Policy issues with RMI
I developed a client app that runs correctly on my computer but when uploaded to a remote web server, it returns no answer. I believe this is caused by SocketPermission. It appears to be making a request. Can you tell me how the socket permissions can be adjusted for my application, when it resides on a web server not owned by me.
you need to read up on the java permissions settings for RMI also.
Similar Messages
-
Again: Policy issue with official certificate
Hi
The signer of the document in question uses an official p12 keystore issued by QuoVadis.
The receiving user then encounters a problem with the signature in adobe reader 11:
- The certificate chain is shown correctely
- The signer-certificate shows the yellow warning flag saying: The selected certificate has errors: Invalid policy constraint
This causes lot of problems in user environments now oblidged to deal with signed documents.
Since we have absolutely no influence on all the various digital ids out in the field following questions:
- Exactely hat policy constaints hurt adobe readers and why is this checked at all?
- What can/must we do on the signer's side to get a document signed with an official digital id accepted in adobe reader ?
- Is it reasonable to think a reader should accept an otherwise valid certification chains without threading the innocent receiver with "Something wrong with document credibility" ?
Thanks for yor help
MarcelA CA may issue many different signing certificates and System Administrator may restrict which signatures signed with certificates issued by this CA should be accepted as Valid on particular Reader installations.
Policy constraints are set on individual Acrobat/Reader installations. Usually they are set by IT but can be also done manually by the users. When policy constraints are enabled Reader validates only signatures signed with DIgital IDs that meet specified policy constraints. In Reader/Acrobat policy constraints are specified per trusted root certificate. In Reader XI go to Edit->Preferences->Signatures, click on More.... in "Identities&Trusted Certificates" and select "Trusted Certificates". In the list of ttrusted certificates select the root certificate of the chain in the problem signature and click "Edit Trust" button. In the dialog that comes up select "Policy Restrictions" tab. It contains on top explanation of what policy restrictions are.
Apparently the installations that exhibit this problem have some "Certificate policies" entered for QuoVadis trusted root. When it happens Reader will mark as Valid only signatures signed with the QuoVadis-issued Digital IDs that include matching policy constraints. There is nothing you can do about it on the signer's side, because it is controlled by the preferences on the recipients' side. -
Issue with rmi connection when server name has underscore("_")
Hi
I am getting the following error when server name has underscore("_"). And jserver is not coming up. can anyone please help me with this
ERROR 02/11 17:19:42 jserver [main] 104021
java.net.MalformedURLException: invalid authority: rmi://TP_BMCPOC:1099/server
at java.rmi.Naming.intParseURL(Naming.java:313)
at java.rmi.Naming.parseURL(Naming.java:220)
at java.rmi.Naming.rebind(Naming.java:154)
Looks liek Naming.rebind has some issue. is there any other alternative to register??
Thanks
anitha[http://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names]
-
Policy issues with new Version
I get the following error when an application has an assembly that asks for a Oracle.DataAccess version of 10.2.0.100 but the new server has 1.102.2.20 with the policies on it.
I want to avoid rebuilding assemblies with the latest version since their is a lot of them in over 50+ different applications.
Compiler Error Message: CS1705: Assembly 'SomeAssembly, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' uses 'Oracle.DataAccess, Version=10.2.0.100, Culture=neutral, PublicKeyToken=89b483f429c47342' which has a higher version than referenced assembly 'Oracle.DataAccess, Version=1.102.2.20, Culture=neutral, PublicKeyToken=89b483f429c47342'
Any suggestions? Thanks!Thanks for the reply. I noticed that article, but didn't get any help from it. The compiler in my situation doesn't like the way the "10" was dropped off the version. I figure there is nothing I can do about that, but I guess I'm really looking for a way to tell the compiler to ignore the fact it thinks it's going to use a lower version then what the assembly is calling for.
-
issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login
issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login
-
Issue with Lockout Duration in Password Policy in OAM
Hi,
We are facing an issue with the lockout duration configuration in the password policies in the identity manager interface for our OAM setup.
Oracle Access Manager 10g version 10.1.4
User/Policy Store: ADAM Ldap [Microsoft ADAM 2003]
After we lock out a user in our LDAP after 5 wrong attempts, the two attribute values in ADAM get updated to 5:
oblogintrycount
badPwdCount
Also I see that "oblockouttime" gets updated with an unix timestamp.
Now, we have set the "Lockout Duration" in the password policy as 1 hour. So, after 1 hour, the user should be unlocked in ADAM.
However, after 1 hour when the user tries to login, he/she gets the error that a wrong password has been entered for the userID.
