SA520W - IPv4 Firewall Rule not visible

Similar Messages

• SA 540 INBOUND FIREWALL RULES NOT WORKING

  Hi all,
  I am having trouble configuring the firewall for the SA 540.
  client 1 (160.222.46.154) ----- switch ------ sa 540 ------ cisco 887 W ------ client 2 (50.0.0.10).
  client 1 can ping client 2, however client 2 cannot ping client 1. The default outbound policy (allow all) is set on the sa 540, and I have tried configuring a blanket ipv4 rule on the sa 540 to allow 'all' to 'any' (for all services) related to traffic from the WAN to LAN, and visa versa. The output from the logs are as follows:
  Fri Jan 7 13:43:04 2000(GMT +1000) WARN FIREWALL 50.0.0.10 160.222.46.154 [firewall] LOG_PACKET[DROP] IN=WAN OUT=WAN SRC=50.0.0.10 DST=160.222.46.154 PROTO=ICMP TYPE=8 CODE=0
  Component: KERNEL
  Fri Jan 7 13:43:09 2000(GMT +1000) WARN FIREWALL 50.0.0.10 160.222.46.154 [firewall] LOG_PACKET[DROP] IN=WAN OUT=WAN SRC=50.0.0.10 DST=160.222.46.154 PROTO=ICMP TYPE=8 CODE=0
  Component: KERNEL
  Fri Jan 7 13:43:14 2000(GMT +1000) WARN FIREWALL 50.0.0.10 160.222.46.154 [firewall] LOG_PACKET[DROP] IN=WAN OUT=WAN SRC=50.0.0.10 DST=160.222.46.154 PROTO=UDP SPT=60737 DPT=53
  Component: KERNEL
  Basically any connection identified as coming in from the WAN (i.e. IN=WAN) is dropped. I set up a new vlan on the cisco 887 W, in the 160.222.46.x address space, and connected a spare port directly to the sa 540 and had no problem testing connectivity to any device via ping. Obviously the zone communication is LAN to LAN and firewall treats the traffice differently.
  I assumed that creating an all encompassing rule to allow all trafiic, for all services, between the LAN and WAN (in both directions) would be equivalent to placing the appliance in PASS THROUGH mode? There is no securtiy set on the 887 W or the switch.
  Also is anybody could explain what 'SELF' means in the conttext IN=SELF or OUT=SELF it would be much appreciated. Firmware is latest.
  Thank you.
  Regards
  Marc

  On closer analysis and with some help from Experts Exchange it did seem non sensical to have both the IN and OUT as the WAN interface, but I had literally exhausted every avenue possible bar 1- changing the routing mode to CLASSIC and configuring a static route (which was at a higher administrative level than my RIP advertised routes) and took preferece when forwarding the packets.
  Now the SA540 firewall rules work as I would expect and I can route between all zones. To summise it appears as if the Double NAT from the router (887W) and then the SA540 was the issue, and the innability to configure any workaround in the interface of the SA54O firewall rules.
  It really makes you appreciate the power of the command line and the full scope of CIsco's command line options. Does anybody know if (and how) it would be possible to configure Double NAT on the SA540?
  Regards
  Marc

• Business Rules not visible sometimes-via web and smartview

  We use EPM 11.1.2.
  we have a unique problem-Business rules (associated with forms)sometimes fail to appear either via web or smartview for our users.After logging out and back in,sometimes they appear again.
  If we explicitly 'disconnect all' from smartview, close Excel, and go back in again, then the rules are visible.
  It is becoming hard to tell when the users can or cannot see the business rules.
  All users have the right provisioning-interactive user.
  Has anybody seen this kind of behavior before?
  We had a similar issue a while back-with eas web versus eas desktop client. Oracle gave us a specific fix for the eas business rules problem.
  Edited by: 784749 on Sep 26, 2011 11:59 AM

  Thats the strange thing; We use (native) groups to provision. This works fine for the other 5 users.
  But even if I provision this one user for the Business Rules, they remain invisible to this user. (in Planning)
  I discovered this morning that this user can create a new BR, but when I try to open it in AAS console I get an error
  "Exception occured, Please check your log file for details."
  Unfortunately, the log doesn't provide any more details. (even if I set the level to Debug)

