Port Disable for traffic flowing only one direction
Hi,
We use some Catalyst Express 500 and ESW-520 in our company.
But with the Catalyst Express 500 we have problem that we can't arrive to explain.
Some Gi port turn disable with this log error message :
Description: Gi1: This port is disabled because the traffic is flowing only in one direction. The cause might be incorrect cabling.
Recommendation: Make sure that cable is properly connected to the ports. For fiber connections, ensure that the transmit and receive fibers are connected correctly. Disable and Enable the port.
For the recommandation the cable is right, we change it and we change the switch by an other and the probleme continue.
If we change with a ESW-520 the problem don't arrive, but we can't change all our old switch for moment.
Any idea about this problem?
Hi Guys,
Thank you all for your help. The packet was being dropped on the "implicit rule", that means that the packet was not finding an ACL to match.
I checked the ACLs that the VPN Wizard generates by itself when used to configure an IPSec connection, and the ACLs where correct and "before" the implicit rule . (They are called by default outside_cryptomap_"number")
It seems that since I am not using "sysopt connection permit-vpn" I have to add the same ACLs to the "Local Network" interface (VPN_LAN).
Since there was inbound ACLs related to the VPN_LAN interface, the firewall jumped directly to the "implicit rule".
So the result is that I have two times the same rules first inbound on the VPN_LAN and second on the default outside_cryptomap ACLs.
Greetings,
Daniel
Similar Messages
-
Handoff Works Only One Direction
Apple has forced me to change my password to make updates to my account. Every since then, Handoff has stopped working one direction.
Going from OS X (10.10.3) to iOS (8.2 now 8.3) actually works, for both my iPhone and iPad.
However, the other direction isn't working. I've tried disabling and re-enabling handoff on all my device. Neither iOS device is sending or can send to my MBPro. This has also broken my ability to receive SMS texts in my MBPro. As both devices accept Handoff just fine, but neither can seen to hand-off successfully, I'm inclined to think it's my MBPro having the issue. And given it does work one direction, we can rule out Network or connectivity issues.
Has anybody else experienced this problem? What can I do to get this back working again?Follow the instructions in this support article. All the devices using Handoff must be connected to the same Wi-Fi network. If the Mac also has an Ethernet connection, disconnect the Ethernet cable.
If Handoff still doesn't work, on the mobile device, turn Handoff off and back on as directed in the linked article. On the Mac, turn Bluetooth off and back on. You might have to restart a mobile device to get it working. -
RV042 - direct browsing traffic to only one WAN port?
Hi, I have a RV042 (firmware 1.3.13.02-tm). Is it possible to configure so traffic from a specific domain (incl. its sub-domains) is directed exclusively to one WAN port? If so, how can I do this? Thanks.
Hi PAC, in a load balance environment it affects only outbound traffic which would use protocol bind to force traffic through a particular WAN port, meaning it won't affect inbound traffic.
The access rules page only supports source interface but you may try to create an access rule that looks something like this;
Action Allow
Service - (Whatever service you're using)
Source interface WAN 1
Source IP address - Range of public IP address from the domain/sub domains
Destination Ip address - The IP address of your subnet or specific nodes
Now, if you're using a load balance environment, you may want to bind traffic to WAN 1 that originate from the specific hosts that make the request to the domain/sub domains to ensure the source IP address leaving the router otherwise it would be possible to have a different source IP going over the 2nd WAN.
I'm not sure if it would work this way but to the best of my knowledge this would about be the only way to make it work since the router doesn't support telling inbound services to use a specific WAN.
-Tom
Please mark answered for helpful posts -
Site to Site Tunnel - Traffic just flowing in one direction.
Greetings to everyone,
I have configured an IPSec (Site-to-Site) tunnel between an ASA5510 and a Linux Sytem connection a Network A with a Network B in the following way:
* Diagram:
#---------------IPSec-----------------#
private network (A) ---- Linux Router (GW1) -------- WAN -------- (GW2) ASA5510 ---- public network (B)
* Results:
I have checked the IPSec Tunnel on the linux Router and both Phase 1 and Phase 2 are UP. ASDM shows also an IPSec connection with the correct parameters (GW, Local Network, Left Network etc.).
If I have correctly understand it "show crypto iskmp sa", "show crypto ikev1 sa" and "show crypto ipsec sa" show also that the connection is correct and UP.
*Now comes the interesting thing:
If I ping from Network A to Network B, the icmp echo request go thorugh the tunnel and I can see the Rx bytes on the cisco ASA going UP.
If I ping from Network B to Network A, I do not see any Tx Bytes on the Tunnel. The Linux router does not also see any packets going through the tunnel.
When I ping from Network B to Network A, the Firewall Logs ICMP Denies. That means that the traffic from B to A, I do not know why, is not matching the corresponding Tunnel ACL, the icmp packets are being routed to the default gateway instead through the tunnel and they are then matching a less specific droping rule on the main firewall.
