Show IPSec users connected
Id like to be able to show the users connected to my IPSec L2TP vpn (openswan and xl2tpd) - Ive been searching and searching but finding nothing.
If possible I'd like to be able to show username - remote ip of user, local vpn ip assigned, time connected and data transferred. Im not interested in monitoring what they are doing, just the basics.
Can anybody point me in the right direction please? Id like to be able to put this into a php web manager I'll build at a later date so I have a visual of whats going on.
Many thanks in advance for your help.
Cheers
Andy
Can anyone help please?
Ive found this command " netstat -i | grep "ppp" | wc -l " However all this does is simply show the number or connected users as a simple numerical digit.
Cheers
Andy
Similar Messages
-
Red-5 how to show live users connected
Hi,
I am working on an Flex application with red-5. It is based live broadcast, the flow is:
1. user connects to red5 and starts broadcasting
2. viewers also connect to same location on red5 and receive live broadcast.
I have to show how many people are attending the live broadcast. I am using remoteSharedObject thanks in advance for any help.
ThanksThe GUI design/function of Lync is so flawed I prefer not to argue the point.
But to the previous comments, why would Microsoft NOT have an option to a 'compact view'; to see more contacts at a time -- is it because it doesn't fit in with your 'touch' interface? And just how many corporations/companies are using a touch interface
with all their workstations? Why remove features from an application in a so-called upgrade? Is it so hard to understand that desktop real estate is valuable and that's why most companies have two monitors for workstations? Pretty isn't productive, and sometimes
productive can't be pretty...
I recently had to update from Microsoft Communcator for work and at this point, I think I could've vomited a better GUI than Microsoft has 'planned out'.
It's hard not to be sarcastic on this one, but good job on the roll out and execution of Lync Microsoft; good job. Way to look out for the users...
Next time I need a 'train wreck' execution of an upgrade, I will keep you guys in mind.
You'd been a heck of a lot better just replacing Lync with Skype...
Isn't that why you buy ccompanies like Skype for $8bn dollars?
Later,
Larry
www.LEHSYS.com -
PDC showing no users connected
Trying to set up a PDC here, but I've run into a couple of brickwalls.
We've got 1 OD master and one OD rep. We are running a PDC on the master and a BDC on the rep. Both PDC and BDC are configured the same.
No guest access
unlimited clients
authentication NTLMv2 & Kerb/NTLMv1
Registered with WINS server (our primary DNS server)
enabled virtual homes
I am able to join the domain created by my PDC.
I am able to log into the domain, but in the Server Admin Connections view for the PDC, I see no connections. Occassionally, my user will show up upon initial login or logout, but user disappears from the Connections view after about a minute. When the user does show up, the time connected is always 00:00.
I have also found that there are periods of time that the WinXP host I'm testing off of can't see the domain and I can't authenticate in. Sometimes if I wait 5-10 minutes I can get back in, but sometimes I have to restart the PDC. There's nothing particular in the logs that tell me the PDC is down.
Any ideas as to what's up?A little more strangeness...
I have two users that I have no problems logging into the domain with. All other users get an error that the domain is not available.
I look in /var/log/samba/log.smbd and I can see the two users who login, but what I don't see are any entries for those users who get the domain is not available error. -
Good morning everybody,
I am writing on behalf of not being able to implement a desired outcome in our company network. In fact the situation is as follows:
What I want to do is to be able to authenticate users (802.1x authentication) in our company radius server and authorize them access by having a dynamic VLAN assignment in a multi-user environment on one and the same port of a Cisco 2960 switch. So far, the authentication and authorization has been working completely smoothly (there are no problems with itself). The concept involves the configuration of both DATA and VOICE VLANs as I there is also phone authentication implemented. In order to simulate this environment I introduce a Dumb switch connected to my Cisco 2960 Catalyst.
What I have successfully managed to get to work so far is this:
1) On one switch port I have tried the “authentication host-mode multi-domain” and it worked perfectly for a PC behind a telephone, or with one PC connected to a the dumb switch + the telephone connected to another port of the dumb switch. Logically it is the same situation as there is a separation in two domains – DATA and VOICE. Bellow is an output from show authentication sessions for this scenario.
