RV320 with NAT source from multiple subnets

Similar Messages

• NAT 8.6 multiple subnets in a single static NAT

  Hello all, I have this question, probably pretty an easy to answer, but unfortunately I can't test it myself in a production environment right now.
  Do you know if is possible to have in ASA 8.6 a Static NAT rule with multiple subnets in both object groups. I currently have one to one subnet translation, but I need to add another two subnets.
  Today's configuration is this
  *** FROM ONE SUBNET TO ANOTHER ***
  object-group network REGIONAL-SOURCE
  network-object 10.1.1.0 255.255.255.0
  object-group network REGIONAL-NAT
  network-object 10.1.201.0 255.255.255.0
  nat (Outside,Inside) after-auto source static REGIONAL-SOURCE REGIONAL-NAT dns
  What I need to accomplish is add two new subnets, but I want to see if is possible to do it using the same NAT rule, just adding the new 2 subnets.
  10.1.2.0/24 natted to 10.1.202.0 255.255.255.0
  10.1.3.0/24 natted to 10.1.203.0 255.255.255.0
  *** TWO MORE SUBNETS ARE NEEDED ***
  object-group network REGIONAL-SOURCE
  network-object 10.1.2.0 255.255.255.0
  network-object 10.1.3.0 255.255.255.0
  object-group network REGIONAL-NAT
  network-object 10.1.202.0 255.255.255.0
  network-object 10.1.203.0 255.255.255.0
  If this is not possible I understand separate objects should be created with individual nat, I appreciate your comments and help.

  Hi,
  This should be no problem. It should work as you have thought.
  I tested the configurations on my own ASA
  object-group network REGIONAL-SOURCE
  network-object 10.1.1.0 255.255.255.0
  network-object 10.1.2.0 255.255.255.0
  network-object 10.1.3.0 255.255.255.0
  object-group network REGIONAL-NAT
  network-object 10.1.201.0 255.255.255.0
  network-object 10.1.202.0 255.255.255.0
  network-object 10.1.203.0 255.255.255.0
  nat (LAN,WAN) source static REGIONAL-SOURCE REGIONAL-NAT
  Here at the results of the "packet-tracer" to show the translations
  ASA(config)# packet-tracer input LAN tcp 10.1.1.100 12345 7.7.7.7 80
  Phase: 4
  Type: NAT
  Subtype:
  Result: ALLOW
  Config:
  nat (LAN,WAN) source static REGIONAL-SOURCE REGIONAL-NAT
  Additional Information:
  Static translate 10.1.1.100/12345 to 10.1.201.100/12345
  ASA(config)# packet-tracer input LAN tcp 10.1.2.100 12345 7.7.7.7 80
  Phase: 4
  Type: NAT
  Subtype:
  Result: ALLOW
  Config:
  nat (LAN,WAN) source static REGIONAL-SOURCE REGIONAL-NAT
  Additional Information:
  Static translate 10.1.2.100/12345 to 10.1.202.100/12345
  ASA(config)# packet-tracer input LAN tcp 10.1.3.100 12345 7.7.7.7 80
  Phase: 4
  Type: NAT
  Subtype:
  Result: ALLOW
  Config:
  nat (LAN,WAN) source static REGIONAL-SOURCE REGIONAL-NAT
  Additional Information:
  Static translate 10.1.3.100/12345 to 10.1.203.100/12345
  As you can see, everything is fine
  Naturally take into consideration the fact that if you were to (for some reason) remove a "network-object" statement from some "object-group" then the operation of the "nat" would change even if you entered the removed "network-object" back. (unless you removed the last "network-object" inside the "object-group") This is because the order of the "network-object" inside the "object-group" would change. You would essentially have to recreate the "object-group" and "nat" configuration.
  Hope this helps
  Please do remember to mark a reply as the correct answer if it answered your question.
  Feel free to ask more if needed
  - Jouni