*Configurations:
I have specially configured a Crypto Map that matches the Networks in Both directions.
There exists an ACL that permits the traffic in both directions.
There exist a NAT rules that permits traffic between both networks without being NATed, in order for both networks to transmit through the tunnels freely.
* Ideas ?
crypto map?
NAT?
ACL?
interface level security?
Thanks in advance.Hi Guys,
Thank you all for your help. The packet was being dropped on the "implicit rule", that means that the packet was not finding an ACL to match.
I checked the ACLs that the VPN Wizard generates by itself when used to configure an IPSec connection, and the ACLs where correct and "before" the implicit rule . (They are called by default outside_cryptomap_"number")
It seems that since I am not using "sysopt connection permit-vpn" I have to add the same ACLs to the "Local Network" interface (VPN_LAN).
Since there was inbound ACLs related to the VPN_LAN interface, the firewall jumped directly to the "implicit rule".
So the result is that I have two times the same rules first inbound on the VPN_LAN and second on the default outside_cryptomap ACLs.
Greetings,
Daniel -
Solaris 11 responds to IPSEC VPN traffic ONLY one direction
I have established a IPSEC VPN tunnel between my remote solaris 11 and office Sonicwall router using Site to Site. Everything works fine if the traffic initiates from the Solaris side. However when I try to ping or any network services like nfs,ssh, samb, etc. on the remote solaris box from our office. The server does NOT respond to the incoming packets but packets are going through the tunnel and appears on the remote end when I do snoop –d tun0 and snoop –I vnic0. What I do notice is that snoop –d vnic0 shows no packets and it doesn’t seem to get any traffic at all (see netstat –rn). Could it be my routing table? Ip zones? Any ideas? I followed the Oracle Documents very carefully and with extra help from other extern Solaris 11 admin sites. I know people would suggest using OpenSwan or OpenVPN but this setup should work.
Here is the network info on my IPSEC VPN setup. Tunnel is configured in Transport Mode and IPSEC/IKE is working fine.
Solaris 11 vnic0/10.4.0.1/24, external Internet Nic is nge0/209.xxx.xxx.194/25
# dladm show-link
LINK CLASS MTU STATE OVER
nge0 phys 1500 up --
tun0 iptun 1402 up --
vnic0 vnic 1500 up nge0
# dladm show-iptun
LINK TYPE FLAGS LOCAL REMOTE
tun0 ipv4 s- 209.xxx.xxx.194 64.xxx.xxx.34
# ipadm show-if
IFNAME CLASS STATE ACTIVE OVER
lo0 loopback ok yes --
nge0 ip ok yes --
vnic0 ip ok yes --
tun0 ip ok yes --
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
nge0/v4 static ok 209.xxx.xxx.194/25
vnic0/inside static ok 10.4.0.1/24
tun0/v4 static ok 10.4.0.1->172.20.0.1
lo0/v6 static ok ::1/128
# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
default 209.xxx.xxx.129 UG 6 16874898 nge0
10.4.0.0 10.4.0.1 U 2 0 vnic0
10.181.0.0 172.20.0.1 UGS 3 16862235 tun0
127.0.0.1 127.0.0.1 UH 2 1786 lo0
172.20.0.1 10.4.0.1 UH 3 16862235 tun0
Routing Table: IPv6
Destination/Mask Gateway Flags Ref Use If
::1 ::1 UH 2 42 lo0
# routeadm
Configuration Current Current
Option Configuration System State
IPv4 routing disabled disabled
IPv6 routing disabled disabled
IPv4 forwarding disabled disabled
IPv6 forwarding disabled disabled
Routing services "route:default ripng:default"
Routing daemons:
STATE FMRI
disabled svc:/network/routing/ripng:default
disabled svc:/network/routing/rdisc:default
disabled svc:/network/routing/route:default
disabled svc:/network/routing/legacy-routing:ipv4
disabled svc:/network/routing/legacy-routing:ipv6
online svc:/network/routing/ndp:default
Solaris># ping 10.181.1.218
10.181.1.218 is alive
C:\>ping 10.4.0.1
Pinging 10.4.0.1 with 32 bytes of data:
Request timed out.
Request timed out.
