[resolved] Cannot access particular site
I cannot access http://www.philosophypages.com. I tested using the "is it down or is it me?" site and apparently, it is "just me". I can ping the site fine. But if I try to view the page in firefox, it hangs forever. I don't see any complaints in the error/warning/info console, though. If I try to access it with lynx, eventually it just times out and says it could not make the connection.
I've accessed the same site just fine before. I can access other sites just fine now.
Can anybody suggest ways to track the issue down?
$ traceroute www.philosophypages.com
traceroute to www.philosophypages.com (207.155.252.12), 30 hops max, 60 byte packets
1 xx.x.x.x (x.x.x.x) 3.122 ms 7.112 ms 7.123 ms
2 xx.xxx.xxx.x (xx.xxx.xxx.x) 13.841 ms 13.950 ms 21.623 ms
3 xxxx-xxxx-xx-xxx-xxx.network.virginmedia.net (xx.xxx.xxx.xxx) 21.651 ms 21.716 ms 21.794 ms
4 xxxx-xx-xx-xxx-x.network.virginmedia.net (xx.xxx.xxx.xxx) 27.572 ms 27.639 ms 27.630 ms
5 xe-7-0-0.edge3.London2.Level3.net (195.50.91.129) 31.243 ms 31.287 ms 35.437 ms
6 ae-0-11.edge4.London2.Level3.net (4.69.200.126) 36.044 ms 22.750 ms 21.694 ms
7 ae-3-3.ebr1.London1.Level3.net (4.69.141.189) 22.314 ms 30.534 ms 30.419 ms
8 ae-57-112.csw1.London1.Level3.net (4.69.153.118) 30.589 ms ae-58-113.csw1.London1.Level3.net (4.69.153.122) 32.039 ms ae-59-114.csw1.London1.Level3.net (4.69.153.126) 31.964 ms
9 ae-1-51.edge4.London1.Level3.net (4.69.139.74) 31.659 ms 31.744 ms 32.072 ms
10 XO-level3-1x10G.London.Level3.net (4.68.70.134) 32.256 ms 32.341 ms 32.122 ms
11 vb1042.rar3.nyc-ny.us.xo.net (207.88.13.202) 107.633 ms 111.691 ms 107.710 ms
12 te-3-0-0.rar3.washington-dc.us.xo.net (207.88.12.74) 169.505 ms 167.730 ms 172.305 ms
13 te-11-0-0.rar3.sanjose-ca.us.xo.net (207.88.12.69) 173.591 ms 173.456 ms 173.677 ms
14 ae0d0.mcr1.fremont-ca.us.xo.net (216.156.0.138) 167.153 ms 165.860 ms 167.242 ms
15 ae1d0.mcr2.fremont-ca.us.xo.net (216.156.1.70) 166.037 ms 171.930 ms 171.810 ms
16 209.116.66.138 (209.116.66.138) 171.997 ms 164.010 ms 162.785 ms
17 206.251.128.138.ptr.us.xo.net (206.251.128.138) 162.577 ms 170.301 ms 170.335 ms
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
Last edited by cfr (2013-02-23 22:57:57)
Works okay here.
1 ewaller (192.168.1.1) 0.848 ms 1.473 ms 1.435 ms
2 netblock-<redacted>.dslextreme.com (<redacted>) 10.585 ms 11.753 ms 12.152 ms
3 lax1_cr1_gig_10_0_120.dslextreme.com (66.218.48.145) 13.750 ms 14.603 ms 16.036 ms
4 ge-6-5.car4.LosAngeles1.Level3.net (4.71.128.1) 18.441 ms 18.798 ms 19.272 ms
5 xo-level3-xe.losangeles9.level3.net (4.53.228.10) 21.344 ms 23.157 ms 24.477 ms
6 207.88.14.209.ptr.us.xo.net (207.88.14.209) 41.759 ms 35.728 ms 32.297 ms
7 ae0d0.mcr1.fremont-ca.us.xo.net (216.156.0.138) 33.857 ms 22.385 ms 20.789 ms
8 ae1d0.mcr2.fremont-ca.us.xo.net (216.156.1.70) 22.237 ms 23.305 ms 23.283 ms
9 209.116.66.138 (209.116.66.138) 24.918 ms 25.905 ms 27.264 ms
10 206.251.128.138.ptr.us.xo.net (206.251.128.138) 28.415 ms 29.845 ms 30.189 ms
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
It must be all those xx's in your IP
From the site:
Philosophy Pages
. . . from Garth Kemerling
This site offers helpful information for students of the Western philosophical tradition. The elements you will find on this site include:
The Dictionary of Philosophical Terms and Names.
A survey of the History of Western Philosophy.
A Timeline for the intellectual figures discussed here.
Detailed discussion of several major Philosophers
Summary treatment of the elementary principles of Logic
A generic Study Guide for students of philosophy.
Links to other philosophy Sites on the Internet.
Edit: We both found our way to 206.251.128.138.ptr.us.xo.net .
Last edited by ewaller (2013-01-25 04:42:27)
Similar Messages
-
I cannot access a site I use often as a403 error occurs. How do I resolve
I cannot access a site I use often as a 403 error occurs. How do I resolve?
