Ping other public IP

Similar Messages

• One router on ASA 5505 Site to Site VPN can't ping other router

  I have two Cisco ASA routers and I have a site to site vpn set up between the two. The VPN link works but Site A can't ping anything on Site B. Site B can ping Site A. Site B can ping other pcs on it's own network. Site A has been in place for a while and has other site to site VPNs that work fine, so I think the problem is with Site B. Here is the config for Site B:
  Result of the command: "show running-config"
  : Saved
  ASA Version 8.4(4)1
  hostname SaskASA
  enable password POgOWyKyb0jgJ1Hm encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.16.1 255.255.254.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  ftp mode passive
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network NETWORK_OBJ_192.168.16.0_23
  subnet 192.168.16.0 255.255.254.0
  object network NETWORK_OBJ_192.168.2.0_23
  subnet 192.168.2.0 255.255.254.0
  access-list outside_cryptomap extended permit ip 192.168.16.0 255.255.254.0 192.168.2.0 255.255.254.0
  pager lines 24
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) source static NETWORK_OBJ_192.168.16.0_23 NETWORK_OBJ_192.168.16.0_23 destination static NETWORK_OBJ_192.168.2.0_23 NETWORK_OBJ_192.168.2.0_23 no-proxy-arp route-lookup
  object network obj_any
  nat (inside,outside) dynamic interface
  nat (inside,outside) after-auto source dynamic any interface
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  http server enable 444
  http 192.168.16.0 255.255.254.0 inside
  http 0.0.0.0 0.0.0.0 inside
  http 0.0.0.0 0.0.0.0 outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev2 ipsec-proposal DES
  protocol esp encryption des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal 3DES
  protocol esp encryption 3des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES
  protocol esp encryption aes
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES192
  protocol esp encryption aes-192
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES256
  protocol esp encryption aes-256
  protocol esp integrity sha-1 md5
  crypto map outside_map 1 match address outside_cryptomap
  crypto map outside_map 1 set pfs group1
  crypto map outside_map 1 set peer 207.228.xx.xx
  crypto map outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
  crypto map outside_map interface outside
  crypto ikev2 policy 1
  encryption aes-256
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 10
  encryption aes-192
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 20
  encryption aes
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 30
  encryption 3des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 40
  encryption des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 enable outside
  crypto ikev1 enable outside
  crypto ikev1 policy 10
  authentication crack
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 20
  authentication rsa-sig
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 30
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 40
  authentication crack
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 50
  authentication rsa-sig
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 60
  authentication pre-share
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 70
  authentication crack
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 80
  authentication rsa-sig
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 90
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 100
  authentication crack
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 110
  authentication rsa-sig
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 120
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 130
  authentication crack
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 140
  authentication rsa-sig
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 150
  authentication pre-share
  encryption des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  ssh key-exchange group dh-group1-sha1
  console timeout 0
  dhcp-client client-id interface outside
  dhcpd auto_config outside
  dhcpd address 192.168.16.100-192.168.16.200 inside
  dhcpd auto_config outside interface inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  group-policy GroupPolicy_207.228.xx.xxinternal
  group-policy GroupPolicy_207.228.xx.xx attributes
  vpn-tunnel-protocol ikev1 ikev2
  username User password shbn5zbLkuHP/mJX encrypted privilege 15
  tunnel-group 207.228.xx.xxtype ipsec-l2l
  tunnel-group 207.228.xx.xxgeneral-attributes
  default-group-policy GroupPolicy_207.228.xx.xx
  tunnel-group 207.228.xx.xxipsec-attributes
  ikev1 pre-shared-key *****
  ikev2 remote-authentication pre-shared-key *****
  ikev2 local-authentication pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
  message-length maximum client auto
  message-length maximum 512
  policy-map global_policy
  class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  Cryptochecksum:f06bd1d6d063318339d98417b171175e
  : end
  Any ideas? Thanks.

