Pix firewall issue
Hello,
I'm trying to configure some firewall rules and a nat in our pix 525 and I'm having some issue with the connection
Here are the details:
172.40.40.40 destination host.
1.- I configured an ACL
ACL test 172.80.0.0 255.255.0.0 destination 172.40.40.40
ACL test 172.90.0.0 255.255.255.0 destination 172.40.40.40
inside interface IP 172.20.20.20
outside inteface IP 192.169.1.2
interfaces inside outside (ping and icmp are allow)
static (outside, inside) 172.40.40.40 172.40.40.40
nat (outside) 5 access-list test
global (inside) 5 interface
route inside 172.40.40.40 255.255.255.255 172.30.30.30
route outside 172.80.0.0 255.255.0.0 192.168.1.1
route outside 172.90.0.0 255.255.0.0 192.168.1.1
I'm trying to nat the traffic comming from the outside interface because we want to avoid interal ip conflicts, I'm seeing the hits on the ACL
but can not telnet from 172.80.0.1 to 172.40.40.40 , there are routes and porta enable for that connection
and my flag logs shown me SaAB from the destination host, what could be the problem?
We can ping between the destination host and the pix inside interface and the icmp is allow in all the interfaces.
Hello Thank you for your help, we will try to apply that command in our test .
About our test the incoming connection from 172.90.0.0 are telnet session to 172.40.40.40
So we are doing a PAT for those connection (172.90.0.0 PAT to 172.30.30.29) my question is that kind of scheme and configuration is supported on Pix Firewall?
Here is the version: PIX 525
Cisco PIX Firewall Version 6.3(5)
This is the path
MPLS PIX Destination HOST
subnet 172.90.0.0/16 ---- ------------------------- ACL TEST -PAT(172.30.30.29 inside inteface) -------- 172.40.40.40 port 25
Similar Messages
-
PIX Firewall 525 can not start
Hi,
Today my colleague add 2 lines of access-list to our PIX 525. After 10 minutes, my firewall was rebooted and until now can't start. The booting process as listed below.
The questions are :
1. What is my OS version? Flash?
2. How to remove those 2 lines (reset the config to default)?
3. How to solve the issue?
Thanks,
Andy
Booting process
================
Rebooting..þ
Wait.....
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 00 00 8086 7192 Host Bridge
00 07 00 8086 7110 ISA Bridge
00 07 01 8086 7111 IDE Controller
00 07 02 8086 7112 Serial Bus 9
00 07 03 8086 7113 PCI Bridge
00 0D 00 8086 1209 Ethernet 11
00 0E 00 8086 1209 Ethernet 10
Cisco Secure PIX Firewall Embedded BIOS Version 4.3
Wait...ndeavor Board, Boot Block BIOS
+------------------------------------------------------------------------------+
| System BIOS Configuration, (C) 2000 General Software, Inc. |
+---------------------------------------+--------------------------------------+
| System CPU : Pentium III | Low Memory : 638KB |
| Coprocessor : Enabled | Extended Memory : 255MB |
| Embedded BIOS Date : 08/25/00 | Serial Ports 1-2 : 03F8 02F8 |
+---------------------------------------+--------------------------------------+
Cisco Secure PIX Firewall BIOS (4.0) #39: Tue Nov 28 18:44:51 PST 2000
Platform PIX-525
System Flash=E28F128J3 @ 0xfff00000
Use BREAK or ESC to interrupt flash boot.
Use SPACE to begin flash boot immediately.
Reading 1528320 bytes of image from flash.
