Slow SFTP throughput when passed through ASA 55xx

Similar Messages

• Tracing a route passing through ASA

  Hi Everyone,
  Need help on tracing a route IP 192.168.27.0  that is passing through ASA
  i did sh route on ASA
  S    192.168.27.0 255.255.255.0 [1/0] via 192.168.101.14, Xnet
  so this means that this ASA is learning this route statically through int Xnet  right ?
  when i do sh int on ASA  it shows Xnet as interface.
  what should be my next step?
  also i am able to ping this IP from ASA  but whne i do sh arp it does not show this IP 192.168.27.251 and mac address
  Thanks
  Mahesh
  Message was edited by: mahesh parmar

  So I presume you have ASA5550 or you have bought addiotional 4 GigabitEthernet module.
  When you look at the ASA from the side where the physical ports are
  The usual ports (without the module) should be in the Right side
  The modules ports should be on the Left side
  The module should contain 8 ports
  4 Ports are for SFP slots (usually for fiber connections)
  4 Ports are for basic Ethernet connectivity
  The configuration should have some line "media-type" which defines which type is used "rj45" of "sfp"
  rj45 for Ethernet
  sfp for SFP module
  So GigabitEthernet 1/2 port should be to my understanding either the Third Ethernet or Third SFP port of the module depending on the above port configuration mentioned (media-type rj45/sfp)
  The ports GigabitEthernet0/0 - x are the ports that are in every ASA, Ports GigabitEthernet1/0 - x are the expansion modules ports
  Hope this helps. Hopefully I remembered that right.
  - Jouni

• AAA Authentication for Traffic Passing through ASA

  I am setting up AAA authentication for traffic that will pass through my ASA. I am having difficulty enabling 'aaa authentication secure-http-client'. Without secure communications enabled access functions as expected. When I enable access, I get prompted for a username/password. The username/password is entered. Authentication passes (show uauth). The requested page (http://www.cisco.com) switches to https://x.x.x.x (a resolved IP address for the site). Eventually (5 seconds), I am asked to accept or deny a certificated. Interestingly, the certificate is for the ASA and not the requested site (http://www.cisco.com).
  Am I missing something?
  firewall# show run aaa
  aaa authentication http console TACACS+ LOCAL
  aaa authentication telnet console TACACS+ LOCAL
  aaa authentication serial console TACACS+ LOCAL
  aaa authentication ssh console TACACS+ LOCAL
  aaa authentication enable console TACACS+ LOCAL
  aaa authentication match guestnetwork_access guestnetwork RADIUS
  aaa authentication secure-http-client
  firewall# show access-li guestnetwork_access
  access-list guestnetwork_access; 2 elements
  access-list guestnetwork_access line 1 extended deny udp 10.255.255.0 255.255.255.0 any eq domain (hitcnt=33)
  access-list guestnetwork_access line 2 extended permit ip 10.255.255.0 255.255.255.0 any (hitcnt=412)
  firewall# show run aaa-s
  aaa-server RADIUS protocol radius
  aaa-server RADIUS (inside) host 192.168.250.14
  key xxxxx
  firewall# show run http
  http server enable

  your definition for the aaa-server is different to the aaa authentication server-group
  try
  aaa authentication http console RADIUS LOCAL
  aaa authentication telnet console RADIUS LOCAL

• Format command runs slow on Windows2012 when run through service

  We have a windows service which performs some tasks. One of such task is format the given volume(volume name is passed from remote machine). We observed that till Windows2008 format was running properly. on Windows2012 same format starts correctly but runs
  very slow. One special case if if the format is quick it runs fast (same speed as windows2008).
  Another observation is when we start format as process though we set the priority high after start the priority of the process goes to normal
  Any reason why format runs slow?
  Any help/comments are welcome