When we check in ADAM, we see that the value of "oblogintrycount" was indeed reset. However the value of "badPwdCount" did not get reset and is still stuck at 5.
If we reset both these attribute values to 0, the user can login again.
Now, is OAM expected to reset both these attribute values to 0, or does it only reset the oblix attributes?
If it is the latter, is there a way around to resolve this issue? Or are we doing something wrong here?
Please let us know your feedback.
Thanks!
Abhishek.OAM only works with the ob* attributes, and not with badPwdCount attribute of the AD (ADAM). I think for some reason the password and account policies of the AD is being triggerred. Disable the AD password policy and it will be Ok.
Hope this helps. Let us know. -
sir have this error so what can i do The SIM card that you currently have installed in this iPhone is from a carrier that is not supported under the activation policy that is currently assigned by the activation server. This is not a hardware issue with the iPhone. Please insert another SIM card from a supported carrier or request that this iPhone be unlocked by your carrier. Please contact Apple for more information.
It looks like the iPhone is locked to a carrier that is not the one you are trying to use.
You need to determine which carrier it is locked to and then contact them to see if they are willing to authorise the unlocking of your iPhone. As ManSinha mentioned, many carriers will only authorised the unlock if requested by the customer who had the contract with them for this iPhone.
Remember that only the carrier who owns the lock on your Iphone can authorise Apple to unlock the iPhone in their servers. You need to contact the carrier or have the previous owner of the iPhone request the unlocking. -
the SIM card that you currently have installed in this iPhone is form a carrier that is not supported under the activation policy that is currently assigned by the activation server.this is not a hardware issue with the iphon. please insert another SIM card from supported carrier or request that this iPhone be unlocked by your carrier.
Similar issue
here is the description
I have similar message but for me the Verizon guys said they unlocked it and when I actually connected to iTunes using Verizon sim card and then did the restore as new iphone then everything worked well and at the end i saw the message "Congrats, your iphone is now unlocked" and then I did the set up as new iphone for my kid.
Once new apple ID was set up, then I removed the verizon SIM and then inserted prepaid t-mobile sim card and after the phone booted up then I got the same message like above...."not supported"
What do i do now? I think the phone is unlocked right?
Also do I need to insert Verizon SIM card and do restore as NEW and this time do not set up the iphone but change the SIM card and then set up or ?
I am confused and other threads were talking that if you get congrats message then u shd be good to use other SIM cards....please help!!! -
The Sim card that you currently have installed in this iphone is from a carrier that is not supprotedunder the activation policy that is currently assigned by the activation server. this is not a hardware issue with the iphone. please insert another sim card from a supported carrier or request that this iphone be unlocked by your carrier.please contact apple for more information.
I have similar message but for me the Verizon guys said they unlocked it and when I actually connected to iTunes using Verizon sim card and then did the restore as new iphone then everything worked well and at the end i saw the message "Congrats, your iphone is now unlocked" and then I did the set up as new iphone for my kid.
Once new apple ID was set up, then I removed the verizon SIM and then inserted prepaid t-mobile sim card and after the phone booted up then I got the same message like above...."not supported"
What do i do now? I think the phone is unlocked right?
Also do I need to insert Verizon SIM card and do restore as NEW and this time do not set up the iphone but change the SIM card and then set up or ?
I am confused and other threads were talking that if you get congrats message then u shd be good to use other SIM cards....please help!!! -
Issue with Policy set in AIA installation
Hi All,
when I access EM console, and navigate to WebLogic Domain and expand it
Right click the domain name and select Web Services and then Policies
by default i could see all the policies got selected .
By at run time got the error response as
"javax.xml.ws.soap.SOAPFaultException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security"
If I manually go and disable the below mentioned policies , then am able to invoke the service
Service Endpoints
oracle/aia_wss_saml_or_username_or_http_token_service_policy_OPT_ON
oracle/aia_wss_saml_or_username_token_service_policy_OPT_ON
Service Clients
oracle/aia_wss10_saml_token_client_policy_OPT_ON.
Can anyone Please clarify the issue .Issue with Output Device and assiged Device type. Output device need to pass CONVERT_OTF ot Smartform FM to correctly get characters set in German as well as East European Characters
-
Deployment Issues with Custom TS variables set for client
Good Day folks!
I have come across an interesting issue that I have not been able to find a quick fix as such I am looking for some ideas where to trouble shoot my issue moving forwards.
So the Issue:
I have a TS that deploys a Windows 8.1 SOE image, this is done first by using a PXE boot PE image for an “unknown” systems to load a Custom HTA. This HTA allows me manually add the system to SCCM and add it to a required deployments collection that has the
8.1 SOE deployed to it.
The HTA also sets a few custom variables for the system resource things like system location, Machine Domain etc.