256MB RAM
System Flash=E28F128J3 @ 0xfff00000
BIOS Flash=am29f400b @ 0xd8000
mcwa i82559 Ethernet at irq 11 MAC: 0006.5336.8129
mcwa i82559 Ethernet at irq 10 MAC: 0006.5336.8128
|| ||
|| ||
|||| ||||
..:||||||:..:||||||:..
c i s c o S y s t e m s
Private Internet eXchange
Cisco PIX Firewall
Cisco PIX Firewall Version 6.2(1)
Licensed Features:
Failover: Enabled
VPN-DES: Enabled
VPN-3DES: Disabled
Maximum Interfaces: 8
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
An internal error occurred. Specifically, a programming assertion was
violated. Copy the error message exactly as it appears, and get the
output of the show version command and the contents of the configuration
file. Then call your technical support representative.
assertion "addr < sfmm_chip_size" failed: file "sfmm.c", line 254
No thread name
Traceback:
0: 802decd5
1: 8007a8ce
2: 800769bb
3: 80078223
4: 8007635e
5: 800017d5
6: 800758ab
7: 80120ed6
vector 0x00000003 (breakpoint)
edi 0x8007a887
esi 0x000000fe
ebp 0x7ffffcb8
esp 0x7ffffcac
ebx 0x8007a5a3
edx 0x000003fd
ecx 0x0000000a
eax 0x00000042
error code n/a
eip 0x802dffac
cs 0x00000008
eflags 0x00000046
CR2 0x00000000
Stack dump: base:0x7ffffc2c size:64, active:64
0x7ffffd2c: 0x00020000
0x7ffffd28: 0x807f2828
0x7ffffd24: 0xfffe0000
0x7ffffd20: 0x00000300
0x7ffffd1c: 0x800769bb
0x7ffffd18: 0x7ffffd48
0x7ffffd14: 0x00000001
0x7ffffd10: 0x00000002
0x7ffffd0c: 0x800762f4
0x7ffffd08: 0x804a849c
0x7ffffd04: 0x00000020
0x7ffffd00: 0x805100c0
0x7ffffcfc: 0x7ffffd48
0x7ffffcf8: 0x8007a887
0x7ffffcf4: 0x000000fe
0x7ffffcf0: 0x8007a5a3
0x7ffffcec: 0x8007a8ce
0x7ffffce8: 0x7ffffd18
0x7ffffce4: 0x80317cd4
0x7ffffce0: 0xffffffff
0x7ffffcdc: 0x80078163
0x7ffffcd8: 0x807f2828
0x7ffffcd4: 0xfffe0000
0x7ffffcd0: 0x805100c0
0x7ffffccc: 0x000000fe
0x7ffffcc8: 0x8007a5a3
0x7ffffcc4: 0x8007a887
0x7ffffcc0: 0x802dec68
0x7ffffcbc: 0x802decd5
0x7ffffcb8: 0x7ffffce8
0x7ffffcb4: 0x00000046
0x7ffffcb0: 0x00000008
0x7ffffcac: 0x802dffac *
0x7ffffca8: 0x00000042
0x7ffffca4: 0x0000000a
0x7ffffca0: 0x000003fd
0x7ffffc9c: 0x8007a5a3
0x7ffffc98: 0x7ffffcac
0x7ffffc94: 0x7ffffcb8
0x7ffffc90: 0x000000fe
0x7ffffc8c: 0x8007a887
0x7ffffc88: 0x00000003
0x7ffffc84: 0x80004779
0x7ffffc80: 0x7ffffcb8
0x7ffffc7c: 0x802c4deb
0x7ffffc78: 0x7ffffc98
0x7ffffc74: 0x7ffffd48
0x7ffffc70: 0x00000001
0x7ffffc6c: 0x000000fe
0x7ffffc68: 0x8007a5a3
0x7ffffc64: 0x7ffffd48
0x7ffffc60: 0x80120ed6
0x7ffffc5c: 0x00000007
0x7ffffc58: 0x7ffffcac
0x7ffffc54: 0x80002d70
0x7ffffc50: 0x7ffffc80
0x7ffffc4c: 0x7ffffcac
0x7ffffc48: 0x80002ab0
0x7ffffc44: 0x00000040
0x7ffffc40: 0x7ffffc80
0x7ffffc3c: 0x74656720
0x7ffffc38: 0x7ffffe28
0x7ffffc34: 0x2c737261
0x7ffffc30: 0x8007a887
Nested traceback attempted via interrupt.
Traceback output aborted.
Rebooting..þUrgent help!!!
-
PIX firewall 525 on Voice Network for 5000 CC calls
Dear all ,
can some one suggest me will it be recommended to use PIX firewall 525 on Voice ( sip ) network for 5000 CC to 1000 CC calls in signaling mode since our server are using public IP so will i be able to use it without NAT / PAT also will there be any issue of QOS .