You need to contact the website and tell them to upgrade their security protocols. Especially the following:
* The site uses SSLv3, meaning it's vulnerable to the well known POODLE attack. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
* The site uses RC4, which is insecure.
* The site does not support TLS 1.2, which is recommended.
You can see a full list of all the problems with the website at https://www.ssllabs.com/ssltest/analyze.html?d=secure.crbonline.gov.uk
It very soon will not work in Google Chrome either, so it's in the website's best interest to update ASAP (besides protecting their users from having all their data and information stolen) -
VPN Clients cannot access remote site
Hey there,
I am pretty new in configuring Cisco devices and now I need some help.
I have 2 site here:
site A
Cisco 891
external IP: 195.xxx.yyy.zzz
VPN Gateway for Remote users
local IP: VLAN10 10.133.10.0 /23
site B
Cisco 891
external IP: 62.xxx.yyy.zzz
local IP VLAN10 10.133.34.0 /23
Those two sites are linked together with a Site-to-Site VPN. Accessing files or ressources from one site to the other is working fine while connected to the local LAN.
I configured VPN connection with Radius auth. VPN clients can connect to Site A, get an IP adress from VPN Pool (172.16.100.2-100) and can access files and servers on site A. But for some reason they cannot access ressources on site B. I already added the site B network to the ACL and when connecting with VPN it shows secured routes to 10.133.10.0 and 10.133.34.0 in the statistics. Same thing for other VPN Tunnels to ERP system.
What is missing here to make it possible to reach remote sites when connected through VPN? I had a look at the logs but could not find anything important.
Here is the config of site A
Building configuration...
Current configuration : 24257 bytes
version 15.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Englerstrasse
boot-start-marker
boot config usbflash0:CVO-BOOT.CFG
boot-end-marker
aaa new-model
aaa group server radius Radius-AD
server 10.133.10.5 auth-port 1812 acct-port 1813
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_2 group Radius-AD local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_2 local
aaa session-id common
clock timezone Berlin 1 0
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
crypto pki trustpoint TP-self-signed-27361994
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-27361994
revocation-check none
rsakeypair TP-self-signed-27361994
crypto pki trustpoint test_trustpoint_config_created_for_sdm
subject-name [email protected]
revocation-check crl
crypto pki certificate chain TP-self-signed-27361994
certificate self-signed 01
30820227 30820190 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32373336 31393934 301E170D 31323038 32373038 30343238
5A170D32 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D323733 36313939
3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B709
64CE1874 BF812A9F 0B761522 892373B9 10F0BB52 6263DCDB F9877AA3 7BD34E53
BCFDA45C 2A991777 4DDC7E6B 1FCEE36C B6E35679 C4A18771 9C0F871F 38310234
2D89A4FF 37B616D8 362B3103 A8A319F2 10A72DC7 490A04AC 7955DF68 32EF9615
9E1A3B31 2A1AB243 B3ED3E35 F4AAD029 CDB1F941 5E794300 5C5EF8AE 5C890203
010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304
18301680 14D0F5E7 D3A9311D 1675AA8F 38F064FC 4D04465E F5301D06 03551D0E
04160414 D0F5E7D3 A9311D16 75AA8F38 F064FC4D 04465EF5 300D0609 2A864886
F70D0101 05050003 818100AB 2CD4363A E5ADBFB0 943A38CB AC820801 117B52CC
20216093 79D1F777 2B3C0062 4301CF73 094B9CA5 805F585E 04CF3301 9B839DEB
14A334A2 F5A5316F C65EEF21 0B0DF3B5 F4322440 F28B984B E769876D 6EF94895
C3D5048A A4E2A180 12DF6652 176942F8 58187D7B D37B1F1A 4DDD7AE9 5189F9AF
AF3EF676 26AD3F31 D368F5
quit
crypto pki certificate chain test_trustpoint_config_created_for_sdm
no ip source-route
ip auth-proxy max-login-attempts 5
ip admission max-login-attempts 5
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
ip inspect log drop-pkt
ip inspect name CCP_MEDIUM appfw CCP_MEDIUM
ip inspect name CCP_MEDIUM ftp
ip inspect name CCP_MEDIUM h323
ip inspect name CCP_MEDIUM sip
ip inspect name CCP_MEDIUM https
ip inspect name CCP_MEDIUM icmp
ip inspect name CCP_MEDIUM netshow
ip inspect name CCP_MEDIUM rcmd
ip inspect name CCP_MEDIUM realaudio
ip inspect name CCP_MEDIUM rtsp
ip inspect name CCP_MEDIUM sqlnet
ip inspect name CCP_MEDIUM streamworks
ip inspect name CCP_MEDIUM tftp
ip inspect name CCP_MEDIUM udp
ip inspect name CCP_MEDIUM vdolive
ip inspect name CCP_MEDIUM imap reset
ip inspect name CCP_MEDIUM smtp
ip cef
no ipv6 cef
appfw policy-name CCP_MEDIUM
application im aol
service default action allow alarm
service text-chat action allow alarm
server permit name login.oscar.aol.com
server permit name toc.oscar.aol.com
server permit name oam-d09a.blue.aol.com
audit-trail on
application im msn
service default action allow alarm
service text-chat action allow alarm
server permit name messenger.hotmail.com
server permit name gateway.messenger.hotmail.com
server permit name webmessenger.msn.com
audit-trail on
application http
strict-http action allow alarm