  I looked over the config for Site A, but couldn't find anything unusual. Perhaps I'm overlooking something. Here is the config for site A:
  Result of the command: "show running-config"
  : Saved
  ASA Version 8.2(1)
  hostname SiteA
  domain-name domain
  enable password POgOWyKyb0jgJ1Hm encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.2.1 255.255.254.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  ftp mode passive
  dns domain-lookup inside
  dns server-group DefaultDNS
  name-server 192.168.2.6
  domain-name domain
  object-group network DM_INLINE_NETWORK_1
  network-object 192.168.14.0 255.255.254.0
  network-object 192.168.4.0 255.255.254.0
  network-object 192.168.6.0 255.255.254.0
  network-object 192.168.8.0 255.255.254.0
  object-group network DM_INLINE_NETWORK_2
  network-object 192.168.12.0 255.255.254.0
  network-object 192.168.14.0 255.255.254.0
  network-object 192.168.4.0 255.255.254.0
  network-object 192.168.6.0 255.255.254.0
  network-object 192.168.8.0 255.255.254.0
  access-list outside_1_cryptomap extended permit ip 192.168.2.0 255.255.254.0 object-group DM_INLINE_NETWORK_1
  access-list inside_nat0_outbound extended permit ip 192.168.2.0 255.255.254.0 object-group DM_INLINE_NETWORK_2
  access-list inside_nat0_outbound extended permit ip any 192.168.15.192 255.255.255.192
  access-list inside_nat0_outbound extended permit ip 192.168.2.0 255.255.254.0 192.168.16.0 255.255.254.0
  access-list VPNGeo_splitTunnelAcl standard permit any
  access-list outside_2_cryptomap extended permit ip 192.168.2.0 255.255.254.0 192.168.6.0 255.255.254.0
  access-list outside_3_cryptomap extended permit ip 192.168.2.0 255.255.254.0 192.168.4.0 255.255.254.0
  access-list outside_4_cryptomap extended permit ip 192.168.2.0 255.255.254.0 192.168.8.0 255.255.254.0
  access-list outside_5_cryptomap extended permit ip 192.168.2.0 255.255.254.0 192.168.16.0 255.255.254.0
  pager lines 24
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  ip local pool GeoVPNPool 192.168.15.200-192.168.15.254 mask 255.255.254.0
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 1 0.0.0.0 0.0.0.0
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable 444
  http 192.168.2.0 255.255.254.0 inside
  http 0.0.0.0 0.0.0.0 inside
  http 0.0.0.0 0.0.0.0 outside
  http authentication-certificate inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set pfs group1
  crypto map outside_map 1 set peer 207.228.xx.xx
  crypto map outside_map 1 set transform-set ESP-3DES-SHA
  crypto map outside_map 2 match address outside_2_cryptomap
  crypto map outside_map 2 set pfs
  crypto map outside_map 2 set peer 208.119.xx.xx
  crypto map outside_map 2 set transform-set ESP-3DES-SHA
  crypto map outside_map 3 match address outside_3_cryptomap
  crypto map outside_map 3 set pfs group1
  crypto map outside_map 3 set peer 208.119.xx.xx
  crypto map outside_map 3 set transform-set ESP-3DES-SHA
  crypto map outside_map 4 match address outside_4_cryptomap
  crypto map outside_map 4 set pfs
  crypto map outside_map 4 set peer 208.119.xx.xx
  crypto map outside_map 4 set transform-set ESP-3DES-SHA
  crypto map outside_map 5 match address outside_5_cryptomap
  crypto map outside_map 5 set pfs group1
  crypto map outside_map 5 set peer 70.64.xx.xx
  crypto map outside_map 5 set transform-set ESP-3DES-SHA
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet 0.0.0.0 0.0.0.0 inside
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  management-access inside
  dhcp-client client-id interface outside
  dhcpd auto_config outside
  dhcpd address 192.168.2.100-192.168.2.254 inside
  dhcpd auto_config outside interface inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  group-policy VPNGeo internal
  group-policy VPNGeo attributes
  vpn-tunnel-protocol IPSec
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value VPNGeo_splitTunnelAcl
  username user password shbn5zbLkuHP/mJX encrypted privilege 15
  username namepassword vP98Lj8Vm5SLs9PW encrypted
  username nameattributes
  vpn-group-policy VPNGeo
  tunnel-group 207.228.xx.xxtype ipsec-l2l
  tunnel-group 207.228.xx.xxipsec-attributes
  pre-shared-key *
  tunnel-group VPNGeo type remote-access
  tunnel-group VPNGeo general-attributes
  address-pool GeoVPNPool
  default-group-policy VPNGeo
  tunnel-group VPNGeo ipsec-attributes
  pre-shared-key *
  tunnel-group 208.119.xx.xxtype ipsec-l2l
  tunnel-group 208.119.xx.xxipsec-attributes
  pre-shared-key *
  tunnel-group 208.119.xx.xx type ipsec-l2l
  tunnel-group 208.119.xx.xx ipsec-attributes
  pre-shared-key *
  tunnel-group 208.119.xx.xxtype ipsec-l2l
  tunnel-group 208.119.xx.xxipsec-attributes
  pre-shared-key *
  tunnel-group 70.64.xx.xxtype ipsec-l2l
  tunnel-group 70.64.xx.xxipsec-attributes
  pre-shared-key *
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
  message-length maximum 512
  policy-map global_policy
  class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:e3adf4e597198f58cd21e508aabdbab9
  : end

• Take your complaints to Twitter and other public websites

  I've read tons of complaints recently on this board, and very few responses from Comcast. I suggest you take all your compaints to @Comcast on Twitter and other public websites, otherwise, the only readers may be us. I'm beggining to feel like this message board is a way to keep their disgruntled consumers contained. Also, if your issues go unresolved, drop a line to your State commerce/consumer protection agencies. Comcast share prices are near all-time highs, so I am sure they can afford to listen to us.