# snoop -d tun0 10.181.1.218
Using device tun0 (promiscuous mode)
10.181.1.218-> 10.4.0.1 ICMP Echo request (ID: 1 Sequence number: 33) (1 encap)
10.181.1.218-> 10.4.0.1 ICMP Echo request (ID: 1 Sequence number: 34) (1 encap)
# snoop -I vnic0 10.181.1.218
Using device ipnet/vnic0 (promiscuous mode)
10.181.1.218-> 10.4.0.1 ICMP Echo request (ID: 1 Sequence number: 36)
10.181.1.218-> 10.4.0.1 -i ICMP Echo request (ID: 1 Sequence number: 37)
# ipadm show-prop
PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE
ipv4 forwarding rw off off off on,off
ipv4 ttl rw 255 -- 255 1-255
ipv6 forwarding rw off -- off on,off
ipv6 hoplimit rw 255 -- 255 1-255
ipv6 hostmodel rw weak -- weak strong,
src-priority,
weak
ipv4 hostmodel rw strong strong weak strong,
src-priority,
weak
icmp max_buf rw 262144 -- 262144 65536-1073741824
icmp recv_buf rw 8192 -- 8192 4096-262144
icmp send_buf rw 8192 -- 8192 4096-262144
tcp cong_default rw newreno -- newreno newreno,cubic,
highspeed,vegas
tcp cong_enabled rw newreno,cubic, newreno,cubic, newreno newreno,cubic,
highspeed, highspeed, highspeed,vegas
vegas vegas
tcp ecn rw passive -- passive never,passive,
active
tcp extra_priv_ports rw 2049,4045 -- 2049,4045 1-65535
tcp largest_anon_port rw 65535 -- 65535 32768-65535
tcp max_buf rw 1048576 -- 1048576 128000-1073741824
tcp recv_buf rw 128000 -- 128000 2048-1048576
tcp sack rw active -- active never,passive,
active
tcp send_buf rw 49152 -- 49152 4096-1048576
tcp smallest_anon_port rw 32768 -- 32768 1024-65535
tcp smallest_nonpriv_port rw 1024 -- 1024 1024-32768
udp extra_priv_ports rw 2049,4045 -- 2049,4045 1-65535
udp largest_anon_port rw 65535 -- 65535 32768-65535
udp max_buf rw 2097152 -- 2097152 65536-1073741824
udp recv_buf rw 57344 -- 57344 128-2097152
udp send_buf rw 57344 -- 57344 1024-2097152
udp smallest_anon_port rw 32768 -- 32768 1024-65535
udp smallest_nonpriv_port rw 1024 -- 1024 1024-32768
sctp cong_default rw newreno -- newreno newreno,cubic,
highspeed,vegas
sctp cong_enabled rw newreno,cubic, newreno,cubic, newreno newreno,cubic,
highspeed, highspeed, highspeed,vegas
vegas vegas
sctp extra_priv_ports rw 2049,4045 -- 2049,4045 1-65535
sctp largest_anon_port rw 65535 -- 65535 32768-65535
sctp max_buf rw 1048576 -- 1048576 102400-1073741824
sctp recv_buf rw 102400 -- 102400 8192-1048576
sctp send_buf rw 102400 -- 102400 8192-1048576
sctp smallest_anon_port rw 32768 -- 32768 1024-65535
sctp smallest_nonpriv_port rw 1024 -- 1024 1024-32768
# ipadm show-addrprop
ADDROBJ PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE
lo0/v4 broadcast r- -- -- -- --
lo0/v4 deprecated rw off -- off on,off
lo0/v4 prefixlen rw 8 8 8 1-30,32
lo0/v4 private rw off -- off on,off
lo0/v4 reqhost r- -- -- -- --
lo0/v4 transmit rw on -- on on,off
lo0/v4 zone rw global -- global --
nge0/v4 broadcast r- 209.xxx.xxx.255 -- 209.xxx.xxx.255 --
nge0/v4 deprecated rw off -- off on,off
nge0/v4 prefixlen rw 25 25 24 1-30,32
nge0/v4 private rw on on off on,off
nge0/v4 reqhost r- -- -- -- --
nge0/v4 transmit rw on -- on on,off
nge0/v4 zone rw global -- global --
vnic0/inside broadcast r- 10.4.0.255 -- 10.255.255.255 --
vnic0/inside deprecated rw off -- off on,off
vnic0/inside prefixlen rw 24 24 8 1-30,32
vnic0/inside private rw off -- off on,off
vnic0/inside reqhost r- -- -- -- --
vnic0/inside transmit rw on -- on on,off
vnic0/inside zone rw global -- global --
tun0/v4 broadcast r- -- -- -- --
tun0/v4 deprecated rw off -- off on,off
tun0/v4 prefixlen rw -- -- -- --
tun0/v4 private rw off -- off on,off
tun0/v4 reqhost r- -- -- -- --
tun0/v4 transmit rw on -- on on,off
tun0/v4 zone rw global -- global --
ipadm show-ifprop
IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE
nge0 arp ipv4 rw on -- on on,off
nge0 forwarding ipv4 rw off off off on,off
nge0 metric ipv4 rw 0 -- 0 --
nge0 mtu ipv4 rw 1500 -- 1500 68-1500
nge0 exchange_routes ipv4 rw on -- on on,off
nge0 usesrc ipv4 rw none -- none --
nge0 forwarding ipv6 rw off -- off on,off
nge0 metric ipv6 rw 0 -- 0 --
nge0 mtu ipv6 rw 1500 -- 1500 1280-1500
nge0 nud ipv6 rw on -- on on,off
nge0 exchange_routes ipv6 rw on -- on on,off
nge0 usesrc ipv6 rw none -- none --
nge0 group ip rw -- -- -- --
nge0 standby ip rw off -- off on,off
vnic0 arp ipv4 rw on -- on on,off
vnic0 forwarding ipv4 rw on on off on,off
vnic0 metric ipv4 rw 0 -- 0 --
vnic0 mtu ipv4 rw 1500 -- 1500 68-1500
vnic0 exchange_routes ipv4 rw on -- on on,off
vnic0 usesrc ipv4 rw none -- none --
vnic0 group ip rw -- -- -- --
vnic0 standby ip rw off -- off on,off
tun0 arp ipv4 rw off -- on on,off
tun0 forwarding ipv4 rw on on off on,off
tun0 metric ipv4 rw 0 -- 0 --
tun0 mtu ipv4 rw 1402 -- 1402 68-65515
tun0 exchange_routes ipv4 rw on -- on on,off
tun0 usesrc ipv4 rw none -- none --
tun0 group ip rw -- -- -- --
tun0 standby ip rw off -- off on,off
Edited by: user1233039 on Jun 20, 2012 9:18 AMI have established a IPSEC VPN tunnel between my remote solaris 11 and office Sonicwall router using Site to Site. Everything works fine if the traffic initiates from the Solaris side. However when I try to ping or any network services like nfs,ssh, samb, etc. on the remote solaris box from our office. The server does NOT respond to the incoming packets but packets are going through the tunnel and appears on the remote end when I do snoop –d tun0 and snoop –I vnic0. What I do notice is that snoop –d vnic0 shows no packets and it doesn’t seem to get any traffic at all (see netstat –rn). Could it be my routing table? Ip zones? Any ideas? I followed the Oracle Documents very carefully and with extra help from other extern Solaris 11 admin sites. I know people would suggest using OpenSwan or OpenVPN but this setup should work.
Here is the network info on my IPSEC VPN setup. Tunnel is configured in Transport Mode and IPSEC/IKE is working fine.
Solaris 11 vnic0/10.4.0.1/24, external Internet Nic is nge0/209.xxx.xxx.194/25
# dladm show-link
LINK CLASS MTU STATE OVER
nge0 phys 1500 up --
tun0 iptun 1402 up --
vnic0 vnic 1500 up nge0
# dladm show-iptun
LINK TYPE FLAGS LOCAL REMOTE
tun0 ipv4 s- 209.xxx.xxx.194 64.xxx.xxx.34
# ipadm show-if
IFNAME CLASS STATE ACTIVE OVER
lo0 loopback ok yes --
nge0 ip ok yes --
vnic0 ip ok yes --
tun0 ip ok yes --
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
nge0/v4 static ok 209.xxx.xxx.194/25
vnic0/inside static ok 10.4.0.1/24
tun0/v4 static ok 10.4.0.1->172.20.0.1
lo0/v6 static ok ::1/128
# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
default 209.xxx.xxx.129 UG 6 16874898 nge0
10.4.0.0 10.4.0.1 U 2 0 vnic0
10.181.0.0 172.20.0.1 UGS 3 16862235 tun0
127.0.0.1 127.0.0.1 UH 2 1786 lo0
172.20.0.1 10.4.0.1 UH 3 16862235 tun0
Routing Table: IPv6
Destination/Mask Gateway Flags Ref Use If
::1 ::1 UH 2 42 lo0
# routeadm
Configuration Current Current
Option Configuration System State
IPv4 routing disabled disabled
IPv6 routing disabled disabled
IPv4 forwarding disabled disabled
IPv6 forwarding disabled disabled
Routing services "route:default ripng:default"
Routing daemons:
STATE FMRI
disabled svc:/network/routing/ripng:default
disabled svc:/network/routing/rdisc:default
disabled svc:/network/routing/route:default
disabled svc:/network/routing/legacy-routing:ipv4
disabled svc:/network/routing/legacy-routing:ipv6
online svc:/network/routing/ndp:default
Solaris># ping 10.181.1.218
10.181.1.218 is alive
C:\>ping 10.4.0.1
Pinging 10.4.0.1 with 32 bytes of data:
Request timed out.
Request timed out.