port-misuse im action reset alarm
port-misuse p2p action reset alarm
port-misuse tunneling action allow alarm
application im yahoo
service default action allow alarm
service text-chat action allow alarm
server permit name scs.msg.yahoo.com
server permit name scsa.msg.yahoo.com
server permit name scsb.msg.yahoo.com
server permit name scsc.msg.yahoo.com
server permit name scsd.msg.yahoo.com
server permit name cs16.msg.dcn.yahoo.com
server permit name cs19.msg.dcn.yahoo.com
server permit name cs42.msg.dcn.yahoo.com
server permit name cs53.msg.dcn.yahoo.com
server permit name cs54.msg.dcn.yahoo.com
server permit name ads1.vip.scd.yahoo.com
server permit name radio1.launch.vip.dal.yahoo.com
server permit name in1.msg.vip.re2.yahoo.com
server permit name data1.my.vip.sc5.yahoo.com
server permit name address1.pim.vip.mud.yahoo.com
server permit name edit.messenger.yahoo.com
server permit name messenger.yahoo.com
server permit name http.pager.yahoo.com
server permit name privacy.yahoo.com
server permit name csa.yahoo.com
server permit name csb.yahoo.com
server permit name csc.yahoo.com
audit-trail on
parameter-map type inspect global
log dropped-packets enable
multilink bundle-name authenticated
redundancy
ip tcp synwait-time 10
class-map match-any CCP-Transactional-1
match dscp af21
match dscp af22
match dscp af23
class-map match-any CCP-Voice-1
match dscp ef
class-map match-any sdm_p2p_kazaa
match protocol fasttrack
match protocol kazaa2
class-map match-any CCP-Routing-1
match dscp cs6
class-map match-any sdm_p2p_edonkey
match protocol edonkey
class-map match-any CCP-Signaling-1
match dscp cs3
match dscp af31
class-map match-any sdm_p2p_gnutella
match protocol gnutella
class-map match-any CCP-Management-1
match dscp cs2
class-map match-any sdm_p2p_bittorrent
match protocol bittorrent
policy-map sdm-qos-test-123
class class-default
policy-map sdmappfwp2p_CCP_MEDIUM
class sdm_p2p_edonkey
class sdm_p2p_gnutella
class sdm_p2p_kazaa
class sdm_p2p_bittorrent
policy-map CCP-QoS-Policy-1
class sdm_p2p_edonkey
class sdm_p2p_gnutella
class sdm_p2p_kazaa
class sdm_p2p_bittorrent
class CCP-Voice-1
priority percent 33
class CCP-Signaling-1
bandwidth percent 5
class CCP-Routing-1
bandwidth percent 5
class CCP-Management-1
bandwidth percent 5
class CCP-Transactional-1
bandwidth percent 5
class class-default
fair-queue
random-detect
crypto ctcp port 10000
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key REMOVED address 62.20.xxx.yyy
crypto isakmp key REMOVED address 195.243.xxx.yyy
crypto isakmp key REMOVED address 195.243.xxx.yyy
crypto isakmp key REMOVED address 83.140.xxx.yyy
crypto isakmp client configuration group VPN_local
key REMOVED
dns 10.133.10.5 10.133.10.7
wins 10.133.10.7
domain domain.de
pool SDM_POOL_2
acl 115
crypto isakmp profile ciscocp-ike-profile-1
match identity group VPN_local
client authentication list ciscocp_vpn_xauth_ml_2
isakmp authorization list ciscocp_vpn_group_ml_2
client configuration address respond
virtual-template 1
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA4 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA11 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA5 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-SHA1 esp-des esp-sha-hmac
crypto ipsec profile CiscoCP_Profile1
set transform-set ESP-3DES-SHA11
set isakmp-profile ciscocp-ike-profile-1
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to62.20.xxx.xxx
set peer 62.20.xxx.xxx
set transform-set ESP-3DES-SHA
match address 105
crypto map SDM_CMAP_1 2 ipsec-isakmp
description Tunnel to195.243.xxx.xxx
set peer 195.243.xxx.xxx
set transform-set ESP-3DES-SHA4
match address 107
crypto map SDM_CMAP_1 3 ipsec-isakmp
description Tunnel to83.140.xxx.xxx
set peer 83.140.xxx.xxx
set transform-set ESP-DES-SHA1
match address 118
interface Loopback2
ip address 192.168.10.1 255.255.254.0
interface Null0
no ip unreachables
interface FastEthernet0
switchport mode trunk
no ip address
spanning-tree portfast
interface FastEthernet1
no ip address
spanning-tree portfast
interface FastEthernet2
no ip address
spanning-tree portfast
interface FastEthernet3
no ip address
spanning-tree portfast
interface FastEthernet4
description Internal LAN
switchport access vlan 10
switchport trunk native vlan 10
no ip address
spanning-tree portfast
interface FastEthernet5
no ip address
spanning-tree portfast
interface FastEthernet6
no ip address
spanning-tree portfast
interface FastEthernet7
no ip address
spanning-tree portfast
interface FastEthernet8
description $FW_OUTSIDE$$ETH-WAN$
ip address 62.153.xxx.xxx 255.255.255.248
ip access-group 113 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect CCP_MEDIUM out
no ip virtual-reassembly in
ip verify unicast reverse-path
duplex auto
speed auto
crypto map SDM_CMAP_1
service-policy input sdmappfwp2p_CCP_MEDIUM
service-policy output CCP-QoS-Policy-1
interface Virtual-Template1 type tunnel
ip unnumbered FastEthernet8
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
interface GigabitEthernet0
no ip address
shutdown
duplex auto
speed auto
interface Vlan1
no ip address
interface Vlan10
description $FW_INSIDE$
ip address 10.133.10.1 255.255.254.0