• Help With split tunneling and multiple subnets behind asa

  Hello All,
  our vpn clients can no longer access internet while connected to vpn.
  I was hoping I could get an answer on here for an issue we are having. let me explain this with as little words as possible.
  here was old network layout:
  ASA
  192.168.1.1   ---->  the rest of the internal subnet (was only subnet in network)
  now
  ASA                              3560
  192.168.254.1/24 ----->192.168.254.2/24-->192.168.1.1/24
                                                                 192.168.2.1/24
  so what we did was route from 3560 to asa  so we would be able to have multiple subnets since our asa has base license.
  Our vpn with easy connect worked with our split tunneling before and now we made the change above and it no longer works. Can someone help me out as to why it no longer works and what changed need to be made to make it work.
  Thank you.
  ciscoasa# sh run
  : Saved
  ASA Version 8.2(2)
  hostname ciscoasa
  enable password 1N7bTm05RXLnBcUc encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.254.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address x.x.x.x 255.255.255.248
  interface Ethernet0/0
  switchport access vlan 2
  ftp mode passive
  clock timezone est -5
  same-security-traffic permit intra-interface
  access-list NoNat extended permit ip any 172.16.5.0 255.255.255.0
  access-list SplitTunnel standard permit 192.168.1.0 255.255.255.0
  access-list SplitTunnel standard permit 192.168.2.0 255.255.255.0
  access-list SplitTunnel standard permit 192.168.254.0 255.255.255.0
  pager lines 24
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  ip local pool VPNPool 172.16.5.1-172.16.5.254 mask 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list NoNat
  nat (inside) 1 0.0.0.0 0.0.0.0
  route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
  route inside 192.168.1.0 255.255.255.0 192.168.254.2 1
  route inside 192.168.2.0 255.255.255.0 192.168.254.2 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 192.168.1.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set TransformSet1 esp-3des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map DynamicMap1 1 set transform-set TransformSet1
  crypto map MainMap 999 ipsec-isakmp dynamic DynamicMap1
  crypto map MainMap interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet 0.0.0.0 0.0.0.0 inside
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ntp server 64.90.182.55 source outside
  webvpn
  enable outside
  svc image disk0:/anyconnect-dart-win-2.5.0217-k9.pkg 1
  svc enable
  tunnel-group-list enable
  group-policy RenotreUsers internal
  group-policy RemoteUsers internal
  group-policy RemoteUsers attributes
  vpn-tunnel-protocol svc webvpn
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value SplitTunnel
  tunnel-group RemoteUsers type remote-access
  tunnel-group RemoteUsers general-attributes
  address-pool VPNPool
  default-group-policy RemoteUsers
  tunnel-group RemoteUsers webvpn-attributes
  group-alias Southeast-Security-VPN enable
  tunnel-group RemoteUsers ipsec-attributes
  pre-shared-key *****

  I think it could be your NAT statement. You should try an avoid using any unless you tunnel everything. Try making this change
  no access-list NoNat extended permit ip any 172.16.5.0 255.255.255.0
  object-group network INTERNAL_NETWORKS
  description Internal Networks
  network-object 192.168.1.0 255.255.255.0
  network-object 192.168.2.0 255.255.255.0
  network-object 192.168.254.0 255.255.255.0
  access-list NoNat extended permit ip object-group INTERNAL_NETWORKS 172.16.5.0 255.255.255.0
  You may have to re-add your NAT0
  nat (inside) 0 access-list NoNat

• Material sourced from multiple plants

  Hi all
  I have a Plant A which sources material from Plant B, Plant C, and Plant D. We use STOs to transfer material from Plant B,C,D to Plant A. If I use a Special procurement key then I can only define one of the source plants. What is the solution for this?
  Will Quota arrangement work?
  thanks a lot

  John,
  Special procurement key is mainly useful for planning.  It does not prevent you from sourcing from another plant, it only sets that one plant will be defaulted as a source.
  So, you can set up STOs from all three plants.  Set your SPK for the 'most likely' plant.  If a planner wishes to override the MRP created Purchase reqs, he can do so by manually entering a new source plant in the Purchase req.
  Now, if your intention is to have MRP automatically source from all three plants, according to some fixed ratio, then remove the SPK from the Material Master, and create Purchase Info Records for all three source plant vendors.  Then, enter these Purchase info records into a quota arrangement, according to the ratios you wish to procure by.
  Best Regards,
  DB49

• Sourcing from multiple supplier

  Hello Guru,
  We have one material that needs to be sourced from two suppliers. One in US and other is in Canada. Is there a way to order from these two different suppliers on a rotational basis? Is there a way to order from the US supplier every 3rd or 4th order and other times from Canada? If there is way, can you please give me the details steps to configure this. Can quota arrangement be used for this? Thanks so much.

