Problem with ipv6 over pppoe

Dear Sir/Madam,
I am using ISP that assign me ipv6 by pppoe connection. I dont have any problem with windows and by creating pppoe connection everything works correctly but in os mavericks I don't get ipv6 automatically while I set configure IPv6 automatically in my network preferences.
It is very important for me because I want to switch IPv6 in my mac.
Best Regards,
Massoud

It works if I set manually but I think because there is no option for receive ip via ppp and the pppoe connection can not receive ipv6 automatically same as ipv4.

Similar Messages

PIX515e dual-stack ipv4 & ipv6 over PPPoE

Hi Everyone,
In short: I am trying to get ipv4 and ipv6 over PPPoE running on my PIX515e.
Heres a bit more info about my setup and the scenario:
My internet provider (residential) has offered me a dual-stack service on my ADSL.
I get a STATIC ipv4 address, but a DYNAMIC ipv6 address. Additionally I get a STATIC ipv6 /56 prefix for my lan "if my router supports prefix delegation".
My PIX is the 515e and its running PIX 7.2(4) with ASDM 5.2.
Getting the ipv4 side of it working isnt an issue - ive configured the pppoe side of it with my username and password, and configured my outside interface (Ethernet 0) with the ipv4 address.
But I cannot figure out how to get a dynamic ipv6 address on the outside (Ethernet 0) interface.
At this stage all I care about is getting a dynamic ipv6 address on Ethernet 0. I dont care about the "lan" prefix or Prefix Delegation part of it because I figure I'll just NAT my lan ipv6 addresses out to the internet using the dyanmic ipv6 address on the outside interface.
Ive read a lot of articles and looked at a lot of examples but none quite explain what im trying to do.
I have enabled ipv6 on the outside interface - ipv6 enable
and ive looked at ipv6 address and ive found the autoconfigure option but that doesnt appear to fetch the ipv6 address from my internet provider.
I guess im expecting to see something like ipv6 address dhcp or ipv6 address pppoe
So my question is does anyone know how I can get dual-stack working on my outside interface with dynamically assigned ipv6 from pppoe.
Or do i need to update the PIX software on my device. If so, can anyone suggest which version?
Any help is greately appreciated.

I wanted to provide an update on this topic. It turns out the traffic class that I was testing with was overlapping another class's match statement, which had a much lower bandwidth percentage.
After making the corrections, it seems the IPv4 and IPv6 work very well together in the queues. And now that you can run fair-queueing per class, I'm actually impressed with how well it is working.
Now if only I could classify traffic based on the number of packets/bytes seen in netflow.... then I could shape some really nice QoS policies!

Problem with IPV6 Firewall since firmware 7.6.1

I have problem with IPV6 Firewall (port forwarding using a HE tunnel) since firmware 7.6.1 upgrade, IPV6 oubound is working, but ports are not forwarding to my local IPV6 adress, have used IPV6 Firewall, and it worked before
Ant sugesttions, solutions?

Go back one firmware version into release 7.6
I had similar problems with an IPv6 tunnel not working anymore after the 7.6.1 upgrade.
When I 'rolled' back to 7.6, my IPv6 tunnel came back working.
I also use the old Airport Express application on my OS/X, the new one with the globe on the black screen is missing IPv6 tabs in the application..

Problem with mouse-over value on a column chart (by Series)

Hi.
First of all thanks for any offered tip.
I am having a problem with a column chart.
When I move the mouse over a column it should show a small pop-up (or tip) with the column name (series name) and the value (series value). The problem is that it displays an extra '1' just like the following:
SeriesName
1
X.XXX
How can I remove the extra '1' and only show the name and the value ?
The data is populated by series (manually added).
Mihai.

Hi,
Thanks for the tip Shanthakumar KA.
Yes. It looks like the '1' is coming from the X Axis labels. The chart that I have built does not require any labels on the X Axis, so this was not set (X-Axis labels: Empty). I tried setting this to an empty cell, but the '1' still appears in the mouse-over tip.
It is very weird. If I leave the X-Axis labels empty, I still get the '1' displayed which is very annoing.
Are there any solutions for this except the re-building the tip with a label a.k.a. '[customize the mouse over values|http://xcelsiusandme.blogspot.com/2009/07/xm-sample-7-customizing-mouse-over.html].'
Regards,
Mihai.

Best practice of deployment IPv6 over PPPoE

Hello colleagues!
IOS XE Version: 03.09
I have following configuration on AC:
ipv6 dhcp iana-route-add
ipv6 dhcp pool 3PoE
prefix-delegation pool PD lifetime 120 120
address prefix 2aXX:5CC0:BC35::/64
dns-server 2aXX:5CC0:DC1::DC1
dns-server 2aXX:5CC0:DC2::DC2
interface Loopback1000
no ip address
ipv6 address 2AXX:5CC0:DD::35/128
interface Virtual-Template10
ipv6 unnumbered Loopback1000
ipv6 enable
ipv6 mtu 1492
ipv6 nd ns-interval 1000
ipv6 nd prefix default no-advertise
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ipv6 dhcp server 3PoE
no peer default ip address
peer default ipv6 pool 3PoE
ppp authentication pap chap dialup_ppp
ppp authorization dialup_ppp
ppp accounting dialup_ppp
ipv6 local pool 3PoE 2AXX:5CC0:BB35::/48 64
ipv6 local pool PD 2AXX:5CC0:BD35::/48 64
I have a problem with Win 7
I have no problem with Win VISTA
Win 7
adapter PPP helpdesk:
   DNS-суффикс подключения . . . . . : x.net
   IPv6-address. . . . . . . . . . . . : 2aXX:5cc0:bc35:0:95d0:60fb:5799:f910
   Локальный IPv6-адрес канала . . . : fe80::f44f:4ca7:6194:402a%42
   Default Gateway. . . . . . . . . : fe80::21e:bdff:feb4:2a00%42
ping -6 google.com
Обмен пакетами с google.com [2a00:1450:4010:c04::65] с 32 байтами данных:
Request time out.
Win 7 doesn't install default v6 route
it doesn't work!
Win VISTA
adatper PPP helpdesk:
   DNS-суффикс подключения . . . . . : x.net
   IPv6-address. . . . . . . . . . . . : 2aXX:5cc0:bc35:0:a187:6000:5062:571d
   Локальный IPv6-адрес канала . . . : fe80::aca7:9849:dee9:d31f%24
   Default Gateway. . . . . . . . . : fe80::21e:bdff:feb4:2a00%24
ping -6 google.com
Обмен пакетами с google.com [2a00:1450:4010:c04::8b] с 2aXX:5cc0:bc35:0:a187:6000:5062:571d with 32 bytes of data:
Reply from 2a00:1450:4010:c04::8b: time=55ms
Reply from 2a00:1450:4010:c04::8b: time=66ms
Reply from 2a00:1450:4010:c04::8b: time=53ms
It works!
r35#show ipv6 static
IPv6 Static routes Table - default
Codes: * - installed in RIB, u/m - Unicast/Multicast only
       U - Per-user Static route
       N - ND Static route
       M - MIP Static route
       P - DHCP-PD Static route
       R - RHI Static route
*A 2AXX:5CC0:BC35:0:95D0:60FB:5799:F910/128 via FE80::F44F:4CA7:6194:402A, Virtual-Access1.1, distance 1   ==== Win 7
*A 2AXX:5CC0:BC35:0:A187:6000:5062:571D/128 via FE80::ACA7:9849:DEE9:D31F, Virtual-Access1.2, distance 1 ==== Win VISTA
r35#ping 2AXX:5CC0:BC35:0:95D0:60FB:5799:F910 - Win 7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2AXX:5CC0:BC35:0:95D0:60FB:5799:F910, timeout is 2 seconds:
r35#ping 2AXX:5CC0:BC35:0:A187:6000:5062:571D - Vista
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2AXX:5CC0:BC35:0:A187:6000:5062:571D, timeout is 2 seconds:
Success rate is 0 percent (5/5)
I checked on 2 PC with win 7 and problem the same.
Can anyone help with work configuration for end hosts and CPE the same time.
PS. I was trying this configuration on router 2851 with latest IOS. The problem was the same.

