=20
absoluta... seguro ke el resultado final es una pasada... no
lo=20
dudo...</FONT></DIV>
<DIV> </DIV>
<DIV>"Lucas Sevilla" <<A=20
href=3D"mailto:[email protected]">[email protected]</A>>
=
escribi=F3 en el=20
mensaje <A=20
href=3D"news:[email protected]">news:eviehf$9fr$1@forums=
.macromedia.com</A>...</DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT:
5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV><FONT face=3D"Trebuchet MS" size=3D2>Markus
tranquilo que YaC no =
lo har=E1 as=ED,=20
tendr=E1 su men=FA y sus cosas.</FONT></DIV>
<BLOCKQUOTE=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT:
5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Markus" <<A=20
=
href=3D"mailto:[email protected]_no_spam">[email protected]_no_spam</A>>=
=20
escribi=F3 en el mensaje <A=20
=
href=3D"news:[email protected]">news:evidvi$8rd$1@forums=
.macromedia.com</A>...</DIV>Gr=E0ficamente=20
muy bien...<BR>Usabilidad poca... si tus clientes son
como los =
m=EDos=20
seguramente se kedan en <BR>la p=E1gina de la
direcci=F3n sin ver lo =
dem=E1s... el=20
scrolll horizontal es <BR>original entre gente que
conoce el entorno =
pero=20
para los dem=E1s si lo <BR>compruebas ver=E1s que no
lo detectar=E1n =
o les costar=E1=20
el tiempo suficiente <BR>como para poder haber
cambiado de p=E1gina =
si estan=20
navegando viendo varias <BR>cosas a la
vez.<BR>Multim=E9dia: falta =
algo de=20
movimiento que eso vende mucho sobretodo si haces
<BR>multim=E9dia y =
3d =20
(supongo ke como bien dices estas en ello... pero no te =
<BR>olvides). Webs=20
chulas gr=E0ficamente hay muchas pero ke aparte impacten y =
<BR>recuerdes=20
pocas. Te recomiendo explotar la tortuga cahonda del final
de la =
<BR>web...=20
promete mucho y puede ser si lo kieres un elemento
identificativo de =
<BR>tu=20
marca.<BR>En la home para que no se viera simpre lo
mismo al acceder =
mostrar=EDa los <BR>proyectos m=E1s recientes, una
muestra cambiando =
aleatoriamente.. pues tu <BR>cliente final seguramente
le =
interesar=E1 saber=20
en ke estas trabajando... dar=E1 <BR>una imagen de
t=EDo okupado y =
ke kurra=20
mucho... a la gente le da seguridad de <BR>ke trata
con alguien ke =
sabe un=20
mont=F3n ;-) pero sobretodo como en el resto <BR>de la
web... no =
digas lo ke=20
haces (todo el mundo hace de todo) sino ke
<BR>ense=F1a mejor lo ke =
haces (si=20
tus trabajos molan... solo ense=F1ando una
<BR>muestra... se =
vender=E1=20
solo)<BR>Todo lo dicho tan solo es una cr=EDtica
personal qu=E9date =
con lo que=20
realmente <BR>creas conveniente (te recomiendo testear
con gente a =
tu lado)=20
y si no te <BR>kedas kon nada aki no ha pasado nada...