  Hi
  Yes you can use quota arrangement for this.
  Quota Arrangement
  regards
  Eduardo

• Will iTunes Match work with songs purchased from multiple Apple IDs?

  My parents have an iTunes library with about 10,000 songs on it.  It's basically one big mesh of my family's purchases from over the years, using multiple Apple ID's and some of which I don't even recognize and/or remember.  It's become very problematic now that my mother wants me to get a lot of the music "out of the guts of the computer" so she can listen to them on her iPhone and iPad.
  I'm assuming iTunes Match is the solution, but I just want to be sure that the "match" part pertains not only to purchases from outside sources, but also purchases from other Apple ID's as well.  I won't have to do the whole "authorize this computer" stuff, right?  Like I said, some of the songs were purchased using old ID's that we don't have access to anymore.  Also, if I sign up my mom for an iTunes Match account, and she wants to play songs that I purchased using my own Apple ID, that's not going to change *my* account or authorizations in any way, is it?

  Hi Rubberbucket,
  The music information for iTunes Match is obtained from the user's iTunes music library and does not depend on the Apple ID under which the music was purchased from the iTunes Store. See this article -
  Subscribe to iTunes Match - Apple Support
  Thanks for using Apple Support Communities.
  Best,
  Brett L 

• How to autopopulate a text field with unique data from multiple data sets

  Hi,
  I'm a laboratory manager in charge of a hospital project which will be using pdf forms to send and receive data from our end users across the city. I need help with the last part of our pdf form, specifically with a js that will do a bit of text-field autopopulation magic. This, unfortunately, is a beyond what I have taught myself about pdf js functionality.a
  The problem:
  I need to provide my end users with a text field containing a set of data [A, B, C, D, E, F ...] and the total items in this set [tot#]. The end user needs this information as part of the implementation of this particular laboratory machine.
  The particulars
  When the end user asks for an experiment to be run, we must specify some pieces of data to help them interpret the results. These are constructed as panels which contain discrete data elements.
  For example - One experiment may use two panels, Panel#1 and Panel #2. Panel #1 includes the items A, B, D, E, Panel #2 includes the items A, B, C, F, G.
  Thus, the panels may share some of the same items, but, I only want the unique members to be displayed in the text field. If I make a drop down box or checkboxes with the panels, I want to  be able to select the panels that we ran and (in this example) have the text field display only the unique items among all the panels that were used:
  textfield outpute = A, B, C, D, E, F, G - 7 total.
  Any assistance from the pdf community would be very much appreciated.
  Thanks!

  Thanks for that help.
  I should have made it more apparent that I'm very new to scripting and I'm
  not a programmer by trade. I have a few questions before modifying the code
  you kindly provided.
  1) Where should I embed this script? Within the 'selection change' area of
  my listbox?
  2) Can I replace the term 'arr' with the names of the various items in my
  listbox or should I put 'arr#' as the output value for each term?
  3) Will this script find and display the unique values when a user selects
  multiple items in my listbox?
  4) How does the script know where to output the unique members of the
  combined set?
  I appreciate your patience with me.
  ck

• Replication of a data source from multiple logical systems

  Hi experts,
  In our ERP wie run many different clients with correspondong logical systems. When I'm changing a data source in ERP, then I have to replicate this datasource for each single logical system.
  My question :
  Is there a way to replicate a data source for all logical systems belonging to an infos source at once ?
  We are on BW 3.5 SP19.
  Thanks in advance
  Joe