• Transported Alert rule not visible in RWB - Alert Configuration

  Hi ,
  I have Transported Alert rule Using Below mentioned blog ..
  Know How to Transport Only the Required Alert Rules !!!
  I have followed the following Procedure
  1. Go to Transaction SE16 Data browser.
  2. Give the table name as SXMSALERTRULES and hit F7. Then Execute (F8).
  3. Copy the ALERTHASHVAL field value of the entries that needs to be transported.
  4. Go to transaction SE10 and Create a Workbench Request.
  5. Select the Task under Workbench Request and Go to Menu Request/Task -> Change Type and select Development/Correction.
  6. Double click the task and go to edit mode.
  7. Enter Program ID: R3TR, Object: TABU, Objects Name: SXMSALERTRULES, press Enter and click on Functions.
  8. Paste the ALERTHASHVAL field value copied in Step-3 and Save.
  Now I can see the transported entries in SXMSALERTRULES table . But when I check RWB- Alert Configurations .. There is no new entry for  above transported rule ...
  Please tell me what is missing or where am i wrong ...

  Yes, My problem is Resolved ....
  Solution : -
  After Transport All Alert Rules, - >
  I created  Manual entry for any one of the alert rule from Alert Configuration. ->
  Then automatically all other transported rule came into visible state ....
  So now i can see all my transported rule in Alert Config...
  I dont Know , How does it happaned .. But it worked for me ... All rules got visible to me only after creating a manual entry for amy one of the alert rule ...
  Hope it helps someone else ...
  Guys thanks for all your comments ...
  Regards
  PS

• Business Rules Not Visible in Planning.............

  Hi All,
  I have created business rules in Essbase & works well.But Those are not showed in planning App.Here , While i'm
  creating Business Rules ,able to access for essbase only , when click on planning to shows unable login planning.
  Plzzzzzzzz help out.......
  Thanks

  I am having the same problem with accessing business rules in version 9.3.1. I have been working with Oracle support for 5 months now trying to resolve this and they have not been able to help.
  This application has been up and running for over a year before this behavior occurred. Previously users were able to view and run business rules. It is only affecting non-native authenticated users. The admin user and natively authenticated users can run/edit & vaidate rules. In order to run business rules all users have to log in with the admin user ID (not a good solution).
  Any ideas, clues or new method of debugging this issue would be appreciated.
  Thanks
  John

• UWL - Substitution rule not visible to switch it off

  Hello,
  User A maintains substitution for user B. In ECC, the substitution is active in table HRUS_D2. But User A is unable to see the rule in "Manage substitution". As a result he is not able to switch off the substitution rule from portal.
  Thanks,
  Preeti.

  Dear Preeti Nair,
  are you able to solve the issue?
  I'm facing quite similat problem...
  thanks,

• Business Rules not visible in Hyperion Planning

  I created a group in Shared Services and added 6 (native) accounts.
  After that, I assigned Access Privileges to Business Rules in AAS for this group.
  When I open Planning Web and go to Tools - Business Rules, 5 of the 6 users can see the Business Rules,
  but one users only sees the CalcScripts.
  I think I tried everything; removed/added the account from the group, refreshing security, refresh in Planning-Desktop
  I'm using version 9.2.03
  Anyone knows whats going on here?

  Thats the strange thing; We use (native) groups to provision. This works fine for the other 5 users.
  But even if I provision this one user for the Business Rules, they remain invisible to this user. (in Planning)
  I discovered this morning that this user can create a new BR, but when I try to open it in AAS console I get an error
  "Exception occured, Please check your log file for details."
  Unfortunately, the log doesn't provide any more details. (even if I set the level to Debug)

• Columns based on first/last aggregation rule not visible in Answers

  Hi guru!
  I don't understand my mistake!
  1. "summ" column in fact table
  2. Time dimension with TOTAL-YEAR-QUARTER-MONTH-DAY levels
  3. set up for "summ" column last aggregation
  4. and set checkbox (based on dimension): for Time dimension LAST, for others SUM
  but in Answers this "summ" column is NULL.
  why?

  Is it possible that the last selected value of the Time dimension has no data? For example, if you're displaying all possible days of 2008, and you haven't loaded Dec-31-2008 data yet, the "last" value selected (i.e. Dec-31-2008) would not yet have been loaded with data, so the LAST aggregation function would return a NULL.
  Thought: Try the query using a filter on the Time dimension to select a time period that is already completely loaded with data, and let us know what happens there.