y tan amigos=20
:-P<BR><BR><BR>"Temporis Creations"
<<A=20
=
href=3D"mailto:[email protected]">[email protected]</A>=
>=20
escribi=F3 en el mensaje <BR><A=20
=
href=3D"news:[email protected]">news:evh2e0$ie3$1@forums=
.macromedia.com</A>...<BR>>=20
Felicidades YaC, seg=FAn los "grandes estad=EDstas", un
usuario =
decide en=20
<BR>> mil=E9sima de segundo si le gusta una
web, as=ED como el =
tiempo que va=20
estar <BR>> en ella. Creo que este proyecto
invita a disfrutar de =
muchos=20
minutos <BR>> delante del
mismo.<BR>><BR>> Felicidades. =
Buenos=20
Bytes.<BR>><BR>> "YaC"
<<A=20
=
href=3D"mailto:[email protected]">[email protected]</A>=
>=20
escribi=F3 en el mensaje <BR>> <A=20
=
href=3D"news:[email protected]">news:evfi73$iho$1@forums=
.macromedia.com</A>...<BR>>>=20
Hola amiguetes,<BR>>> Pues a ver qu=E9
os parece la web que =
toy=20
haciendo. (la nuestra)<BR>>> A=FAn le
queda bastante, (alg=FAn =
flash,=20
idiomas, y chorradas varias), pero
<BR>>> el<BR>>> =
concepto ya=20
est=E1 listo.<BR>>> <A=20
=
href=3D"
=20
YaC<BR>>><BR>>><BR>><BR>>=20
<BR><BR></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_00A8_01C77C38.E7262CC0--
Similar Messages
-
WLC Guest Setup thru Palo Alto Firewall
We currently have a Guest wireless setup at my company, instead of using a anchor controller we have dual contorllers with each having one interface connecting out into our dmz and then going out. it's a pure L2 connection and exits out to the internet via a DMZ interface on our ASA. We recently purchased a PA-200 Palo Alto firewall to use for this Guest network, and configured everything exactly how it's all ready setup on our dmz switch and asa with the same ip addresses. When we connect the outside interfaces from the controller to a L2 switch that's connected to the Palo Alto firewall we can't get dhcp requests thru and have no connectivity, even if we set a static IP on our client we still have no connectivity and it won't redirect us. We use Web-Auth for our authenication with this network and I know once you get an IP address it will only allow dns to redirect to the virtual IP for authenication before it allows anything else but it is the exact same setup as we had before just with a different firewall so I'm stuck. Also if I plug directly into the switch via ethernet cable I can get an IP address and get out to the internet. Is there anyone who has experience with this type of setup, or might know what I need to allow on the firewall for it to work? I've attached a diagram of the basic topology we have setup.
ThanksHi Rod
You WLC interface and PA interface config look correct. I assume you have policies rules on the PA to permit traffic from your guest zone to the destination. You will also require a policy on the PA to permit traffic from the guest zone to the guest zone as the default route for the subnet is on the PA and any traffic to the IP is filtered by the policies.
I have my WLC doing DHCP for my guest subnet as your guest SSID/vlan is probably central switched on the WLC its the easiest way to do this. The PA has no DHCP helper function as far as I am aware and I've never tried passing DHCP requests through a PA via a centrally switched SSID. I assume 10.118.6.112 is the management IP of your controller? if its not try changing the IP to your controller management IP if your not getting DHCP
I'm not sure how your guest system works but I have an SSID which has a web-auth policy fowarding the guest auth to an authentication server with a webconsole which the passes a radius auth session back to the WLC.
Do you have any other SSID's configured to use that physical port on the WLC? Even if there HREAP and not using the interface.
Do you also have the web policy configured correctly on the SSID? I assume you want the browser to redirect to the guest web login page when they connect to the SSID. Are you using an external server for this or the WLC? -
Palo Alto NetConect not working in Mountain Lion, anyone else having this issue?
I use Palo Alto NetConnect to access a VPN and it always worked fine with Mac OS X 10.6 & 10.7. I updated to Mountain Lion almost immediately after release and the client no longer connects. Is there anyone who has encountered an issue and knows how to fix it? Its very important for my daily use and without it I'll have to downgrade back to Lion.
-ChrisHi 2themax11
Still no update from PA Networks - it is like they are in total denial that Mountain Lion exists!
The Cisco app works but only just and is very slow, i think that may be more to do with us than the use of the app. Bear in mind we used to use the Cisco service and so it is not something I had to set up from scratch but it is not something our network team are happy about as this service was buried and was not supposed to be supported any more.