  here is some code 
  We do not use bat file but use process.
  Here is some part of code for this
  ProcessStartInfo FormatInfo = new ProcessStartInfo();
                  FormatInfo.CreateNoWindow = true;
                  FormatInfo.UseShellExecute = false;
   FormatInfo.RedirectStandardOutput = true;
                  FormatInfo.RedirectStandardInput = true;
                  FormatInfo.FileName = "cmd.exe";                
                  Process format_process = new Process();
                  format_process.StartInfo = FormatInfo;
                  if (true != format_process.Start())
                      int errCode = Marshal.GetLastWin32Error();
                      String ErrMsg = "Cannot start formatting. Error code = " + errCode.ToString();
                      Logger.LogDebug(ErrMsg);
                  String FormatCmdLine = "Format ";
                  FormatCmdLine += m_driveletter + ":";
                  if(quick_format)
                      FormatCmdLine += " " + Constants.QUICK_FORMAT_SWITCH + " ";

• Problem connecting Apple TV2 to projector when passing through Sony Sound Bar

  I'm having problems getting my Apple TV2 to work now that I'm passing it through my new Sony HT-CT150 Sound Bar to my Epson Megaplex Projector MG-850 (720p) Projector. I keep getting a "Not Supported" error on my projector - as opposed to a "No Signal" error which is what happens if I was to unplug the Apple TV.
  My HDMI cables are all new and latest specs. I can connect the Apple TV directly to projector with either cable and it works fine. I have a 6 ft HDMI connecting the Apple TV to one of the Sony Sound Bar's 3 HDMI inputs and then a 40 ft. HDMI running from the sound bar's HDMI out to the projector's single HDMI input. Oddly, if I reverse the cables, it seems to work. Same two cables - just switching which one is connected to the Apple TV and which is connected to the projector. (I need the length to get to where my projector is positioned. Though I might be able to get by with a 30 ft. cable if length might be the issue.)
  Anyway I think it must have something to do with the HDMI handshake or the lenth of the cables but don't know enough about it and have no idea why switching which cable comes first would fix the problem.

  Ok,  I will ask the question in another way... My apple tv has one hdmi, and it goes to my hd projecter.. But projecter has no speakers, and as a result I've no sound at the moment. I am looking for a clear direction to go in, to solve lack the of any sound.. My only option seems to be, using the optical out from the apple tv.. I don't have  any equipment with this conecter. And I've never used optical before..   If i buy an, optical to twin phono converter and then I can plug into a large powered speaker I've got in my living room. And I will have big sound easily..?? Do I have any other reasonable options for optical enabled speakers, or AirPlay speakers or something simple I'm not aware of that will give me sound easily.. I don't want a messy 5:1 system, my house is very tidy, and I want to keep it that way. .  Only having this optical out is frustrating, and I need to get my head round the options I have.   Anyone understand from experience how to use the optical apple tv out.  Also, not  using anything but apple tv, no dvds, or tv , just apple tv and my ipad.. Is very quiet in my home right now though.  Ric

• Garbled images when passed through faces servlet

  hello.
  I have pages whose image get completely garbled if they are displayed using the /faces/blaah.jsp path, but are not if displayed as /blaah.jsp
  whatever the browser and the method to display them, they are always destroyed when the servlet routes them.
  I googled here and there but found nothing about it.
  Is it a known problem?
  Thanks.

  Nope, never heard of such a problem. That's very strange.
  Are there any weird coincidences, such as the image name being the same as a faces page name. i.e. blaah.jsp and blaah.gif. And perhaps you are somehow routing the image through the faces servlet as well. i.e. /faces/blaah.gif instead of /blaah.gif.
  Beyond that... Some details on your JSF version and a code snippet of how you are displaying your image will help.
  CowKing

• File size changing when pass through after effects  (180Mb file goes in and comes out 33GB on export)

  im processing a video recorded of an  interview where the lighting was not very good on the interviewee
  im brightening up the light on the interviewees face
  the file was a 180Mb  H.264 file on import 
  when i export the file its coming out at 33GB in size.... im not sure why this is
  i have chosen the default setting "lossless" as the format for export
  i just want the file to export the same size and quality as it was when i imported it
  what options should i choose for this?    AE does not seem to tell me how big the end file will be and it takes 1 hour and half to process this 2 minute interview so it will take me an awfull long time to get to the bottom of this if i try by myself
  thanks