  just another attempt

• Help with NAT going from 5520 8.2 to new 5512 9.1

  I have a bunch is NAT rules I have to convert for ASA 5520 version 8.2(5) upgrading to ASA5512 version 9.1(1)
  I have taken a few lines of config and put them here. If someone can show me the before and after that would help me greatly. I will use that to convert all the others and also make documentation for me going forward. I have read some good papers on this but I need to make sure I get this right.
  Below are some of the many NAT configurations on the current ASA 5520 version 8.2(5) NAT configs I am looking to convert.
  Thanks,
  Mike
  global (external) 101 interface
  global (external) 1 172.20.1.1 netmask 255.0.0.0
  nat (internal) 0 access-list internal_nat0_outbound
  nat (internal) 101 access-list internal_nat_outbound
  nat (internal) 1 access-list internal_nat_outbound_1
  nat (internal) 101 0.0.0.0 0.0.0.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 10.10.11.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.2.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.10.0 255.255.255.0
  access-list internal_nat_outbound extended permit tcp host 10.10.0.150 range 3230 3243 any range 3230 3243
  access-list internal_nat_outbound extended permit udp host 10.10.0.150 range 3230 3285 any range 3230 3285
  access-list internal_nat_outbound_1 extended permit ip 10.10.0.0 255.255.0.0 172.30.52.112 255.255.255.240
  static (internal,external) tcp interface pptp 10.10.0.50 pptp netmask 255.255.255.255
  static (internal,external) udp interface 1723 10.10.0.50 1723 netmask 255.255.255.255
  static (internal,external) udp interface 1812 10.10.0.50 1812 netmask 255.255.255.255
  static (internal,external) udp interface 1813 10.10.0.50 1813 netmask 255.255.255.255
  static (internal,external) tcp interface www 10.10.0.100 www netmask 255.255.255.255
  static (internal,internal) 10.20.0.0 10.20.0.0 netmask 255.255.255.0
  static (internal,internal) 192.168.10.0 192.168.10.0 netmask 255.255.255.0
  static (internal,internal) 192.168.11.0 192.168.11.0 netmask 255.255.255.0
  static (internal,external) 172.20.1.2  access-list internal_nat_static
  static (internal,external) 172.20.1.3  access-list internal_nat_static_1
  access-list internal_nat_static extended permit ip host 10.10.0.48 172.30.52.112 255.255.255.240
  access-list internal_nat_static_1 extended permit ip host 10.10.0.49 172.30.52.112 255.255.255.240
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq ldap
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq smtp
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq imap4
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq pop3
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq https
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq www
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq pptp
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq h323
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 range 3230 3243
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq citrix-ica
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq 1723
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq 1812
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq 1813
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq radius
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq radius-acct
  access-list NATed_Ports extended permit udp any host 50.0.0.1 range 3230 3285
  access-list NATed_Ports extended permit gre any host 50.0.0.1
  access-list NATed_Ports extended permit ah any host 50.0.0.1
  access-list NATed_Ports extended deny tcp any any eq ftp-data
  access-list NATed_Ports extended deny tcp any any eq ftp
  access-list NATed_Ports extended deny tcp any any eq smtp
  access-list NATed_Ports extended deny tcp any any eq 3389
  access-group NATed_Ports in interface external