RegardsSohail,
If your idea is to add some security between your devices the PIX will work fine (I will prefer and ASA since it can run the latest software). The quality of your voice traffic shouldn't be impacted by the PIX.
Luis Silva -
Hello All,
I am having an issue with running SIP through my Cisco Pix. A VOIP solution has just been installed, and softphones from the outside are trying to call in using SIP and are failing. The configuration is below. and the code is 6.3 (5). You'll see below that I have the no fixup protocol for sip, as the fixup wasn't working either. Is there something that needs to be configured that I'm missing or could this be a bug in the code? Any other show commands or debug commands I can provide if needed. The call manager server in the below config is 1.2.3.4. Thanks in advance for all your help, you guys are always so helpful.
XXXt# show ver
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Thu 04-Aug-05 21:40 by morlee
XXX up 1 hour 45 mins
Hardware: PIX-506E, 32 MB RAM, CPU Pentium II 300 MHz
Flash E28F640J3 @ 0x300, 8MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 001c.582b.3c65, irq 10
1: ethernet1: address is 001c.582b.3c66, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 2
Maximum Interfaces: 4
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
XXXt# show run
: Saved
PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password vQ0/erypfvYyzFoc encrypted
passwd vQ0/erypfvYyzFoc encrypted
hostname DTPIX35thst
domain-name digitaltransitions.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
no fixup protocol sip 5060
no fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list out_in permit udp any host 1.2.3.4 eq 5060
access-list out_in permit tcp any host 1.2.3.43 eq 5060
pager lines 24
logging on
logging buffered informational
logging trap informational
logging queue 2048
mtu outside 1500
mtu inside 1500
ip address outside 4.34.119.130 255.255.255.248
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool vpn_pool 192.168.100.50-192.168.100.75
pdm location 192.168.1.250 255.255.255.255 inside
pdm location 192.168.1.252 255.255.255.255 inside
pdm location 65.215.8.100 255.255.255.255 inside
pdm location 192.168.100.0 255.255.255.0 outside
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 1.2.3.4 172.20.1.2 netmask 255.255.255.255 0 0
access-group out_in in interface outside
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:00:00 sip_media 0:00:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
aaa authentication ssh console LOCAL
http server enable
http 199.96.104.108 255.255.255.255 outside
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enableHi Jumora,
No need to troubleshoot this direct issue anymore. The client will be upgrading to an ASA 5505. Is there anything you may know of before I configure the ASA that I need to do to allow SIP through with no issues? Thanks again Jumora -
Hello all.
I subscribed successfully and easily to CC on my home PC (iMac) and downloaded a few apps. All is fine.
I wanted to download those same few apps on a remove machine I use several times a week (Win 7).
After many many attempts of trying to download CC and getting a generic error message, I learned it could be a firewall issue here at this work/office. I found this in Adobe's forums:
Many organizations use a hardware firewall and proxy server that can prevent software from accessing an FTP server. A hardware solution applies to all computers within the corporate network. Most home networks do not use hardware firewall or proxy technology.
Contact your company's IT department to obtain firewall or proxy information.
Configure your browser with proxy or firewall information.
Configure your corporate firewall to by-pass the servers. The following servers are accessed:
ccmdl.adobe.com:80
swupmf.adobe.com:80
swupdl.adobe.com:80
Having nothing to loose, I put in a request and had these addresses/ports opened up in our firewall. That seems to partially fix the problem.
Now the problem is the speed and traffic is so terribly slow with CC that nothing installs with out failing and giving error. For example, I am trying to install PhotoShop CC and it will take a couple of HOURS to even get to 10% and then it fails. Usually, it doesn't get that far. CC just gives me the generic message:
"Installation Failed - Learn More."
Download error. Press Retry to try again or contact customer support.(-7).
Our network admins swear that there is nothing wrong with the ports/firewall and yet all this works fine at my home. Can anyone offer any suggestions or advice? My internet connection here is fine. All other sites load and work fine. I simply cannot download any of the CC aps here with any reasonable speed.