I am also using a Cisco SSL webvpn for accessing our intranet etc. it is a quicker fix for a few things. Like you I am now using 2 laptops...one is an old Dell...it is horrible! -
Lumira Hands-On Workshop Coming Up in Palo Alto, USA - June 26th
Hello Everyone,
Due to popular demand for a Lumira hands-on training, we are holding our next one in Palo Alto on June 26th!
Workshop details and registration link are available here.
Alternately, you can register by sending an email to [email protected] with the Subject Line – “Registration request for Lumira Workshop – June 26th“.
The workshop is free of cost and open to everyone interested. Please note that The is an on-premise workshop and a remote option is not available. We will be running out on capacity soon, hence reserve your spot today! Finally, please feel free to pass this along to anyone who might be interested.
Cheers!
RuchiI took one of their classes in London and it was an excellent class - very hands on, 2 - 3 hrs of lecture a day, and lots of hardware, lab time!!!. I also saw an email from Jesse T who said he knows the instructor and said he was EXCELLENT. Jesse's response was in the ims-alias this morning I think. Trust me you wont regret it. Also I saw another email saying he is going to have a workshop in Europe, so if you are interested, let them know :-)
-
Citrix Xen Server on UCS-B with Palo Adapter
All
I am attempting to install Citrix Xen server (tried 5.6 and 5.5) on a UCS-B series blade running the Palo Adapter.
During the install we are asked to install drivers.
I used "kmod-enic-xen-1.1.1j-0.x86_64.rpm" from virtual media and it stated no drivers were found.
I tried extrating this to .gz and further to .cpio with the same results.
Any input or direction would be appreciated.
Thanks in advance
DaveOCisco B-series support on Xenserver 5.6 can be found at -
http://hcl.vmd.citrix.com/BrowsableServerList.aspx?__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJNDE0NjI1MDY5ZBgCBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBQUiY3RsMDAkY3BoTGVmdCRQcm9kdWN0TmFtZVNlbGVjdGlvbgUlY3RsMDAkY3BoTGVmdCRQcm9kdWN0RWRpdGlvblNlbGVjdGlvbgUlY3RsMDAkY3BoTGVmdCRQcm9kdWN0VmVyc2lvblNlbGVjdGlvbgUjY3RsMDAkY3BoTGVmdCRTZXJ2ZXJWZW5kb3JTZWxlY3Rpb24FIWN0bDAwJGNwaExlZnQkRm9ybUZhY3RvclNlbGVjdGlvbgUdY3RsMDAkY3BoTWFpbiRTZXJ2ZXJMaW5rVGFibGUPPCsACgEIAgFktUOxaVqPQ0ve39xhDIByQCg50Ys%3D&ctl00%24cphLeft%24ProductEditionSelection=&ctl00%24cphLeft%24ProductVersionSelection=5.6.0&ctl00%24cphLeft%24ProductVersionSelection=5.5.0&ctl00%24cphLeft%24ServerVendorSelection=Cisco+Systems&ctl00%24cphLeft%24FormFactorSelection=&ctl00%24cphLeft%24ctl00=Apply+Filters
Palo or CIsco VIC is not currently supported on XenServer 5.6, we are currently engaged with Citrix to add that support, timelines unknown at this point.
Qlogic CNA (M71KR-Q) and EMulex CNA (M71KR-E) both work fine with XS 5.6 -
I have an in production Palo Alto 3050. I just got a secondary ISP, for free no less, from AT&T. I would like to send traffic from specific hosts over the secondary AT&T line.Steps so far:Current ISP gateway is 50.50.50.1 (example IP address)AT&T gateway is 100.100.100.1/24 (example IP address)I have created a zone for AT&T, I have connected the AT&T equipment to interface 1/12 and given 1/12 100.100.100.2/24. I have created a virtual router and added interface 1/12 to it and added a static route for 0.0.0.0/0 to 100.100.100.1. I have added a security policy for zone inside with my specific server's ip address. I created an ATT pat pool with source inside to destination ATT and my specific server's ip address. I created a PBF rule to send anything from my specific server's ip address out interface 1/12.For the life of me I cannot make...
