Smart Update through Proxy / Firewall
I've tried to run smart update on a server which cannot access Internet because
it is located on an Intranet environment. However, since it cannot resolve DNS
outside the LAN is it possible to run smart update through PROXYES ?
Contact Adobe Support for help with this one.
Similar Messages
-
I am trying to update the LMS, but I am getting error through proxy server. I can do normal browsing through proxy without any problem. May I know the protocol and site that auto-update trying to access like https or ftp and cisco.com.
Thanks and Regards,
Ahmed Shahzad.I can access the http://www.cisco.com or http://cco.cisco.com on the same subnet, but could not able to perform Auto-update on CS-MARS. I am getting the following error:
Unable to connect to the server, please check the URL, user name and password.
However the same URL with same UID and PWD is working from the destop on the same subnet. Rules on the proxy server is to allow the complete subnet on cisco.com at port 80.
Thanks and Regards,
Ahmed Shahzad. -
Dont think RMi is HTTP tunneling through proxy firewall
Hi Guys,
Does anyone know how to monitor if RMI is using the option toHTTP tunnel through a proxy ???
Many of clients sit behind firewalls/proxies that enable HTTP only. I thought RMI would, as a default, use HTTP tunneling POST, RESPONSe methods to get through, but it does not.
Would that case be insted of using Naming.lokup("RMIServer"); that i should use
Registry reg = LocateRegistry.getResgistry(serverAddress, serverPort);
reg.lookup("RMIServer");
Any help would be greatly appreciated.RMI doesn't have an option like that. Sockets do, and you get it for any socket including RMI by setting socksProxyHost and socksProxyPort.
The RMI HTTP tunnelling thing happens when there is an HTTP server at the server side. which redirects the request to an RMI server via rmi-cgi.cgi or the RMI servlet. It's automatic, as a fallback, and you can enforce its use via a system property which you can find in the Javadoc Guide to Features/Remote Method Invocation/Useful java.rmi system properties. -
Unable to connect through Smart Update tool
Hi,
Needing to check for some patch for WebLogic Portal, I tried to access to support service through Smart Update tool. My status can't be verified on the login phase (I still obtain an error message "Unable to verfiy your status") and can only work offline; so I can't download any patch.
Launching the tool in through command line, I got the stacktrace I suppose to be the reason for the error :
javax.xml.rpc.ServiceException: Error processing WSDL document:
java.net.ConnectException: Connection refused: connect
at org.apache.axis.client.Service.initService(Service.java:250)
at org.apache.axis.client.Service.<init>(Service.java:165)
at org.apache.axis.client.ServiceFactory.createService(ServiceFactory.java:198)
at com.bea.plateng.patch.AbstractPatchServicesImpl.init(AbstractPatchServicesImpl.java:90)
at com.bea.plateng.patch.DefaultPatchProducerServicesImpl.<init>(DefaultPatchProducerServicesImpl.java:8)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.bea.plateng.patch.PatchServicesFactory.create(PatchServicesFactory.java:180)
at com.bea.plateng.patch.PatchLoginManager.login(PatchLoginManager.java:90)
at com.bea.plateng.patch.gui.PatchGUIHelper$1.call(PatchGUIHelper.java:192)
at com.bea.plateng.patch.gui.PatchGUIHelper$1.call(PatchGUIHelper.java:189)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:98)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:207)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:619)
I tried to use several Smart Update releases (3.1.0.0 and 3.2.0.0) and to work with several JVM (32 and 64 bits, Sun and Jrockit) : none of this tries were OK.
My environment : Windows 7 Pro, 64 bits.
Is this an issue on my side or on Smart Update tool ? Is this due to my system (W7 ? 64 bits ?) Is there any system property I could use to pass the WSDL process ? Something else ...
Any help will be welcome !!
Thanks in advance.
Adrien.Hi Rakesh,
Thanks for your answer but I have already tested in both environement with and without proxy. And when I had a proxy I tried with and without proxy information configured in the preferences. I'd never been able to connect.
I don't know if the main error is the "can't connect" or the "WSDL error". Which of these two may be the real one ?