Help!
PS - The URLs and ports ping just fine.Hi RedBirdOBX1,
I'd recommend checking out the two pdf documents in the
Adobe Creative Cloud Service Access Documentation for IT section on this page:
http://www.adobe.com/devnet/creativesuite/enterprisedeployment.html
Adobe Creative Cloud Network Endpoints
Adobe Creative Cloud Controlling Service Access
and if you're still struggling this might be another alternative:
http://prodesigntools.com/adobe-cc-direct-download-links.html
Hope that helps,
-Dave -
Can't scan from Lexmark multifunction printer - firewall issue?
Hi there!
I got a Lexmark printer/scanner combo which used to work fine on my arch install. However, its mobo died, so now I'm back at another install which refuses to scan. Scanning is done through the browser via a java applet residing on the printer's webserver. The applet does start (so it's not a java issue), but refuses to receive data from the scanner. Within the printer's web interface, it reads
If using Windows XP, the Windows XP personal firewall must be disabled before using Scan to PC profiles.
, so I'm assuming it might be a firewall issue. Lexmark's website provides the following advice:
The following two command lines will open the port 5353 for incoming and outgoing connections:
iptables -I INPUT -p udp -m udp --sport 5353 -j ACCEPT
iptables -I OUTPUT -p udp -m udp --dport 5353 -j ACCEPT
NOTE: These steps will work on most distributions configured with IPTABLES. There is no common command to make these rules persistent.
As I don't know anything about IP tables, I've simply copied these commands (as root, obviously). Still, I can't scan.
So, my questions are:
1. Has anybody else ever come across an issue like this?
2. I don't even know for sure, whether this is a firewall issue - What iptabled magic would I need to temporarily disable the firewall to check?
3. I tried checking my rules by "iptables -L". How can I tell "iptables -L" to specify the ports it is working on (as I did in the commands copied from lexmark's website)?
Best wishes,
RufusHi Bob
I believe so. We put the install disc into this mac back when we bought it to set up the printer. I'm assuming the scanning drivers were there as well since it's a multifunctional printer/scanner/fax wireless printer.
We've tried it both ways. If I press the button scan on the printer, it reads can't find computer (or something like that). When we go thru the HP icon on my computer screen and choose scan to computer, it does nothing.
We don't scan that often. So the few times when we ran into this problem, we just did something else (like take a pic from our iPhone and email the pic...kinda stupid but did the trick.
But I want to have the function of the scanner available. So that's why I'm here asking...thought others had this issue and had a solution. -
Windows Firewall issue, Inbound rule opend all, still not the same as turning off
This is Windows Firewall issue on Windows 8.1 Pro.
Backup Exec server cannot expand a computer node in selection list. I drill down to Microsoft Windows Network/Domain/Computers, then when I tried to expand a Windows 8.1 Pro computer node, it hangs out.
I narrowed this problem to Windows firewall related issue on Windows 8.1 Pro computer.
When I turn off Windows Firewall on Domain profile, Backup Exec Selection expands the computer node of the Windows 8.1 Pro computer. So, I created an inbound rule opening all to BAckup Exec server as following, but it's still not the same as turning off
Windows firewall specifically on Windows 8.1 Pro computer;
Any Local IP address, Any Remote IP address, Any port, Any protocol, All Interface, All Programs and Services, All profiles(Domain, Private, Public)
And there are no rules blocking any which may override the above rule.
Ethernet on Windows 8.1 Pro computer shows profile is linked with Domain, but just to make it work, I selected all profiles.
Even though I opened all available in inbound rule, it's still not the same as turning off windows firewall. Why am I missing?It looks as something related to RPC(UDP 135), but even when inbound rule is all open, why it matters? RPC seems working fine only when firewall is turned off on domain profile.