  Jouni,
  Thanks again for your help and I think I am getting this. Here is the NAT config in the order that it currently is in the ASA. I omitted the other config and only left in the NAT stuff. Please let me know if that changes anything?
  Also what should I correct or take out and why?
  Here is the NAT config....
  Outside interface is 50.0.0.1
  Inside interface is 10.10.0.1
  There are many site to site VPN connections - 192.168.X.X
  ____Config Omitted________
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 10.10.11.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 10.30.0.0 255.255.0.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 10.20.0.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 10.40.0.0 255.255.0.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.2.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.10.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.11.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.30.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.31.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.32.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.33.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.34.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.35.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.70.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.71.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.72.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.73.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.74.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.75.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.76.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.77.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.78.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.79.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.80.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.81.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.82.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.83.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.84.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.85.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.86.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.87.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.88.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.89.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.90.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.91.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.92.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.93.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.94.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.95.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.97.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.98.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.99.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.101.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.110.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.130.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.132.0 255.255.255.0
  access-list internal_nat0_outbound extended permit ip 10.10.0.0 255.255.0.0 192.168.134.0 255.255.255.0
  ______ Config Omitted ____________
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq ldap
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq smtp
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq imap4
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq pop3
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq https
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq www
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq pptp
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq h323
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 range 3230 3243
  access-list NATed_Ports extended permit tcp any host 50.0.0.1 eq citrix-ica
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq 1723
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq 1812
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq 1813
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq radius
  access-list NATed_Ports extended permit udp any host 50.0.0.1 eq radius-acct
  access-list NATed_Ports extended permit udp any host 50.0.0.1 range 3230 3285
  access-list NATed_Ports extended permit gre any host 50.0.0.1
  access-list NATed_Ports extended permit ah any host 50.0.0.1
  access-list NATed_Ports extended deny tcp any any eq ftp-data
  access-list NATed_Ports extended deny tcp any any eq ftp
  access-list NATed_Ports extended deny tcp any any eq smtp
  access-list NATed_Ports extended deny tcp any any eq 3389
  ______ Config Omitted ____________
  access-list internal_nat_outbound extended permit tcp host 10.10.0.150 range 3230 3243 any range 3230 3243
  access-list internal_nat_outbound extended permit udp host 10.10.0.150 range 3230 3285 any range 3230 3285
  ______ Config Omitted ____________
  access-list internal_nat_outbound_1 extended permit ip 10.10.0.0 255.255.0.0 172.30.52.112 255.255.255.240
  access-list internal_nat_static extended permit ip host 10.10.0.48 172.30.52.112 255.255.255.240
  access-list internal_nat_static_1 extended permit ip host 10.10.0.49 172.30.52.112 255.255.255.240
  ______ Config Omitted ____________
  global (external) 101 interface
  global (external) 1 172.20.1.1 netmask 255.0.0.0
  nat (internal) 0 access-list internal_nat0_outbound
  nat (internal) 101 access-list internal_nat_outbound
  nat (internal) 1 access-list internal_nat_outbound_1
  nat (internal) 101 0.0.0.0 0.0.0.0
  static (internal,external) tcp interface pptp 10.10.0.50 pptp netmask 255.255.255.255
  static (internal,external) udp interface 1723 10.10.0.50 1723 netmask 255.255.255.255
  static (internal,external) udp interface 1812 10.10.0.50 1812 netmask 255.255.255.255
  static (internal,external) udp interface 1813 10.10.0.50 1813 netmask 255.255.255.255
  static (internal,external) tcp interface www 10.10.0.100 www netmask 255.255.255.255
  static (internal,external) tcp interface imap4 10.10.0.100 imap4 netmask 255.255.255.255
  static (internal,external) tcp interface ldap 10.10.0.100 ldap netmask 255.255.255.255
  static (internal,external) tcp interface pop3 10.10.0.100 pop3 netmask 255.255.255.255
  static (internal,external) tcp interface https 10.10.0.100 https netmask 255.255.255.255
  static (internal,external) tcp interface smtp 10.10.0.48 smtp netmask 255.255.255.255
  static (internal,external) tcp interface h323 10.10.0.150 h323 netmask 255.255.255.255
  static (internal,external) tcp interface ftp 10.10.2.64 ftp netmask 255.255.255.255
  static (internal,external) tcp interface ftp-data 10.10.2.64 ftp-data netmask 255.255.255.255
  static (internal,internal) 10.20.0.0 10.20.0.0 netmask 255.255.255.0
  static (internal,internal) 10.30.0.0 10.30.0.0 netmask 255.255.0.0
  static (internal,internal) 10.40.0.0 10.40.0.0 netmask 255.255.0.0
  static (internal,internal) 192.168.10.0 192.168.10.0 netmask 255.255.255.0
  static (internal,internal) 192.168.11.0 192.168.11.0 netmask 255.255.255.0
  static (internal,internal) 192.168.30.0 192.168.30.0 netmask 255.255.255.0
  static (internal,internal) 192.168.31.0 192.168.31.0 netmask 255.255.255.0
  static (internal,internal) 192.168.32.0 192.168.32.0 netmask 255.255.255.0
  static (internal,internal) 192.168.33.0 192.168.33.0 netmask 255.255.255.0
  static (internal,internal) 192.168.34.0 192.168.34.0 netmask 255.255.255.0
  static (internal,internal) 192.168.35.0 192.168.35.0 netmask 255.255.255.0
  static (internal,internal) 192.168.110.0 192.168.110.0 netmask 255.255.255.0
  static (internal,internal) 192.168.130.0 192.168.130.0 netmask 255.255.255.0
  static (internal,internal) 192.168.132.0 192.168.132.0 netmask 255.255.255.0
  static (internal,internal) 192.168.134.0 192.168.134.0 netmask 255.255.255.0
  static (internal,external) 172.20.1.2  access-list internal_nat_static
  static (internal,external) 172.20.1.3  access-list internal_nat_static_1
  access-group NATed_Ports in interface external
  access-group internal_access_in in interface internal
  ______ Config Omitted ____________