  Same thing here. Only I was charged $227.64 despite a typical $135 bill. I was charged for a movie I never rented. Called and was told due to outages, there was nothing they could do about the weather and the movie would not have been charged had I not seen the movie. Horrible experience. After sever storm outages here in Texas, it seems there is no help, even after calling customer service.

• Can't ping other server and more.

  This is a weird one. I have a few problems going on. I have 2 netware 6.5 servers. My BM3.9 sp1 server is on Netware 6.5sp7 and my other server is Groupwise 7.03 on Netware 6.5sp6. My Groupwise server is strictly used for Groupwise. My BM3.9 server runs everything else for my enviornment; it is our main server for all of our data. I can vpn into and login to my BM server with no problems; however I can't ping or connect to the Groupwise server. Also I can't ping any internal workstations through the vpn. And what is even weirder is that I can't ping the private IP address of the BM3.9 server and yet I can log into it. I have the default address set up on the Groupwise to point to the private address of the BM server. I have the default address setup on the BM server to point to the ISP router that we have in our office. Also I can't browse the internet when I'm connected to the vpn and I do have as my last traffic rule to not encrypt (bypass). I have noticed that when I'm connected to the vpn that my dns settings on my laptop change to the office dns and yet I have not configured dns to be pushed through the vpn. One more thing, I have set up the hosts file on my laptop to point to internal computers. Any help is greatly appreciated.
  Thanks in advance.

  Originally Posted by Mysterious
  Sksgl wrote:
  > This is a weird one. I have a few problems going on. I have 2 netware
  > 6.5 servers. My BM3.9 sp1 server is on Netware 6.5sp7 and my other
  > server is Groupwise 7.03 on Netware 6.5sp6. My Groupwise server is
  > strictly used for Groupwise. My BM3.9 server runs everything else for
  > my enviornment; it is our main server for all of our data. I can vpn
  > into and login to my BM server with no problems; however I can't ping or
  > connect to the Groupwise server. Also I can't ping any internal
  > workstations through the vpn. And what is even weirder is that I can't
  > ping the private IP address of the BM3.9 server and yet I can log into
  > it. I have the default address set up on the Groupwise to point to the
  > private address of the BM server. I have the default address setup on
  > the BM server to point to the ISP router that we have in our office.
  > Also I can't browse the internet when I'm connected to the vpn and I do
  > have as my last traffic rule to not encrypt (bypass). I have noticed
  > that when I'm connected to the vpn that my dns settings on my laptop
  > change to the office dns and yet I have not configured dns to be pushed
  > through the vpn. One more thing, I have set up the hosts file on my
  > laptop to point to internal computers. Any help is greatly
  > appreciated.
  >
  > Thanks in advance.
  >
  >
  Wrong traffic rules?
  I have gone over and over the traffic rules that are listed in Craig's book and have followed them exactly. My first rule in an admin to all rule that applys to me and the destination is to the network.
  Thanks.