• h:datatable rules not visible in ie 6

  Hello,
  I am displaying a table and want to have a line in between each rows
  <h:dataTable id="tabwiw" value="#{managerBean.rsWIW}" var="wiw" rows="#{managerBean.nbWIW}" rules="rows" width="100%" rendered="#{managerBean.renderWIW}" border="0">
  But this doesn't work in ie 6 (and works perfectly in Firefox, Mozilla and Netscape).
  Thank you for your time
  Best regards
  Neil.

  Thats the strange thing; We use (native) groups to provision. This works fine for the other 5 users.
  But even if I provision this one user for the Business Rules, they remain invisible to this user. (in Planning)
  I discovered this morning that this user can create a new BR, but when I try to open it in AAS console I get an error
  "Exception occured, Please check your log file for details."
  Unfortunately, the log doesn't provide any more details. (even if I set the level to Debug)

• SA 520 Firewall rules not applying

  I've set up 3 schuldes for
  1) 04.00 - 08.00 PM
  2) 10.00 - 11.59 PM
  3) 12.00 - 10.00 AM
  Locked the mac address on the client computer to an leased IP number.
  Then I set up 3 rules to block from LAN to WAN for this local IP 192.168.75.70 at the Scheduled times. But it dosen't apply.
  The firmware is 2.1.71
  I can see the client get the right IP address.

  I did try to reset it, but It did'nt do the trick. Still full connection, where it should be blocked.
  Enabled                       LAN           WAN           ANY                       BLOCK by schedule                       192.168.75.70           Any                                                         Always

• In Business Rule child elements of Unbounded element are not visible.

  Hi All,
  Jdev version 11.1.1.7.0
  I am facing one issue in Business Rule...
  Scenario: I am creating Approval Service (BPEL) with Human Work flow and Bunises Rule.
  I am assingning participant in HW by using Rule based(Connecting HW and BR).
  Problem here is:
  Shema has "unbounded" element.
  <element name="ExpenseItem" maxOccurs="unbounded">
       <complexType>
        <sequence>
         <element name="ItemID" type="string"/>
         <element name="ItemName" type="string"/>
         <element name="ItemPrpjectID" type="string"/>
         <element name="ItemStatus" type="string"/>
        </sequence>
       </complexType>
      </element>
  Whenever I create Busines rules to configure rules.
  While configuring rules child elements of  ExpenseItem are not visible. But those are neccesary to configure rules.
  If you can help to me resolve would help.
  Is it a bedault behaviour of BR? If so how can i acheive this?
  Thanks,
  Santosh

  Solution found:
  Click on RuleSet which you have created.
  Expand Rule inside it.
  Enable Advanced mode and Tree mode and click OK.
  Select Root as Task and click on insert pattren and create pattren which is based on unbounded element (here its meant as fact)
  Once you create pattren , will be able access elements under unbounded element for Business rule configuration.

• Substitution variable is not visible at Data Prep editor-creating rule file

  Hi,
  We are working on Essbase 9.3.1, Oracle as a database source for loading the data into Essbase.
  We have create a substitution variable at "server level" to use it in rule file as a DSN for data source. But this substitution variable is not visible in the drop down of substitution variable in 'Data prep editor' while creating the rule file.
  We restarted the Essbase server also but still it is not visible in 'data prep editor'.
  Any help will appreciated on this issue.
  Thanks & Regards,
  Mohit Jain

  Cameron-
  1) yes I've tried it on 2 different clients
  2) yes I've tried it on the server
  3) I haven't tried that, but don't normally use MaxL for anything
  4) I took a 'broken' rule, saved it locally, closed and reopened and it still didn't work
  5) I normally do files on the server, but I can't even get to that point because when I get the 'Open Data File' nothing happens, no dialog box pops up, so I don't get the chance to select the location
  6) This is a production server and EAS is running as a service, so I'd have to test this one afterhours.
  Because it happens on 3 separate PC's I'd eliminate bad EAS, since only some rules do it and others don't I'd think it could be corrupt rules, but it'll happen to new rules just as fast, and they still work just fine, so if that's the case I need to figure out what is corrupting them...
  Network issues wouldn't surprise me, I get TCP/IP errors regularly saying I have to increase my net retry count, but I've tweaked with those settings tons... looks like those are really the database server is running out of memory even though I have 4GB physical 16MB Virtual memory (32 bit environment though... I do have the /3GB switch turned on)... I've had to scale my caches way back to allow certain databases to even function.
  Thanks for your help.
  Edited by: Norton5150 on May 28, 2009 2:12 PM

• OTL Custom Formula not visible in Time Entry Rule window

  Hi Friends,
  I have created a custom Fast Formula of type 'OTL Time Entry Rules'. Created a context with segments for the OTL Formulas Flex Field with formula name same as of the context. But the formula is not visible in the in the time entry rule window.
  Can any one please suggest what is the reason for this?
  Many many thanks in advance.