with
ipv6 nd managed-config-flag
netsh interface ipv6>show route
Публикация Тип      Мет Префикс                    Инд Имя шлюза/интерфейса
Нет      Вручную   16   ::/0                       43 fe80::21e:bdff:feb4:2a00
Нет      Вручную   256 ::1/128                     1 Loopback Pseudo-Interface
1
Да       Вручную   1000 2002::/16                  17 6TO4 Adapter
Нет      Вручную   256 2002:c0a7:23::/128         17 6TO4 Adapter
Нет      Вручную   256 2002:c0a7:23::c0a7:23/128   17 6TO4 Adapter
Нет      Вручную   8    2a00:5cc0:bb35:2::/64      43 helpdesk
Нет      Вручную   256 2a00:5cc0:bb35:2:f44f:4ca7:6194:402a/128   43 helpdesk
Нет      Вручную   256 2a00:5cc0:bc35:6de8:8605:a271:a692:16d3/128   43 helpdesk
without
ipv6 nd managed-config-flag
netsh interface ipv6>show route
Публикация Тип      Мет Префикс                    Инд Имя шлюза/интерфейса
Нет      Вручную   256 ::/0                       43 fe80::221:a0ff:fe9b:c220
Нет      Вручную   256 ::1/128                     1 Loopback Pseudo-Interface
1
Да       Вручную   1000 2002::/16                  17 6TO4 Adapter
Нет      Вручную   256 2002:c0a7:23::/128         17 6TO4 Adapter
Нет      Вручную   256 2002:c0a7:23::c0a7:23/128   17 6TO4 Adapter
Нет      Вручную   8    2a00:5cc0:bb36:3::/64      43 helpdesk
Нет      Вручную   256 2a00:5cc0:bb36:3:f44f:4ca7:6194:402a/128   43 helpdesk
In any case I have only default route.
In first case it doesn't work.
We found work combination for host clients and cpe (asus RT-N10U)
interface Virtual-Template10
ip unnumbered Loopback100
ip mtu 1492
no peer default ip address
peer default ipv6 pool 3PoE
ipv6 unnumbered Loopback1000
ipv6 enable
ipv6 mtu 1492
ipv6 nd ns-interval 1000
ipv6 nd other-config-flag
ipv6 dhcp server 3PoE rapid-commit
ppp authentication pap chap dialup_ppp
ppp authorization dialup_ppp
ppp accounting dialup_ppp
ipv6 dhcp pool 3PoE
prefix-delegation pool PD lifetime 120 120
address prefix 2A00:5CC0:BC36::/48
dns-server 2A00:5CC0:DC1::DC1
dns-server 2A00:5CC0:DC2::DC2
thx for link, helpful information.

Bandwith Problem with Flashes over Terminal Server

I get huge problems with viewing flash on Citrix Terminal
Server. Everytime a user opens up a website with Flashes in it, it
consumes the rest off the bandwith. This slows down all other user
on the site. This happens over RDP and ICA Connection. Microsoft
dont want to have a solution for this problem. they know it but...
. The same ist for Citrix. I hope that Adobe can give me an
acceptable solution. What can i do, to tune up Flashes over the
Terminal Server?
Thanks a lot for your help.

Leo,
What is your Vc version ? Also pls do check the SAP note 886209 if it helps in any way .
We had some deployment issues which were fixed using this .
Rgds

Problem with voicer over on IMAC

hello , I have some troubles with Voice over on my IMAC. I am blind and this function is really important for me. I use it for many applications, but my bank had currently changed the graphic of the website, voice over fails to interact with images and so i could not do operations. someone can help me?

I am having problems with my Intel iMac's Firewire 800 as well. I have two WD drives daisychained on the 800 port. After 6 months with no problems, and a few weeks after updating to Snow Leopard the second drive intermittently stopped mounting after sleep. The devices attached to the 400 port were OK. It got worse over a few weeks, and after over an hour on the phone to Apple support and multiple tests (eg linking two computers using target mode), the tech said it was an 800 port hardware problem. My iMac is just back from having the logic board replaced (200 km round trip!!), and it has happened again - the second drive "was not ejected properly" after waking from sleep and has not mounted. WD refuse to support daisychained devices, though I don't think the drives are faulty because I can get them to mount using USB. So, you could have a hardware problem, but it may be a Snow Leopard compatibility problem if you have recently updated - other discussion topics have reported similar problems with firewire drives after updating to Snow Leopard.

Problem with LUNs over Fiber

We have recently installed a SAN but are having a few problems with the Solaris machines we are trying to connect to it.
Hardware: LSI SAN with dual controler and 3 trays of 6x73Gb disks. Brocade fiber switch. A Sun V880 and a Sun E420 both with LSI40919O 2gb fiber cards. Both Solaris machines have resonably upto date patch clusters on them.
I can create volumes on the SAN, create LUNs on these volumes, map them to individual hosts, and (assuming the relevant entries were in /kernel/drv/ssd.conf at boot time) I can see the LUNs when I run the 'format' command on the Solaris boxes. I can label, partition, format and mount slices from these disks.
The problems occur when I want to delete or change a mapping. When I do this (delete a mapping between a LUN and a host for instance), on the Solaris box no matter what I do the disk changes to "drive type unknown". Running devfsadm (or drvconfg; devlinks; disks) has no effect. The disk is not manually configurable (it's not there after all). Only a reboot (boot -r) will actually remove the incorrect entries.
Sample output from format:
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c0t0d0 <SUN18G cyl 7506 alt 2 hd 19 sec 248>
/pci@1f,4000/scsi@3/sd@0,0
1. c0t1d0 <SUN18G cyl 7506 alt 2 hd 19 sec 248>
/pci@1f,4000/scsi@3/sd@1,0
2. c4t0d0 <STK-OPENstorageD178-0530 cyl 2558 alt 2 hd 64 sec 64>
/pci@1f,2000/IntraServer,fc@1/ssd@0,0
3. c4t0d1 <STK-OPENstorageD178-0530 cyl 3070 alt 2 hd 64 sec 64>
/pci@1f,2000/IntraServer,fc@1/ssd@0,1
4. c4t0d2 <STK-OPENstorageD178-0530 cyl 2046 alt 2 hd 64 sec 64>
/pci@1f,2000/IntraServer,fc@1/ssd@0,2
5. c4t0d3 <STK-OPENstorageD178-0530 cyl 1534 alt 2 hd 64 sec 64>
/pci@1f,2000/IntraServer,fc@1/ssd@0,3
6. c4t0d4 <STK-OPENstorageD178-0530 cyl 1022 alt 2 hd 64 sec 64>
/pci@1f,2000/IntraServer,fc@1/ssd@0,4
7. c4t0d5 <drive type unknown>
/pci@1f,2000/IntraServer,fc@1/ssd@0,5
It is of course the last drive for which I removed the mapping. I can remake the mapping and the drive willonce again be available. I can add additional mappings and the new disks will be available (again assuming the relevent entry existed in /kernel/drv/ssd.conf at boot time). But any attempt to remove the mappings results in the above situation.
Sean Timmins