• Dynamin VPN/GRE can't ping other side of tunnel

  I am new at this VPN stuff and tryiong to setup a GRE Dynamic IP VPN between my offfice and home.  Here is what I ahve done thus far:
  OFFICE
  interface Tunnel0
  ip address 172.30.1.1 255.255.255.252
  no ip redirects
  ip mtu 1400
  ip nhrp map multicast dynamic
  ip nhrp network-id 1
  ip tcp adjust-mss 1360
  tunnel source FastEthernet0/0
  tunnel mode gre multipoint
  tunnel key 1
  interface FastEthernet0/0
  ip address 40.197.68.9 255.255.255.248
  ip nat outside
  ip virtual-reassembly
  duplex auto
  speed auto
  HOME
  interface Tunnel0
  ip address 172.30.1.2 255.255.255.252
  ip mtu 1400
  ip nhrp map multicast 40.197.68.9
  ip nhrp map 172.30.1.1 40.197.68.9
  ip nhrp network-id 1
  ip nhrp nhs 172.30.1.1
  ip tcp adjust-mss 1360
  tunnel source GigabitEthernet0/0
  tunnel destination 40.197.68.9
  tunnel key 1
  interface GigabitEthernet0/0
  description Router
  ip address 192.168.30.1 255.255.255.252
  duplex auto
  speed auto
  When I ping 172.30.1.1 from the HOME router, I get 0/5 success.  Not good!  I have not setup any IPSec yet.
  Results for HOME router
  show ip nhrp nhs detail
  Legend: E=Expecting replies, R=Responding, W=Waiting
  Tunnel0:
  172.30.1.1   E priority = 0 cluster = 0  req-sent 53  req-failed 0  repl-recv 0
  sh int t0
  Tunnel0 is up, line protocol is up
    Hardware is Tunnel
    Internet address is 172.30.1.2/30
    MTU 17912 bytes, BW 100 Kbit/sec, DLY 50000 usec,
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation TUNNEL, loopback not set
    Keepalive not set
    Tunnel source 192.168.30.1 (GigabitEthernet0/0), destination 40.197.68.9
     Tunnel Subblocks:
        src-track:
           Tunnel0 source tracking subblock associated with GigabitEthernet0/0
            Set of tunnels with source GigabitEthernet0/0, 1 member (includes iterators), on interface <OK>
    Tunnel protocol/transport GRE/IP
      Key 0x1, sequencing disabled
      Checksumming of packets disabled
    Tunnel TTL 255, Fast tunneling enabled
    Tunnel transport MTU 1472 bytes
    Tunnel transmit bandwidth 8000 (kbps)
    Tunnel receive bandwidth 8000 (kbps)
    Last input 00:40:28, output 00:00:25, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue: 0/0 (size/max)
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
       0 packets input, 0 bytes, 0 no buffer
       Received 0 broadcasts (0 IP multicasts)
       0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
       106 packets output, 12612 bytes, 0 underruns
       0 output errors, 0 collisions, 0 interface resets
       0 unknown protocol drops
       0 output buffer failures, 0 output buffers swapped out
  sh ip route
  Gateway of last resort is 192.168.30.2 to network 0.0.0.0
  S*    0.0.0.0/0 [1/0] via 192.168.30.2
        10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
  C        10.110.0.0/24 is directly connected, GigabitEthernet0/1.110
  L        10.110.0.1/32 is directly connected, GigabitEthernet0/1.110
  C        10.115.0.0/24 is directly connected, GigabitEthernet0/1.115
  L        10.115.0.1/32 is directly connected, GigabitEthernet0/1.115
        172.16.0.0/30 is subnetted, 1 subnets
  S        172.16.2.0 [1/0] via 192.168.30.6
        172.30.0.0/16 is variably subnetted, 2 subnets, 2 masks
  C        172.30.1.0/30 is directly connected, Tunnel0
  L        172.30.1.2/32 is directly connected, Tunnel0
  S     192.168.2.0/24 is directly connected, GigabitEthernet0/0
  S     192.168.10.0/24 is directly connected, GigabitEthernet0/0
        192.168.30.0/24 is variably subnetted, 4 subnets, 2 masks
  C        192.168.30.0/30 is directly connected, GigabitEthernet0/0
  L        192.168.30.1/32 is directly connected, GigabitEthernet0/0
  C        192.168.30.4/30 is directly connected, GigabitEthernet0/1.30
  L        192.168.30.5/32 is directly connected, GigabitEthernet0/1.30
  S     192.168.50.0/24 [1/0] via 192.168.30.6
        192.168.69.0/24 is variably subnetted, 2 subnets, 2 masks
  C        192.168.69.0/24 is directly connected, GigabitEthernet0/1.69
  L        192.168.69.3/32 is directly connected, GigabitEthernet0/1.69
  S     192.168.100.0/24 [1/0] via 192.168.30.6
  S     192.168.125.0/24 [1/0] via 192.168.30.6
  S     192.168.200.0/24 [1/0] via 192.168.30.6
  sh dmvpn
  Interface: Tunnel0, IPv4 NHRP Details
  Type:Spoke, NHRP Peers:1,
  # Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb
       1    50.197.68.90      172.30.1.1  NHRP 02:30:17     S
  Results for OFFICE router
  show ip nhrp nhs detail
  sh dmvpn
  sh int t0
  Tunnel0 is up, line protocol is up
    Hardware is Tunnel
    Internet address is 172.30.1.1/30
    MTU 17912 bytes, BW 100 Kbit/sec, DLY 50000 usec,
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation TUNNEL, loopback not set
    Keepalive not set
    Tunnel source 40.197.68.9 (FastEthernet0/0)
     Tunnel Subblocks:
        src-track:
           Tunnel0 source tracking subblock associated with FastEthernet0/0
            Set of tunnels with source FastEthernet0/0, 1 member (includes iterators), on interface <OK>
    Tunnel protocol/transport multi-GRE/IP
      Key 0x1, sequencing disabled
      Checksumming of packets disabled
    Tunnel TTL 255, Fast tunneling enabled
    Tunnel transport MTU 1472 bytes
    Tunnel transmit bandwidth 8000 (kbps)
    Tunnel receive bandwidth 8000 (kbps)
    Last input 00:43:56, output never, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue: 0/0 (size/max)
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
       0 packets input, 0 bytes, 0 no buffer
       Received 0 broadcasts (0 IP multicasts)
       0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
       0 packets output, 0 bytes, 0 underruns
       0 output errors, 0 collisions, 0 interface resets
       0 unknown protocol drops
       0 output buffer failures, 0 output buffers swapped out
  show ip route
  S*    0.0.0.0/0 [1/0] via 40.197.68.94
        40.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
  C        40.197.68.8/29 is directly connected, FastEthernet0/0
  L        40.197.68.9/32 is directly connected, FastEthernet0/0
        172.30.0.0/16 is variably subnetted, 2 subnets, 2 masks
  C        172.30.1.0/30 is directly connected, Tunnel0
  L        172.30.1.1/32 is directly connected, Tunnel0
  S     192.168.2.0/24 [1/0] via 192.168.10.5
        192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
  C        192.168.10.0/24 is directly connected, FastEthernet0/1
  L        192.168.10.1/32 is directly connected, FastEthernet0/1
  S     192.168.69.0/24 is directly connected, FastEthernet0/0
  Why can't Io ping from the HOME router to the OFFICE router?