# snoop -d tun0 10.181.1.218
Using device tun0 (promiscuous mode)
10.181.1.218-> 10.4.0.1 ICMP Echo request (ID: 1 Sequence number: 33) (1 encap)
10.181.1.218-> 10.4.0.1 ICMP Echo request (ID: 1 Sequence number: 34) (1 encap)
# snoop -I vnic0 10.181.1.218
Using device ipnet/vnic0 (promiscuous mode)
10.181.1.218-> 10.4.0.1 ICMP Echo request (ID: 1 Sequence number: 36)
10.181.1.218-> 10.4.0.1 -i ICMP Echo request (ID: 1 Sequence number: 37)
# ipadm show-prop
PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE
ipv4 forwarding rw off off off on,off
ipv4 ttl rw 255 -- 255 1-255
ipv6 forwarding rw off -- off on,off
ipv6 hoplimit rw 255 -- 255 1-255
ipv6 hostmodel rw weak -- weak strong,
src-priority,
weak
ipv4 hostmodel rw strong strong weak strong,
src-priority,
weak
icmp max_buf rw 262144 -- 262144 65536-1073741824
icmp recv_buf rw 8192 -- 8192 4096-262144
icmp send_buf rw 8192 -- 8192 4096-262144
tcp cong_default rw newreno -- newreno newreno,cubic,
highspeed,vegas
tcp cong_enabled rw newreno,cubic, newreno,cubic, newreno newreno,cubic,
highspeed, highspeed, highspeed,vegas
vegas vegas
tcp ecn rw passive -- passive never,passive,
active
tcp extra_priv_ports rw 2049,4045 -- 2049,4045 1-65535
tcp largest_anon_port rw 65535 -- 65535 32768-65535
tcp max_buf rw 1048576 -- 1048576 128000-1073741824
tcp recv_buf rw 128000 -- 128000 2048-1048576
tcp sack rw active -- active never,passive,
active
tcp send_buf rw 49152 -- 49152 4096-1048576
tcp smallest_anon_port rw 32768 -- 32768 1024-65535
tcp smallest_nonpriv_port rw 1024 -- 1024 1024-32768
udp extra_priv_ports rw 2049,4045 -- 2049,4045 1-65535
udp largest_anon_port rw 65535 -- 65535 32768-65535
udp max_buf rw 2097152 -- 2097152 65536-1073741824
udp recv_buf rw 57344 -- 57344 128-2097152
udp send_buf rw 57344 -- 57344 1024-2097152
udp smallest_anon_port rw 32768 -- 32768 1024-65535
udp smallest_nonpriv_port rw 1024 -- 1024 1024-32768
sctp cong_default rw newreno -- newreno newreno,cubic,
highspeed,vegas
sctp cong_enabled rw newreno,cubic, newreno,cubic, newreno newreno,cubic,
highspeed, highspeed, highspeed,vegas
vegas vegas
sctp extra_priv_ports rw 2049,4045 -- 2049,4045 1-65535
sctp largest_anon_port rw 65535 -- 65535 32768-65535
sctp max_buf rw 1048576 -- 1048576 102400-1073741824
sctp recv_buf rw 102400 -- 102400 8192-1048576
sctp send_buf rw 102400 -- 102400 8192-1048576
sctp smallest_anon_port rw 32768 -- 32768 1024-65535
sctp smallest_nonpriv_port rw 1024 -- 1024 1024-32768
# ipadm show-addrprop
ADDROBJ PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE
lo0/v4 broadcast r- -- -- -- --
lo0/v4 deprecated rw off -- off on,off
lo0/v4 prefixlen rw 8 8 8 1-30,32
lo0/v4 private rw off -- off on,off
lo0/v4 reqhost r- -- -- -- --
lo0/v4 transmit rw on -- on on,off
lo0/v4 zone rw global -- global --
nge0/v4 broadcast r- 209.xxx.xxx.255 -- 209.xxx.xxx.255 --
nge0/v4 deprecated rw off -- off on,off
nge0/v4 prefixlen rw 25 25 24 1-30,32
nge0/v4 private rw on on off on,off
nge0/v4 reqhost r- -- -- -- --
nge0/v4 transmit rw on -- on on,off
nge0/v4 zone rw global -- global --
vnic0/inside broadcast r- 10.4.0.255 -- 10.255.255.255 --
vnic0/inside deprecated rw off -- off on,off
vnic0/inside prefixlen rw 24 24 8 1-30,32
vnic0/inside private rw off -- off on,off
vnic0/inside reqhost r- -- -- -- --
vnic0/inside transmit rw on -- on on,off
vnic0/inside zone rw global -- global --
tun0/v4 broadcast r- -- -- -- --
tun0/v4 deprecated rw off -- off on,off
tun0/v4 prefixlen rw -- -- -- --
tun0/v4 private rw off -- off on,off
tun0/v4 reqhost r- -- -- -- --
tun0/v4 transmit rw on -- on on,off
tun0/v4 zone rw global -- global --
ipadm show-ifprop
IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE
nge0 arp ipv4 rw on -- on on,off
nge0 forwarding ipv4 rw off off off on,off
nge0 metric ipv4 rw 0 -- 0 --
nge0 mtu ipv4 rw 1500 -- 1500 68-1500
nge0 exchange_routes ipv4 rw on -- on on,off
nge0 usesrc ipv4 rw none -- none --
nge0 forwarding ipv6 rw off -- off on,off
nge0 metric ipv6 rw 0 -- 0 --
nge0 mtu ipv6 rw 1500 -- 1500 1280-1500
nge0 nud ipv6 rw on -- on on,off
nge0 exchange_routes ipv6 rw on -- on on,off
nge0 usesrc ipv6 rw none -- none --
nge0 group ip rw -- -- -- --