Once the HTA has run the system then has a delay to allow for the resource to show up tin the 8.1 deployment collection and then closes.
Now all this appears to work fine, the system is added to the collection, reboots and the deployment runs from start to finish without error.
I can also check the system resource and the variables are present.
The problem I have found is that the custom variables for this resource are not being used by the TS after reboot.. upon further investigation I found that these variables are not even being retrieved ( ran a VB script to save all the variables from the
TS to a txt file to check this ) Because of this the TS is bypassing some needed TS Tasks.
A few interesting things to note:
System appears to be added again when AD discovery is run…. So it causes a Duplicate.
Client Dose connect to SCCM server after deployment but is not receiving deployments ( is getting some policy )
Worked with SCCM 2012 but not 2012 R2
So it appears that when the system reboots from the HTA PE step it has identified itself as an unknown system again…. Even though it has been manually added…
I am interested to know if first of all if others would agree with this and second how SCCM while running a TS matches itself up to a system to retrieve the custom set variables before client install etc... Or a good place to start looking
to dig up more information! Or anything else!
Thanks
Stuart.Have you taken a look at this hotfix?
http://support.microsoft.com/kb/2907591
We had to apply it in order for our variables to be seen.
joeblow -
An issue with authentication and authorization on ISE 1.2
Hi, I'm new to ISE.
I have an issue with authentication and authorization.
I have ISE 1.2 plus patch 6 installed on VMware.
I have built-in Windows XP supplicant and 2960 cisco switch with IOS c2960-lanbasek9-mz.150-2.SE5.bin
On supplicant I use EAP(PEAP) with EAP-MSCHAP v2.
I created authentication and authorization rules with Active Directory as External Identity Source. Also I applied authorization profile with DACL.I login on Windows XP machine under different Active Directory accounts. Everything works fine (authentication, authorization ), but only for several hours. After several hours passed , authentication and authorization stop working . I can see that ISE trying authenticate and authorize users, but ISE always use only one account for authentication and authorization . Even if I login under different accounts ISE continue to use only one last account.
I traied to reboot switch and PC,but it didn’t help. Only rebooting of ISE helps. After ISE rebooting, authentication and authorization start to work properly for several hours.
I don’t understand is it a glitch or I misconfigured ISE or switch, supplicant?
What should I do to resolve this issue?
Switch configuration:
testISE#sh runn
Building configuration...
Current configuration : 7103 bytes
! Last configuration change at 12:20:15Tue Apr 15 2014
! NVRAM config last updated at 10:35:02 Tue Apr 15 2014
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname testISE
boot-start-marker
boot-end-marker
no logging console
logging monitor informational
enable secret 5 ************
enable password ********
username radius-test password 0 ********
username admin privilege 15 secret 5 ******************
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting update periodic 5
aaa accounting dot1x default start-stop group radius
aaa server radius dynamic-author
client 172.16.0.90 server-key ********
aaa session-id common
clock timezone 4 0
system mtu routing 1500
authentication mac-move permit
ip dhcp snooping vlan 1,22
ip dhcp snooping
ip domain-name elauloks
ip device tracking probe use-svi
ip device tracking
epm logging
crypto pki trustpoint TP-self-signed-1888913408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1888913408
revocation-check none
rsakeypair TP-self-signed-1888913408
crypto pki certificate chain TP-self-signed-1888913408
dot1x system-auth-control
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
ip ssh version 2
interface FastEthernet0/5
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication open
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/6
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/7
interface Vlan1
ip address 172.16.0.204 255.255.240.0
no ip route-cache
ip default-gateway 172.16.0.1
ip http server
ip http secure-server
ip access-list extended ACL-ALLOW
deny icmp any host 172.16.0.1
permit ip any any
ip radius source-interface Vlan1
logging origin-id ip
logging source-interface Vlan1
logging host 172.16.0.90 transport udp port 20514
snmp-server community public RO
snmp-server community ciscoro RO
snmp-server trap-source Vlan1
snmp-server source-interface informs Vlan1
snmp-server enable traps snmp linkdown linkup
snmp-server enable traps mac-notification change move
snmp-server host 172.16.0.90 ciscoro
radius-server attribute 6 on-for-login-auth
radius-server attribute 6 support-multiple
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server dead-criteria time 5 tries 3
radius-server vsa send accounting
radius-server vsa send authentication
radius server ISE-Alex
address ipv4 172.16.0.90 auth-port 1812 acct-port 1813
automate-tester username radius-test idle-time 15
key ******
ntp server 172.16.0.1
ntp server 172.16.0.5
endYes. Tried that (several times) didn't work. 5 people in my office, all with vers. 6.0.1 couldn't access their gmail accounts. Kept getting error message that username and password invalid. Finally solved the issue by using Microsoft Exchange and "m.google.com" as server and domain and that the trick. Think there is an issue with imap.gmail.com and IOS 6.0.1. I'm sure the 5 of us suddently experiencing this issue aren't the only ones. Apple will figure it out. Thanks.