  I fugured this problem out.  I needed to setup PKI/IKE and once that was done on both routers, my tunned now passes some data.

• EJB DC, where to put other public java classes?

  I'm wondering what the best way to structure my code is, in this context:
  I have an EJB DC that utilizes some custom Java classes that need to be available to clients.  For example, the business methods in the EJB may return instances of said custom code classes. 
  By default, the EJB DC contains a compilation public part called 'client', but you can't add any other entities to it, as you'll remove the default entity.  I could manually create the entities in the public part, but I think when I add another EJB to the DC, it will overwrite the entities that I've created....either that, I'm messing with the default config, something I'm not interested in doing. In fact, this [page indicates that you should NOT alter the generated PPs:
  http://help.sap.com/saphelp_nw2004s/helpdata/en/02/6755bd296ade42931646f869b1fd15/frameset.htm
  So, what's the best way to handle this situation?  I can create another public part, but that means that when someone wants to use the EJB's, they have to create two usage relationships - one to the EJB, and one to the PP that contains the helper classes.  I think that this is the only way to do it, however.
  How have other folks handled this common situation?

  Hi Ken,
  I think you've found it.
  I'm not so sure about DC projects, but in the plain J2EE case I would recommend to put all common (public) classes in a separate component (application library) and make references to it both from the EJB application as well as from its clients. This library would also contain the EJB interfaces, so there would not be a need for direct reference from the clients to the EJB application.
  I think with DC public parts you are achieving almost the same.
  Cheers,
  Vladimir
  PS: BTW, probably you would be able to get more thoughts on this in the SAP NetWeaver Development Infrastructure (NWDI) forum.
  Message was edited by:
          Vladimir Pavlov

• Help with public function (accessing to addchild object from other public function)

  Hi, i have below piece of my code AS3 (Flash CS4). I would like to get access to addchild Movie Clip object (ZoltyWjazdMC) in function two() which i created by addchild command in public function one(). I know it`s basic question but i can`t find answer for it. Anybody would help me with that?
  public function one():void
  var ZoltyWjazdMC:MovieClip = new MovieClip();
  this.addChild(ZoltyWjazdMC);
  ZoltyWjazdMC.addChild(assets.ZoltyWjazd.loader);
  this.setChildIndex(ZoltyWjazdMC,1);
  ZoltyWjazdMC.alpha = 0;
  ZoltyWjazdMC.visible = true;
  assets.ZielonyWjazd.alpha = 1;
  public function two():void
  ZoltyWjazdMC.alpha = 1;
  Do i need remove "this" and change it to "stage". Is it necessary?

  Define your variable var ZoltyWjazdMC:MovieClip outside of function one(). Currently ZoltyWjazdMC is local to function one() so that function two() does not understand what it is!

• Firefox keeps freezing in office, but not in other public/home network

  Firefox keeps freezing starting from yesterday in my office wireless network. When it is opened, the browser screen does not show up, I have to right click on the icon in order to have the screen brought up. Search bar and tab functions respond real slow. However, everything works perfectly fine in public and my home network.
  I'd really appreciate your input and help.

  The Reset Firefox feature can fix many issues by restoring Firefox to its factory default state while saving your essential information.
  Note: ''This will cause you to lose any Extensions, Open websites, and some Preferences.''
  To Reset Firefox do the following:
  #Go to Firefox > Help > Troubleshooting Information.
  #Click the "Reset Firefox" button.
  #Firefox will close and reset. After Firefox is done, it will show a window with the information that is imported. Click Finish.
  #Firefox will open with all factory defaults applied.
  Further information can be found in the [[Reset Firefox – easily fix most problems]] article.
  Did this fix your problems? Please report back to us!

• Cant ping other management IP on Dell S4820 from my production vlan(N200)

  Hi All
  I just confused or very strange scenario because im try to connect from my core switch S4810(with VLT) ip address of 172.10.2.254-Peer1 and 172.10.2.253 - Peer2, this ip address also my default gateway in my vlan2, my s4810 act as a core switch
  All of this are manageable remotely from my production switches(accesS) with management ip address of 172.10.2.3 also I can manage the vlt peer2 of my S4820(secondary) whose ip address 172.10.2.1, but in my vlt peer1 - S4820 (primary) - i cant manage 172.10.2.2, but i can ping from my switch going to that particular switch,
  thanks
  brent
  This topic first appeared in the Spiceworks Community

  Hi All
  I just confused or very strange scenario because im try to connect from my core switch S4810(with VLT) ip address of 172.10.2.254-Peer1 and 172.10.2.253 - Peer2, this ip address also my default gateway in my vlan2, my s4810 act as a core switch
  All of this are manageable remotely from my production switches(accesS) with management ip address of 172.10.2.3 also I can manage the vlt peer2 of my S4820(secondary) whose ip address 172.10.2.1, but in my vlt peer1 - S4820 (primary) - i cant manage 172.10.2.2, but i can ping from my switch going to that particular switch,
  thanks
  brent
  This topic first appeared in the Spiceworks Community