This topic first appeared in the Spiceworks CommunityHello all hope everyone is having a good day. I'm having some issues with a loop in my script. I know I'm opening myself up here, but what is wrong with this picture?
Powershell#Prompt for and validate existence of the old profile$Old = Read-Host "Please enter old profile name"$TestOld = Test-Path C:\Users\$oldDo{ If ($testold) { Write-Host "Profile exist" } Else { Write-Host "Profile doesn't exist" $Old = Read-host "Please enter a valid profile name" }}While ($testold -eq $false)What's happening is if the correct name is entered the rest of the script works. If the wrong name is entered it prompts for the correct one but the variable doesn't set. I've tried using clear-variable before prompting the second time but keep getting stuck in a loop.
PowershellCleae-Variable $oldClear-Variable -Name old
Those are the two ways I've tried. The... -
Cisco ASA packet-tracer Palo Alto equivalent
Hi All
Does anyone know if the Palo Alto 3020 boxes have an equivalent feature to the Cisco ASA Packet-tracer ?
many thanksI have used the "test security-policy-match" cli command which identifies the specific policy rule a source/destination traffic pair matches against. You need to make sure you specify all fields (zone, src/dst network, protocol and ports.
-
L2L vpn with Palo Alto Firewall
I am setting up a l2l tunnel with a palo alto firewall and having trouble. It is a fairly simple setup, we are encrypting public to public traffic for sftp upload from the asa side. Here are the relevant parts of the config and various outputs... Remote side admin states that phase 1 passes and we experience a timeout waiting for phase 2. Any help would be appreciated.
1.1.1.1 (customer2 destination address)
1.1.1.2 (customer2 vpn gateway)
2.2.2.0 (local public ip space)
name 1.1.1.1 CustomerVPN2 description Customer VPN2
access-list Inside_nat0_outbound extended permit ip 2.2.2.0 255.255.255.240 host CustomerVPN2
access-list Outside_4_cryptomap extended permit ip 2.2.2.0 255.255.255.240 host CustomerVPN2
crypto map Outside_map 4 match address Outside_4_cryptomap
crypto map Outside_map 4 set connection-type originate-only
crypto map Outside_map 4 set peer 1.1.1.2
crypto map Outside_map 4 set transform-set ESP-AES-256-SHA
crypto isakmp policy 50
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
tunnel-group 1.1.1.2 type ipsec-l2l
tunnel-group 1.1.1.2 ipsec-attributes
pre-shared-key *
sh crypto isakmp (notice listed as type:user)
8 IKE Peer: 1.1.1.2
Type : user Role : initiator
Rekey : no State : MM_WAIT_MSG2
debug crypto ipsec (Looks like it tries all crypto maps except the relevant one)
IPSEC(crypto_map_check): crypto map Outside_map 1 does not hole match for ACL Outside_1_cryptomap.
IPSEC(crypto_map_check): crypto map Outside_map 2 does not hole match for ACL Outside_2_cryptomap.
IPSEC(crypto_map_check): crypto map Outside_map 3 does not hole match for ACL Outside_3_cryptomap.
IPSEC(crypto_map_check): crypto map Outside_map 3 does not hole match for ACL OO_temp_Outside_map3.
and finally.
Oct 03 10:39:09 [IKEv1]: IP = 1.1.1.2, Removing peer from peer table faile
d, no match!
Oct 03 10:39:09 [IKEv1]: IP = 1.1.1.2, Error: Unable to remove PeerTblEntrThanks Lee and Manish
I have no access to the palo alto logs. I am working with the admin at the other end and this is what he said. I used the real ip's because it was getting too confusing...