Turning one some trace features, I got an interesting information : the connection refused may be from the address http://pmlb.bea.com/axis/services/PatchConsumerService?wsdl -
Portal access through a firewall
Hi there!
Having the default installtion of R2 on a single W2K box, what's the minimal procedure to make this configuration available through a firewall?
I've opened ports 7777-7778 but fail when trying to logon via SSO (host.domain.com:7777/pls/orasso)
Have I missed out to open another port or am I forced to follow the steps of setting up a reversing proxy to have portal-access outside the firewall?
Cheers
/StaffanIf they are on different servers, then both are listening on the 7777 port, and you will have to change one of them to use another port (assuming your firewall can only port forward a port to only one host).
If you are running both instances on the same server, then your SSO is accessible via 7777 and your midtier would be on 7778, so your setup as described should be enough (I do the same thing).
If they are running on the one machine, can you access the SSO/INF server directly? http://inf.domain.com:7777 and then http://inf.domain.com:7777/pls/orasso ? -
Re: (forte-users) HTTP request through proxy server
Daniel -
No, it does not. ;)
How do you say to HTTPRequest to go through proxy?
Thanks,
Taras
Daniel Nguyen wrote:
>
Hi,
It works very well. I have experienced this model for a distant Forte client
calling a Forte Server service Object for instance without any environment
and without TCP access (passing through firewall for instance).
It has also worked very well to make an injectot to improve Web Enterprise
and IIS using the SendRequest from HTTPAccess.
Hope this helps,
Daniel Nguyen
Freelance Forte Consultant
http://perso.club-internet.fr/dnguyen/
Taras Katkov a écrit:
HTTP request through proxy server using forte HTTP library?
Any experience?
Thanks,
Taras
For the archives, go to: http://lists.xpedior.com/forte-users and use
the login: forte and the password: archive. To unsubscribe, send in a new
email the word: 'Unsubscribe' to: forte-users-requestlists.xpedior.com--
For the archives, go to: http://lists.xpedior.com/forte-users and use
the login: forte and the password: archive. To unsubscribe, send in a new
email the word: 'Unsubscribe' to: forte-users-requestlists.xpedior.comYou can also use the HTTP-DC project.... You don't
need Web Enterprise for this. From what I can tell,
this is available in L.x on....
There is api documentation in M.2 (with scant
examples.)
There's a special process to put the project in your
repository (it isn't installed in the repository in
the standard install,) the documentation in M.2
(probably in M.0 too, AFAIK) that tells you how to do
this (look for HTTP-DC in the online help.)
I haven't done much with it yet, I've just installed
it. If anybody out there has examples, that'd be
great. I'll try to contribute more the moment I get a
chance to explore it....
Christopher Fury
BellSouth Communications Systems
--- Daniel Nguyen <dnguyenclub-internet.fr> wrote:
Hi,
If you have Web Enterprise, you can user
HttpAccess.SendRequest().
Hope this helps,
Daniel Nguyen
Freelance Forte Consultant
Amin, Kamran a écrit:
Is there any way to make a HTTP request from TOOLto another HTTP Service?
thanks in advance.
For the archives, go to:
http://lists.xpedior.com/forte-users and use
the login: forte and the password: archive. Tounsubscribe, send in a new
email the word: 'Unsubscribe' to:forte-users-requestlists.xpedior.com
For the archives, go to:
http://lists.xpedior.com/forte-users and use
the login: forte and the password: archive. To
unsubscribe, send in a new
email the word: 'Unsubscribe' to:
forte-users-requestlists.xpedior.com
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/ -
ASA - cut through proxy authentication for RDP?
I know how to set this up on a router (dynamic access-list - lock and key)... But, I'm having trouble understanding how to setup OUTSIDE to INSIDE cut through proxy authentication for RDP.
OUTSIDE to INSIDE RDP is currently working.
I have 2 servers I want RDP open for..