Protocol 17 is UDP
Port: 135
===============================
Event ID 5152
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID:
0
Application Name:
Network Information:
Direction:
Outbound
Source Address:
192.168.1.120
Source Port:
0
Destination Address:
192.168.1.11
Destination Port:
0
Protocol:
1
Filter Information:
Filter Run-Time ID:
245836
Layer Name:
ICMP Error
Layer Run-Time ID:
32
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID:
0
Application Name:
Network Information:
Direction:
Inbound
Source Address:
192.168.1.11
Source Port:
35341
Destination Address:
192.168.1.120
Destination Port:
135
Protocol:
17
Filter Information:
Filter Run-Time ID:
245834
Layer Name:
Transport
Layer Run-Time ID:
13 -
PIX authorization issue with TACACS+
I have setup on a network
PIX firewall(ver 6.3(5).
aaa-server TACACS+ (inside) host 172.20.67.153 cisco123
aaa accounting telnet console TACACS+ LOCAL
aaa authentication telnet console TACACS+ LOCAL
aaa authorization commands TACACS+
I could able to login enable mode.
But Iam getting Comamnd Authorization failed. If iam trying config t, show run which are allowed in PIX/ASA command authorization set in TACACS+.Hi friend,
You could try the following:
1) See the configuration of the user authorization on the ACS. Maybe there's a mistake when giving plivileges to the disired user.
See these documents:
http://www.cisco.com/en/US/customer/products/sw/secursw/ps2086/prod_configuration_examples_list.html
2) Configure a local user and try to login wiht the local database. To do it, see the example bellow:
username admin password xxxxxxxx encrypted privilege 15
Hope it helps. If it does, please rate.
Regards,
Rafael Lanna -
Oracle 8i through CISCO PIX Firewall
HI all,
I Need some help here with CISCO PIX Firewall 506e series. The ORACLE Server 8i on Windows NT.4, placed at the inside interface of PIX Firewall.
The Firewall has been configured to allow all the port to come from outside interface (this is where the Oracle client reside). When the client from outside try the oracle client application (where the login promt for username and password) when pressed enter the error msg
=============================
oracle error con 440
unable to make connection oracle - 12514 tns.couldn't resolve service name
the menu was not connectable with oracle. a menu is ended
==============================
Many thanks for PIX and Oracle config.
HATOVarun,
Thank you for your help.
I have one quick question, this pix is not in failover, it is standalone but it has Unrestricted license. It only has 64Mb of Ram. Will I have any problems based on your link recommendation?
Memory Requirements:
If you are using a PIX 515/515E running PIX Version 6.2/6.3, you must increase your memory before upgrading to PIX Version 8.0(2). This version requires at least 64 MB of RAM for Restricted (R) licenses and 128 MB of RAM for Unrestricted (UR) and Failover (FO) licenses
What is the difference between the restricted Licenses and the Unrestricted Licenses?
Thanks! -
RMI firewall issue - opening port 1099 is not enough
Hello,
We have a distributed java desktop app that uses RMI with callbacks to communicate amongst the clients. It all works really well at our dev site and at 2 trial sites.
We are about to deploy out to more customer sites - so I have been doing more testing with firewalls etc and discovered some issues. Our customers are small businesses and typically have between 1 and 10 desktop clients that connect to the server via RMI. These customers are "very NOT technical", so we need to give them set-and-forget firewalls etc.
This is all on a LAN, with RMI using port 1099. On the firewalls (of the various PCs) we open ports 1099 (RMI) and 5432 (for the Postgres DB).
Also, I was using "CurrPorts" and "SmartSniff" to monitor the traffic at each PC - so I had a reasonable view of proceedings.
Basically, opening port 1099 on the server is necessary, but it is NOT ENOUGH. The RMI moves off to ports other than 1099, and the server firewall does not allow the connection.
Procedure ...
(1) start the "server" app - which starts the RMI registry - the "localhost" desktop app also starts and it works well to both the database and the RMI.
(2) start another client - it connects to the DB Server, but NOT the RMI server.
(3) open the server firewall to all traffic for a few seconds - then the client connects successfully.
From CurrPort logging I could watch the RMI comms progress over those first few minutes ...
Initially the comms do include port 1099 on the initial call to the server, but there after there are always 2 or 3 "channels" open, but not to 1099.
I notice that the Postgres DB keeps using port 5432 for all of its active channels - so it does not have the same firewall issue.