I figured out what is wrong. It didn’t click at first but because my firewall uses “route-based” VPNs as opposed to the “policy-based” VPNs on an ASA, I need to specify a route for your source address(es) which is 66.x.x.48/28. The issue with that is when my gateway tries to respond to your gateway IKE packets, it is trying to send it over the route that I specified, since 66.x.x.62 is included in this network, and the firewall tries to send the IKE response packets over the tunnel that doesn’t exist. I changed the route to be 66.x.x.48/32 and it was successful with IKE phase 1 but fails on phase 2 because it is sourcing from 66.x.x.62/32.
So long story short of what we need to do. Either you need to NAT your internal address to a different public IP on that firewall or I can assign you a transit network IP (such as 192.168.74.55 or something) and you would NAT that internal address to that transit IP
Not sure how to translate the traffic for this vpn without changing the global nat, it looks like policy nat is the solution. -
Windows 2003 Palo (VIC) Drivers
Anyone know if there is a Windows 2003 VIC driver? I fond the Windows 2008 x64 one on the UCS Downloads page.
While the official answer may be that it is not supported, I have to say that it is a BAD answer. Our local Cisco SE said it was due to Microsoft discontinuing new certifications for 2003. So what? W2K3 is a huge part of my environment. While not having the drivers won't stop our implementation of UCS, it is causing us to think about not moving some systems to UCS. We do a lot of W2K3 clustering so having Palo drivers would be very beneficial. Now, we may have to lose some redundancy so we can keep our heartbeat and servers traffic separate.
A good answer to the original question would be, "There are currently no Palo drivers for W2K3, but we are working on them."
Adam -
Crazy - never had any issues with AT&T - thinking about going back..... Brand new iphone 5S. I've reset the network, disabled and enabled imessaging. Any thoughts?
Kent,
We do not want to see you go. Thank you for all the troubleshooting you have done thus far. I do not see any service alerts in your area. Do you only have issues inside your home with dropped calls? Do you also have issues with data and text? Are you connected to Wifi in your home?
LindseyT_VZW
Follow us on Twitter @VZWSupport -
UCS-B: iSCSI performance with M51KR-B BCM57711 vs Palo M81KR
Cisco pushes M81KR card saying that there's no reason to use anything else. What about systems with iSCSI storage (ESXi boots from local drive, VMs are on iSCSI storage, no iSCSI boot)? Is there any performance advantages to using BCM57711 card? It has iSCSI TOE, while M81KR does not, isn't this enough of a reason to use BCM57711 for iSCSI environments?
Roman,
You are correct that the current generation of M81KR VIC does not have the TOE for iSCSI as the broadcom card does. However our adaptors are designed with adequate resources to provide similar performance.
Let me see if I can dig up some performance metrics so you can compare.
Regards,
Robert -
Converting a Palo Alto Firewall to a Cisco ASA - recommendations?
I've seen some tools for converting ASA's to PA... but not the other way around. Anyone come up with a good method? (scripts, tools, etc?)
Thanks in advance!Hi,
I couldn't find any. May be someone else has it but google didn't show up anything for me:) nor did internal search. I would suggest contacting your account team and see if they can assist you with migration.
Regards,
Kanwal
Note: Please mark answers if they are helpful. -
Hello,
I'm experiencing problems with M81kr drivers for windows 2008 r2 x64. I've downloaded last 1.3 driver version available in cisco.com and when trying to install the server,it does recognize the SAN LUNs, but it says it can't be installed there. Version 1.4 doesn't even have a driver for m81kr...only LSI, EMULEX and QLOGIC.
I've checked the HW compatibility matrix, and it says i need m81kr driver 2.0.1.3...whereas in cisco.com there's no such numbering scheme...it is either 1.1, 1.2, 1.3 or 1.4
By the way, i'm running UCSM 1.4 and B-200 M1
Anybody can help me out on this, please?
Thanks a lot,UCS service proifile config for Win2008
- Boot target LUN ID must be 0.