[*]OUTSIDE 1.1.1.1 to INSIDE 10.10.70.100
[*]OUTSIDE 1.1.1.2 to INSIDE 10.10.50.200
What's required for OUTSIDE users to authenticate on the ASA before allowing port 3389 opens? I was hoping for is a way to SSH into this ASA, login with a special user, then have the ASA add a dynamic ACE on the OUTSISE interface to open 3389 for a designated time limit. Is this possible?
Here is my current config.
[code]
ASA Version 8.2(5)
hostname ASA5505
names
name 10.10.0.0 LANTraffic
name 10.10.30.0 SALES
name 10.10.40.0 FoodServices
name 10.10.99.0 Management
name 10.10.20.0 Office
name 10.10.80.0 Printshop
name 10.10.60.0 Regional
name 10.10.70.0 Servers
name 10.10.50.0 ShoreTel
name 10.10.100.0 Surveillance
name 10.10.90.0 Wireless
interface Ethernet0/0
description TO INTERNET
switchport access vlan 11
interface Ethernet0/1
description TO INSIDE 3560X
switchport access vlan 10
interface Ethernet0/2
shutdown
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
shutdown
interface Vlan1
no nameif
security-level 50
no ip address
interface Vlan10
description Cisco 3560x
nameif INSIDE
security-level 100
ip address 10.10.1.1 255.255.255.252
interface Vlan11
description Internet Interface
nameif OUTSIDE
security-level 0
ip address 1.1.1.1 255.255.255.224
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup OUTSIDE
dns server-group DefaultDNS
name-server 8.8.8.8
name-server 4.2.2.2
domain-name test.local
access-list RDP-INBOUND extended permit tcp any host 1.1.1.1 eq 3389
access-list RDP-INBOUND extended permit tcp any host 1.1.1.2 eq 3389
pager lines 24
logging enable
logging timestamp
logging trap warnings
logging device-id hostname
logging host INSIDE 10.10.70.100
mtu INSIDE 1500
mtu OUTSIDE 1500
ip verify reverse-path interface OUTSIDE
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-645.bin
no asdm history enable
arp timeout 14400
global (OUTSIDE) 1 interface
nat (INSIDE) 1 LANTraffic 255.255.0.0
static (INSIDE,OUTSIDE) tcp interface 3389 10.10.70.100 3389 netmask 255.255.255.255
static (INSIDE,OUTSIDE) tcp 1.1.1.2 3389 10.10.50.200 3389 netmask 255.255.255.255
access-group RDP-INBOUND in interface OUTSIDE
route OUTSIDE 0.0.0.0 0.0.0.0 1.1.1.1 1
route INSIDE LANTraffic 255.255.0.0 10.10.1.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable
http Management 255.255.255.0 INSIDE
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 10.10.70.100 255.255.255.255 INSIDE
ssh Management 255.255.255.0 INSIDE
ssh 0.0.0.0 0.0.0.0 OUTSIDE
ssh timeout 5
ssh version 2
console timeout 0
threat-detection basic-threat
threat-detection scanning-threat shun
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
webvpn
username scott password CNjeKgq88PLZXETE encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:1e9d278ce656f22829809f4c46b04a07
: end
[/code]You're running ASA 8.2(5). In 8.4(2) Cisco added support for what they call Identity Firewall rules. That is, you can make access-lists entries specific to users (or object groups containing users).
There's an overview document on this posted here. It's a bit dated but I believe the only change is that Cisco is now preferring use of the more current Context Directory Agent (CDA) - a free VM they provide - vs. the deprecated AD agent (software service that runs on your DC). -
Traffic move through Proxy Server in Production
Hello,
Internet
|
Internet Router
|
Internet switch
|
IPS
|
Firewall
|
IPS
Inside ()---- Access-sw----------Core-SW------------DMZ
This is my Company network diagram, all data go through the firewall IPS is Inline mode on Acess and Core sw static route is configured for firewall but management wants all inside (Noc Room Helpdesk Team and Third Party members) traffic must pass via Proxy server that is connected to Core switch Please anybody tell me How can i do this in a Production Enviornment and which type of changes i need to do on Access or Core Switch.They will use Squid for Proxy on Linux ServerWCCP can be used to redirect traffic to the proxy server. See below a configuration example:
http://www.crypt.gen.nz/papers/cisco_squid_wccp.html
Don't forget to rate all posts that are helpful by clicking on the stars below. -
My internet connection is fine, I already allowed Firefox through my firewall. This is the first time it had ever happened and it happened suddenly, out of nowhere.