Interface MAC Address Method Domain Status Session ID
Fa0/23 0021.9b62.b79b dot1x DATA Authz Success C0A8FF69000000F3008E (user1)
Fa0/23 0015.655c.b912 dot1x VOICE Authz Success C0A8FF69000000F9009F (phone)
2) On the other hand, when I try the same scenario with the “authentication host-mode multi-auth”, the switch still separates the traffic in two domains and is able to authenticate all users, AS LONG AS they are in the same VLAN.
show authentication sessions:
Interface MAC Address Method Domain Status Session ID
Fa0/23 0021.9b62.b79b dot1x DATA Authz Success C0A8FF69000000F3008E (user1)
Fa0/23 b888.e3eb.ebac dot1x DATA Authz Success C0A8FF69000000F8008C (user2)
Fa0/23 0015.655c.b912 dot1x VOICE Authz Success C0A8FF69000000F9009F (phone)
However, I cannot succeed authentication of many users from DIFFERENT VLANs, neither in multi-auth nor in multi-domain modes.
What I want to get is an output like this:
Interface MAC Address Method Domain Status Session ID
Fa0/23 0021.9b62.b79b dot1x DATA Authz Success C0A8FF69000000F3008E (user1)
Fa0/23 b888.e3eb.ebac dot1x DATA Authz Success C0A8FF69000000F8008C (user2)
Fa0/23 0015.655c.b912 dot1x VOICE Authz Success C0A8FF69000000F9009F (phone)
I want the switch to authenticate the users anytime they connect to itself and for them to have an instant access to the network. (I tell this because I tried scenario 1) with multi-domain mode and authentication violation replace, and it worked but, two users never had access to the “Internet” simultaneously!!!
The configuration of the interface connected to the Dumb switch is as follows.
interface FastEthernet0/x
description Connection to DUMBswitch
switchport mode access
switchport voice vlan XXX
switchport port-security maximum 10
switchport port-security
switchport port-security violation protect
authentication host-mode multi-auth
authentication priority dot1x
authentication port-control auto
authentication timer reauthenticate 4000
authentication violation replace
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
The way I see it is explained in the following steps:
- PC1 connects to the Dumb switch. This causes the Cisco switch to authenticate user1. This creates an auth. session with its MAC address linked to a domain DATA.
- When PC2 connects to the Dumb switch, this causes the violation replace which replaces the recent authenticated MAC address with the MAC of PC2. I would like it once authenticated to appear in the authentication sessions with a link to a new DATA domain linked to the VLAN assigned from the RADIUS server.
Is this possible? I think (in theory) this is the only way to provide authenticated access to multiple users connecting through Dumb switch to the network.
Has anybody ever succeeded in such a configuration example and if yes, I would be love to get some help in doing so?
Thank you
Stoimen HristovHi Stoimen,
I have done a setup similar to yours with the only exception being VLAN assignment. When I used dACLs only, it makes things somewhat easier as the VLAN no longer matters. Remember that the switchport is in access mode and will only allow a single VLAN across it (with the exception of the voice VLAN). I think that is the real cause of your problem.
From what I can see, you have 2 options available to you:
1) Use dACLs instead of VLAN assignment. This means that an access list will be downloaded from the radius server straight to the authenticated user's session. I have tested this and it works perfectly. Just Google Cisco IBNS quick reference guide and look for the section that deals with Low Impact mode.
2) Get rid of the dumb switches and use managed switches throughout your network. Dumb switches will always be a point of weakness in your network because they have no intelligence to do advanced security features like port security, 802.1x, DHCP snooping, etc.
Hopefully someone else will chime in with another option.
Xavier -
Setting a user connection timeout in E-Business suite 11i
Hello
I want to be able to disconnect user from the system after a certain amount of idle time to save system resources. Unfortunately, the options offered by oracle support and documentation aren't good enough. One option is to use IICX:Session Timeout profile which shows a message when the connection times out, but that doesn't really free system resources as it keeps the user session.
Another option is to use FORMS60_TIMEOUT and apache heartbeat variables to disconnect the session after certain idle time.
A third option is to use database profiles to limit sessions idle time.
The problem is that the two last options causes the system to show the user "raw" error messages (usually FRM-92100 error) that says that the session has been reset. Then the users are confused and call support, saying something is wrong with the system.
Is there another, better way to do it ? A fourth option ?
If not, is there a way I can capture the FRM-92100 error and present the user a more informative message ?