nge0 standby ip rw off -- off on,off
vnic0 arp ipv4 rw on -- on on,off
vnic0 forwarding ipv4 rw on on off on,off
vnic0 metric ipv4 rw 0 -- 0 --
vnic0 mtu ipv4 rw 1500 -- 1500 68-1500
vnic0 exchange_routes ipv4 rw on -- on on,off
vnic0 usesrc ipv4 rw none -- none --
vnic0 group ip rw -- -- -- --
vnic0 standby ip rw off -- off on,off
tun0 arp ipv4 rw off -- on on,off
tun0 forwarding ipv4 rw on on off on,off
tun0 metric ipv4 rw 0 -- 0 --
tun0 mtu ipv4 rw 1402 -- 1402 68-65515
tun0 exchange_routes ipv4 rw on -- on on,off
tun0 usesrc ipv4 rw none -- none --
tun0 group ip rw -- -- -- --
tun0 standby ip rw off -- off on,off
Edited by: user1233039 on Jun 20, 2012 9:18 AM -
WRT120N - DMZ works, port forwarding doesn't work; only one device allowed in DMZ
Hi,
I have an WRT120N router and two DVRs. I can get either one of the DVRs to work just fine if I put it in the DMZ. Neither one works when I enable port forwarding. Since I cannot have two devices in the DMZ with this router, I cannot use that approach (throwing them in the DMZ) as a viable solution.
I need help finding out what I am doing incorrectly with the port forwarding. Basically I am creating an entry for each port of each device, going to the correct IP address of that device. I have tried both protocols as well as just TCP. This does not work. Just for fun, I tried using the port range forwarding and this does not work either. The only thing that works is if I throw either of the devices in the DMZ.
So what I have essentially is this:
DEVICE1 / 192.168.0.120 (internal) / PORT 999 / works great in DMZ but not in port fwd
DEVICE2 / 192.168.0.121 (internal) / PORT 456 / works great in DMZ but not in port fwd
I have used Wireshark from a remote computer to observe what happens when I navigate to the URL that I need, such as http://myjunk.ddnsprovider.xyz:999 (where 999 is the port on which the device in question serves). I don't see anything out of the ordinary. (I assume there is no way to run a packet sniffer on the router.) (Can we "telnet" into the router, btw?)
So either I am doing something wrong, or there is a need for a router software update, or the router is blocking some other protocol, etc. Help is much appreciated! BTW, tried with the router firewall off, too. No go.
Regards,
MikeWhats the current firmware installed on your router? Have you tried to upgrade the firmware on your Router?
-
Vertical scrolls only one direction
First, I found the vertical scrolling was in reverse. After going through system preference->mouse and check the "move content in the direction of finger movement when scrolling or navigating" I got it to move to the direction I want (i.e. as before).
Now for some reason, I can only scroll to one vertical direction regardless how I rotate the mouse center button. It is so annoying that I have to click on the vertical bar and move it while holding the mouse down. Any help on fixing this is appreciated.I fixed it, all I need to do is press the little center button down hard while rolling it around. Maybe there was some dirt stuck in the ball. I am good now.
-
How to make a pop up window resizeable in ONLY ONE direction
hi i have to open a pop up window whose horizontal resizeable option is to be disabled and ONLY the vertical resizeable option should be available. i browsed for a code but its not working properly.
====================================
<html>
<head>
<title>fix horizontal</title>
<script language="JavaScript">
var fixedWidth;
function getH() {
if (document.body && document.body.clientWidth)
fixedWidth = document.body.clientWidth;
else if (window.outerWidth)
fixedWidth = window.outerWidth;
function resize() {
if (document.body && document.body.clientWidth)
document.body.clientWidth = fixedWidth;
else if (window.outerWidth)
window.outerWidth = fixedWidth;
</script>
</head>
<body onLoad="getH()" onResize="resize()">
...<Body Contents>
</body>
</html>
============================================
The problem with this code is that the
document.body.clientWidth = fixedWidth;
line shows an error saying that "Object doesn't support this action"
can anyone help me out with this?Just so nobody else misses it...