- single HBA thru fabric A (or B)
Drive array config
- make sure that LUN is exposed with ID 0 to the initiator (i.e. your service profile HBA pWWN) if you are expsoing multiple LUNs to the same intiator ( for example if you're using EMC then the Win2008 LUN should be added as first to the storage group).
- make sure that the LUN is exposed thru the corect storage processor if your drive array is conncted thru two SPs. (A or B depending how you connected your service profile and how you've configured LUN masking). If it's not available via proper SP then use tresspass on drive array for the LUN to achieve that -
How to get tree structure from file list?
I have got following rows from my select query presenting a folder structure:
PATH
/KING/JONES/SCOTT
/KING/JONES/SCOTT/ADAMS
/KING/JONES/FORD
/KING/JONES/FORD/SMITH
/KING/BLAKE
/KING/BLAKE/ALLEN
/KING/BLAKE/WARD
/KING/BLAKE/MARTIN
/KING/BLAKE/TURNER
/KING/BLAKE/JAMES
/KING/CLARK
/KING/CLARK/MILLER
/PALO/TEMP
On base of this data I need to build tree in my application by effecient way.
Therefore i would like to achieve data (SELECT with two columns) as bellow:
FOLDER PARENTFOLDER
KING NULL
JONES KING
SCOTT KING/JONES
ADAMS KING/JONES/SCOTT
FORD KING/JONES
SMITH KING/JONES/FORD
BLAKE KING
ALLEN KING/BLAKE
WARD KING/BLAKE
MARTIN KING/BLAKE
TURNER KING/BLAKE
JAMES KING/BLAKE
CLARK KING
MILLER KING/CLARK
PALO NULL
TEMP PALOIs this possible to do it on SQL level(not PL SQL)?
ThanksPerhaps something like this?
SQL> ed
Wrote file afiedt.buf
1 with t as (select '/KING/JONES/SCOTT' as path from dual union all
2 select '/KING/JONES/SCOTT/ADAMS' from dual union all
3 select '/KING/JONES/FORD' from dual union all
4 select '/KING/JONES/FORD/SMITH' from dual union all
5 select '/KING/BLAKE' from dual union all
6 select '/KING/BLAKE/ALLEN' from dual union all
7 select '/KING/BLAKE/WARD' from dual union all
8 select '/KING/BLAKE/MARTIN' from dual union all
9 select '/KING/BLAKE/TURNER' from dual union all
10 select '/KING/BLAKE/JAMES' from dual union all
11 select '/KING/CLARK' from dual union all
12 select '/KING/CLARK/MILLER' from dual union all
13 select '/PALO/TEMP' from dual
14 )
15 --
16 -- END OF TEST DATA
17 --
18 select distinct substr(path,instr(path,'/',1,rn)+1,decode(instr(path,'/',1,rn+1),0,length(path)+1,instr(path,'/',1,rn+1))-instr(path,'/',1,rn)-1) as folder, substr(path,2,instr(path,'/',1,rn)-2) as parent
19 from t
20 cross join (select rownum rn from dual connect by rownum <= (select max(length(regexp_replace(path,'[^/]'))) from t)) x
21* where instr(path,'/',1,rn) > 0
SQL> /
FOLDER PARENT
BLAKE KING
SCOTT KING/JONES
JAMES KING/BLAKE
MARTIN KING/BLAKE
SMITH KING/JONES/FORD
KING
WARD KING/BLAKE
ADAMS KING/JONES/SCOTT
FORD KING/JONES
TURNER KING/BLAKE
MILLER KING/CLARK
PALO
TEMP PALO
JONES KING
CLARK KING
ALLEN KING/BLAKE
16 rows selected.
SQL> -
Cisco ASA 5505 Site to Site VPN tunnel up, but not passing traffic
Thanks to a previous thread, I do have a 5505 up and running, and passing data....
https://supportforums.cisco.com/message/3900751
Now I am trying to get a IPSEC VPN tunnel working.