Thanks
GuyIn addition to ICX: Session Timeout, you must also setup session.timeout in zone.properties (or s_sesstimeout in the $CONTEXT_FILE) in milliseconds to exactly match the ICX: Session Timeout in minutes or the sessions termination does not work.
Forms session timeout
If you require a more informative error message, you will need to capture the error message and massage it in CUSTOM.pll. -
See users/connections, who ar authenticated and sending huge amount of spam
I have delay in SMTP server. SMTP server has user authentication, so it means - if someone is sendig mail to outside of my domain, he must be authenticated.
I have turned on logging on all channels i have one main tcp_local channel, but the logging shows only information about message - from-to, reason. But does not show information about real source.
1) how can I see, "who" is sending huge amount of mail?
2) How can I drop connection, diallow this user for time or manage this user connections?
At this moment queue says:
qm.maint> summarize
Queued Queued
Channel Messages = Active + Delayed Size (Mb)
ims-ms 0 0 0 0.0
process 0 0 0 0.0
reprocess 0 0 0 0.0
tcp_auth 0 0 0 0.0
tcp_intranet 0 0 0 0.0
tcp_local 1461 1461 0 3.5
tcp_submit 0 0 0 0.0
Totals 1461 1461 0 3.5
and main TOP TO domains are:
Count Destination domain
====== ======================================================================
59 hse.ie
38 teagasc.ie
28 oireachtas.ie
22 entemp.ie
18 home.com
17 wexfordcoco.ie
14 ireland.com>
As always, please provide the exact version of Messaging Server you are running (./imsimta version).
I have delay in SMTP server.What do you mean by this statement? What "delay"?
SMTP server has user authentication, so it means - if someone is sendig mail to outside of my domain, he must be authenticated.
I have turned on logging on all channels i have one main tcp_local channel, but the logging shows only information about message - from-to, reason. But does not show information about real source.There is a whole guide about how to get additional logging information here:
http://docs.sun.com/app/docs/doc/819-4428/bgbex?a=view
e.g. enable LOG_USERNAME to see the user that authenticated, and LOG_CONNECTION to see additional IP connection information.
1) how can I see, "who" is sending huge amount of mail?
2) How can I drop connection, diallow this user for time or manage this user connections? You could change the users password to stop them authenticating, or set their mailuserstatus: attribute to disabled and so forth.
Regards,
Shane. -
Limited number of 5 concurrent VPN (ipsec/l2tp) connections to OSX Server
We've configured OS X 10.6 Server on XServe to accept VPN connections either via PPTP or via IPSEC/L2TP using a PreSharedKey.
When multiple clients try to connect using IPSec/L2TP, we experience problems as soon as 5 users are connected. No additional ipsec/l2tp connections can be created until one of the 5 existing connections is terminated, but then a new connection can start immediately.
Sniffing with tcpdump, the following can be seen on the server side:
09:24:45.349541 IP clientIP.isakmp > serverIP.isakmp: isakmp: phase 1 I ident
09:24:45.354978 IP serverIP.isakmp > clientIP.isakmp: isakmp: phase 1 R ident
09:24:45.358233 IP clientIP.isakmp > serverIP.isakmp: isakmp: phase 1 I ident[E]
09:24:45.365359 IP serverIP.isakmp > clientIP.isakmp: isakmp: phase 1 R ident[E]
09:24:45.367222 IP clientIP.isakmp > serverIP.isakmp: isakmp: phase 2/others I oakley-quick[E]
09:24:47.365936 IP clientIP.isakmp > serverIP.isakmp: isakmp: phase 2/others I oakley-quick[E]
09:24:50.365799 IP clientIP.isakmp > serverIP.isakmp: isakmp: phase 2/others I oakley-quick[E]
The last lines are repeated several times, until the connection attempt times out.
When using PPTP connections, we don't experience these problems, and in addition PPTP connections can even be created when 5 ipsec/l2tp connections are already established.
Does anyone know if there is some kind of limitation for the number of concurrent ipsec/l2tp connections built into OS X server? So far, we have not seen anything like this in the docs.Ok, IMAP server almost universally allow multiple connections. Thunderbird as you would have observed uses 5 if they are available. As Airmail suggested, iphones just use more and more until they exhaust the available connections. There is no set maximum option.
However there are other things that can consume connections and some may surprise you.