ip access-group 112 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation slip
ip local pool SDM_POOL_1 192.168.10.101 192.168.10.200
ip local pool VPN_Pool 192.168.20.2 192.168.20.100
ip local pool SDM_POOL_2 172.16.100.2 172.16.100.100
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip forward-protocol nd
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet8 overload
ip route 0.0.0.0 0.0.0.0 62.153.xxx.xxx
ip access-list extended VPN1
remark VPN_Haberstrasse
remark CCP_ACL Category=4
permit ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
ip radius source-interface Vlan10
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 23 remark CCP_ACL Category=17
access-list 23 permit 195.243.xxx.xxx
access-list 23 permit 10.133.10.0 0.0.1.255
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 remark CCP_ACL Category=4
access-list 100 permit ip 10.133.10.0 0.0.1.255 any
access-list 101 remark CCP_ACL Category=16
access-list 101 permit udp any eq bootps any eq bootpc
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip any any
access-list 102 remark auto generated by CCP firewall configuration
access-list 102 remark CCP_ACL Category=1
access-list 102 deny ip 10.10.10.0 0.0.0.7 any
access-list 102 permit icmp any host 62.153.xxx.xxx echo-reply
access-list 102 permit icmp any host 62.153.xxx.xxx time-exceeded
access-list 102 permit icmp any host 62.153.xxx.xxx unreachable
access-list 102 deny ip 10.0.0.0 0.255.255.255 any
access-list 102 deny ip 172.16.0.0 0.15.255.255 any
access-list 102 deny ip 192.168.0.0 0.0.255.255 any
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 deny ip host 255.255.255.255 any
access-list 102 deny ip host 0.0.0.0 any
access-list 102 deny ip any any log
access-list 103 remark auto generated by CCP firewall configuration
access-list 103 remark CCP_ACL Category=1
access-list 103 remark IPSec Rule
access-list 103 permit ip 10.133.34.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 103 remark IPSec Rule
access-list 103 permit ip 10.133.34.0 0.0.1.255 192.168.10.0 0.0.1.255
access-list 103 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 103 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 103 permit esp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 103 permit ahp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 103 remark IPSec Rule
access-list 103 permit ip 10.133.20.0 0.0.0.255 10.133.10.0 0.0.1.255
access-list 103 remark IPSec Rule
access-list 103 permit ip 192.168.10.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 103 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 103 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 103 permit esp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 103 permit ahp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 103 permit udp any host 62.153.xxx.xxx eq non500-isakmp
access-list 103 permit udp any host 62.153.xxx.xxx eq isakmp
access-list 103 permit esp any host 62.153.xxx.xxx
access-list 103 permit ahp any host 62.153.xxx.xxx
access-list 103 permit udp host 194.25.0.60 eq domain any
access-list 103 permit udp host 194.25.0.68 eq domain any
access-list 103 permit udp host 194.25.0.68 eq domain host 62.153.xxx.xxx
access-list 103 deny ip 10.10.10.0 0.0.0.7 any
access-list 103 permit icmp any host 62.153.xxx.xxx echo-reply
access-list 103 permit icmp any host 62.153.xxx.xxx time-exceeded
access-list 103 permit icmp any host 62.153.xxx.xxx unreachable
access-list 103 deny ip 10.0.0.0 0.255.255.255 any
access-list 103 deny ip 172.16.0.0 0.15.255.255 any
access-list 103 deny ip 192.168.0.0 0.0.255.255 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 deny ip host 255.255.255.255 any
access-list 103 deny ip host 0.0.0.0 any
access-list 103 deny ip any any log
access-list 104 remark CCP_ACL Category=4
access-list 104 permit ip 10.133.10.0 0.0.1.255 any
access-list 105 remark CCP_ACL Category=4
access-list 105 remark IPSec Rule
access-list 105 permit ip 10.133.10.0 0.0.1.255 10.133.20.0 0.0.0.255
access-list 106 remark CCP_ACL Category=2
access-list 106 remark IPSec Rule
access-list 106 deny ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 192.168.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 106 remark IPSec Rule
access-list 106 deny ip 10.133.10.0 0.0.1.255 10.133.20.0 0.0.0.255
access-list 106 permit ip 10.10.10.0 0.0.0.7 any
access-list 106 permit ip 10.133.10.0 0.0.1.255 any
access-list 107 remark CCP_ACL Category=4
access-list 107 remark IPSec Rule
access-list 107 permit ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 107 remark IPSec Rule
access-list 107 permit ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
access-list 108 remark Auto generated by SDM Management Access feature
access-list 108 remark CCP_ACL Category=1
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq telnet
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq 22
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq www
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq 443
access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq cmd
access-list 108 deny tcp any host 10.133.10.1 eq telnet