• How to creat  Data source from Multiple Tables in   SAP  BI ?

  Hi Experts,
  1. For Finance & Payments MIS   tables are u2013   BSEG, BSIS,BSAS,PYAR ,BKPF
  2. For Inventory tables are           :           MSEG MKPF.
  3. For Invoices MIS   tables are  -          RBKP & RSEG.
  4. For Taxation MIS  tables  are u2013           J_1IEXCHDR, J_1IEXCDTL, J_1IPART2, J_1IPART1
  5. For Master data  tables  are   -    :         MARA, MAKT, LFA1, J_1IMTCHID
  How to creat   individual  Datasource  for   1.Finance & Payemnt Mis , 2. Inventory, 3. Invoices,  4. Taxation , 5. Mater data. ?

  Hi,
  Go for the generic data sources.
  1. first create the view on all the tables.
          You can only use join conditions but not Union.
          you can specify one table as primary table based on your requirement.
  2. build the data source based on the view.
  Regards,
  Siva
  Edited by: sivaramakrishna on Feb 2, 2012 3:54 PM

• RV320: Need to use as gateway for multiple subnets

  We just purchased an RV320 as a replacement/upgrade to an RV042. Our Internet connection was upgraded to 200Mbps and the RV042 wouldn't handle that throughput.
  Our internal network has 4 subnets, all connected via a layer 3 switch. The RV320 is connected to one of those subnets and is the default gateway for the entire network.
  The RV042 had a "multiple subnets" setting that allowed it to perform NAT for the directly connected subnet and the other 3 subnets in our network. We would just add the other networks to the list in the RV042 and everything was fine.
  The RV320 doesn't seem to have the same functionality (or am I missing something?). It looks like there is some sort of multiple subnet support, but when we try to add another subnet the interface seems to be asking us to define a single IP address in that subnet (an IP address for the router?) as if all subnets will be directly attached to the router using VLANs (which is not the case in our network).
  We can set up the "advanced routing" option to define the other 3 internal subnets and how to route to them, etc. but will the RV320 perform NAT for the other subnets without any adidtional configuration?
  Can anyone shed any light on this?
  Many thanks!

  Precept,
  My name is Ismael, iam with Small Business Support Center. I like to start by asking is there a  particular reason that the switch is handling Layer 3/or DHCP? Normally when an RV042 is implemented you would need a Layer 3 switch as the RV042 only supports one DHCP scope.In addition all The RV0XX series does not support 802.1q VLAN.
  With RV320 you can setup multiple subnets under advance routing and still allow for it to pass DHCP for all of your 4 subnets and create 801.2q Vlan subinterfaces . Setting RV320 in this manner can create an ease in managing the network.
  If you are considering the RV320 to do Layer 3 / DHCP simply create your 4 Vlans or subnets. Add them to the DHCP scope and enable DHCP server for all subnets. Switch would have to be configured to Layer 2 for this to work.  The link below is a knowledge portal that could assist in creating DHCP and Vlans. Hope this helps you.
  http://sbkb.cisco.com/

• Create from multiple files - some pages repeat or disappear

  Hello from Colorado. I am using Acrobat 6.0 Pro and have experienced some strange behavior when I try to create from multiple files. I created my basic one-page form and then completed 8 pages of answers, saving each page as an individual file (form_p1, form_p2, etc). When I tried to assemble all of the pages with the create from multiple files, I got two page one and my page two disappears -- all the other pages (3 thru 8) processed normally. I have tried saving my files with different names and then combining -- but with the same results. I have also tried to combine pages 2 thru 8 first and then add page 1 at the end -- in this case my page one disappeared and I got another page 2! I have checked all of the document properties and I cannot see anything amiss. I have used create from multiple files before without incident, but this time I'm stuck. Thanks for any help or suggestions.