| | __ ___ ____ _ | |_____
_ | |/ _` \ \ / / _` | | |_____|
| |_| | (_| |\ V / (_| | |_|_____|
\___/ \__,_| \_/ \__,_| (_)
| | __ ___ ____ _ ___ ___ _ __(_)_ __ | |_
_ | |/ _` \ \ / / _` / __|/ __| '__| | '_ \| __|
| |_| | (_| |\ V / (_| \__ \ (__| | | | |_) | |_
\___/ \__,_| \_/ \__,_|___/\___|_| |_| .__/ \__|
|_|wishful thinking, I suppose... (no offense to the OP, but we get this a lot). -
ICloud calendar syncing working only one direction. help
I'm using iCloud to sync with my calendar. However, I can only see the events that I post using my laptop. I can't see the appointments I create directly from my iPhone. Can anyone help me figure this out?
You don't say what version of Outlook you are using, but see if this article helps: http://office.microsoft.com/en-us/outlook-help/synchronize-outlook-and-apple-iph one-or-ipod-touch-contacts-HA010266802.aspx
-
(This has also been posted on the websites forum)
Hi,
I have been asked to configure the firewall on the SQL PaaS instance to only allow traffic from a specified PaaS website that is within the same subscription. I can't see any way to set a static internal IP for the website, is there a way to identify it
for the purpose of the SQL Database firewall rule?
Thanks,
KarinaYou're right, KG! Sorry.
This article mentions a reserved-IP:
https://msdn.microsoft.com/en-us/library/azure/dn690120.aspx
It specifically mentions your scenario:
You want to ensure that outbound traffic from Azure uses a predictable IP address. You may have your firewall configured to allow only traffic from specific IP addresses. By reserving a VIP, you will know the source IP address and won’t
have to update your firewall rules due to a VIP change. This is especially helpful if you want to configure your firewall before you create your cloud service.
The only thing I'm not confident on would be if it works with Azure Websites - it does mention cloud services, though. If you have further questions, I can give a shot myself and see if I can get a working example. -
SQL firewall rule to restrict traffic from only one Azure PaaS website
Hi,
I have been asked to configure the firewall on the SQL PaaS instance to only allow traffic from a specified PaaS website that is within the same subscription. I can't see any way to set a static internal IP for the website, is there a way to identify it
for the purpose of the SQL Database firewall rule?
Thanks,
KarinaHi Karina,
If you used Azure Vm, you could set ta static internal IP for your VM. And you can host your website on VM.https://msdn.microsoft.com/en-us/library/azure/dn630228.aspx
But for Azure Website service, I think you may not set the internal IP. But I think you can try to add the website server into your allow rule list if you used the basic or standard mode website.
BTW, I suggest you can post this issue on SQL Azure forum for more helps:
https://social.msdn.microsoft.com/forums/azure/en-US/home?forum=ssdsgetstarted
Regards,
Will
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Mac Mini display is too large for screen on only one user account
Okay, so I left my two year olds alone for a minute playing the "alphabet game" on my Mac Mini. They only had the keyboard, no mouse but managed to muck up my display leaving me a bit frustrated. The screen is now too large for my Samsung display. The only way to see everything (dock, top bar, etc) is to move my mouse arrow to the end of my display and see it roll back onto the page. I've checked the settings there and they are fine. The MacBook Pro plugs right in and is proper resolution. So I then wondered if another account on the Mac Mini would do the same thing. I logged out of my Admin account and into another and everything looks just dandy. I log back into my Admin account and it's too large and blurry again. The resolution is set correct at 1920x1080 at 60 Hz.
What button did they push on my keyboard that would do this and how do I get it back?? Aargh! Thanks all!Ha, figured it out myself from another discussion forum finally. Thoght I'd share in case anyone else runs into this. They must have hit "Zoom" by htting the "Control" and scroll buttons at the same time..
Resolution:
You can zoom out by holding down the Option and Command buttons on the keyboard and, while you hold them down, pressing the - key. -
Contacts syncing in only one direction
If I add a contact into outlook it will instantly (almost) sync with my phone. The problem is that if I add a contact into my phone, it will never syn with outlook. My calendar will sync in both directions and I have iControl panel downloaded and "Mail, Contacts...." has been selected.
What am I doing wrong?You don't say what version of Outlook you are using, but see if this article helps: http://office.microsoft.com/en-us/outlook-help/synchronize-outlook-and-apple-iph one-or-ipod-touch-contacts-HA010266802.aspx
-
Two 2TB internal drives in tandem for Time Machine; only one backup deletes.
I'm using two 2TB internal drives in tandem for Time Machine and deleted some backups while in Time Machine. They deleted from drive A, but drive B still has the files. Is there a way to delete these? I tried unmounting drive A in Disk Utility but then I can't enter Time Machine.