access-list 108 deny tcp any host 10.133.10.1 eq 22
access-list 108 deny tcp any host 10.133.10.1 eq www
access-list 108 deny tcp any host 10.133.10.1 eq 443
access-list 108 deny tcp any host 10.133.10.1 eq cmd
access-list 108 deny udp any host 10.133.10.1 eq snmp
access-list 108 permit ip any any
access-list 109 remark CCP_ACL Category=1
access-list 109 permit ip 10.133.10.0 0.0.1.255 any
access-list 109 permit ip 10.10.10.0 0.0.0.7 any
access-list 109 permit ip 192.168.10.0 0.0.1.255 any
access-list 110 remark CCP_ACL Category=1
access-list 110 permit ip host 195.243.xxx.xxx any
access-list 110 permit ip host 84.44.xxx.xxx any
access-list 110 permit ip 10.133.10.0 0.0.1.255 any
access-list 110 permit ip 10.10.10.0 0.0.0.7 any
access-list 110 permit ip 192.168.10.0 0.0.1.255 any
access-list 111 remark CCP_ACL Category=4
access-list 111 permit ip 10.133.10.0 0.0.1.255 any
access-list 112 remark CCP_ACL Category=1
access-list 112 permit udp host 10.133.10.5 eq 1812 any
access-list 112 permit udp host 10.133.10.5 eq 1813 any
access-list 112 permit udp any host 10.133.10.1 eq non500-isakmp
access-list 112 permit udp any host 10.133.10.1 eq isakmp
access-list 112 permit esp any host 10.133.10.1
access-list 112 permit ahp any host 10.133.10.1
access-list 112 permit udp host 10.133.10.5 eq 1645 host 10.133.10.1
access-list 112 permit udp host 10.133.10.5 eq 1646 host 10.133.10.1
access-list 112 remark auto generated by CCP firewall configuration
access-list 112 permit udp host 10.133.10.5 eq 1812 host 10.133.10.1
access-list 112 permit udp host 10.133.10.5 eq 1813 host 10.133.10.1
access-list 112 permit udp host 10.133.10.7 eq domain any
access-list 112 permit udp host 10.133.10.5 eq domain any
access-list 112 deny ip 62.153.xxx.xxx 0.0.0.7 any
access-list 112 deny ip 10.10.10.0 0.0.0.7 any
access-list 112 deny ip host 255.255.255.255 any
access-list 112 deny ip 127.0.0.0 0.255.255.255 any
access-list 112 permit ip any any
access-list 113 remark CCP_ACL Category=1
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.133.34.0 0.0.1.255 192.168.10.0 0.0.1.255
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.60.16.0 0.0.0.255 192.168.10.0 0.0.1.255
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.60.16.0 0.0.0.255 10.133.10.0 0.0.1.255
access-list 113 permit udp host 83.140.100.4 host 62.153.xxx.xxx eq non500-isakmp
access-list 113 permit udp host 83.140.100.4 host 62.153.xxx.xxx eq isakmp
access-list 113 permit esp host 83.140.100.4 host 62.153.xxx.xxx
access-list 113 permit ahp host 83.140.100.4 host 62.153.xxx.xxx
access-list 113 permit ip host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit ip host 84.44.xxx.xxx host 62.153.xxx.xxx
access-list 113 remark auto generated by CCP firewall configuration
access-list 113 permit udp host 194.25.0.60 eq domain any
access-list 113 permit udp host 194.25.0.68 eq domain any
access-list 113 permit udp host 194.25.0.68 eq domain host 62.153.xxx.xxx
access-list 113 permit udp host 194.25.0.60 eq domain host 62.153.xxx.xxx
access-list 113 permit udp any host 62.153.xxx.xxx eq non500-isakmp
access-list 113 permit udp any host 62.153.xxx.xxx eq isakmp
access-list 113 permit esp any host 62.153.xxx.xxx
access-list 113 permit ahp any host 62.153.xxx.xxx
access-list 113 permit ahp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit esp host 195.243.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 113 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.133.34.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 113 permit ahp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 113 remark IPSec Rule
access-list 113 permit ip 192.168.10.0 0.0.1.255 10.133.10.0 0.0.1.255
access-list 113 permit esp host 62.20.xxx.xxx host 62.153.xxx.xxx
access-list 113 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq isakmp
access-list 113 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
access-list 113 remark IPSec Rule
access-list 113 permit ip 10.133.20.0 0.0.0.255 10.133.10.0 0.0.1.255
access-list 113 remark Pop3
access-list 113 permit tcp host 82.127.xxx.xxx eq 8080 host 62.153.xxx.xxx
access-list 113 remark Pop3
access-list 113 permit tcp any eq pop3 host 62.153.xxx.xxx
access-list 113 remark SMTP
access-list 113 permit tcp any eq 465 host 62.153.xxx.xxx
access-list 113 remark IMAP
access-list 113 permit tcp any eq 587 host 62.153.xxx.xxx
access-list 113 deny ip 10.133.10.0 0.0.1.255 any
access-list 113 deny ip 10.10.10.0 0.0.0.7 any
access-list 113 permit icmp any host 62.153.xxx.xxx echo-reply
access-list 113 permit icmp any host 62.153.xxx.xxx time-exceeded
access-list 113 permit icmp any host 62.153.xxx.xxx unreachable
access-list 113 deny ip 10.0.0.0 0.255.255.255 any
access-list 113 deny ip 172.16.0.0 0.15.255.255 any
access-list 113 deny ip 192.168.0.0 0.0.255.255 any
access-list 113 deny ip 127.0.0.0 0.255.255.255 any
access-list 113 deny ip host 255.255.255.255 any
access-list 113 deny ip host 0.0.0.0 any
access-list 113 deny ip any any log
access-list 114 remark auto generated by CCP firewall configuration
access-list 114 remark CCP_ACL Category=1
access-list 114 deny ip 10.133.10.0 0.0.1.255 any