  It doesn't "increase" the file size. You're making a brand new file.
  What you put into After Effects has nothing to do with the resulting file. You can have an AE composition with no footage whatsoever and the resulting file will be much larger than 0!
  After Effects works internally with completely uncompressed pixel data, so no matter what you toss into it, it produces whatever you tell it to produce. As Mylenium points out, you made an uncompressed final file.
  Your original video file is VERY compressed. So, of COURSE uncompressed video is going to look massive by comparison.
  Read Mylenium's link to understand a bit more and go here to learn AE: Getting started with After Effects There are lots of "gotchas" like this that'll bit your butt if you skip this basic training stuff.

• Greek Data becomes Question Marks when passed through a Database Link

  Hi All,
  We have a 10gR2 sharing a Win32 Server with an MSSQL 2005.
  Data transfers between these are set up using an HS Database Link.
  All latin data is passing well, however we have some Greek in there and its transformed to question marks on the way.
  Measures attempted so far:
  1. I've set the NLS_CHARACTERSET of the 10g to AL32UTF8 . Entered non-Latin data manually to the 10g - works fine.
  2. I've edited the relevant init.ora file to include the following:
  HS_LANGUAGE = AMERICAN.AL32UTF8
  HS_NLS_NCHAR = AL32UTF8
  3. Restarted the DB and Listener.
  Still question marks
  Ideas?
  Thanks
  Tomer

  HSODBC was never certified with NVARCHAR data types. Have a look at the Generic Connectivity Administrator's Guide. It list all supported data types and nchar/nvarchar/ntext is not listed. You can select from those data types, but there is no guarantee the content of those datatypes will be fetched correctly. There are no conversation routines that properly convert unicode content.
  HSODBC has been desupported 15th of March. I strongly recommend you to use DG4ODBC 11.1.0.7. In addition in DG4ODBC the NVARCHAR/NCHAR functionality has improved a lot.
  DG4ODBC V11.1.0.7 needs to be installed into its own Oracle_Home and it can be used with older Oracle database releases like 10.2.0.4 right out of the box; or you have to apply a compatibility patch to your Oracle database releas 9.2.0.8, 10.1.0.5, 10.2.0.3
  Edited by: kgronau on Dec 10, 2008 8:42 PM
  One thing I forgot to mention is the advantage of using DG4ODBC is it maps the nvarchar to Oracle nvarchar and thus there is no codepage translation required.
  But please pay attention; use 11.1.0.7 not the base release 11.1.0.6 as on Windows based operating systems a high/low byte issue was fixed in 11.1.0.7 which is mandatory for NLS support.

• There is a dead area in the center of the display.  Display is normal on both sides.  Cursor will cross it but disappears when going through it.  Has anyone seen this?

  I have a dead area in the center of the display in the form of a vertical line about 1/2 inch wide.  The cursor disappears when passing through it but is visible on both sides.  Display is normal on both sides.  Anyone seen this before?

  Might want  to run the Apple Hardware Test just in case.
  Intel-based Macs: Using Apple Hardware Test

• Cisco ASA 5505 L2TP Pass through

  I am having trouble with L2TP pass through on an ASA 5505 device.
  L2TP server: OSX 10.6
  I can connect with any OSX system and it works fine straight away.
  When connecting with a windows computer I get a 789 error.  "Error 789: The L2TP connection attempt failed because the security layer encountere a processing error during the initial negotiations with the remote computer."
  I did not setup or configure the device to start with and apart from this issue its working fine so I am hessitant at trying to just mess around too much to try and find the problem.
  I am using the ASDM 6.4 to manage the device.
  Ports look to be forwarded correctly; 1701, 4500 & 500 UDP.
  Im just looking for other common issues?
  Rob