I love the dual backups, but should I be able to do dual deletes of all backups? I don't see a way to accomplishg this except to force Time Machine to do a backup, then do that again so it switches drives, but that seems a bit convoluted.
If one of you guru types has an answer I'd be most interested.
Thanks.
Mike
Mac Pro 3.1 8 Core ML.3You can manually deal with this by using the "Browse Other Backup Disks" function which is accessed via holding the opt/alt key and while selecting the TM icon in the menu bar.
You can then delete the instances of the desired files in each backup set.
Not elegant, but I wouldn't expect that this will be done automatically, as there are a lot of permutations of how you use multiple backup sets. -
Problem with siptrink, call only one direction
i need help, i created a sip trunk with other sip server, but the cme give this error:
070846: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
Received:
INVITE sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 54.207.30.33:5080;rport;branch=z9hG4bKD7U28atZZ6r7B
Max-Forwards: 69
From: "Extension 1000" <sip:[email protected]>;tag=Br453j6KcmKFN
To: <sip:[email protected]>
Call-ID: ef0174b1-5735-1233-6ebd-02585e7b1bc5
CSeq: 73838188 INVITE
Contact: <sip:[email protected]:5080;transport=udp;gw=aerosan>
User-Agent: FreeSWITCH-mod_sofia/1.4.18+git~20150312T185523Z~4eed221b69~64bit
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY
Supported: timer, path, replaces
Allow-Events: talk, hold, conference, refer
Content-Type: application/sdp
Content-Disposition: session
Content-Length: 223
X-FS-Support: update_display,send_info
Remote-Party-ID: "Extension 1000" <sip:[email protected]>;party=calling;screen=yes;privacy=off
v=0
o=FreeSWITCH 1428321972 1428321973 IN IP4 54.207.30.33
s=FreeSWITCH
c=IN IP4 54.207.30.33
t=0 0
m=audio 26532 RTP/AVP 0 101 13
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
070847: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
Sent:
SIP/2.0 488 Not Acceptable Media
Via: SIP/2.0/UDP 54.207.30.33:5080;rport;branch=z9hG4bKD7U28atZZ6r7B
From: "Extension 1000" <sip:[email protected]>;tag=Br453j6KcmKFN
To: <sip:[email protected]>;tag=3888E968-22ED
Date: Mon, 06 Apr 2015 19:23:05 GMT
Call-ID: ef0174b1-5735-1233-6ebd-02585e7b1bc5
CSeq: 73838188 INVITE
Allow-Events: telephone-event
Warning: 304 200.111.156.150 "Media Type(s) Unavailable"
Reason: Q.850;cause=65
Server: Cisco-SIPGateway/IOS-12.x
Content-Length: 0
the sip trunk configuration:
dial-peer voice 3611 voip
permission orig
description aws
huntstop
preference 1
destination-pattern 100.
session protocol sipv2
session target ipv4:54.207.30.33:5080
incoming called-number 1000
voice-class codec 2
no vad
the voice configuration:
voice service voip
address-hiding
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
no supplementary-service h450.2
supplementary-service h450.12
sip
voice class codec 2
codec preference 1 g711ulaw
voice class codec 1
codec preference 1 g711ulaw
please help meOn the second question...
If the videos are multiplexed MPEG files then the audio and the video are muxed onto the same track. QuickTime, and therefore any application that uses QT like iTunes, the iPod, iMovie (Mac app), etc. expect two separate tracks, one video and one audio. So when you play these muxed files, the video is played and the audio is not heard.
So you need to do a conversion on the file first. MPEG Streamclip is a popular one that comes in both Mac and Windows versions and is known to "repair" this problem.
See this other link for other applications that might be able to do the same thing. But your root cause is the muxed MPEG files.
GUIDES TO: Converting Video for iPod - Mac & Window
http://forums.ilounge.com/showthread.php?s=&threadid=123067
Patrick
Maybe you are looking for
-
How do I resolve an apparent PSD file conflict
I upgraded from CS5 to CS6 when it was released. A couple of weeks ago I uninstalled both CS5 and an old version of Photoshop Elements v7 that had been on my machine. Even though I use CS6 I just noticed that when I look for or open a PSD file from
-
Can any body please tell me briefly about what are the different places we use cascading style sheets
-
well my question is packaging a java programe? i have made a small java stand alone application and a i want to install on the client site. now the question is that the client dont want to install other softwares like jdk or sdk. these things should
-
Stop Static Block Execution while loading class
Hi, I want to load one class using Class. forname method. But with one condition that It should not execute static body of class.
-
I did not find any reports in my Dasyboard
hi all In Administration mode i have created few reports in my dashboard. wen i login with administrator i can see the reports. but if i login with an use that time reports are not appearing in my dashboard.. but as a user i can see all the reports i