Have you tried luxadm remove <your_device> ?

Nice People HELP ME!!! IPv6 over PPPoE Configuration on Cisco 7206VXR

I have a 7206VXR which connects to a DSLAM via the router's ATM/DS3 interface. A CPE home router connects to the DSLAM. So it's like:
PC -----ethernet---- CPE Router ------ dsl line ------ DSLAM ----- atm/pppoe ------- BVI/Virtual-Template/PPPoE on Cisco 7206VXR
Now the problem is:
- PC CAN ping the BVI interface of Cisco, but NOT beyond that. For instance he can't ping 7206's loopback ipv6 address.
- I found something interesting on the CPE, that CPE itself can't ping BVI interface of Cisco, AND it doesn't have a default gateway ::/0 set on itself. I manually added a default router like "route -A inet6 add ::/0 gw <BVI's IPv6 addr>", and the problem got solved and PC can ping Cisco's loop back IP now. But this is not a solution since I want this thing to be automatically ready.
Note both CPE and PC are happy with global IPv6 addressed assigned.
I believe this problem is related to how PPPoE/IPCPv6 handles addresses and prefixes.
Ok, now some configuration details: I use 2001:7:7::/64 for the "WAN" side of CPE, and 2001:8:8::/64 for its LAN side (PCs). And here's the Cisco config (only related stuff is shown here):
ipv6 unicast-routing
ipv6 cef
ipv6 dhcp pool foo
prefix-delegation pool test
address prefix 2001:7:7::/64
bridge irb
bba-group pppoe global
virtual-template 2
sessions max limit 256
interface Loopback0
no ip address
ipv6 address 2001:9:9::1/64
ipv6 enable
interface Virtual-Template2
description Public PPP CHAP
mtu 1492
ip unnumbered BVI1
ip pim sparse-dense-mode
ip igmp version 3
ipv6 unnumbered BVI1
ipv6 enable
ipv6 mtu 1492
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ipv6 nd router-preference High
no ipv6 nd ra suppress
ipv6 dhcp server foo
peer default ip address dhcp-pool Public
peer default ipv6 pool test
ppp authentication chap
ppp pap refuse
interface BVI1
description Public IP ADSL
ip address 12.230.197.129 255.255.255.224
ip pim sparse-dense-mode
ip igmp version 3
ipv6 address 2001:7:7::1/64
ipv6 enable
ipv6 mtu 1492
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ipv6 nd router-preference High
no ipv6 nd ra suppress
ipv6 nd ra lifetime 60
ipv6 nd ra interval 40
ipv6 local pool test 2001:8:8::/56 64
NICE PEOPLE PLS HELP ME! ^_^

Thanks Andrew for your response and sorry for the confusion: actually I didn't include all my config lines. For bridging, actually I did what you mentioned and everything works fine with IPv4:
interface ATM1/0.3 multipoint
description Public DHCP
bridge-group 1
pvc 1/1060
encapsulation aal5snap
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip

Problem with traffic over Remote Access VPN (Cisco ASA5505)