  Below is the commands you wanted.
  Where you see: IPNOTWHATIWASEXPECTING
  This is an IP I dont know. possible and old IP address.
  and
  default-domain value domain-notcorrect.local
  This is an old domain from years ago.
  Result of the command: "show run crypto"
  crypto ipsec transform-set aes-sha esp-aes esp-sha-hmac
  crypto ipsec transform-set aes-192-sha esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set aes-256-sha esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set 3des-sha esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set transform-amzn esp-aes esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map map-dynamic 1 set pfs group5
  crypto dynamic-map map-dynamic 1 set transform-set aes-256-sha aes-192-sha aes-sha 3des-sha
  crypto dynamic-map map-dynamic 2 set pfs
  crypto dynamic-map map-dynamic 2 set transform-set aes-256-sha aes-192-sha aes-sha 3des-sha
  crypto dynamic-map map-dynamic 3 set pfs
  crypto dynamic-map map-dynamic 3 set transform-set aes-256-sha aes-192-sha aes-sha 3des-sha
  crypto dynamic-map map-dynamic 4 set transform-set aes-256-sha aes-192-sha aes-sha 3des-sha
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set peer IPNOTWHATIWASEXPECTING3
  crypto map outside_map 1 set transform-set ESP-DES-SHA
  crypto map outside_map 2 match address acl-amzn
  crypto map outside_map 2 set pfs
  crypto map outside_map 2 set peer IPNOTWHATIWASEXPECTING IPNOTWHATIWASEXPECTING
  crypto map outside_map 2 set transform-set transform-amzn
  crypto map outside_map 255 ipsec-isakmp dynamic map-dynamic
  crypto map outside_map interface outside
  crypto isakmp identity address
  crypto isakmp enable outside
  crypto isakmp policy 1
  authentication pre-share
  encryption aes-256
  hash sha
  group 5
  lifetime 86400
  crypto isakmp policy 2
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 3
  authentication pre-share
  encryption aes-256
  hash sha
  group 1
  lifetime 86400
  crypto isakmp policy 11
  authentication pre-share
  encryption aes-192
  hash sha
  group 5
  lifetime 86400
  crypto isakmp policy 12
  authentication pre-share
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 13
  authentication pre-share
  encryption aes-192
  hash sha
  group 1
  lifetime 86400
  crypto isakmp policy 21
  authentication pre-share
  encryption aes
  hash sha
  group 5
  lifetime 86400
  crypto isakmp policy 22
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 23
  authentication pre-share
  encryption aes
  hash sha
  group 1
  lifetime 86400
  crypto isakmp policy 31
  authentication pre-share
  encryption 3des
  hash sha
  group 5
  lifetime 86400
  crypto isakmp policy 32
  authentication rsa-sig
  encryption des
  hash sha
  group 1
  lifetime 86400
  crypto isakmp policy 33
  authentication pre-share
  encryption 3des
  hash sha
  group 1
  lifetime 86400
  crypto isakmp policy 34
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  Result of the command: "show run group-policy"
  group-policy evertest internal
  group-policy evertest attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 720
  vpn-tunnel-protocol IPSec l2tp-ipsec
  pfs enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpnsplittunnel
  default-domain value domain-notcorrect.local
  group-policy petero internal
  group-policy petero attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 720
  pfs enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpnsplittunnel
  default-domain value domain-notcorrect.local
  group-policy awsfilter internal
  group-policy awsfilter attributes
  vpn-filter value amzn-filter
  group-policy vpnpptp internal
  group-policy vpnpptp attributes
  dns-server value 10.100.25.252
  vpn-tunnel-protocol l2tp-ipsec
  group-policy vanheelm internal
  group-policy vanheelm attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 720
  vpn-tunnel-protocol IPSec l2tp-ipsec
  pfs enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpnsplittunnel
  default-domain value domain-notcorrect.local
  group-policy ciscoVPNuser internal
  group-policy ciscoVPNuser attributes
  dns-server value 10.100.25.10
  vpn-idle-timeout 720
  pfs enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpnsplittunnel
  default-domain value domain-notcorrect.local
  group-policy chauhanv2 internal
  group-policy chauhanv2 attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 720
  pfs enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpnsplittunnel
  default-domain value domain-notcorrect.local
  group-policy oterop internal
  group-policy oterop attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 720
  vpn-tunnel-protocol IPSec l2tp-ipsec
  pfs enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpnsplittunnel
  default-domain value domain-notcorrect.local
  group-policy Oterop internal
  group-policy Oterop attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 30
  group-policy chauhanv internal
  group-policy chauhanv attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 30
  vpn-tunnel-protocol IPSec l2tp-ipsec
  group-policy bnixon2 internal
  group-policy bnixon2 attributes
  dns-server value 10.100.25.252
  vpn-idle-timeout 720
  vpn-tunnel-protocol IPSec l2tp-ipsec
  pfs enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value vpnsplittunnel
  default-domain value domain-notcorrect.local
  Result of the command: "show run tunnel-group"
  tunnel-group ciscoVPNuser type remote-access
  tunnel-group ciscoVPNuser general-attributes
  address-pool vpnippool
  default-group-policy ciscoVPNuser
  tunnel-group ciscoVPNuser ipsec-attributes
  pre-shared-key *****
  tunnel-group petero type remote-access
  tunnel-group petero general-attributes
  address-pool vpnippool
  default-group-policy petero
  tunnel-group petero ipsec-attributes
  pre-shared-key *****
  tunnel-group oterop type remote-access
  tunnel-group oterop general-attributes
  address-pool vpnippool
  default-group-policy oterop
  tunnel-group oterop ipsec-attributes
  pre-shared-key *****
  tunnel-group vanheelm type remote-access
  tunnel-group vanheelm general-attributes
  address-pool vpnippool
  default-group-policy vanheelm
  tunnel-group vanheelm ipsec-attributes
  pre-shared-key *****
  tunnel-group chauhanv type remote-access
  tunnel-group chauhanv general-attributes
  default-group-policy chauhanv
  tunnel-group Oterop type remote-access
  tunnel-group Oterop general-attributes
  default-group-policy Oterop
  tunnel-group chauhanv2 type remote-access
  tunnel-group chauhanv2 general-attributes
  address-pool vpnippool
  default-group-policy chauhanv2
  tunnel-group chauhanv2 ipsec-attributes
  pre-shared-key *****
  tunnel-group bnixon2 type remote-access
  tunnel-group bnixon2 general-attributes
  address-pool vpnippool
  default-group-policy bnixon2
  tunnel-group bnixon2 ipsec-attributes
  pre-shared-key *****
  tunnel-group vpnpptp type remote-access
  tunnel-group vpnpptp general-attributes
  address-pool vpnippool
  default-group-policy vpnpptp
  tunnel-group IPNOTWHATIWASEXPECTING4 type ipsec-l2l
  tunnel-group IPNOTWHATIWASEXPECTING4 ipsec-attributes
  pre-shared-key *****
  tunnel-group evertest type remote-access
  tunnel-group evertest general-attributes
  address-pool vpnippool
  default-group-policy evertest
  tunnel-group evertest ipsec-attributes
  pre-shared-key *****
  tunnel-group evertest ppp-attributes
  authentication ms-chap-v2
  tunnel-group IPNOTWHATIWASEXPECTING3 type ipsec-l2l
  tunnel-group IPNOTWHATIWASEXPECTING3 ipsec-attributes
  pre-shared-key *****
  tunnel-group IPNOTWHATIWASEXPECTING2 type ipsec-l2l
  tunnel-group IPNOTWHATIWASEXPECTING2 general-attributes
  default-group-policy awsfilter
  tunnel-group IPNOTWHATIWASEXPECTING2 ipsec-attributes
  pre-shared-key *****
  isakmp keepalive threshold 10 retry 3
  tunnel-group IPNOTWHATIWASEXPECTING type ipsec-l2l
  tunnel-group IPNOTWHATIWASEXPECTING general-attributes
  default-group-policy awsfilter
  tunnel-group IPNOTWHATIWASEXPECTING ipsec-attributes
  pre-shared-key *****
  isakmp keepalive threshold 10 retry 3
  Result of the command: "show vpn-sessiondb detail remote filter protocol L2TPOverIPsec"
  INFO: There are presently no active sessions of the type specified
  Result of the command: "show vpn-sessiondb detail remote filter protocol L2TPOverIPsecOverNAT"
  INFO: There are presently no active sessions of the type specified