Anti spam tools such as mail washer
Anti virus programs in their anti spam or anti phishing roles
Web mail.
The wife sharing the same account on her laptop.
That is from the top of my head. So could any of those apply. -
Is there a system table or V$ view that will show a user's last logon date?
Is there a system table or V$ view that will show a user's last logon date?
I'm using Oracle 9.2.0.7sqlplus
SQL*Plus: Release 11.2.0.1.0 Production on Tue Aug 31 12:44:42 2010
Copyright (c) 1982, 2009, Oracle. All rights reserved.
Enter user-name: / as sysdba
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> desc user$
Name Null? Type
USER# NOT NULL NUMBER
NAME NOT NULL VARCHAR2(30)
TYPE# NOT NULL NUMBER
PASSWORD VARCHAR2(30)
DATATS# NOT NULL NUMBER
TEMPTS# NOT NULL NUMBER
CTIME NOT NULL DATE
PTIME DATE
EXPTIME DATE
LTIME DATE
RESOURCE$ NOT NULL NUMBER
AUDIT$ VARCHAR2(38)
DEFROLE NOT NULL NUMBER
DEFGRP# NUMBER
DEFGRP_SEQ# NUMBER
ASTATUS NOT NULL NUMBER
LCOUNT NOT NULL NUMBER
DEFSCHCLASS VARCHAR2(30)
EXT_USERNAME VARCHAR2(4000)
SPARE1 NUMBER
SPARE2 NUMBER
SPARE3 NUMBER
SPARE4 VARCHAR2(1000)
SPARE5 VARCHAR2(1000)
SPARE6 DATE -
File sharing reports too many users connected
SPECS: Mac Mini Core 2 Duo 2 GHz, 2G RAM, Mac OS X 10.6.4. Other users in office also running similar hardware and Mac OS X 10.6.4.
CLARIFICATION: This Mini is used as a file server in a small law office (4 other workstations). It is running Mac OS X Client, not Server. I refer to the machine as "the server" but wanted to be clear the operating system is the same on all stations.
HISTORY & CONFIG: This system was setup in November 2009. It provides simple file sharing storage for a 4-user law office and runs Retrospect (version 8.1.626) to do some local and network backup operations. At the time it was setup, it was also running Now Up-to-Date Server but that program is no longer supported, and it has been removed from the computer (May 31, 2010). In late March 2010, I installed Daylite Server as a replacement for Now Up-to-Date. All stations are running Mac OS X 10.6.4, and have always been at the most recent Mac OS X 10.6.x revision within a few days of the release of a major update.
PROBLEM: Occasionally, clients cannot connect to the server (and I don't have the exact error message -- next time it happens, someone is supposed to get a screenshot). When this happens, if you go to the server and open the file sharing control panel, then click "options", you will see an impossible number of people are connected. The first time this happened was on April 28, 2010, when it reported 41 users were connected. Mac OS X Client has an upper limit of 10 simultaneous user connections, so you can see this number is not possible. Additionally, these are "phantom" logins because you can execute this command in Terminal to see the IP addresses of any connected users:
netstat -n | grep '.548'
And when I do this, unless there was someone who had logged in prior to the "phantom explosion", it never shows any connections. On two occasions, I've actually been in the office late one night to do maintenance, checked the server before I left and found 0 connected users, then got a call in the morning that the first person who attempted to connect was blocked and the server showed 10 or more users connected.
I do not believe this is some kind of security breach. The server is not Internet-accessible, and as is shown by the netstat command, there really isn't anyone logged in anyway. I consulted with Marketcircle (makers of Daylite) because it seemed very coincidental that I installed their software just prior to the beginning of this problem, but they claim Daylite does not make any use of the Mac file sharing system. But, again, since these aren't real users, I suppose it's possible a bug in their software is somehow upping the Mac's connected user count erroneously?
Restarting the server always fixes the problem -- until it happens again. This Mac Mini is a pretty simple station -- just runs Daylite Server and Retrospect Single Server, plus the basic file sharing. Anyone have any ideas why this keeps happening?I would say odds are likely this is correct. On at least two occasions I can think of where I verified everything was okay and later discovered a "phantom explosion", a Retrospect backup would have run. Our backups typically run at 3 AM. Is this a known issue with Retrospect? If so... not sure why it doesn't happen all the time. And in my own office I have a pretty similar setup on an entirely different computer that multiple people connect to, and it never does this. Color me confused.