  Did the forms contain fields with the same name?

• Zip'ing files from multiple folders to the same zip file

  Could somebody recommend a method to create a zip file with file contents from multiple folders? Or is there an application I can drag and drop a bunch of files to zip em?

  First highlight all of the folders or files. If they're not right next to each other, or on the same drives, hold down the Command key while clicking to choose the next without losing previous choices.
  Once they're all highlighted, right click on any highlighted item and choose "Compress xxx Items".

• Can I call an object with synchronized methods from an EJB

  I have a need for multiple threads (e.g. Message Driven Beans) to access a shared object, lets say a singleton, I'm aware of the "you can't have a singleton in the EJB world" issues) for read/write operations, so the operations will need to be synchronised.
  I've seen various statements such as you can't use read/write static fields in EJBs and you can't use synchronisation primitives in EJBs but I've also seen statements that say its okay to access utility classes such as Vector (which has synchronised methods) from an EJB.
  Does anyone know if there is a definitive answer on this? What are the implications of accessing a shared object with synchronised methods from multiple EJBs? Is it just that the EJB's thread may block which limits the ability of the container to manage the EJBs? In the Vector example above (from Professional Java Server Programming) did they mean its okay to use these utility classes provided they aren't shared across threads?
  If I can't use a plain old Java Object does anyone know if there are other potential solutions for sharing objects across EJBs?
  In my problem, I have an operation that I want to run in a multi-threaded way. Each thread will add information to the shared object, and this info may be used by the other threads. There's no lengthy blocking as such other than the fact that only one thread can be adding/reading information from the shared object at a time.
  I've trawled through this forum looking for similar questions of which there seem to be many, but there doesn't seem to be any definitive answers (sorry if there was and I missed it).
  Thanks
  Martin

  You can share objects among EJB's or among objects used by one or more EJB's. You can use synchronization primitives - nothing will prevent you from doing that.
  After all, the container classes, JVM-provides classes, JDBC, JCA, JNDI and other such classes do all of this with impunity. You can too. You can use file and socket I/O as well, presuming you configure the security profile to allow it. Should you? Well it depends on what you need to accomplish and if there is another practical alternative.
  Yes the specification warns you not to, but you cannot be responsible for the interior hidden implementation of classes provided to you by the JVM or third parties so you can never truly know if your are breaking these written rules.
  But when you do these things, you are taking over some part of the role of the container. For short running methods that only block while another thread is using the method or code block and no I/O or use of other potentially blocking operations are contained in the method/block, you will be fine. If you don't watch out and create deadlocks, you will harm the container and its managed thread pool.
  You should not define EJB methods as synchronized.
  Also, if you share objects between EJB's, you need to realize that the container is free to isolate pools of your EJB in separate classloaders or JVM's. It's behavior can be influenced by your packaging choices (use of .ear, multiple separate .jar's, etc.) and the configuration of the server esp. use of clustering. This will cause duplicate sets of shared classes - so singletons will not necessarily be singleton across the entire server/cluster, but no single EJB instance will see more than one of them. You design needs to be tolerant of that fact in order to work correctly.
  This isn't the definitive answer you asked for - I'll leave that to the language/spec lawyers out there. But in my experience I have run across a number of occasions where I had to go outside of the written rules and ave yet to be burned for it.
  Chuck

• Bursting Web Templates with Multple Sources

  I'm currently tring to burst a reporting using the Broadcast in our BI 7.0 Enviroment - I ran into an issues when trying to use the busting option when my template contained sources from Multiple Cubes.
  Has anyone been successful bursting using multiple Cubes in on report?
  DS_1 = Cube1
  DS_2 = Cube2

  Hi,
  Did u check CUBE OPTIONS under the FILE menu of your transformer.May be !