• WRT160N - Router - wireless laptop unable to PING other devices

  One of the laptops connected wirelessly on my WRT160n is uanble to PING or be PINGed by any other device on my network.  Could this somehow be due to the router settings(firewall perhaps?) and not the laptop itself?
  1) The laptop is able to PING and be PINGed when connected to another wireless router at another location. 
  2) Other wireless laptops on my WRT160n network are able to PING and be PINGed by other devices. 
  As a result, I am not able to print or share files on this network.
  Any idea where I should start to isolate what may be causing this.
  Thanks!

  The router's firewall does not cause this type of problem.  As long as all computers on the network can access the Internet, then the router does not put up a barrier to file and printer sharing, or pinging.  The only exception to this rule is if "AP isolation" is set to "enabled" in the router  ---  then in this case, wireless computers can only access the Internet.  By default, AP isolation is disabled, and you should leave it disabled if you want to share files and printers with your wireless computers.
  The most common cause for the problem you described is a computer software firewall problem.  Go into the computer software firewall on each computer in your network, and set it to "trust" the other computers on your network.  Also, verify that you do not have two computer software firewalls (such as Windows Firewall plus another computer software firewall) running simultaneously on the same computer.  If you do, turn one of the computer software firewalls off.  On any given computer, never run more than one computer software firewall at the same time.
  The next most common cause for the problem you described is simply a poor wireless connection.  Note that poor wireless connections can occur even if your computer shows "5 bars".
  There are many causes for poor wireless connections, and many solutions:
  First of all, give your network a unique SSID. Do not use "linksys". If you are using "linksys" you may be trying to connect to your neighbor's router. Also set "SSID Broadcast" to "enabled". This will help your computer find and lock on to your router's signal.
  If your problem is that you are getting poor connection between your wireless n router and a wireless n adapter, then, in the router, make sure the "Radio Band" is set to "Wide".
  Poor wireless connections are often caused by radio interference from other 2.4 GHz devices. This includes wireless phones, wireless baby monitors, microwave ovens, wireless mice and keyboards, wireless speakers, and your neighbor's wireless network. In rare cases, Bluetooth devices can interfere. Even some 5+ GHz phones also use the 2.4 Ghz band. Unplug these devices, and see if that corrects your problem.
  In your router, try a different channel. There are 11 channels in the 2.4 GHz band. Usually channel 1, 6, or 11 works best. Check out your neighbors, and see what channel they are using. Because the channels overlap one another, try to stay at least +5 or -5 channels from your strongest neighbors. For example, if you have a strong neighbor on channel 9, try any channel 1 through 4. For wireless n, make sure your standard and wide bands are at least 2 channels apart. For example try standard band on channel 11, and wide band channel 9.
  Also, try to locate the router about 4 to 6 feet above the floor, in an open area. Do not locate it behind your monitor or near other computer equipment or speakers. The antenna should be vertical.
  Also, in the computer, go to your wireless software, and go to "Preferred Networks" (sometimes called "Profiles" ). There are probably a few networks listed. Delete any network named "linksys". Also delete any network that you do not recognize, or that you no longer use. If your current network is not listed, enter its info (SSID, encryption (if any), and key (if any) ). Then select your current network and make it your default network, and set it to automatic login. You may need to go to "settings" to do this, or you may need to right click on your network and select "Properties" or "settings".
  If the above does not fix your problem, download and install the latest driver for your wireless adapter.
  Some users have reported improved wireless performance by switching to WPA encryption.
  If you continue to have problems, try the following:
  For wireless n routers, try setting the "n Transmission Rate" to 162 Mbps, and the (wireless g) "Transmission Rate" to 54 Mbps.
  If you still have trouble, download and install the latest firmware for your router. After a firmware upgrade, you must reset the router to factory defaults, then setup the router again from scratch. If you saved a router configuration file, DO NOT use it.
  Hope this helps.
  Printer Sharing:  If the printer is connected directly to the router (by ethernet wire or wirelessly), then your computers need no special settings to share the printer.   The router will share the printer automatically.  However, a printer driver will need to be installed on each computer that is using the printer.  In some cases, you will need (or want) the printer to be set to a fixed LAN IP address.
  If the printer is connected to a computer, printer sharing has same requirements as file sharing (see below).
  File Sharing:  To share files, all computers must have the same "Workgroup name", all adapters (ethernet and wireless adapters) must be setup for "File and Printer Sharing".  Additionally, each computer must have at least one folder designated as "shared".
  Pinging:  Pinging does not require the settings or setup mentioned in "Printer Sharing" or "File Sharing".  So pinging should work even before printer or file sharing is set up.
  Message Edited by toomanydonuts on 12-09-2009 04:16 AM

• Mac pinging other computers?