Hi
I've changed the VPN IP pool on a previously functioning VPN setup on a Cisco ASA5505, I've updated IP addresses everywhere it seemed appropriate, but now the VPN is no longer working. I am testing with a Cisco IPSec client, but the same happens with the AnyConnect client. Clients connect, but cannot access resources on the LAN. Split tunneling also doesn't work, internet is not accessible once VPN is connected.
I found a NAT exempt rule to not be correctly specified, but after fixing this, the problem still persists.
: Saved:ASA Version 8.2(1) !hostname ciscoasadomain-name our-domain.comenable password xxxxxxxx encryptedpasswd xxxxxxxx encryptednamesname 172.17.1.0 remote-vpn!interface Vlan1 nameif inside security-level 100 ip address 10.1.1.2 255.0.0.0 !interface Vlan2 nameif outside security-level 0 pppoe client vpdn group adslrealm ip address pppoe setroute !interface Ethernet0/0 switchport access vlan 2!interface Ethernet0/1!interface Ethernet0/2!interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!ftp mode passiveclock timezone SAST 2dns domain-lookup insidedns domain-lookup outsidedns server-group DefaultDNS name-server 10.1.1.138 name-server 10.1.1.54 domain-name our-domain.comsame-security-traffic permit inter-interfacesame-security-traffic permit intra-interfaceobject-group network utobject-group protocol TCPUDP protocol-object udp protocol-object tcpaccess-list no_nat extended permit ip 10.0.0.0 255.0.0.0 remote-vpn 255.255.255.0 access-list split-tunnel standard permit 10.0.0.0 255.0.0.0 access-list outside_access_in extended permit tcp any interface outside eq https access-list outside_access_in extended permit tcp any interface outside eq 5061 access-list outside_access_in extended permit tcp any interface outside eq 51413 access-list outside_access_in extended permit udp any interface outside eq 51413 access-list outside_access_in extended permit tcp any interface outside eq 2121 access-list outside_access_in extended permit udp any interface outside eq 2121 access-list inside_access_out extended deny ip any 64.34.106.0 255.255.255.0 access-list inside_access_out extended deny ip any 69.25.20.0 255.255.255.0 access-list inside_access_out extended deny ip any 69.25.21.0 255.255.255.0 access-list inside_access_out extended deny ip any 72.5.76.0 255.255.255.0 access-list inside_access_out extended deny ip any 72.5.77.0 255.255.255.0 access-list inside_access_out extended deny ip any 216.52.0.0 255.255.0.0 access-list inside_access_out extended deny ip any 74.201.0.0 255.255.0.0 access-list inside_access_out extended deny ip any 64.94.0.0 255.255.0.0 access-list inside_access_out extended deny ip any 69.25.0.0 255.255.0.0 access-list inside_access_out extended deny tcp any any eq 12975 access-list inside_access_out extended deny tcp any any eq 32976 access-list inside_access_out extended deny tcp any any eq 17771 access-list inside_access_out extended deny udp any any eq 17771 access-list inside_access_out extended permit ip any any pager lines 24logging enablelogging asdm informationalmtu inside 1500mtu outside 1500ip local pool VPNPool 172.17.1.1-172.17.1.254icmp unreachable rate-limit 1 burst-size 1no asdm history enablearp timeout 14400global (outside) 1 interfacenat (inside) 0 access-list no_natnat (inside) 1 10.0.0.0 255.0.0.0static (inside,outside) tcp interface 5061 10.1.1.157 5061 netmask 255.255.255.255 static (inside,outside) tcp interface https 10.1.1.157 4443 netmask 255.255.255.255 static (inside,outside) tcp interface 51413 10.1.1.25 51413 netmask 255.255.255.255 static (inside,outside) udp interface 51413 10.1.1.25 51413 netmask 255.255.255.255 static (inside,outside) tcp interface 2121 10.1.1.25 2121 netmask 255.255.255.255 static (inside,outside) udp interface 2121 10.1.1.25 2121 netmask 255.255.255.255 access-group outside_access_in in interface outsidetimeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolutetimeout tcp-proxy-reassembly 0:01:00dynamic-access-policy-record DfltAccessPolicyaaa-server AD protocol ldapaaa-server AD (inside) host 10.1.1.138 ldap-base-dn dc=our-domain,dc=com ldap-scope subtree ldap-naming-attribute sAMAccountName ldap-login-password * ldap-login-dn cn=ciscoasa,cn=Users,dc=ourdomain,dc=com server-type auto-detectaaa authentication ssh console AD LOCALaaa authentication telnet console LOCAL http server enable 4343http 0.0.0.0 0.0.0.0 outsidehttp 10.0.0.0 255.0.0.0 insidehttp remote-vpn 255.255.255.0 insidesnmp-server host inside 10.1.1.190 community oursnmpsnmp-server host inside 10.1.1.44 community oursnmpno snmp-server locationno snmp-server contactsnmp-server community *****snmp-server enable traps snmp authentication linkup linkdown coldstartcrypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac crypto ipsec security-association lifetime seconds 28800crypto ipsec security-association lifetime kilobytes 4608000crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5crypto dynamic-map dyn1 1 set transform-set FirstSetcrypto dynamic-map dyn1 1 set reverse-routecrypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAPcrypto map mymap 1 ipsec-isakmp dynamic dyn1crypto map mymap interface outsidecrypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=ciscoasa crl configurecrypto ca trustpoint CA1 revocation-check crl none enrollment retry period 5 enrollment terminal fqdn ciscoasa.our-domain.com subject-name CN=ciscoasa.our-domain.com, OU=Department, O=Company, C=US, St=New York, L=New York keypair ciscoasa.key crl configurecrypto ca certificate chain ASDM_TrustPoint0 certificate xxxxxxx ... quitcrypto ca certificate chain CA1 certificate xxxxxxxxxxxxxx ... quit certificate ca xxxxxxxxxxxxx ... quitcrypto isakmp enable outsidecrypto isakmp policy 1 authentication rsa-sig encryption 3des hash md5 group 2 lifetime 86400crypto isakmp policy 5 authentication pre-share encryption 3des hash sha group 2 lifetime 86400crypto isakmp policy 10 authentication pre-share encryption des hash sha group 2 lifetime 86400ssh 10.0.0.0 255.0.0.0 insidessh timeout 5console timeout 0vpdn group adslrealm request dialout pppoevpdn group adslrealm localname username6@adslrealmvpdn group adslrealm ppp authentication papvpdn username username6@adslrealm password ********* store-localvpdn username username@adsl-u password ********* store-localvpdn username username2@adslrealm password ********* dhcpd auto_config outside!threat-detection basic-threatthreat-detection scanning-threatthreat-detection statistics access-listno threat-detection statistics tcp-interceptntp server x.x.x.x source outsidessl trust-point ASDM_TrustPoint0 outsidewebvpn port 4343 enable outside svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 1 svc image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2 svc image disk0:/anyconnect-linux-2.5.2014-k9.pkg 3 svc enablegroup-policy defaultgroup internalgroup-policy defaultgroup attributes dns-server value 10.1.1.138 10.1.1.54 split-tunnel-policy tunnelspecified split-tunnel-network-list value split-tunnel default-domain value our-domain.comgroup-policy DfltGrpPolicy attributes dns-server value 10.1.1.138 10.1.1.54 vpn-tunnel-protocol IPSec l2tp-ipsec svc split-tunnel-policy tunnelspecified split-tunnel-network-list value split-tunnel address-pools value VPNPool webvpn svc ask none default svcusername person1 password xxxxxxx encryptedusername admin password xxxxxxxx encrypted privilege 15username person2 password xxxxxxxxx encryptedusername person3 password xxxxxxxxxx encryptedtunnel-group DefaultRAGroup general-attributes address-pool VPNPool default-group-policy defaultgrouptunnel-group DefaultRAGroup ipsec-attributes trust-point CA1tunnel-group OurCompany type remote-accesstunnel-group OurCompany general-attributes address-pool VPNPooltunnel-group OurCompany webvpn-attributes group-alias OurCompany enable group-url https://x.x.x.x/OurCompany enabletunnel-group OurIPSEC type remote-accesstunnel-group OurIPSEC general-attributes address-pool VPNPool default-group-policy defaultgrouptunnel-group OurIPSEC ipsec-attributes pre-shared-key * trust-point CA1!class-map inspection_default match default-inspection-traffic!!policy-map type inspect dns preset_dns_map parameters message-length maximum 512policy-map type inspect sip sip-map parameters max-forwards-validation action drop log state-checking action drop log rtp-conformance policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect netbios inspect tftp inspect icmp inspect pptp inspect sip sip-map ! service-policy global_policy globalprompt hostname context Cryptochecksum:xxxxxxxxxxxxxxxxx: end
I've checked all the debug logs I could think of and tried various troubleshooting steps. Any ideas?
Regards
Lionel