-
Routing Issue with 3550 Switch
I am having an issue with routing with one of my Cisco 3550 switches. I know the 3550s are EoL but some of us have to work with what we have.
I am using a 3550 on either side of a Layer 2 link. The Layer 2 link is 2 Extreme Summit X-440 switches with Microwave between the switches. I have a VLAN configured on both switches and tagged on the ports connected to the Microwave. The 3550 switch on each end is configured for IP routing but I cannot pass traffic between the switches. If I unplug the switch on the local end and plug in a laptop, I can ping the switch on the remote end and access devices at the remote end.
I know this should work because I am doing the same thing over another Microwave link and Layer 2 link using another 3550 and a HP ProCurve at the remote end.
Here are the configs for each 3550:
Local end; Port Fa0/23 goes to the Remote Side. Port Fa0/24 goes to the rest of the network
Current configuration : 5417 bytes
! No configuration change since last restart
version 12.2
no service pad
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
no service password-encryption
service sequence-numbers
hostname Brindley3550
enable secret 5 $1$3A.n$lzBUQg.fn4hJ7f0jEOqe71
no aaa new-model
clock timezone UTC -6
clock summer-time UTC recurring 1 Sun Apr 2:00 1 Sun Nov 2:00
mls qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos min-reserve 5 170
mls qos min-reserve 6 10
mls qos min-reserve 7 65
mls qos min-reserve 8 26
mls qos
ip subnet-zero
ip routing
ip domain-name morgan911.net
ip name-server 1.2.150.11
ip name-server 1.2.150.5
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
vlan internal allocation policy ascending
interface FastEthernet0/1
switchport access vlan 18
switchport mode dynamic desirable
spanning-tree portfast
{Removed for Brevity}
|
interface FastEthernet0/7
switchport access vlan 13
switchport mode dynamic desirable
spanning-tree portfast
interface FastEthernet0/8
switchport access vlan 13
switchport mode dynamic desirable
spanning-tree portfast
{Removed for Brevity}
interface FastEthernet0/23
description To Gum Springs via Extreme P10
no switchport
ip address 1.2.147.1 255.255.255.252
speed 100
duplex full
interface FastEthernet0/24
description To Flint via Ceragon Eth 2
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
mls qos trust cos
auto qos voip trust
wrr-queue bandwidth 20 1 80 1
wrr-queue min-reserve 1 5
wrr-queue min-reserve 2 6
wrr-queue min-reserve 3 7
wrr-queue min-reserve 4 8
wrr-queue cos-map 1 0 1 2 4
wrr-queue cos-map 3 3 6 7
wrr-queue cos-map 4 5
priority-queue out
spanning-tree link-type point-to-point
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/2
switchport access vlan 10
switchport trunk native vlan 50
switchport mode dynamic desirable
spanning-tree portfast trunk
interface Vlan1
ip address 1.2.145.2 255.255.255.0
ip default-gateway 1.2.145.1
ip classless
ip route 0.0.0.0 0.0.0.0 1.2.145.1
ip route 1.2.165.0 255.255.255.240 1.2.147.2
ip route 1.2.166.0 255.255.255.240 1.2.147.2
ip http server
snmp-server community public RO
snmp-server community public/RO RO
snmp-server location Brindlee Mountain Tower Site
snmp-server contact Jamey Wright
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps cluster
snmp-server enable traps entity
snmp-server enable traps envmon fan shutdown supply temperature
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps flash insertion removal
snmp-server enable traps port-security
snmp-server enable traps config
snmp-server enable traps syslog
snmp-server enable traps mac-notification
snmp-server enable traps vlan-membership
snmp-server host 1.2.150.100 public tty envmon syslog snmp
control-plane
ntp clock-period 17180143
ntp server 1.2.150.21
end
And this is the config for the remote end. Port Fa0/24 is the port for the link back to the local end.