• Internet slow on SSID passing through anchor

  Hai,
  I have a wireless network with following structure.
  2 WLCs for corporate
  2 WLCs for Guest which is on DMZ zone.
  EOIP is configured between CORP WLC to guest WLC and everything is working fine.
  We have 1  corporate SSID for Inside users and trusted users.
  1 for  Guest users, customers  and untrusted users which is passing through EOIP tunnel.
  Now we ave noticed that internet speed is very slow for guest users. But from corporate its very fast and both of them are using the same internet connection.
  I have done the following test.
  Connected my PC to DMZ switch and tested the internet speed from guest vlan .It was very fast .But when it is on wireless, speeds is very slow.
  Do we need to do something on the WLC config for solve this issue?
  Thanks
  Sreelal

  Hi Fredrick, thanks for your response. We've configured tcp-adjust-mss at 1363 byte value and our performance problem
  don't exist anymore.
  Preventing Fragmentation
  Unfortunately, there is no method to prevent LWAPP fragmentation in the controller or access points until code version 6.0 with the CAPWAP protocol.
  To avoid fragmentation of client packets enable TCP Maximum Segment Size (MSS) control on the controller and lightweight access points in code versions 6.0 and later.
  This feature allows connected CAPWAP access points to re-write client TCP SYN packets with the configured maximum segment size to optimize large data transfers and prevent fragmentation when CAPWAP encapsulated. The valid range is from 536 to 1363 bytes, and it is recommended to use a 1363 byte value.
  Configure it from the CLI using this command:
  config ap tcp-adjust-mss { enable | disable } { all | ap-name } tcp_mss_value

• IPSec Pass Through on ASA

  I have a third party firewall behind a Cisco ASA. The Cisco ASA is doing PAT as there are no other IP addresses available. The third party firewall is attempting to build an IPSec tunnel to another firewall. The IPSec tunnel is not coming up. When I do a capture on the Cisco ASA firewall I see traffic hit the inside interface and leave the outside interface. I then see the reply traffic return and hit the outside interface of my Cisco ASA but it is not being allowed to pass through to the inside interface.I have enabled NAT-T on the thrid party firewall but it still does not get the reply traffic becuase it gets stopped at the Cisco ASA.
  Any thoughts?

  Is your third party FW attached directly to your ASA? If not, do you have a route to that device on your ASA?
  Please perform a packet-tracer to see why the return traffic is not reaching the third party FW..
  packet-tracer input outside udp 500 500 detail
  If the packet-tracer shows traffic going through successfully, perhaps it is your third party FW that is blocking the traffic?
  Please reply with packet-tracer results.
  Kind Regards,
  Kevin
  **Please remember to rate helpful posts as well as mark the question as 'answered' once your issue is resolved. This will help others to find your solution faster.

• X240 - is there audio pass-through when using a miniDP to HDMI?

  I have an X240, which I love, but now that I've cut my cable cord and am going with Netflix and other on-line streaming options, I'd like to be able to view my streaming programs on my TV.  Can I use a cable or adapter to go from the miniDP (on the X240) to my HDMI (on my TV) and get audio as well as video?  I understand my laptop needs to have an "audio pass-through" for that to work --- I don't know what it is, but I'd like to know if this one's got it.  I bought the laptop online in Dec 2013, if that makes a difference.
  (Yes, I could stream Netflix from a gadget like Chromecast, but that will only get me Netflix Canada, whereas using a VPN on my computer I can get Netflix from other countries too.)