Try "Firefox connection settings" in [[Server not found]]
You can find the connection settings in Tools > Options > Advanced : Network : Connection<br />
If you do not need to use a proxy to connect to internet then select No Proxy
You can also try to remove all rules for Firefox from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox and the plugin-container process.
See:
* [[Server not found]]
* [[Firewalls]] -
Bypassing proxy/firewall with Applet URLConnection?
I am trying to download images from an image server to an Applet. Currently I am using URLConnection to connect to server and download the image to a byte array.
The problem arises when I try to download the images through a proxy/firewall. The applet doesnt seem to connect to the server using URLConnection, however it works fine over a standard modem connection!
Running the code as an application, instead of an applet with the following parameters to use the proxy :
Properties systemProperties = System.getProperties();
systemProperties.put("proxySet","true");
systemProperties.put("proxyHost",host);
systemProperties.put("proxyPort",proxyport);
System.setProperties(systemProperties);
This works perfectly, and the images are downloaded.
The problem is that I need to run it as an applet and not as an application. I was under the impression that the browser settings for proxy and port will automatically be sent to the applet and I dont have to set it manually.
Please let me know if anyone has any solutions. Thanking you in anticipation!On IE, you can to limit the addresses that will go to access the proxy server.
On Tools Menu select the "Internet Options" Then "Connections" then "Lan Configurations" Then "Advanced" then "Exceptions" now input the addresses that don�t will utilize the proxy/firewall.
Excuse-me by my English.
Best Regards
Isaias Cristiano Barroso
[email protected] -
a quick question since I do not have access to a pix I can not confirm it
say, I want to do pix cut-through proxy and authenticate access via tacacs on per user basis.
I want the user to access smtp user inside the pix will go through tacacs authentication.
my question is "do I need a statement for http on the access-list ?"
thank you.
here is the config
PIX-525# wr t
PIX Version 6.3(1)
access-list 100 permit tcp any host 155.1.1.4 eq http
access-list 100 permit tcp any host 155.1.1.4 eq smtp
access-list 150 permit tcp any host 155.1.1.4 eq http
access-list 150 permit tcp any host 155.1.1.4 eq smtp
access-group 100 in interface outside
static (inside,outside) 155.1.1.4 192.168.1.4 netmask 255.255.255.255 0 0
aaa-server AUTHEN protocol tacacs
aaa authentication match 150 outside AUTHENCut-through proxy is a feature unique to PIX Firewall that allows user-based authentication of inbound or outbound connections. A proxy server analyzes every packet at layer seven of the OSI model, which is a time- and processing-intensive function. By contrast, the PIX Firewall uses cut-through proxy to authenticate a connection and then allow traffic to flow quickly and directly.
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172790.html -
Endpoint on DMZ interface (through the firewall)
Hi
I have an ASA which connects to a BT Inifinty router. The address on the outside interface is dynamic. BT provide us with 5 static addresses (No NAT 5) which are routed to the outside interface but are a different subnet.
I would like to terminate the site to site VPN using one of the static IP addresses rather than the outside dynamic address.
Can I NAT the public static address to the DMZ interface (or any interface for that matter) and terminate the VPN on that interface i.e. the firewall is terminated through the firewall?
Thanks
Stuart
Update: A few people have looked but no answer. Is there some detail I need to add?Matheus.Omega.Mendes wrote:
Well one solution that they found was implements one hollow interface called InterfaceWeb, just to mark the classes that works on web and desktop, although our system isn't perfectly object oriented, this solution was the worst that I ever seen. At least I think this way and I'd like to know if someone agree, disagree or have some explication for this choose.Hard to say without actually seeing it. Probably not a good idea.
Presumably the design was driven by time to market and cost rather than just because the developers didn't want to refactor.