Current configuration : 5058 bytes
version 12.2
no service pad
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
no service password-encryption
service sequence-numbers
hostname GS3550
enable secret 5 $1$3A.n$lzBUQg.fn4hJ7f0jEOqe71
no aaa new-model
clock timezone UTC -6
clock summer-time UTC recurring
mls qos map cos-dscp 0 8 16 24 32 46 46 56
udld aggressive
ip subnet-zero
ip routing
ip domain-name morgan911.net
ip name-server 1.2.150.11
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
interface FastEthernet0/1
switchport access vlan 21
switchport mode dynamic desirable
spanning-tree portfast
interface FastEthernet0/2
switchport access vlan 21
switchport mode dynamic desirable
power inline delay shutdown 20 initial 300
spanning-tree portfast
{Removed for Brevity}
interface FastEthernet0/23
switchport access vlan 22
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
spanning-tree portfast
interface FastEthernet0/24
description To Brindlee via Extreme P10
switchport mode dynamic desirable
(Is a member of VLAN 1)
speed 100
spanning-tree portfast
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/2
switchport mode dynamic desirable
spanning-tree portfast
interface Vlan1
ip address 1.2.147.2 255.255.255.252
interface Vlan21
ip address 1.2.165.1 255.255.255.240
ip helper-address 1.2.150.11
ip helper-address 1.2.150.5
interface Vlan22
ip address 1.2.166.1 255.255.255.240
ip helper-address 1.2.150.5
ip helper-address 1.2.150.11
ip default-gateway 1.2.147.1
ip classless
ip route 0.0.0.0 0.0.0.0 1.2.147.1 10
ip http server
snmp-server community public RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps cluster
snmp-server enable traps entity
snmp-server enable traps envmon fan shutdown supply temperature
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps flash insertion removal
snmp-server enable traps port-security
snmp-server enable traps config
snmp-server enable traps hsrp
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps syslog
snmp-server enable traps mac-notification
snmp-server enable traps vlan-membership
snmp-server host 1.2.150.100 public envmon syslog snmp
control-plane
ntp clock-period 17180192
ntp server 1.2.150.21 key 0 prefer
Ideas? Anything stand out as grossly wrong? I have worked on this for 2 days and am at a loss.
Thanks
JameySorry for the delay in replying. Other items at the office took priority over this project. I tried that and no change. I pulled the switch from the remote site and took it back to the local end and connected the switches with a crossover cable and everything works fine. I have pretty much determined that it is an issue with the config in one of the Extreme switches. The config in those look pretty normal but there are a few things I am unsure of. Guess I'll see if there is a similar site for Extreme gear.
Thanks
Jamey -
Issue with LPCOR on CME 10.5
Dear All,
I am facing issues with LPCOR configuration on CME 10.5. For International calls the Authentication Prompts triggers some times and some times doen not.
Also when a local call is dialed the Authentication Prompt is triggered some times.Below is the config and debug logs. Need your help to resolve this.
voice lpcor enable
voice lpcor custom
group 10 endusers
group 11 pstn
voice lpcor policy endusers
service fac
accept endusers fac
accept pstn fac
voice lpcor policy pstn
service fac
accept endusers fac
accept pstn fac
application
package auth
param passwd-prompt flash:enter_pin.au
param max-retries 0
param abort-digit *
param term-digit #
param user-prompt flash:enter_account.au
param passwd 12345
param max-digits 32
interface GigabitEthernet0/1.1
encapsulation dot1Q 1 native
ip address 10.25.76.1 255.255.255.0
interface GigabitEthernet0/1.201
encapsulation dot1Q 201
ip address 10.25.77.1 255.255.255.0
voice-port 0/0/0
lpcor outgoing pstn
trunk-group ALL_FXO 1
supervisory disconnect dualtone mid-call
supervisory custom-cptone 2n-gsm
no battery-reversal
input gain -6
output attenuation -3
cptone SA
timeouts call-disconnect 1
timeouts wait-release 1
timing sup-disconnect 50
connection plar 5040
caller-id enable
cable-detect
dial-peer cor custom
name local
name longdistance
name 911
name Internal
name fac-int
name user-fac
dial-peer cor list local
member local
dial-peer cor list call-local
member local
dial-peer cor list call-longdistance
member longdistance
dial-peer cor list user1
member local
member 911
dial-peer cor list user2
member local
member longdistance
member 911
member user-fac
dial-peer cor list user3
member 911
dial-peer cor list call-911
member 911
dial-peer cor list call-internal
member Internal
dial-peer cor list fac-int
member local
member 911
member fac-int
dial-peer cor list user-fac
member user-fac
dial-peer voice 96 pots
trunkgroup ALL_FXO
corlist outgoing call-911
destination-pattern 9[2-6]......
forward-digits 7
dial-peer voice 901 pots
trunkgroup ALL_FXO
corlist outgoing call-911
destination-pattern 901[2-4,6-8].......