access-list 114 deny ip 10.10.10.0 0.0.0.7 any
access-list 114 permit icmp any any echo-reply
access-list 114 permit icmp any any time-exceeded
access-list 114 permit icmp any any unreachable
access-list 114 deny ip 10.0.0.0 0.255.255.255 any
access-list 114 deny ip 172.16.0.0 0.15.255.255 any
access-list 114 deny ip 192.168.0.0 0.0.255.255 any
access-list 114 deny ip 127.0.0.0 0.255.255.255 any
access-list 114 deny ip host 255.255.255.255 any
access-list 114 deny ip host 0.0.0.0 any
access-list 114 deny ip any any log
access-list 115 remark VPN_Sub
access-list 115 remark CCP_ACL Category=5
access-list 115 permit ip 10.133.10.0 0.0.1.255 172.16.0.0 0.0.255.255
access-list 115 permit ip 10.133.34.0 0.0.1.255 172.16.0.0 0.0.255.255
access-list 115 permit ip 10.133.20.0 0.0.0.255 any
access-list 116 remark CCP_ACL Category=4
access-list 116 remark IPSec Rule
access-list 116 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 117 remark CCP_ACL Category=4
access-list 117 remark IPSec Rule
access-list 117 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 118 remark CCP_ACL Category=4
access-list 118 remark IPSec Rule
access-list 118 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
access-list 118 remark IPSec Rule
access-list 118 permit ip 192.168.10.0 0.0.1.255 10.60.16.0 0.0.0.255
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 106
control-plane
mgcp profile default
line con 0
transport output telnet
line 1
modem InOut
speed 115200
flowcontrol hardware
line aux 0
transport output telnet
line vty 0 4
session-timeout 45
access-class 110 in
transport input telnet ssh
line vty 5 15
access-class 109 in
transport input telnet ssh
scheduler interval 500
endThe crypto ACL for the site to site vpn should also include the vpn client pool, otherwise, traffic from the vpn client does not match the interesting traffic for the site to site vpn.
On Site A:
should include "access-list 107 permit ip 172.16.100.0 0.0.0.255 10.133.34.0 0.0.1.255"
You should also remove the following line as the pool is incorrect:
access-list 107 permit ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
On Site B:
should include: permit ip 10.133.34.0 0.0.1.255 172.16.100.0 0.0.0.255"
NAT exemption on site B should also be configured with deny on the above ACL. -
Cannot access web site hosted on Azure VM
I have created Windows Server 2012R2 VM and after creating VM I have installed IIS and hosted my site and found it is working fine inside the VM.
Then I have added HTTP end point to my VM from azure portal. After creating http end point I cannot access my web site using MyHostName.cloudapp.net.
Can you help me why http end point is not working?
Then I have crated VM with template and there I have defined HTTP endpoint before creating VM.
Finally I found that if I create end point before creating VM then it works fine and if I create endpoint after creating VM then it doesn’t work.
Can you kindly help me to solve this issue (so that end point works properly after creating VM)?
Hasibul Haque,MCC2011,MCPD hasibulhaque.comHi,
You can check the port you bind for the website in IIS and make sure you have created endpoint with the correct port. You can also install Telnet client on your local computer and run "telnet xxx.cloudapp.net public_port_in_endpoint" at the command
prompt to see it works.
Have you enable SSL on the website hosted on Azure VM? If yes, please also create an endpoint with port 443 and open that port in Windows Firewall on the VM.
Best regards,
Susie
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
I am using SharePoint Foundation 2013 , i have backed up the site using powershell with the following command:
-backup-spsite -identity http://dmsserver/sites/demo/ -path C:\SPSiteBackup.bak
After backup finished, i can't access the site, the message "Sorry, this site hasn't been shared with you" appears, even the site administrator collection is configured coorectly, with the Administrator account.
Whats the problem?
Please Advice.Hi husseinsa,
According to your description, my understanding is that you could not access the site after backing up the site collection in SharePoint 2013 Foundation.
Could you access other sites at the same site collection?
Let’s do a troubleshooting for this issue:
Please delete the IE cache: IE options->General->Delete, select all checkboxes, and click Delete.
Go to CA->Application Management->Manage web applications, select the web application which hosts the problematic site .
Click Permisson Policy, make sure there are not any deny policies for site collection administrator and site collection auditor.
Back to the web application list page, click User Policy, check whether there are any user policies for denying permissions.
Change the site collection administrator or add a secondary site collection administrator in CA, then use the new site collection administrator to log in the site, compare the result.
Open IIS, expand the server, and click application pools.
Find the problematic web application pool, make the identity of the pool is correct, then do an IISRESET, compare the result.