After we have opened the firewall for a few seconds - to enable the link - then we can turn the client on and off and the client re-connects without issue - so it would seem to be only an issue with the initial connection.
I am sure that this is all completely standard and correct RMI behavior.
QUESTIONS:
1. Can RMI be "forced" to always use port 1099 for connections, and not move to other ports? (like the database uses 5432)
2. Are there any suggestions for getting around this seemingly standard RMI behaviour?
Other comments ...
The firewall lets me open individual ports (say 1099) - BUT I can not justify opening ALL ports.
The firewall lets me open all ports to an application, say "C:\Program Files\Java\jre6\bin\java.exe", but that app will occasionally change at a customer's site as they will update their java version and suddenly our app will stop working.
Any guidance is appreciated.
Many Thanks,
-Damian1. Can RMI be "forced" to always use port 1099 for connectionsYes. Export all your servers on the same port. See UnicastRemoteObject constructor that takes an int, or UnicastRemoteObject.exportObject(int). If the RMI Registry is a separate process you can't re-use 1099 for this purpose, but see below.
2. Are there any suggestions for getting around this seemingly standard RMI behaviour?Yes. Start the RMI Registry in the same JVM as the code, then you only need to use 1099 for everything.
If you are using server socket factories, make sure they have an equals() method, or use the same instance for all remote objects. -
Hi,
I need urgent help about PIX firewall setup.......
My one of the pix firewall flash was correpted it mean don't have flash file inside... I want to install flash file how to install...
It's showing "monitor >" mode.
monitor > help
by
senthilAnd also i need to know how to reset password i forgot the password for the another firewall...
I have to configure as per diagram(attached) already config is there but i need to know it's write or nor becasue this one last year one.
Please check and let me know ASAP.
Thanks....
Regards,
Senthil
I have to configure as per diagram(attached) already config is there but i need to know it's write or nor becasue this one last year one.
Please check and let me know ASAP.
Thanks....
Regards,
Senthil -
PIX 515 issue after trying to upgrade from 601 to 622
Hello,
I am having the following problem on my Cisco PIX 515:
I had been running:
Cisco Secure PIX Firewall Version 6.0(1)
PIX Device Manager Version 1.0(1)
Hardware: PIX-515, 32 MB RAM, CPU Pentium 200 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB
I upgraded the PIX to pix622.bin. That seemed to work, but the PIX did not boot after reload.
So I reverted it to pix601.bin.
That seemed to work, and my configuration file was still in place and all my services worked as before.
However, upon reload I get the following error:
Reading 2445824 bytes of image from flash.
32MB RAM
imgsum_config: sumval(0x1f8e) md5(0x95937073 0x75b817db 0x54d7811a 0xba7d0214)
imgsum_verify: chksum(0x 0) md5(0xf9d77cec 0xfca32e88 0xb13f21e9 0xfa81733b)
Panic: kernel - The checksum verification for this image failed.
Thoughts? Help?You get this error using the console right?
Mike -
I have Internet access, but don't have an ability to watch videos on our new iPad2. We are in a hotel, could it be their service or firewall issue?
If you are unable to view content that has already been downloaded then you problem is within you device. First shut it down all the way by holiding the sleep button at the top until the power off slide appears at the top of your screen. Then slide that and wait while it powers off. Give it a good 30 seconds to do this. then power it back up. if that doesn't work, you may need to call the apple care folks. One other option is to restore it to factory settings and reload it with the updates first and then sink your media to it. You should already have it backed up to iCloud, but if not, do that first then do the restore.
-
BorderManager and Pix Firewall
Hello,
Just implemented NSBS6.5 for a small bank with Pix firewall's inner IP
address as my next router on hop.Was able to send mails out but could not
receive inbound mails.Also the Bank's web site could no longer be
assesible from within the bank but could be connected to from any where
outside the bank's network.Could ping from the BorderManager proxy with
public IP of 172.16.1.2 to the Pix private with IP of 172.16.1.1
Moreover,a MaCafe Antivirus appliance was brought in and connected btw
the BorderManager Proxy server and the Pix firewall with a bridged
connection and an assigned IP address of 172.16.1.3 and 172.16.1.4 At
this
instance,could no longer ping the Pix 172.16.1.1, but could ping both
interface of the MaCafe appliance.Could not also send nor receive mails
via the mail proxy.