forward-digits 10
dial-peer voice 800 pots
trunkgroup ALL_FXO
destination-pattern 9800T
prefix 800
dial-peer voice 900 pots
destination-pattern 9T
port 0/0/3
prefix 9
dial-peer voice 11 pots
destination-pattern 901........
port 0/0/3
forward-digits 10
dial-peer voice 9051 pots
trunkgroup ALL_FXO
corlist outgoing call-local
destination-pattern 905........
forward-digits 10
dial-peer voice 19 pots
trunkgroup ALL_FXO
corlist outgoing fac-int
destination-pattern 900T
translate-outgoing called 1
forward-digits all
dial-peer voice 20 voip
description International calling
service clid_authen_collect
destination-pattern 900T
lpcor outgoing pstn
session target ipv4:10.25.76.1
incoming called-number 9T
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
ephone-dn 1
number 4121
name John
corlist incoming fac-int
ephone 1
lpcor type local
lpcor incoming endusers
mac-address E0D1.730A.21DE
ephone-template 2
type 7942
button 1:1
voice register dn 33
number 4163
call-forward b2bua busy 5000
call-forward b2bua noan 5000 timeout 20
call-forward b2bua unregistered 5000
allow watch
name Joseph
mwi
voice register pool 33
busy-trigger-per-button 4
id mac BC67.1C31.C8AA
type 7821
number 1 dn 33
cor incoming fac-int 1 4163
dtmf-relay rtp-nte
codec g711ulaw
transfer max-length 4
Debug Logs
DAMAC-CME-ANOUD#DEBUg VOIce lpcor all
voip lpcor all debugging is on
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#term
DAMAC-CME-ANOUD#terminal i
DAMAC-CME-ANOUD#terminal i
Apr 12 16:22:39.825: %VOIPAAA-5-VOIP_CALL_HISTORY: CallLegType 1, ConnectionId F692C420E06611E4BB0CE7FDC5486EA5, SetupTime 16:22:35.615 UTC Sun Apr 12 2015, PeerAddress 4130, PeerSubAddress , DisconnectCause 10 , DisconnectText normal call clearing (16), ConnectTime 16:22:39.825 UTC Sun Apr 12 2015, DisconnectTime 16:22:39.825 UTC Sun Apr 12 2015, CallOrigin 2, ChargedUnits 0, InfoType 2, TransmitPackets 0, TransmitBytes 0, ReceivePackets 0, ReceiveBytes 0
Apr 12 16:22:39.825: %VOIPAAA-5-VOIP_FEAT_HISTORY: FEAT_VSA=fn:TWC,ft:04/12/2015 16:22:35.609,cgn:4130,cdn:,frs:0,fid:2599,fcid:F692C420E06611E4BB0CE7FDC5486EA5,legID:284C,bguid:F692C420E06611E4BB0CE7FDC5486EA5mon
DAMAC-CME-ANOUD#terminal imon
^
% Invalid input detected at '^' marker.
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
Apr 12 16:22:44.089: //-1/xxxxxxxxxxxx/LPCOR/lpcor_get_index_by_name:
lpcor endusers
Apr 12 16:22:44.089: //-1/xxxxxxxxxxxx/LPCOR/lpcor_get_index_by_name:
lpcor endusers index 10
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#show debug
VOIP LPCOR:
debug voip lpcor error call is ON (filter is OFF)
debug voip lpcor error call informational is ON (filter is OFF)
debug voip lpcor error software is ON
debug voip lpcor error software informational is ON
debug voip lpcor detail is ON (filter is OFF)
debug voip lpcor function is ON (filter is OFF)
debug voip lpcor inout is ON (filter is OFF)
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
Apr 12 16:23:22.889: %VOIPAAA-5-VOIP_CALL_HISTORY: CallLegType 1, ConnectionId FBA1532AE06611E4BB10E7FDC5486EA5, SetupTime 16:22:44.089 UTC Sun Apr 12 2015, PeerAddress 4130, PeerSubAddress , DisconnectCause 10 , DisconnectText normal call clearing (16), ConnectTime 16:23:02.009 UTC Sun Apr 12 2015, DisconnectTime 16:23:22.889 UTC Sun Apr 12 2015, CallOrigin 2, ChargedUnits 0, InfoType 2, TransmitPackets 0, TransmitBytes 0, ReceivePackets 1038, ReceiveBytes 166080