  refreshing this discussion!   I've tried a mini DP to HDMI dongle with an HDMI-HDMI cable to the TV - and I get video but no audio.  My computer recognizes the TV as present as as audio playback device, but no audio is transmitted through TV or computer. when it's plugged in.  Of course I still get audio from the computer's speakers when it's not plugged in

• Page 404 Error when passing Session values through URL

  The current application I'm working on is a 'Targeted Email Communications' application. Bascially, employees at the school at which I'm employed can go in and select services to recieve outage notification emails on.
  The problem I'm discussing in this post has to do with our so called 'Notification Summary Screen.' This screen is basically a report region which displays all outage notifications issued by this application. In the left-most column of this report, I have an edit button that when clicked, redirects the user to the 'Create / Update / Send Screen' with the primary key values passed through the URL. When this happens, all other page items query their values based on the NOTIF_ID passed in through the URL. All of this works fine.
  The problem is, on the Notification Summary Screen, I also have a button labeled 'Create a new notification.' This button redirects the user to the same page as before, except now all of the values are NULL because this outage notification has not yet been created. The problem is, when I try and do this - I get a page 404 not found error. I'm pretty sure it's because my application is getting confused because earlier all of the values were passed in through a URL. For the 'Create New' button, I clear the page cache for this page - and it still does nothing. I am at a loss for what to do here because I keep getting the error.
  Here's the code for the URL button found in the report query in the 'Notification Summary Screen' :
  ('<a href='
            || 'f?p=&APP_ID.:2:&SESSION.::&DEBUG.::'
            || 'P2_NOTIF_ID,P2_NOTIF_SEQ,P2_INFO_TYPE:'
            || a.notif_id ||','|| b.notif_seq || ',' || 'Update'
            || '>'
            || '<img src="#APP_IMAGES#EditButton.gif" />'
            || '</a>') as "edit",** NOTE, I took out the double quotes after href and before the closing right karat brackets because for some reason the code in the URL wouldn't display...weird.... **
  The NOTIF_ID value is the primary key identifier for each outage notification. Additionally, the NOTIF_SEQ value is the sequence number for each (because each notification could have multiple updates). The INFO_TYPE value just references whether this is 'Initial', 'Updated', or 'Closing' information.
  Any suggestions would be much appreciated.
  Eric
  Edited by: user11685190 on Nov 6, 2009 1:12 PM
  Edited by: user11685190 on Nov 6, 2009 1:13 PM
  Edited by: user11685190 on Nov 6, 2009 1:14 PM

  Hey you guys,
  Thanks for your responses. I actually just started working for this academic institution, and have to finish a probationary period before I have access to their VPN (5 Months). Therefore, I cannot access my workspace, nor will they allow me to export my application because it's considered their intellectual property. I believe it may be the &DEBUG portion of it.
  Though I cannot state the exact URL the error states, I can tell you that if I go into application builder to the page in question and try and run it before the page that links to it, I get the error. However, when I use the link everything works fine. When I use the 'Create New' button to link to the page with no values passed, I get the error again. I work again on Monday and will have more information then.
  Thanks again!
  Eric

• "Pass through" greyed out when sharing

  I'm working with mpeg4 clips in imovie. When I try to "share" I use the "expert" settings and choose the same format to export: mpeg 4, but I take a big quality hit, even with the highest settings.
  Since the files are already mpeg4, I then try to select "pass through." But it's almost always greyed out. If I share and select "selected clips only" then "pass through" is often available to select. What would make "pass through" grey out?

  just a guess....
  iM doesn't handle the mpeg4 as mpegs (that's no editable format/codec), but converts it automatically into Apple Intermediate Codec...
  so, I guess, selecting "un-edited" clips makes an export possible, any processed clips (added title, transistion etc) makes another conversion needed and therefore a share impossible...
  but that is just a guess ...-
  besides: you shouldn't use mpegs for editing... in technical terms possible, but not really recommended.... use a really camcorder, use mini-dv, use dv-codec, that's what iM is meant for......