I intend bringing the MaCafe appliance before the BorderManager Proxy
and
assign a LAN address to it since it has a bridged config,so as to isolate
the problem of this appliance.
I need to get the mail server running perfectly and the website
assesible.Pls kindly help my case.
Regards,
Sesan.you need to go ask this in the support.bordermanager.install-setup
group as this group is for the client firewall product only.
Cheers!
Richard Beels
http://www.dsi-consulting.com
Collaboration without complication -
Unsolvable OS X firewall issues
Since switching from TWC to Verizon High Speed Internet, I've been unable to download Netflix, play Yahoo Backgammon, send email via Network Solutions server, send or receive email from mobile me account, and connect to a JSTOR server for downloading articles on my iMac, OS X 10.6.6. I suspect that it's a firewall issue, but haven't been able to confirm that with Verizon customer service.
The first time I called about the email, after verifying that we had an internet connection, Verizon said that it must be Network Solutions. I called Network Solutions and found that everything was in order there. I phoned Apple, and found that everthing was in order on my machine and software. Navigating the Automated Call Distrbution and hold times at each of these places took about 3 hours, which included about 40 minutes of trouble shooting - most of it by Apple. I had to go to work.
On my next day off I called verizon and asked to have my call escalated to a higher tier mac support technician, but they said that they didn't have higher tier technicians. We went through a laborious troubleshooting process, and the tech couldn't find the problem within 50 minutes, and I had to leave for an appointment. I couldn't call back that week. Verizon phoned a day or two later and left a message on my answering machine that invited me to call a toll free number if my issue had not been resolved. I called before leaving for work a few days later, got through to a Verizon mac OS tech, and went through the same laborious trouble shooting process to no avail. I asked to be transferred to a higher level tech, and the tech just put me back in the hold queue. The new service tech wanted to go through the same protocals that I had already been through, which I found unacceptable. As this was my forth attempt to correct this problem, I asked him to read the notes from previous service techs. The only note he could find said "Unable to connect to the internet."
I believe I'm beyond my 30 day trial, but I desperately want out of my contract with Verizon. Does anyone have any suggestions?Log into the modem using the following Usernames/Passwords at http://192.168.1.1/
admin/password
admin/password1
admin/admin
admin/admin1
Yout Verizon Username and Password
Set the Firewall to Disabled and see if your applications begin working. The Wireless key can be gotten from the Wireles Settings section.
========
The first to bring me 1Gbps Fiber for $30/m wins!
Maybe you are looking for
-
Reg: Dashboard page Name not getting displayed.
Hi I have created a dashboard Dashboard1 and it has 5 different pages pg1 thru pg5. I have 5 users USER1,USER2.USER3,USER4 and USER5. I have assigned each page to a user and all the users have access to Dashboard1 i.e USER1 pg1 of Dashboard1 USER2 pg
-
File Not Found exception.Am i missing anything?
I have created a file called CI.xml in an eclipse folder which exists I am getting the message: The system cannot find the file my code is private static final String XML_TEMPLATE_FOLDER ="xml/template" String fileFolder = getTemplateFolder(); File f
-
Difference between the G4 and G5. Should I buy the G5
What kind of difference is there between a G4 duel 1.25 vs. G5 duel 1.8 machines? I have the G4 and wonder if I should buy the G5(used).. Is the G5 that much faster? Such as rendering video.
-
In Firefox, I can NEVER do the Adobe Flash Player 11 Update
Question In Firefox, every time the Adobe Flash Player Update box shows up, I click on it, it scrolls right as it downloads, then I am asked to read the license, which take me to a page of a thousand license agreements. I choose the Flash Player 11 l
-
IPS 7.0(8)E4 service pack now available!
The 7.0(8)E4 service pack has been posted and is now available for download here: http://www.cisco.com/cisco/software/release.html?mdfid=282671829&flowid=4417&softwareid=282549759&release=7.0(8)E4&relind=AVAILABLE&rellifecycle=&reltype=latest