  Hi,
  Check whether you have given the description for your custom Fast formula while defining the FF in the Write Formula screen.
  Coz, In the Time Entry rules window you will see the description of the fast formula .
  Though the description iss not a mandatory field while defining the FF in the Write Formula screen the time entry rule will take only the description of the FF instead of the FF Name.
  Get beack to me if you need further info.
  Thanks,
  Anuradha

• WSUS Firewall rules do not use names nor groupnames

  Hi everyone,
  Today I've been playing around with PowerShell Workflows and the firewall cmdlets on my test environment. (Great stuff, Thanks
  Scripting Guys)
  After working out a little workflow I noticed that the firewall rules that were made by the WSUS feature installation had no Name nor DisplayGroup, only the DisplayName.
  My test environment is made up from tree Server 2012 R2 servers with a domain.
  The script I made :
  workflow Get-AllFirewalls
  Parallel{
  InlineScript{
  Get-NetFirewallRule -Enabled True -Action Allow |?{
  $_.Profile -match "Any|Domain"
  } | select Name,DisplayName,direction,DisplayGroup,
  @{n='Port';e={($_|Get-NetFirewallPortFilter).LocalPort}},
  @{n='Protocol';e={($_|Get-NetFirewallPortFilter).Protocol}},
  @{n='Program';e={($_|Get-NetFirewallApplicationFilter).Program}}
  $output = Get-AllFirewalls -PSComputerName (Get-ADComputer -Filter 'OperatingSystem -like "Windows Server*"').name
  $output |Sort-Object DisplayGroup |Format-Table PSComputerName,Name,DisplayName,Direction,Port,Protocol,Program -GroupBy DisplayGroup -AutoSize
  Now this is just for testing and I could get around the fact there are no proper names but I think it's sloppy not to fill the naming attributes.
  Am I the only one with these results or is it just WSUS?

  There are only two rules created, one for HTTP on port 8530 one for HTTPS on port 8531, and the latter isn't even used in most WSUS installations.
  There is no Group Name, because this is not a GROUP of rules, it is two individual rules. One is always enabled; the second is optionally enabled WHEN the WSUS Server is configured to use SSL, and it's enabled by an administrative script provided in the
  WSUS toolset.
  Ergo, a server administrator never has to mess with these two rules at all, so, no, I think it's insignificant that these rules may be missing a couple of generally irrelevant attributes.
  Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
  SolarWinds Head Geek
  Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
  My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
  http://www.solarwinds.com/gotmicrosoft
  The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

• SA520 Firewall Rule cannot block HTTP

  Hi All,
  We are currently encountering a firewall rule problem. The following are the steps we
  have done so far:
  Default Outbound Policy: Allow Always
  IPV4 Rules - Delete all firewall rules we have created and made a single firewall rule to block
                              outbound HTTP for a single IP Address
                   - Delete all firewall rules we have created and made a single firewall rule to block
                              outbound HTTP for a range of IP Address
                   - Tried making "Block by schedule" Action on port HTTP on a single and a
                               range of IP Addresses
                   - We have tried blocking HTTPS / POP3 / SMTP / IMAP and was successfully
                               blocked but not on HTTP
  Services - Created a Custom Service blocking Port 1-65535 but still workstation can still access the internet.
  MAC Filtering - Checked MAC address filtering and Policy for MAC Addresses listed below is set to
                                Block and Permit the Rest and added the MAC address of  the workstation we want to block
                                still the workstation can access the internet.
  IP/MAC Binding - We have also binded the MAC Address and IP Address
  Content Filtering - Only content filtering works - blocked URL
  We have also tried doing all the IPV4 Rules with the Default Outbound Policy: Block Always and all
  the firewall rules action set to allow only those services that needs to be permitted.
  Still blocked workstations can still access the internet.
  Firmware Version: 1.1.42
  Thanks
  Karl

  Hi Karl,
  This looks like a bug in build 1.1.42. Please upgrade your
  image to the latest build 2.1.18 which fixes the problem.
  Let me know if the upgrade helps.
  Regards,
  Wei