-
Hi, I have tried to use FaceTime using both my Mac and iPhone, it showed it was connecting, but can't not be connected, and it will just show call failed. could you please look into it? thanks
There is an issue with facetime at the moment http://www.idownloadblog.com/2014/04/17/facetime-connectivity-issues-reaching-ma ny-ios-users/
-
A question about tracing users' connections
Dear all,
I would like to know, whether there is a report in SAP
providing information about users connection. What we
are looking for in terms of information is:
1) How many times each user connected to the system?
(for example how many times during each day or each week)
2) How long each session lasted?
3) What standard transactions did each user execute during
each connection?
Is there any report providing such information?
Thanks in advance,
Kind Regards,
DariyooshHi Dariyoosh,
1) How many times each user connected to the system?
SM20 (Information security audit logs ) In USER Statistics and Terminal statistics , you can get enough information .
ST03N
In ST03N (Workload distirbution monitor ) you can find ,what is the workload of individual users and which actions users performed ?
2) How long each session lasted?
In tcode - SM20,you can find detaild activites about users in Users statistics field . Secondly For transcation details ,Please select Transactions statisitcs field .It
will provide you enough information
AL08 Shows you Tcodes using by user time ,external & internalsessions .Also with tcode SM04 You can find list of users .There is USER TAB on top left hand side
You can click on that and select " Techincal Information , you will get informatoin STATE , MODES ,MEMORY COnsumption etc .
3) What standard transactions did each user execute during
each connection?
Pleae use these tcodes :SM20, SM04(users overview) , AL08
Thanks in advance,
Kind Regards, -
Cannot view history of direct access users connecting to Forefront UAG
Hi, I'm trying to get a list of the users that have been connecting through UAG Direct Access for the past month. I've tried using the methods shown in the technet articles about monitoring of UAG Direct Access either using Powershell or the TMG event loggin
console, using this links:
http://technet.microsoft.com/en-us/library/gg313776.aspx
http://technet.microsoft.com/en-us/library/gg313783.aspx
Using the TMG event logging I see a lot of data from a few days back, even if the filter is set to 30 days, and the log is supposed to be up to 8GB in size before overwriting. The info that it shows is only about sessions to the portal trunk and not direct
access. I know this because on the UAGModuleID column there is no there are no "connected" or "managed" sessions, all are SessionMgr, UserMgr, Filter and RDG mainly.
Through powershell I tried running the following commands after importing the module according to the article:
Get-Directaccessusers -showhistory $true and no results are shown.
Get-Directaccessusers -showhistory $true -starttime "1/6/2015 8:00AM" and no results shown
Get-Directaccessusers -showhistory $true -starttime "1/6/2015" no results
Get-Directaccessusers -showhistory $true -starttime "1/2/2015 8:00AM" -Endtime "1/11/2015 8:00PM" no results
Get-Directaccessusers -showhistory $true -username user = no results.
Get-Directaccessusers -username user = no results
the only command that shows any data is just Get-Directaccessusers but that shows the current Direct Access users, no history.
I checked the Registry HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\e-Gap\von\MonitorMgr\sql-builtin-log registry key and it is on 1.
Any ideas on how can I get more history data on the direct access users connecting through UAG?
Please let me know.
Appreciated it.
Thank you!
Eduardo RojasRussel,
the problem has been solved now! The final thing missing was just a check in a checkbox.
Below a comprehensive explanation that may help others.
We basically did what you proposed:
We sent a ping from one of the DA-Clients to the TS-Farm members. Since we got replies, we knew that IPv6 communication generally is okay. The answer received was an IPv6. In this scenario we had not yet given any IPv6 to the farm-members! Thus we knew it must
be comming from the DA DNS-Proxy. There are a number of DA-GPOs and one of them is dictating the net portion of the IPv6 to be used in DA-communication, appended by a hex-translation of the target computers IPv4. Therefore the DA DNS-Proxy is taking the GPO-set
IPv6-value, adds the IPv4 in hex and sends it back as an ICMP echo.
With this in place and working correctly one can ping any domain host from any DA-Client. This is configured when initially setting up DA and is handled by the wizzard. Once DA is installed this should all be in place without extra user interaction.