Hi
The bulk of the devices are not even routing through the ASA, internal devices such as IP phones, printers, etc. There is also large wastage of IP addresses which needs to be sorted out at some stage.
Outside IP address is 196.215.40.160. The DSL modem is configured as an LLC bridge.
Here are the debug logs when connecting if this helps at all. Nothing is logged when a connection is attempted though.
Regards
Lionel
Oct 15 17:08:51 [IKEv1]: IP = 197.79.9.227, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 765Oct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing SA payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing ke payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing ISA_KE payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing nonce payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing ID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, Received Fragmentation VIDOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, IKE Peer included IKE fragmentation capability flags: Main Mode: True Aggressive Mode: FalseOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, Received NAT-Traversal RFC VIDOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, Received NAT-Traversal ver 03 VIDOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, Received NAT-Traversal ver 02 VIDOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, Received xauth V6 VIDOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, Received Cisco Unity client VIDOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, processing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: IP = 197.79.9.227, Received DPD VIDOct 15 17:08:51 [IKEv1]: IP = 197.79.9.227, Connection landed on tunnel_group OurIPSECOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, processing IKE SA payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, IKE SA Proposal # 1, Transform # 5 acceptable Matches global IKE entry # 2Oct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing ISAKMP SA payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing ke payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing nonce payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, Generating keys for Responder...Oct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing ID payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing hash payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, Computing hash for ISAKMPOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing Cisco Unity VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing xauth V6 VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing dpd vid payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing NAT-Traversal VID ver 02 payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing NAT-Discovery payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, computing NAT Discovery hashOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing NAT-Discovery payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, computing NAT Discovery hashOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing Fragmentation VID + extended capabilities payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing VID payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, Send Altiga/Cisco VPN3000/Cisco ASA GW VIDOct 15 17:08:51 [IKEv1]: IP = 197.79.9.227, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 436Oct 15 17:08:51 [IKEv1]: IP = 197.79.9.227, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NAT-D (130) + NAT-D (130) + NOTIFY (11) + NONE (0) total length : 128Oct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, processing hash payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, Computing hash for ISAKMPOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, processing NAT-Discovery payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, computing NAT Discovery hashOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, processing NAT-Discovery payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, computing NAT Discovery hashOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, processing notify payloadOct 15 17:08:51 [IKEv1]: Group = OurIPSEC, IP = 197.79.9.227, Automatic NAT Detection Status: Remote end IS behind a NAT device This end IS behind a NAT deviceOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing blank hash payloadOct 15 17:08:51 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, constructing qm hash payloadOct 15 17:08:51 [IKEv1]: IP = 197.79.9.227, IKE_DECODE SENDING Message (msgid=b8b02705) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72Oct 15 17:09:02 [IKEv1]: IP = 197.79.9.227, IKE_DECODE RECEIVED Message (msgid=b8b02705) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 88Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, process_attr(): Enter!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, IP = 197.79.9.227, Processing MODE_CFG Reply attributes.Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: primary DNS = 10.1.1.138Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: secondary DNS = 10.1.1.54Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: primary WINS = clearedOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: secondary WINS = clearedOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: split tunneling list = split-tunnelOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: default domain = our-domain.comOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: IP Compression = disabledOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: Split Tunneling Policy = Split NetworkOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: Browser Proxy Setting = no-modifyOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKEGetUserAttributes: Browser Proxy Bypass Local = disableOct 15 17:09:02 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, User (person2) authenticated.Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing blank hash payloadOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing qm hash payloadOct 15 17:09:02 [IKEv1]: IP = 197.79.9.227, IKE_DECODE SENDING Message (msgid=a2171c19) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64Oct 15 17:09:02 [IKEv1]: IP = 197.79.9.227, IKE_DECODE RECEIVED Message (msgid=a2171c19) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, process_attr(): Enter!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Processing cfg ACK attributesOct 15 17:09:02 [IKEv1]: IP = 197.79.9.227, IKE_DECODE RECEIVED Message (msgid=3257625f) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 164Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, process_attr(): Enter!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Processing cfg Request attributesOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for IPV4 address!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for IPV4 net mask!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for DNS server address!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for WINS server address!Oct 15 17:09:02 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Received unsupported transaction mode attribute: 5Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Application Version!Oct 15 17:09:02 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Client Type: iPhone OS Client Application Version: 7.0.2Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Banner!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Default Domain Name!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Split DNS!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Split Tunnel List!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Local LAN Include!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for PFS setting!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Save PW setting!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for FWTYPE!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for backup ip-sec peer list!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, MODE_CFG: Received request for Client Browser Proxy Setting!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Obtained IP addr (172.17.1.1) prior to initiating Mode Cfg (XAuth enabled)Oct 15 17:09:02 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Assigned private IP address 172.17.1.1 to remote userOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing blank hash payloadOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, construct_cfg_set: default domain = our-domain.comOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Send Client Browser Proxy Attributes!Oct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Browser Proxy set to No-Modify. Browser Proxy data will NOT be included in the mode-cfg replyOct 15 17:09:02 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing qm hash payloadOct 15 17:09:02 [IKEv1]: IP = 197.79.9.227, IKE_DECODE SENDING Message (msgid=3257625f) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 210Oct 15 17:09:03 [IKEv1 DECODE]: IP = 197.79.9.227, IKE Responder starting QM: msg id = c9359d2eOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Delay Quick Mode processing, Cert/Trans Exch/RM DSID in progressOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Resume Quick Mode processing, Cert/Trans Exch/RM DSID completedOct 15 17:09:03 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, PHASE 1 COMPLETEDOct 15 17:09:03 [IKEv1]: IP = 197.79.9.227, Keep-alive type for this connection: DPDOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Starting P1 rekey timer: 3420 seconds.Oct 15 17:09:03 [IKEv1]: IP = 197.79.9.227, IKE_DECODE RECEIVED Message (msgid=c9359d2e) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + NONE (0) total length : 284Oct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, processing hash payloadOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, processing SA payloadOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, processing nonce payloadOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, processing ID payloadOct 15 17:09:03 [IKEv1 DECODE]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, ID_IPV4_ADDR ID received172.17.1.1Oct 15 17:09:03 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Received remote Proxy Host data in ID Payload: Address 172.17.1.1, Protocol 0, Port 0Oct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, processing ID payloadOct 15 17:09:03 [IKEv1 DECODE]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, ID_IPV4_ADDR_SUBNET ID received--10.0.0.0--255.0.0.0Oct 15 17:09:03 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Received local IP Proxy Subnet data in ID Payload: Address 10.0.0.0, Mask 255.0.0.0, Protocol 0, Port 0Oct 15 17:09:03 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, QM IsRekeyed old sa not found by addrOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Selecting only UDP-Encapsulated-Tunnel and UDP-Encapsulated-Transport modes defined by NAT-TraversalOct 15 17:09:03 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKE Remote Peer configured for crypto map: dyn1Oct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, processing IPSec SA payloadOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IPSec SA Proposal # 1, Transform # 6 acceptable Matches global IPSec SA entry # 1Oct 15 17:09:03 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKE: requesting SPI!IPSEC: New embryonic SA created @ 0xCB809F40, SCB: 0xC9613DB0, Direction: inbound SPI : 0x96A6C295 Session ID: 0x0001D000 VPIF num : 0x00000002 Tunnel type: ra Protocol : esp Lifetime : 240 secondsOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKE got SPI from key engine: SPI = 0x96a6c295Oct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, oakley constucting quick modeOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing blank hash payloadOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing IPSec SA payloadOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing IPSec nonce payloadOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing proxy IDOct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Transmitting Proxy Id: Remote host: 172.17.1.1 Protocol 0 Port 0 Local subnet: 10.0.0.0 mask 255.0.0.0 Protocol 0 Port 0Oct 15 17:09:03 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, constructing qm hash payloadOct 15 17:09:03 [IKEv1 DECODE]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKE Responder sending 2nd QM pkt: msg id = c9359d2eOct 15 17:09:03 [IKEv1]: IP = 197.79.9.227, IKE_DECODE SENDING Message (msgid=c9359d2e) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + NONE (0) total length : 152Oct 15 17:09:06 [IKEv1]: IP = 197.79.9.227, IKE_DECODE RECEIVED Message (msgid=c9359d2e) with payloads : HDR + HASH (8) + NONE (0) total length : 52Oct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, processing hash payloadOct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, loading all IPSEC SAsOct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Generating Quick Mode Key!Oct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, NP encrypt rule look up for crypto map dyn1 1 matching ACL Unknown: returned cs_id=c9f22e78; rule=00000000Oct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Generating Quick Mode Key!Oct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, NP encrypt rule look up for crypto map dyn1 1 matching ACL Unknown: returned cs_id=c9f22e78; rule=00000000Oct 15 17:09:06 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Security negotiation complete for User (person2) Responder, Inbound SPI = 0x96a6c295, Outbound SPI = 0x09e97594IPSEC: New embryonic SA created @ 0xCB8F7418, SCB: 0xC9F6DD30, Direction: outbound SPI : 0x09E97594 Session ID: 0x0001D000 VPIF num : 0x00000002 Tunnel type: ra Protocol : esp Lifetime : 240 secondsIPSEC: Completed host OBSA update, SPI 0x09E97594IPSEC: Creating outbound VPN context, SPI 0x09E97594 Flags: 0x00000025 SA : 0xCB8F7418 SPI : 0x09E97594 MTU : 1492 bytes VCID : 0x00000000 Peer : 0x00000000 SCB : 0x99890723 Channel: 0xC6691360IPSEC: Completed outbound VPN context, SPI 0x09E97594 VPN handle: 0x001E7FCCIPSEC: New outbound encrypt rule, SPI 0x09E97594 Src addr: 10.0.0.0 Src mask: 255.0.0.0 Dst addr: 172.17.1.1 Dst mask: 255.255.255.255 Src ports Upper: 0 Lower: 0 Op : ignore Dst ports Upper: 0 Lower: 0 Op : ignore Protocol: 0 Use protocol: false SPI: 0x00000000 Use SPI: falseIPSEC: Completed outbound encrypt rule, SPI 0x09E97594 Rule ID: 0xCB5483E8IPSEC: New outbound permit rule, SPI 0x09E97594 Src addr: 196.215.40.160 Src mask: 255.255.255.255 Dst addr: 197.79.9.227 Dst mask: 255.255.255.255 Src ports Upper: 4500 Lower: 4500 Op : equal Dst ports Upper: 41593 Lower: 41593 Op : equal Protocol: 17 Use protocol: true SPI: 0x00000000 Use SPI: falseIPSEC: Completed outbound permit rule, SPI 0x09E97594 Rule ID: 0xC9242228Oct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, IKE got a KEY_ADD msg for SA: SPI = 0x09e97594IPSEC: Completed host IBSA update, SPI 0x96A6C295IPSEC: Creating inbound VPN context, SPI 0x96A6C295 Flags: 0x00000026 SA : 0xCB809F40 SPI : 0x96A6C295 MTU : 0 bytes VCID : 0x00000000 Peer : 0x001E7FCC SCB : 0x985C5DA5 Channel: 0xC6691360IPSEC: Completed inbound VPN context, SPI 0x96A6C295 VPN handle: 0x0020190CIPSEC: Updating outbound VPN context 0x001E7FCC, SPI 0x09E97594 Flags: 0x00000025 SA : 0xCB8F7418 SPI : 0x09E97594 MTU : 1492 bytes VCID : 0x00000000 Peer : 0x0020190C SCB : 0x99890723 Channel: 0xC6691360IPSEC: Completed outbound VPN context, SPI 0x09E97594 VPN handle: 0x001E7FCCIPSEC: Completed outbound inner rule, SPI 0x09E97594 Rule ID: 0xCB5483E8IPSEC: Completed outbound outer SPD rule, SPI 0x09E97594 Rule ID: 0xC9242228IPSEC: New inbound tunnel flow rule, SPI 0x96A6C295 Src addr: 172.17.1.1 Src mask: 255.255.255.255 Dst addr: 10.0.0.0 Dst mask: 255.0.0.0 Src ports Upper: 0 Lower: 0 Op : ignore Dst ports Upper: 0 Lower: 0 Op : ignore Protocol: 0 Use protocol: false SPI: 0x00000000 Use SPI: falseIPSEC: Completed inbound tunnel flow rule, SPI 0x96A6C295 Rule ID: 0xCB7CFCC8IPSEC: New inbound decrypt rule, SPI 0x96A6C295 Src addr: 197.79.9.227 Src mask: 255.255.255.255 Dst addr: 196.215.40.160 Dst mask: 255.255.255.255 Src ports Upper: 41593 Lower: 41593 Op : equal Dst ports Upper: 4500 Lower: 4500 Op : equal Protocol: 17 Use protocol: true SPI: 0x00000000 Use SPI: falseIPSEC: Completed inbound decrypt rule, SPI 0x96A6C295 Rule ID: 0xCB9BF828IPSEC: New inbound permit rule, SPI 0x96A6C295 Src addr: 197.79.9.227 Src mask: 255.255.255.255 Dst addr: 196.215.40.160 Dst mask: 255.255.255.255 Src ports Upper: 41593 Lower: 41593 Op : equal Dst ports Upper: 4500 Lower: 4500 Op : equal Protocol: 17 Use protocol: true SPI: 0x00000000 Use SPI: falseIPSEC: Completed inbound permit rule, SPI 0x96A6C295 Rule ID: 0xCBA7C740Oct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Pitcher: received KEY_UPDATE, spi 0x96a6c295Oct 15 17:09:06 [IKEv1 DEBUG]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Starting P2 rekey timer: 3417 seconds.Oct 15 17:09:06 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, Adding static route for client address: 172.17.1.1 Oct 15 17:09:06 [IKEv1]: Group = OurIPSEC, Username = person2, IP = 197.79.9.227, PHASE 2 COMPLETED (msgid=c9359d2e)