  On my home network with nothing enabled such as file sharing etc. I notice on my windows firewall it keeps blocking requests from my mac, when the mac is just idle, the ip's mach so i know it is comming from my mac. Is this a security concern at all? Or is the mac just frequentley pinging my other computers?
  Thanks
  -Mike

  I guess then that the obvious question is what do you use the home network for? Do you connect any of the computers to others, or are they all connected directly to a router? Nothing unusual about the configuration, like a DNS entry in the Mac's network settings that refers to one of the Windows PC's or anything like that? Any network connected printers, network storage devices, or things of that nature?

• Cisco ASA 5515 - Anyconnect users can't ping other Anyconnect users. How can I allow icmp traffic between Anyconnect users?

  ASA configuration is  below!
  ASA Version 9.1(1)
  hostname ASA
  domain-name xxx.xx
  names
  ip local pool VPN_CLIENT_POOL 192.168.12.1-192.168.12.254 mask 255.255.255.0
  interface GigabitEthernet0/0
  nameif inside
  security-level 100
  ip address 192.168.11.1 255.255.255.0
  interface GigabitEthernet0/1
  description Interface_to_VPN
  nameif outside
  security-level 0
  ip address 111.222.333.444 255.255.255.240
  interface GigabitEthernet0/2
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/3
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/4
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/5
  shutdown
  no nameif
  no security-level
  no ip address
  interface Management0/0
  management-only
  nameif management
  security-level 100
  ip address 192.168.5.1 255.255.255.0
  ftp mode passive
  dns server-group DefaultDNS
  domain-name www.ww
  same-security-traffic permit intra-interface
  object network LAN
  subnet 192.168.11.0 255.255.255.0
  description LAN
  object network SSLVPN_POOL
  subnet 192.168.12.0 255.255.255.0
  access-list VPN_CLIENT_ACL standard permit 192.168.11.0 255.255.255.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  mtu management 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-711.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (outside,inside) source static SSLVPN_POOL SSLVPN_POOL destination static LAN LAN
  route outside 0.0.0.0 0.0.0.0 111.222.333.443 1
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  webvpn
    url-list none
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  aaa authentication http console LOCAL
  aaa authorization exec LOCAL
  http server enable
  http 192.168.5.0 255.255.255.0 management
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec security-association pmtu-aging infinite
  crypto ca trustpoint ASDM_TrustPoint5
  enrollment terminal
  email [email protected]
  subject-name CN=ASA
  ip-address 111.222.333.444
  crl configure
  crypto ca trustpoint ASDM_TrustPoint6
  enrollment terminal
  fqdn vpn.domain.com
  email [email protected]
  subject-name CN=vpn.domain.com
  ip-address 111.222.333.444
  keypair sslvpn
  crl configure
  crypto ca trustpool policy
  crypto ca certificate chain ASDM_TrustPoint6
  telnet timeout 5
  ssh 192.168.11.0 255.255.255.0 inside
  ssh timeout 30
  console timeout 0
  no ipv6-vpn-addr-assign aaa
  no ipv6-vpn-addr-assign local
  dhcpd address 192.168.5.2-192.168.5.254 management
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl trust-point ASDM_TrustPoint6 outside
  webvpn
  enable outside
  csd image disk0:/csd_3.5.2008-k9.pkg
  anyconnect image disk0:/anyconnect-win-3.1.04066-k9.pkg 1
  anyconnect enable
  tunnel-group-list enable
  group-policy DfltGrpPolicy attributes
  vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
  group-policy VPN_CLIENT_POLICY internal
  group-policy VPN_CLIENT_POLICY attributes
  wins-server none
  dns-server value 192.168.11.198
  vpn-simultaneous-logins 5
  vpn-session-timeout 480
  vpn-tunnel-protocol ssl-client
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value VPN_CLIENT_ACL
  default-domain value mycomp.local
  address-pools value VPN_CLIENT_POOL
  webvpn
    anyconnect ssl dtls enable
    anyconnect keep-installer installed
    anyconnect ssl keepalive 20
    anyconnect ssl rekey time 30
    anyconnect ssl rekey method ssl
    anyconnect dpd-interval client 30
    anyconnect dpd-interval gateway 30
    anyconnect dtls compression lzs
    anyconnect modules value vpngina
    customization value DfltCustomization
  group-policy IT_POLICY internal
  group-policy IT_POLICY attributes
  wins-server none
  dns-server value 192.168.11.198
  vpn-simultaneous-logins 3
  vpn-session-timeout 120
  vpn-tunnel-protocol ssl-client ssl-clientless
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value VPN_CLIENT_ACL
  default-domain value company.com
  address-pools value VPN_CLIENT_POOL
  webvpn
    anyconnect ssl dtls enable
    anyconnect keep-installer installed
    anyconnect ssl keepalive 20
    anyconnect dtls compression lzs
    customization value DfltCustomization
  username vpnuser password PA$$WORD encrypted
  username vpnuser attributes
  vpn-group-policy VPN_CLIENT_POLICY
  service-type remote-access
  username vpnuser2 password PA$$W encrypted
  username vpnuser2 attributes
  service-type remote-access
  username admin password ADMINPA$$ encrypted privilege 15
  tunnel-group VPN type remote-access
  tunnel-group VPN general-attributes
  address-pool VPN_CLIENT_POOL
  default-group-policy VPN_CLIENT_POLICY
  tunnel-group VPN webvpn-attributes
  authentication aaa certificate
  group-alias VPN_to_R enable
  tunnel-group IT_PROFILE type remote-access
  tunnel-group IT_PROFILE general-attributes
  address-pool VPN_CLIENT_POOL
  default-group-policy IT_POLICY
  tunnel-group IT_PROFILE webvpn-attributes
  authentication aaa certificate
  group-alias IT enable
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect icmp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  : end