Apr 12 16:23:22.889: %VOIPAAA-5-VOIP_FEAT_HISTORY: FEAT_VSA=fn:TWC,ft:04/12/2015 16:22:44.093,cgn:4130,cdn:,frs:0,fid:2600,fcid:FBA1532AE06611E4BB10E7FDC5486EA5,legID:284D,bguid:FBA1532AE06611E4BB10E7FDC5486EA5
Apr 12 16:23:22.905: %VOIPAAA-5-VOIP_CALL_HISTORY: CallLegType 1, ConnectionId FBA1532AE06611E4BB10E7FDC5486EA5, SetupTime 16:22:57.795 UTC Sun Apr 12 2015, PeerAddress 0097150107659, PeerSubAddress , DisconnectCause 10 , DisconnectText normal call clearing (16), ConnectTime 16:23:02.015 UTC Sun Apr 12 2015, DisconnectTime 16:23:22.905 UTC Sun Apr 12 2015, CallOrigin 1, ChargedUnits 0, InfoType 2, TransmitPackets 1038, TransmitBytes 174384, ReceivePackets 1043, ReceiveBytes 166880
Apr 12 16:23:22.905: %VOIPAAA-5-VOIP_FEAT_HISTORY: FEAT_VSA=fn:TWC,ft:04/12/2015 16:22:57.785,cgn:4130,cdn:0097150107659,frs:0,fid:2601,fcid:FBA1532AE06611E4BB10E7FDC5486EA5,legID:284E,bguid:FBA1532AE06611E4BB10E7FDC5486EA5
Apr 12 16:23:25.317: //-1/xxxxxxxxxxxx/LPCOR/lpcor_get_index_by_name:
lpcor endusers
Apr 12 16:23:25.317: //-1/xxxxxxxxxxxx/LPCOR/lpcor_get_index_by_name:
lpcor endusers index 10
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#un all
All possible debugging has been turned off
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#
DAMAC-CME-ANOUD#!ok just send me these logs
DAMAC-CME-ANOUD#!i have to move from here
Apr 12 16:24:02.153: %VOIPAAA-5-VOIP_CALL_HISTORY: CallLegType 1, ConnectionId 14343755E06711E4BB16E7FDC5486EA5, SetupTime 16:23:25.323 UTC Sun Apr 12 2015, PeerAddress 4130, PeerSubAddress , DisconnectCause 10 , DisconnectText normal call clearing (16), ConnectTime 16:23:43.393 UTC Sun Apr 12 2015, DisconnectTime 16:24:02.153 UTC Sun Apr 12 2015, CallOrigin 2, ChargedUnits 0, InfoType 2, TransmitPackets 0, TransmitBytes 0, ReceivePackets 930, ReceiveBytes 148800
Apr 12 16:24:02.153: %VOIPAAA-5-VOIP_FEAT_HISTORY: FEAT_VSA=fn:Tnow
DAMAC-CME-ANOUD#\WC,ft:04/12/2015 16:23:25.321,cgn:4130,cdn:,frs:0,fid:2602,fcid:14343755E06711E4BB16E7FDC5486EA5,legID:2850,bguid:14343755E06711E4BB16E7FDC5486EA5
Apr 12 16:24:02.169: %VOIPAAA-5-VOIP_CALL_HISTORY: CallLegType 1, ConnectionId 14343755E06711E4BB16E7FDC5486EA5, SetupTime 16:23:39.169 UTC Sun Apr 12 2015, PeerAddress 0097150107659, PeerSubAddress , DisconnectCause 10 , DisconnectText normal call clearing (16), ConnectTime 16:23:43.389 UTC Sun Apr 12 2015, DisconnectTime 16:24:02.169 UTC Sun Apr 12 2015, CallOrigin 1, ChargedUnits 0, InfoType 2, TransmitPackets 930, TransmitBytes 156240, ReceivePackets 937, ReceiveBytes 149920
Apr 12 16:24:02.169: %VOIPAAA-5-VOIP_FEAT_HISTORY: FEAT_VSA=fn:TWC,ft:04/12/2015 16:23:39.169,cgn:4130,cdn:0097150107659,frs:0,fid:2603,fcid:14343755E06711E4BB16E7FDC5486EA5,legID:2851,bguid:14343755E06711E4BB16E7FDC5486EA5We have come across this issue today in 10.9.5 (so affects 10.9.4 as well) but it was occurring in Sydney as well with a client and for me in Melbourne.
-
SSL VPN (WebVPN) issues with IOS 15.0(1)M1
Hello everyone... I need your help!
I am having some weird issues with webvpn/anyconnect, please find the relevant information below;
Symptoms:
- AnyConnect Client prompts users with the following error:
"The secure gateway has rejected the agent's VPN connect or reconnect request. A new connection requires re-authentication and must be started manually. Please contact your network administrator if this problem persists."