I actually have it up (IKE phase 1 & 2 both passed), but it is not sending/receiving data through the tunnel.
The networks concerned:
name 10.0.0.0 Eventual (HQ Site behind Firewall)
name 1.1.1.0 CFS (Public Network Gateway for Palo Alto Firewall - Firewall IP: 1.1.1.1)
name 2.2.2.0 T1 (Remote site - Outside interface of 5505: 2.2.2.2)
name 10.209.0.0 Local (Remote Network - internal interface of 5505: 10.209.0.3)
On a ping to the HQ network from behind the ASA, I get....
portmap translation creation failed for icmp src inside:10.209.0.9 dst inside:10.0.0.33 (type 8, code 0)
I am suspecting that there is a NAT error and/or a lack of a static route for the rest of the 10.0.0.0 traffic, and that I may have to exempt/route the traffic for the HQ network (10.0.0.0), but I haven't been able to get the correct entries to make it work.
Below is the config.
Can anyone see if there is something sticking out?
: Saved
ASA Version 8.2(5)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 10.0.0.0 Eventual
name 10.209.0.0 Local
name 2.2.2.0 T1
name 1.1.1.0 CFS
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 0
ip address 10.209.0.3 255.0.0.0
interface Vlan2
nameif outside
security-level 0
ip address 2.2.2.2 255.255.255.248
time-range Indefinite
ftp mode passive
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object ip
protocol-object icmp
protocol-object udp
protocol-object tcp
object-group network DM_INLINE_NETWORK_1
network-object Eventual 255.0.0.0
network-object T1 255.255.255.248
network-object CFS 255.255.255.240
access-list outside_1_cryptomap extended permit ip Local 255.255.255.0 object-group DM_INLINE_NETWORK_1
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
icmp permit any inside
asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 67.139.113.217 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http Eventual 255.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer 1.1.1.1
crypto map outside_map 1 set transform-set ESP-3DES-MD5
crypto map outside_map 1 set phase1-mode aggressive
crypto map outside_map interface outside
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 28800
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
dhcpd address 10.209.0.201-10.209.0.232 inside
dhcpd dns 8.8.8.8 8.8.4.4 interface inside
dhcpd auto_config outside interface inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
group-policy FTMGP internal
group-policy FTMGP attributes
vpn-idle-timeout none
vpn-filter none
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 general-attributes
default-group-policy FTMGP
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
service-policy global_policy global
prompt hostname context
call-home reporting anonymous
Cryptochecksum:701d8da28ee256692a1e49d904e9cb04
: end
asdm location Eventual 255.0.0.0 inside
asdm location Local 255.255.255.0 inside
asdm location T1 255.255.255.248 inside
asdm location CFS 255.255.255.240 inside
asdm history enable
Thank You.I'm just re-engaging on the firewall this afternoon, but right now I'm getting request timed out on the pings....