Problem with printing over wireless network

Hello. I have a HP psc 2410 all-in-one printer.
I've recently bought a modem router which has a capability called"printer-server" and I decided to use this feature and print over wifi. I set it up but with a problem. when I print something, for instance, test page, instead of printing just one page, It will print "test page" in 3 pages( something like partial pages and which the last=third page is printed blankly) and then It freezes(printer screen shows "printing" and I have to cancel the job, otherwise it freezes and I have to replug it). I have this trouble not just in test page but at least from IE, office, PDF files. This problem is essentially about Wifi, since If I connect the printer directly to the PC or laptop via usb, it works absolutely fine. also I have tried printing with different laptops over wifi but no go. below are more information which I have to mention:
1)Router is on WPA-PSK encryption type.
2)There is no mac-filtering or hiding SSID going on.
3)one laptop and an iPad is connected to router via wifi and a PC which is connected by LAN cable.
4)The printer IP address is the same as Router's settings page IP address.(192.168.0.1)
5)I can't open the printer's internal web page by entering the printer's IP address in browser since it's the same as router IP address.
6)Firewall on my laptop( windows 7 32-bit) is off and I'm using no Anti-virus.
7) I have tried HP PRINT AND SCAN DOCTOR, but it says the printer is OK.
thanks
Leland
EDIT: after investigating for hours, I finally managed to get rid of freezing problem. now there is just one problem of that partial printing which happens coincidentally over wifi! I mean, sometimes it happens and sometimes not!
any suggestions? I'd really appreciate it
This question was solved.
View Solution.