  Hi,
  here's what you need:
  same-security-traffic permit intra-interface
  access-list VPN_CLIENT_ACL standard permit 192.168.12.0 255.255.255.0
  nat (outside,outside) source static SSLVPN_POOL SSLVPN_POOL destination static SSLVPN_POOL SSLVPN_POOL
  Patrick

• Why do I keep getting a message saying "You are about to override how Thunderbird identifies this site. Legitimate banks, stores, and other public sites -"?

  This message window pops up numerous times while I am working with Thunderbird. When I click the cancel button, it immediately comes up again and again, sometimes eight or nine times before it stops coming up for a bit, and then it starts popping up again.

  see https://support.mozilla.org/en-US/kb/add-security-exception
  If this is your email provider, you can safely "Confirm Security Exception" and the problem should not continue. Sometimes sites fail to update their certificates (including one of mine!).

• [Solved] Cannot ping my Arch linux pc from other devices

  My newly installed arch linux pc is connected to my home network via wifi. I can successfully connect to the Internet. Also, I can successfully ping other devices on my network. However, I am unable to connect to my Arch linux pc from any other device on the network. As I said, I cannot even ping it from these other devices.
  Does anyone have an idea as to what would cause this?
  Last edited by mc33 (2015-05-12 20:29:06)

  ewaller wrote:I have a hunch that the router does not know how to find your machine.  Routers need to know to find which each IP address that is attached.  Yours might not be smart enough to remember that an address that it did not assign talked to it over the wireless.  When other computers try to talk to your address, it is clueless that you are on the wireless segment of the network, cannot find it on any wired ports, and (if it is not smart enough to figure out that it is not routable) will send it up stream or (if it is smart) will drop the packet.   Try DHCP, or, ensure that the router itself knows that the static address has been assigned to your MAC.  To do that, you will need to go into the router setup.
  I switched my Arch box to Dhcp. I thought the problem had resolved, but the issue has come back even with Dhcp enabled. I have isolated the problem to the wireless router. If I refresh Dhcp on the router, I can then ping my Arch box from other devices again. Is there anything I can do to the router to resolve this? Again, the wireless router is an Asus RT-N66U.

• Cisco ASA 5505 - Can't Login from Public & Local IP Anymore!

  Hello,
  We've a Cisco ASA 5505 connected directly to Verizon FiOS Circuit (ONT) box using Ethernet cable. As per the existing documention that I have, the previous configured this as a dedicated router to establish a seperate VPN connection our software provider. They assigned both Public Static and Local Static IP address. When I try to ping the public IP address, it says request time out; so the public IP address is no longer working.
  When I ping the local IP address of 192.168.100.11, it responds. The SolarWind tool also shows Always UP signal. How can I login into this router either from remotely or locally to check the configuration, backup and do the fimrware upgrade?
  I also tried to connect my laptop directly to the ASA 5505 router LAN port. After 3 minutes, I'm able to connect to Internet without any issues. However I don't know the IP address to use to login.
  Any advice would be greatly appreciated. Thank you.
  UPDATE: I'm able to find the way! I need to use https to login! I'm able to download ASDM tool and login! Thanks to these resources:
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008067e9f9.shtml
  http://cyruslab.wordpress.com/2010/09/09/how-to-download-asdm-from-asa5505-and-install-it/

  Hi Srinath,
  If that ASA5505 has factory-default configuration on it , then it probably has 192.168.1.1 ip address on the LAN side and has got dhcp server turned on to provide you ip address dynamically the moment you hook up a machine to it directly or through a switch.
  If you've access to ASDM.
  You can go the Configuration Tab>>Device Management>>Device Access and turn on the SSH & Telnet from the LAN interface because by default only HTTPS/ASDM is enabled on LAN interface.
  You will still need to generate crypto keys and create a username in order to get ssh working
  For this you can click at the TOP at TOOLS>> Command Line Interface.
  And in the box below type this
  crypto key generate rsa modulus 1024
  add a username
  username <> password <> priv 15
  and enable aaa authentication for ssh like this
  aaa authentication ssh console LOCAL
  Let me know if this helps.
  Puneet