Debug:
Mar 5 13:09:45:
Mar 5 13:09:45: WV-TUNL: Tunnel CSTP Version recv use 1
Mar 5 13:09:45: WV-TUNL: Allocating tunl_info
Mar 5 13:09:45: WV-TUNL: Allocating stc_config
Mar 5 13:09:45: Inserting static route: 172.25.130.126 255.255.255.255 SSLVPN-VIF36 to routing table
Mar 5 13:09:45: WV-TUNL: Use frame IP addr (172.25.130.126) netmask (255.255.255.255)
Mar 5 13:09:45: WV-TUNL: Tunnel entry create failed:IP= 172.25.130.126 vrf=77 session=0x67234340
Mar 5 13:09:45: HTTP/1.1 401 Unauthorized
Mar 5 13:09:45:
Mar 5 13:09:45:
Mar 5 13:09:45:
Mar 5 13:09:45: Deleting static route: 172.25.130.126 255.255.255.255 SSLVPN-VIF36 from routing table
Mar 5 13:09:45: WV-TUNL: Failed to install (addr 172.25.130.126, table_id 77) to TCP
Mar 5 13:09:45: WV-TUNL*: Received server IP packet 0x6692EB08:
Mar 5 13:09:45: WV-TUNL: CSTP Message frame received from user usr-test (172.25.130.126)
WV-TUNL: Severity ERROR Type USER_LOGOUT
WV-TUNL: Text: HTTP response contained an HTTP error code.
Mar 5 13:09:45: WV-TUNL: Call user logout function
Mar 5 13:09:45: WV-TUNL: Clean-up tunnel session (usr-test)
When the error occurs, the "SVCIP install TCP failed" counter increments:
VPN-Router1# show webvpn stats detail context CUSTOMER-VPN
[snip]
Tunnel Statistics:
Active connections : 1
Peak connections : 3 Peak time : 19:09:04
Connect succeed : 9 Connect failed : 5
Reconnect succeed : 0 Reconnect failed : 0
SVCIP install IOS succeed: 14 SVCIP install IOS failed : 0
SVCIP clear IOS succeed : 18 SVCIP clear IOS failed : 0
SVCIP install TCP succeed: 9 SVCIP install TCP failed : 5
DPD timeout : 0
[snip]
IOS Version Details:
Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1)
System image file is "disk2:c7200-advipservicesk9-mz.150-1.M1.bin"
The router also runs IPSEC remote access VPN in addition to the webvpn/anyconnect scheme.
Config:
webvpn context CUSTOMER-VPN
title "SSL VPN for Customer"
ssl authenticate verify all
login-message "Enter username and passcode"
policy group CUSTOMER-VPN
functions svc-required
svc keep-client-installed
svc split include 10.1.16.0 255.255.240.0
svc split include 10.1.2.0 255.255.254.0
vrf-name CUSTOMER-VPN
default-group-policy CUSTOMER-VPN
aaa authentication list AAA-LIST
aaa authentication auto
aaa accounting list AAA-LIST
gateway vpn virtual-host customer.xx.com
logging enable
inservice
The error happens sporadically, at least once a week, and on different contexts. Does anyone have any clue on what can cause this issue? Any help is appreciated!Have you seen my post https://supportforums.cisco.com/message/2016069#2016069 ?
At that point in time we were running with local pool definition.
As the http 401 rc happens very sporadically we still gathering incident reports internally.
Will open a case if you did not yet.
cheers, Andy
Maybe you are looking for
-
IPod Nano would not connect to Windows or Format. *SOLVED*
Ok, first post and I am just posting to thank those who have posted some different things to try, thanks to you guys, I have a working iPod Nano. Here is what I tried... The Problem iTunes would not see my nano and could not format the nano during in
-
Hi all, I have not got this phone as of yet, but I just want to check a few things first. I read that the Narrator component (that speaks the text on the screen makes it possible for visually impaired people to use the phone) is only available in US.
-
Reader X plugin integration with Windows Explorer 8 and Protected Mode
Hello I am viewing pdfs with Reader 10.1.3 within ie8 on XP I have a Reader plug-in (WordFinder.api) that works ok with Protected Mode disabled. Unfortunately I have customers that require Protected Mode enabled and this stops the plugin working. Wit
-
Page scaling at different resolutions
Hi everyone. I made a web page using Adobe Flash and Dreamweaver, but I have a problem, the web page fits perfect on my monitor (of course) but if the web browser is not maximized or the screen resolution is less than mine it looks ugly.How can i mak
-
HI I have my Web server (Sun One Web server 6.1) running and my First ASP Page ready, where do i store my .asp pages and how do i run the first ASP Page?