Here's the output requested:
Result of the command: "show crypto isakmp sa"
Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1
1 IKE Peer: 1.1.1.1
Type : L2L Role : initiator
Rekey : no State : AM_ACTIVE
Result of the command: "show crypto ipsec sa"
interface: outside
Crypto map tag: outside_map, seq num: 1, local addr: 2.2.2.2
access-list outside_1_cryptomap extended permit ip 10.209.0.0 255.255.255.0 10.0.0.0 255.0.0.0
local ident (addr/mask/prot/port): (Local/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (Eventual/255.0.0.0/0/0)
current_peer: 1.1.1.1
#pkts encaps: 84, #pkts encrypt: 84, #pkts digest: 84
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 84, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: 2.2.2.2, remote crypto endpt.: 1.1.1.1
path mtu 1500, ipsec overhead 58, media mtu 1500
current outbound spi: 8FC06BD1
current inbound spi : 42EC16F4
inbound esp sas:
spi: 0x42EC16F4 (1122768628)
transform: esp-3des esp-md5-hmac no compression
in use settings ={L2L, Tunnel, PFS Group 2, }
slot: 0, conn_id: 4096, crypto-map: outside_map
sa timing: remaining key lifetime (kB/sec): (62207/28464)
IV size: 8 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
outbound esp sas:
spi: 0x8FC06BD1 (2411752401)
transform: esp-3des esp-md5-hmac no compression
in use settings ={L2L, Tunnel, PFS Group 2, }
slot: 0, conn_id: 4096, crypto-map: outside_map
sa timing: remaining key lifetime (kB/sec): (62201/28464)
IV size: 8 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
Here's the current config:
: Saved
ASA Version 8.2(5)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 10.0.0.0 Eventual
name 10.209.0.0 Local
name 67.139.113.216 T1
name 1.1.1.0 IntegraCFS
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 0
ip address 10.209.0.3 255.0.0.0
interface Vlan2
nameif outside
security-level 0
ip address 2.2.2.2 255.255.255.248
time-range Indefinite
ftp mode passive
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object ip
protocol-object icmp
protocol-object udp
protocol-object tcp
object-group network DM_INLINE_NETWORK_1
network-object Eventual 255.0.0.0
network-object T1 255.255.255.248
network-object IntegraCFS 255.255.255.240
access-list outside_1_cryptomap extended permit ip Local 255.255.255.0 object-group DM_INLINE_NETWORK_1
access-list No_NAT extended permit ip Local 255.255.255.0 Eventual 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list No_NAT
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 2.2.2.0 1
route outside Eventual 255.255.255.0 1.1.1.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http Eventual 255.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer 1.1.1.1
crypto map outside_map 1 set transform-set ESP-3DES-MD5
crypto map outside_map 1 set security-association lifetime kilobytes 65535
crypto map outside_map 1 set phase1-mode aggressive
crypto map outside_map interface outside
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 28800
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
dhcpd address 10.209.0.201-10.209.0.232 inside
dhcpd dns 8.8.8.8 8.8.4.4 interface inside
dhcpd auto_config outside interface inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
group-policy FTMGP internal
group-policy FTMGP attributes
vpn-idle-timeout none
vpn-filter none
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 general-attributes
default-group-policy FTMGP
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
service-policy global_policy global
prompt hostname context
call-home reporting anonymous
Cryptochecksum:301e573544ce0f89b3c597bdfe2c414a
: end
asdm location Eventual 255.0.0.0 inside
asdm location Local 255.255.255.0 inside
asdm location T1 255.255.255.248 inside
asdm location IntegraCFS 255.255.255.240 inside
asdm history enable
Maybe you are looking for
-
How to reset my MacBook Pro for re-sale
I'm thinking of selling my 2010 MacBook Pro, which I bought with OS X 10.6 Snow Leopard. When selling previous Macs, I've deleted everything, including other user accounts and then re-installed the OS from the supplied CDs or DVD. This then leaves a
-
The requested URL /Site/Home.html was not found on this server - HELP!
NOT FOUND: The requested URL /Site/Home.html was not found on this server. This comes up when I type in my website address. I am new to this, have created my website on iweb, bought the domain name and purchased web hosting with 123-REG. I ask for th
-
Mighty Mouse will not scroll horizontally uder 10.3.9 why???
Hi all I was trying out my Mighty Mouse under 10.3.9 and it's not scrolling horizontally and on Apple support sight it said that it should scroll horizontally and vertically but it just doesn't scroll horizontally why is this? I have tried it on 10.4
-
Hi, Fairly new to BEx. I'm trying to create a query that has the columns of Total and YTD and rows that show the past 3 years. My Total is being pulled directly from my multiprovider--so no issues. My YTD column is a restriction of this Total field,
-
I am recieving this message when auto copying to clipboard, "signed.applets.codebase_principal_support=true" which is not allowing me to pick up the data from web pages that I copy from, grateful for any directions to solve this, many thanks