We then took those IPv6 answeres and turned them into fixed IPv6es of the farm-members (each member its own IPv6). So far so good, but this is where it still did not work. Evaluation of the Connection Broker log showed that the redirect reply still included
only the IPv4 of the target farm-member. With that (after a short while) we realized that one has to set a
check in the Connection Brokers Settings, so that the IPv6 LAN-Connection will be used for redirects as well and not only the IPv4 LAN-connection..... How stupid is that? :-)
But as we all know - in dealing with server configuration - you should always "know before you go". But even though you may think you do, when finally arriving you know you didn't.... And that's what we call experinece.
Thanks to Russel for your interest and help.
Brgds Ralf -
Physical Interface not present in show ip route connected
Hi,
Thanks for reading my post.
I have a reccurent issue with a CISCO881-K9.
My WAN interface is regularly unsuable even if it's UP/UP. I can't even ping the interface from the router itself.
A reboot solves the issue. But now I have time and I'd like to get a proper understanding of what's going on.
The route doesn't appear in "show ip route connected".
Router#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset down down
FastEthernet2 unassigned YES unset down down
FastEthernet3 unassigned YES unset down down
FastEthernet4 X.Y.Z.82 YES NVRAM up up
Loopback0 10.31.129.5 YES NVRAM up up
NVI0 X.Y.Z.82 YES unset up up
Tunnel0 10.32.129.1 YES NVRAM up down
Vlan1 172.22.129.102 YES NVRAM up up
Router#ping X.Y.Z.82
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to X.Y.Z.82, timeout is 2 seconds:
Success rate is 0 percent (0/5)
Router#
Router#show ip route
Gateway of last resort is X.Y.Z.81 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via X.Y.Z.81
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
R 10.30.129.0/24 [120/1] via 172.22.129.101, 00:00:08, Vlan1
R 10.31.129.1/32 [120/1] via 172.22.129.101, 00:00:08, Vlan1
C 10.31.129.5/32 is directly connected, Loopback0
172.22.0.0/16 is variably subnetted, 3 subnets, 2 masks
S 172.22.128.0/24 [1/0] via 172.28.28.254
C 172.22.129.0/24 is directly connected, Vlan1
L 172.22.129.102/32 is directly connected, Vlan1
172.27.0.0/24 is subnetted, 1 subnets
S 172.27.0.0 [1/0] via 172.28.28.254
172.28.0.0/24 is subnetted, 1 subnets
R 172.28.28.0 [120/2] via 172.22.129.101, 00:00:08, Vlan1
172.30.0.0/24 is subnetted, 1 subnets
S 172.30.1.0 [1/0] via 172.28.28.254
172.31.0.0/24 is subnetted, 1 subnets
S 172.31.0.0 [1/0] via 172.28.28.254
S 192.0.0.0/16 [1/0] via 172.28.28.254
192.168.48.0/32 is subnetted, 1 subnets
S 192.168.48.247 [1/0] via 172.28.28.254
192.168.84.0/32 is subnetted, 1 subnets
S 192.168.84.247 [1/0] via 172.28.28.254
S 192.168.101.0/24 [1/0] via 172.28.28.254
R 192.168.104.0/24 [120/2] via 172.22.129.101, 00:00:08, Vlan1
Router#show ip route connected
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is X.Y.Z.81 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.31.129.5/32 is directly connected, Loopback0
172.22.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.22.129.0/24 is directly connected, Vlan1
L 172.22.129.102/32 is directly connected, Vlan1
interface FastEthernet4
description WAN
ip address X.Y.Z.82 255.255.255.252
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
ip tcp adjust-mss 1300
duplex full
speed 100
keepalive 3
crypto map MYSTREAM-MAP
hold-queue 224 in
end
Router#show interfaces fastEthernet 4
FastEthernet4 is up, line protocol is up
Hardware is PQII_PRO_UEC, address is 4403.a738.3c02 (bia 4403.a738.3c02)
Description: WAN
Internet address is X.Y.Z.82/30
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (3 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:06, output 00:00:35, output hang never
Last clearing of "show interface" counters never
Input queue: 0/224/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
26675 packets input, 1826301 bytes
Received 12230 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
44029 packets output, 8969818 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
3 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Could you help on this? Or lead me to Tshoot that problem.