The bottomline is that this printer has no way of connecting other than a straight USB connection. In order to make it wireless you have to have a device that will give it an network IP address. The printer by itself can not do this.
The only way to get this printer on a network is to buy a SEPERATE USB Printer Server. Or, buy a separate router, like I said, that has a USB connection on the back that will support printers.
You can not connect it the way you want as it stands right now.
However, call your ISP and have them set it up IF their Gateway device has a USB connection and really can support a printer. It is their issue.
Say thanks by clicking the Kudos Thumbs Up to the right in the post.
If my post resolved your problem, please mark it as an Accepted Solution ...
I worked for HP but now I'm retired!

Start-up / shut-down (and other) problems with ZFS over iSCSI

Hi,
I've had a limited time in which to try some concepts on an evaluation x4500 server. This is unfortunately my last day, so by the time anyone can reply I will probably not be able to to further tests, but maybe someone will be able to reproduce the issues.
I'm using the evaluation server to export some iSCSI targets, and I'm connecting to them from my laptop, which has a fresh installation of SXDE 01/08. I was able to attach to the targets with
iscsiadm add static-config \
iqn.1986-03.com.sun:02:f4281081-c3fc-e448-c8f0-943d8861c9e8,192.168.15.62
iscsiadm add static-config \
iqn.1986-03.com.sun:02:371c6fe7-f0c8-e02c-c865-baef90fb71ce,192.168.15.62
iscsiadm add static-config \
iqn.1986-03.com.sun:02:ee74d5de-3046-6295-f35e-afe60e13db23,192.168.15.62
iscsiadm modify discovery -s enableThis made the appropriate entries appear in /dev/dsk so I could then set up a simple zpool and zfs filesystem with:
zpool create -m none dPool c3t010000144FA70C1400002A0047C2BF73d0 \
c3t010000144FA70C1400002A0047C2BF81d0 c3t010000144FA70C1400002A0047C2BF8Bd0
zfs create -o mountpoint=/data -o sharenfs=on dPool/dataThe general concept I'm testing is having a ZFS-based server using an IP SAN as a growable source of storage, and making the data available to clients over NFS/CIFS or other services. In principle this solution should also allow failover to another server, since all the ZFS data and metadata is in the IP SAN, not on the server. Although not done in this example it should also be possible to run raidz across multiple iSCSI disk arrays. However, it's not been a bed of roses. I've had a lot of errors in dmesg like the following, which I think are causing zfs/zpool commands to stall at times:
Feb 28 14:30:39 F4060 iscsi: [ID 866572 kern.warning] WARNING: iscsi connection(ffffff014f6b6b78) protocol error - received an unsupported opcode:0x41
Feb 28 14:30:41 F4060 iscsi: [ID 158826 kern.warning] WARNING: iscsi connection(10) login failed - failed to receive login response
Feb 28 14:30:41 F4060 scsi_vhci: [ID 734749 kern.warning] WARNING: vhci_scsi_reset 0x1
Feb 28 14:30:41 F4060 iscsi: [ID 339442 kern.notice] NOTICE: iscsi connection failed to set socket optionTCP_NODELAY, SO_RCVBUF or SO_SNDBUF
Feb 28 14:30:41 F4060 iscsi: [ID 933263 kern.notice] NOTICE: iscsi connection(13) unable to connect to target iqn.1986-03.com.sun:02:ee74d5de-3046-6295-f35e-afe60e13db23
Feb 28 14:30:41 F4060 iscsi: [ID 339442 kern.notice] NOTICE: iscsi connection failed to set socket optionTCP_NODELAY, SO_RCVBUF or SO_SNDBUF
Feb 28 14:30:41 F4060 iscsi: [ID 933263 kern.notice] NOTICE: iscsi connection(7) unable to connect to target iqn.1986-03.com.sun:02:f4281081-c3fc-e448-c8f0-943d8861c9e8Does anyone know why a Solaris iSCSI target would send an unsupported opcode (0x41) to a Solaris iSCSI initiator? Surely they should be talking the same language!
The main problems however are with shutdown and start-up. On occasions, I suspect that the ordering of ZFS, iSCSI and network services gets a bit out of sync. On one occasion the laptop even refused to complete the shutdown because it was reporting a continuous stream of console messages like
Feb 27 18:26:37 F4060 iscsi: [ID 933263 kern.notice] NOTICE: iscsi connection(13) unable to connect to target iqn.1986-03.com.sun:02:ee74d5de-3046-6295-f35e
-afe60e13db23
Feb 27 18:26:37 F4060 iscsi: [ID 933263 kern.notice] NOTICE: iscsi connection(10) unable to connect to target iqn.1986-03.com.sun:02:371c6fe7-f0c8-e02c-c865
-baef90fb71ce
Feb 27 18:26:37 F4060 iscsi: [ID 933263 kern.notice] NOTICE: iscsi connection(7) unable to connect to target iqn.1986-03.com.sun:02:f4281081-c3fc-e448-c8f0-
943d8861c9e8I also get these on start-up, where it looks like ZFS tries to load the zpool configuration before iSCSI has found the disks, and even worse, iSCSI is starting up before nwamd has time to do its network auto-magic, and complains that the devices are unavailable.
If these problems sorted themselves out after everything came up, I wouldn't really mind some temporary complaints in the log file, but what I get after a reboot is a working zpool but an unmounted ZFS filesystem! Here is what I have today:
bash-3.2# zpool status
pool: dPool
state: ONLINE
scrub: scrub completed with 0 errors on Thu Feb 28 14:33:43 2008
config:
        NAME                                     STATE     READ WRITE CKSUM
        dPool                                    ONLINE       0     0     0
          c3t010000144FA70C1400002A0047C2BF73d0 ONLINE       0     0     0
          c3t010000144FA70C1400002A0047C2BF81d0 ONLINE       0     0     0
          c3t010000144FA70C1400002A0047C2BF8Bd0 ONLINE       0     0     0
errors: No known data errors
bash-3.2# zfs list
NAME         USED AVAIL REFER MOUNTPOINT
dPool        480M 28.9G     1K none
dPool/data   480M 28.9G   480M /dataThis all looks fine, and you can see that I was even able to scrub the pool data with no problems. But where are the 480MB of data I have put in the /data mountpoint:
bash-3.2# ls /data
bash-3.2# df -h /data
Filesystem             size   used avail capacity Mounted on
/dev/dsk/c1d0s0         15G   4.4G    11G    30%    /As you can see, /data is unmounted, causing df to revert to the / filesystem containing the empty /data mountpoint, instead of showing the zpool mount.
Since zfs is supposed to take care of its own mounts rather than using vfstab, I can't use "mount /data" to force this to mount. The only workaround I've found is to export and import the zpool. Then I get the filesystem to reappear:
bash-3.2# df -h /data
Filesystem             size   used avail capacity Mounted on
dPool/data              29G   480M    29G     2%    /dataDoes anyone know if these are known issues with snv_79b, and is there a fix available or in the works?
TIA,
Graham

EasyE, Welcome to the discussion area!
(a) Call Apple and get your iMac G5 fixed since it is in the repair extension group. Don't waste your time doing anything else.
(b) This area is for discussing the iMac G4. Since you have an iMac G5 in the future you should post in the iMac G5 discussion area.