If this issue still exists, please check the log file to find more information about this issue. The path of the log file is
: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS.
Or you can use Event Viewer(Start->Run->event viewer) to find the log.
I hope this helps.
Thanks,
Wendy
Wendy Li
TechNet Community Support -
Where are the keychains? I cannot access two sites
It has been two wks now that I am unable to get my web mail, and do my banking. I am able to access other sites with no problem.
They just will not load. My Internet provider was of no help, even though they tried several different URLs to help me access their site (Sympatico).
I found, in this site, somebody with a similar problem who solved it by trashing the keychains from the library folder.
My keychains folder is empty! I can find nothing to trash.
Can somebody help please.Bring up the Keychain app /Application/Utilities/Keychain Access.app navigate to your site's info and delete them. That should remove it from the keychain.
-
I cannot access ftp sites even after loading "Seahorse/fireFTP". What do I do next?
I need to access and upload info to an ftp site but I get an error message each time I do. It doesn't work in IE either. How can I access the site
... I really can't afford to go back and re-buy all this music (which I shouldn't have to do in the first place).
No you shouldn't. Bear in mind, though, that Apple has set this up as a user-to-user board so all we can do here is try to help you figure out why the authorization procedure isn't working correctly for your new computer.
There have been a variety of issues reported with iTunes and Windows Vista, some I believe related to the authorization procedure. So the first thing I'd do is make sure you've downloaded and installed iTunes 7.1 which was just released yesterday.
That may solve your problem. If not, click on the Review Authorization Count link in the Why can't I authorize one of my computers? section of this Apple Support page and let us know how many authorizations you're using.
Be patient and we should be able to figure this out. -
Cannot access some sites in either Firefox or Safari
I'm not sure when this began, but last month I tried to go to Ebay in both Safari and and Firefox and neither would find the site.
Here's what I'm using:
MacPro Desktop 2 x 2.8GHz, Quad-core Intel Xeon
8GB memory
Snow Leopard 10.6.8
My network is set to 'Automatic' Using DHCP
I have a FIOS router and have no firewall or security setting on my Mac
I tried to get to Ebay using a proxy on the same computer and it went to the site. I tried also on my laptop that uses Leopard and the same FIOS router and was able to get the the Ebay site. I go to many sites including email, just fine on my desktop MacPro. A few sites will access some times and other times won't. Ebay never accesses on my MacPro, so this seems to be my test site.
I'm guessing something got changed in my network setting with an upgrade, but not sure what to change under network settings.
Anyone had a similar problem, or know what I need to do?ghi2 wrote:
Thanks, I am my own profesional as I've owned Mac since the Plus. It is probably the Mac as the router also feeds my other computers and they work fine. I just put in Google DNS 8.8.8.8 & 8.8.4.4 and it seems to be working okay, but I guess the Trojan can proably attck these too. Is there a virus app for these trojans?
Let me start by saying that I doubt that either of the following possibilities are what you are suffering, but mention them just in case. I would expect to see you suffering several other symptoms associated with them.
I can't figure out how the DNSChanger Trojan is able to do anything now as the perpatrators are behind bars awaiting extradition and the FBI is operating their servers as normal DNS's for at least another week and possibly until July. Never-the-less, I have seen a very few confirmed cases here in the forum. The fastest way to find out is to go to http://dns-ok.us/ and look for green. If it's red open the FBI document linked for the fix. MacScan did provide a fix for this, but I'm not certain that it removed all versions. I've recently read that one version actually changed the router settings as opposed to your Mac, so you might want to double-check there, as well.
But there is another possibility. One user who was infected on Feb 22nd with the Flashback.G or higher Trojan reported Google redirects associated with it. Iomega has yet to confirm this, but they have been working with that individual and may be in a position to confirm something shortly. To check for this malware open the Terminal app (in /Applications/Utilities/) then copy and paste "defaults read ~/.MacOSX/environment" without the quotes, hit return and if you see something about "DYLD_INSERT_LIBRARIES" then you are infected. Paste the results here for instructions. If it doesn't find the file or says something else, then that isn't your problem.
The MacScan's "Spyware" application is still alive and well. They just updated their definitions yesterday for what they are calling Flashback Trojan 3.0, so it may be capable of finding the latest of these, but I'm not certain. MacScan does have a reputation of sounding "False Alarms", so don't panic and start deleting things without confirmation. -
Yesterday I posted several different pages using iWeb. Today, when I try to post I get a 404 error and the typical orange screen indicating why I cannot see anything. I have a active .mac account. It worked yesterday but today it will not load the pages I am uploading?
The problem seems to have disappeared...just tried again and the site is posted.
-
http://armls.flexmls.com
Clear the cache and the cookies from sites that cause problems.
* "Clear the Cache": Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"
* "Remove the Cookies" from sites causing problems: Tools > Options > Privacy > Cookies: "Show Cookies" -
Restarted Firefox and now cannot access some sites
I restarted Firefox and it has given me a text only version of Facebook saying it's an untrusted connection.
You can try these steps in case of issues with web pages:
You can reload web page(s) and bypass the cache to refresh possibly outdated or corrupted files.
*Hold down the Shift key and left-click the Reload button
*Press "Ctrl + F5" or press "Ctrl + Shift + R" (Windows,Linux)
*Press "Command + Shift + R" (Mac)
Clear the cache and remove cookies only from websites that cause problems.