By the way the interface 4 is connected to an ISP Modem (TWC in US).
Thanks,
WilliamHi,
Thanks for your answer. I've checked the release notes and there is no bug about that.
I think I must use the WAN interface which is fastethernet 4. I'm not able to change the patch cable for now.
What could be the cause?
show version
Cisco IOS Software, C880 Software (C880DATA-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 21-Mar-12 00:27 by prod_rel_team
ROM: System Bootstrap, Version 12.4(22r)YB5, RELEASE SOFTWARE (fc1)
Router uptime is 1 week, 3 hours, 6 minutes
System returned to ROM by reload at 08:12:54 UTC Fri Oct 3 2014
System restarted at 08:14:30 UTC Fri Oct 3 2014
System image file is "flash:c880data-universalk9-mz.151-4.M4.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
If you require further assistance please contact us by sending email to
[email protected]
Cisco 881 (MPC8300) processor (revision 1.0) with 236544K/25600K bytes of memory.
Processor board ID FGL1652265J
5 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
256K bytes of non-volatile configuration memory.
125440K bytes of ATA CompactFlash (Read/Write)
License Info:
License UDI:
Device# PID SN
*0 CISCO881-K9 FGL1652265J
License Information for 'c880-data'
License Level: advsecurity Type: Permanent
Next reboot license Level: advsecurity
Configuration register is 0x2102 -
Hi every one if i connect wired headset to my new iPad it is not showing a headphone connected symbol .is it by default not visible or something happen thanks in advance
When you have kernel panics, the pertinent information is in the panic report.
These instructions must be carried out as an administrator. If you have only one user account, you are the administrator.
Launch the Console application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad and start typing the name.
In the Console window, select
DIAGNOSTIC AND USAGE INFORMATION ▹ System Diagnostic Reports
(not Diagnostic and Usage Messages) from the log list on the left. If you don't see that list, select
View ▹ Show Log List
from the menu bar.
There is a disclosure triangle to the left of the list item. If the triangle is pointing to the right, click it so that it points down. You'll see a list of reports. A panic report has a name that begins with "Kernel" and ends in ".panic". Select the most recent one. The contents of the report will appear on the right. Use copy and paste to post the entire contents—the text, not a screenshot.
If you don't see any reports listed, but you know there was a panic, you may have chosen Diagnostic and Usage Messages from the log list. Choose DIAGNOSTIC AND USAGE INFORMATION instead.
In the interest of privacy, I suggest that, before posting, you edit out the “Anonymous UUID,” a long string of letters, numbers, and dashes in the header of the report, if it’s present (it may not be.)
Please don’t post other kinds of diagnostic report.
I know the report is long, maybe several hundred lines. Please post all of it anyway. -
I have a red x showing in the connection box of ePrint - HP 8600 AIO N911n. Why?
I have a red x showing in the connection box of ePrint - HP 8600 AIO N911n. Why?
Hi there, do you mean there is a red X on the printers front panel display?
If my reply helped you, feel free to click on the Kudos button (hover over the "thumbs up").
If my reply solved your problem please click on the Accepted Solution button so other Forum users may benefit from viewing the post.
I am an HP employee.
Maybe you are looking for
-
Adobe Bridge 4 vs Iphoto 09 using referenced libraries
I've always used iphoto with referenced libraries, usually with no problem with an external HD with my imac. The reason: I don't want to consume my HD with hundreds of photos and video files and large photoshop files. Here's what I would like to do.
-
Every time I open a a pdf file attachemnt or any pdf file and press print it wants to save the file
Every time I try to print a pdf file it goes to save I can't print adobe pdf files
-
In the space where you would add a widgit there is a warning so a new navigation bar cannot be added. I tried uninstalling and reinstalling but that did not help. When I pulishedd my website the navigation bar did not work. It only linked to one p
-
Corrupt songs will play in quicktime - but won't copy to HDD.
Hi All, Background/Symptoms: My macbook pro (2008 unibody) crashed a little while ago. It started being really sluggish, so I tried to install an update and during the update I got an error. I turned off the computer and it wouldn't boot past the app
-
Hi, I'm trying to fix the orientation of an UIImage in my app (iPad 2, iOS 7). I'm using the method described here: https://gist.github.com/alex-cellcity/1531596, but a huge memory spike appears when CGContextDrawImage is called. The image size I'm t