Problem with ufsdump over rsh/ssh with solaris 10

Hi,
I want to do a ufsdump over rsh/ssh between 2 servers running Solaris 10. Here is the command I launch :
localServer:# rsh rmtServer "ufsdump 0f - /var" > /backups/rmtServer
When I execute this command on the command line, everything is working very well. But, when I launch the same command with cron or at, it's not working. Instead, I have a broken pipe, the dump is aborted and the following message appears in /var/cron/log:
"! could not obtain latest contract from popen(3C): No such process Tue May 3 10:27:09 2005"
If I run the same command (cron) on a remote server running Solaris 8, it's working.
The problem seems to come from the redirection of the input in a file on the local server. If I put the redirection on the remote server (rsh rmtServer "ufsdump 0f - /var > /somefs/rmtServer"), it's working.
So, what is the source of the problem ?
Jeff

Yup, that's what I suspected. Cron is not authenticating the user properly. "at" and "cron" use the same scheduling daemon, which is why they both fail.
Sadly, I do not have any Solaris 10 clients to test this, but it's exactly what I had run into before. User logins and cron can be configured to use different authentication mechanisms, and something has happened to cron's authentication. This could be anything from a bad configuration to a corrupted library.
Here are the default cron entries in /etc/pam.conf for Solaris 9. (I know, it's 9. No choice for me at this point.) Do they look this way in Solaris 10? If not, you might want to try.
# cron service (explicit because of non-usage of pam_roles.so.1)
cron account required pam_projects.so.1
cron account required pam_unix_account.so.1

Having problem with IPv6

i need help with this problem my web browser is running slow and sometimes it opens nothing. i checked a friend same Mac pro with the same wifi but it seems that its working normally with him, so i went in to the sitting and i found that we have deffrent in the photo below. he has nothing next to the router or the IPv6 Address but i did not know how to change it.PLZ HELP???

Hey Al-odaini,
Thanks for the question. The following resource may provide a solution:
IPv6 troubleshooting
http://support.apple.com/kb/TS3802
Additional Information:
OS X Mavericks: Use IPv6
http://support.apple.com/kb/PH13955
What is IPv6?
http://support.apple.com/kb/HT4669
Thanks,
Matt M.

Problem with Transition Over Nested Freeze

In a nutshell:
My normally co-operative FCP (5.1.4, OS 10.4.10) can't seem to cope with one particular transition, in which a wipe effect overlaps with the start of a nested freeze frame. I seem to be able to do this with no problem anywhere else (even elsewhere on the same Timeline), but it's feeling like this one spot is jinxed!
The gory details:
I have a short sequence that begins with 3-4 similar shots, each of which end in a freeze frame, followed by a 2-second "Clock Wipe" transition to the next shot.
In one particular case (let's call it going from Shot A to Shot B), the Wipe needs to begin several frames BEFORE the start of the freeze. So in that case I've taken the shot + the freeze and nested them, making sure that the nested clip has ample handles. So far, so good.
But every time I then try to apply the transition, I get the not very informative error message: "Not Found." When I click OK (the only option available), the Canvas suddenly goes red, and displays the message: "Display unavailable. Close and reopen window to restore."
But if I do close the window, both the Canvas and Timeline disappear and can't be reopened -- they're each greyed out under the "Window" menu, and Cmd-2 and Cmd-3 do nothing. If I close the sequence tab and then try to re-open the sequence, nothing happens.
Meanwhile, if I don't close any windows, and just move the playhead somewhere else on the Timeline, the red Canvas seems to go back to normal. But if I then try to play that Timeline (no matter where the playhead is cued), I keep getting the same "Not Found" error message. If I Undo to before the point where I applied the transition, I STILL get the "Not Found" error!
In fact, once that "Not Found" error message appears, the ONLY way I've found to get access to that particular Timeline again is by doing a Revert Project. (Other sequences continue to work fine; it's just this one which can suddenly no longer be found.)
For anyone still interested, here's the troubleshooting I've tried:
- Doing the same procedure on another transition in the same Timeline -- works fine (even when applied to the very next transition -- the Shot B to Shot C one -- in the Timeline).
- Applying a transition that's shorter, and therefore doesn't overlap with the freeze "embedded" in the nested clip. This seems okay, but as soon as I then try to make the transition longer, so that it begins before the start of the nested freeze, it's the "Not Found" message again, and another Revert Project.
- Tried re-creating the nest: nothing. Tried re-creating the freeze frame, then re-creating the nest: still no change. Tried recreating the freeze on a different frame: no difference.
- Tried applying different wipes to the trouble spot -- but with the same result: if the wipe was short enough not to overlap with the freeze that's inside the nested clip, no problem; if the wipe is long enough that it starts before the nested freeze, it's another "Not Found" message and another Revert Project -- but ONLY for this one transition.
- Tried applying the wipe different ways (straight from the Browser; Option-dragging a copy of the transition from elsewhere on the Timeline; even making it a Favorite and applying it from the Effects menu).
- Tried copying all the clips from the sequence over into the empty Timeline of a fresh new sequence: no difference.
- Tried deleting the master shot altogether, and bringing in a new copy of the clip from the Browser: no difference.
- Tried deleting all the render files associated with this one sequence, the re-importing the clip from the Browser and re-creating the Freeze then the nest yet again: still no difference.
- Tried replacing the shot with a different clip of a different take altogether -- same thing!!!
- Made sure disk permissions were repaired, and even did a complete rebuild of the directory of the disk which has my FCP master project files plus the app itself (using Disk Warrior).
At this stage, ANY suggestions would be hugely appreciated!
Thanks,
John Bertram
Toronto

Margaret Norwood wrote:
Hi John,
How are you making the freeze frame? Shift n? Saving as subclip?
Shift-n.
Does the freeze frame have ample handles, or just the clip?
Handles galore.
Is there a reason that the sequence needs to be nested? How does it work if you put the clips directly into your main timeline?
It's not the sequence itself that's being nested, just a given shot together with its freeze frame. And that was so I could then begin the transition effect to the next shot BEFORE the start of the freeze frame. If the clip plus its freeze remain unnested on the Timeline, FCP treats the freeze as a separate clip, and won't let me stretch the start of the transition (to the next actual shot) past -- i.e. to the left of -- the start of the freeze.
But if the freeze and the shot which leads into it have been nested, then FCP should treat that nest as a single clip, and let me extend the transition effect I apply to it as far back into that nested clip as I want. At least that's the theory -- and it's worked for me at other times. Why it isn't working in this one case is what's driving me bonkers!
Anyway, thanks for the note.
Cheers,
jb

Problem with ipv6 over pppoe

Similar Messages

Maybe you are looking for