"Clear the Cache":
*Firefox/Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
"Remove Cookies" from sites causing problems:
*Firefox/Tools > Options > Privacy > "Use custom settings for history" > Cookies: "Show Cookies"
Start Firefox in <u>[[Safe Mode|Safe Mode]]</u> to check if one of the extensions (Firefox/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem.
*Switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance
*Do NOT click the Reset button on the Safe Mode start window
*https://support.mozilla.org/kb/Safe+Mode
*https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes
Check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
Check out why the site is untrusted and click "Technical Details" to expand this section.
If the certificate is not trusted because no issuer chain was provided (sec_error_unknown_issuer) then see if you can install this intermediate certificate from another source.
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
*Click the link at the bottom of the error page: "I Understand the Risks"
Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".
*Click the "View..." button and inspect the certificate and check who is the <b>issuer of the certificate</b>.
You can see more Details like intermediate certificates that are used in the Details pane.
If <b>"I Understand the Risks"</b> is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".
*Note that some firewalls monitor (secure) connections and that programs like Sendori or FiddlerRoot can intercept connections and send their own certificate instead of the website's certificate.
*Note that it is not recommended to add a permanent exception in cases like this, so only use it to inspect the certificate. -
Safari for some time , When i click on links like this
https://discussions.apple.com/community/mac_os/safari
And even face book, some times,Pixoto and other sites Will not opem . if I cut and past into google chrome Like I am using now, the page opens,
In safari it can't open the server .
HELP! pleaseDone all that, Done re set, Even this page fist would not open, Lists the same, . My tablet no problem.
I noted some of the e mails wiill not fully open iether, So its something somewhere, but not the internet,
Im going to try a re set, .
Any other sugestions are welcome. -
I cannot access my Site 2 (of 2 sites) even when I enter the PW for Site 2
I have created Site 1 and Site 2. I have made both 'private' by having the same UserName but a different PW for each.
When entering Username and PW for the second site I always go straight to Site 1. I have tried everything but still I go only to Site 1 every time.
Can anyone see what I may be doing wrong ?
Thanks for any help
DL2the two sites also have two different addresses:
site 1: http://web.mac.com/USERNAME/iWeb/Site1Name
site 2: http://web.mac.com/USERNAME/iWeb/Site2Name
you can choose which to come first when you enter http://web.mac.com/USERNAME by moving the site at the first position in the "site-organizer" in iWeb!
Hope this helps,
max -
Cannot access Flex sites by URL
Hi,
I have recently been moving some Flex apps onto a new server,
now the problem I'm having is that any Flex app that uses Remoting
is only available via the IP address. When I call the site via the
URL I create in IIS i always get this error message:
mx.rpc::Fault)#0
errorID = 0
faultCode = "Server.Processing"
faultDetail = (null)
faultString = "java.lang.NullPointerException"
message = "faultCode:Server.Processing
faultString:'java.lang.NullPointerException' faultDetail:'null'"
name = "Error"
rootCause = (null)
Now when I call the same site via the IP address I don't get
an error message and the site works. I've been researching this
problem and asked other people about this and it seems that the
problem has to do with the service-config.xml file, so I've checked
my service-config.xml file and the endpoint entries are fine, e.g:
<endpoint uri="
http://{server.name}:{server.port}{context.root}/flex2gateway/cfamfpolling"
class="flex.messaging.endpoints.AMFEndpoint"/>
Which seems fine, I've also put a crossdomain policy file in
the root of my app and that's not fixing the problem. So I'm stuck
for ideas.
Can anyone shed so light and ideas and what to check to solve
this problem?
Thanks
StephenWhich normally means your file manager does not understand the NFS protocol directly.
May I ask why you try to do this when you could just as easily browse /mnt/video?
You can define network shares to be mounted in fstab just like a regular local partition. -
After downloadling Flash player 16 for windows 7 I cannot access a site I usually do?
I get the message that it is not capatable and do not understand why I keep getting this message as I do not know what to do now???
To give you any useful advice, I'm going to need to know more about your computer and browser:
https://forums.adobe.com/message/5249945#5249945
Maybe you are looking for
-
Hey Dears, I was working with my Macbook pro 2011, then i have some flash light in the screen, so i shutdown the computer, when i try to open it again i had a black screen, so any one of you have any idea about what should i have to do ?
-
Counting the number of pixels in a certain range within an ROI
I am using Vision 6.0 for Visual Basic. I would like to get a count of the number of pixels within a particular region whose value falls within a certain range (e.g., the number of pixels with values between 86 and 255). Can anyone tell me how I can
-
The contacts icon was deleted from my iPhone 5. How do I get it back?
My granddaughter played with my phone and deleted the Contacts icon. The information is still on the phone under Phone. How do I add the icon back?
-
Datacapturing using Java Bean (Please help)
I am stressed with this projeject. The stage I am at right now is that I want to capture some parameters from a posted form in my bean and send it to the database. Can anyone please help with advice.
-
How to run windows mobile device center via remote desktop
I am developing mobile application in Microsoft Visual Studio 2008. I connect to my computer via remote desktop and my operating system is Windows Server 2012 R2. In order to test the application, I use mobile device emulator. I can run device emulat