As per the other suggestion, normally besides breaking the layers out you could share common functionality with a layer of its own (or several) -
Software Update through UNIX command
Hey all,
Just a quick question regarding Software Update through Remote Desktop.
I'm running the UNIX command softwareupdate -i -a but it hang. I'm guessing it's due to our proxy, and that we have to login to the proxy server in order for the system to continue fetching the updates.
Basically, what I'm asking is if there is a way to bypass this, i.e. a command to follow the systemupdate -i -a command which will log me into the proxy?
Cheers,
NickHi.
I tried the command:
defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://ip.address.of.server:8088/
softwareupdate -i -a
but all I get back is this:
2011-02-04 12:16:14.482 defaults[874]
Rep argument is not a dictionary
Defaults have not been changed.
/bin/bash: line 2: http://xx.xxx.xx.xxx:8088: No such file or directory
Software Update Tool
Thanks for your help so far. Much appreciated. -
Evaluated Receipt Settlement (ERS) Smart form through the MRRL Transaction
hi all,
i am handling a smartform .
How can i run my Evaluated Receipt Settlement (ERS) Smart form through the MRRL Transaction ?
what fields should be put in the Nast -objectkey?
if possible Please Mail to me in my id <REMOVED BY MODERATOR> any documentation available for the given Transaction(MRRL)
Thanks & regards,
Cheenangshuk
Edited by: Alvaro Tejada Galindo on Feb 28, 2008 11:45 AMHi,
ERS Definition: - Procedure for settling goods receipts automatically. When you use Evaluated Receipt Settlement (ERS), you agree with the vendor that the latter will not submit an invoice in respect of a purchase order transaction. Instead, the system posts the invoice document automatically on the basis of the data in the purchase order and goods receipts. This eliminates invoice variances.
Uses: -
- SAP recommend that you implement ERS only if you and your vendor have a clear agreement on the applicable conditions and you continuously update the purchase orders in the system.
- The system determines the invoice amount for the relevant ordering transaction from the prices entered in the PO, the terms of payment, the tax information and the delivery quantity entered in the goods receipt.
- ERS also generates credit memos: If an invoice has already been posted for a goods receipt and a return delivery has since taken place, the system generates a credit memo for the quantity returned.
Advantages: -
Evaluated Receipt Settlement (ERS) is particularly suitable for creating settlement documents at regular intervals.
ERS has the following advantages:
- Purchasing transactions are closed more quickly.
- Communication errors are avoided.
- There are no price and quantity variances in Invoice Verification.
In test mode, the system can issue a list of goods receipts that can be settled and goods receipts that cannot be settled. The system makes no postings, it only lists the invoices selected.
Refer following links for more details;
[Evaluated Receipt Settlement|http://help.sap.com/saphelp_erp60_sp/helpdata/en/a8/b99f58452b11d189430000e829fbbd/frameset.htm] -
Help needed for CORBA over Http through proxy server[Very Urgent]
Hi Friendz,
I am new to J2EE. Right now I am learning RMI, Corba now.
In RMI, to pass through Http to bypass firewall or through proxy sever, we can use either Http to port or Http to CGI/Servlet i.e., Http tunneling.
In the same, I am running a simple corba application, i want my corba application to pass through my proxy server using http which is configured to address 127.0.0.1 and port 8118.
How to pass my corba application through proxy server. please help me and it is very urgent.
Is it possible or not, please let me know some comments about this topic
Thanks in advance Friends for your helpThis is so extremely urgent that it needs to be asked multiple times.
http://forum.java.sun.com/thread.jspa?threadID=762950
Maybe you are looking for
-
Application bar is greyed out under window menu
Although I can see an application bar on my document, it is "greyed out" under the window menu. Specifically when I click the icon to arrange documents ie - tile vertically/horizontally - everything is greyed out
-
Installation and required disk space
Hi, I have just gone to install Leopard on my iBook. In the installation process when I select the hard drive on which I want to install on, it say that I need something like 6 gigs of free space. I only have 5 gigs free, so will this mean that I nee
-
Hello everybody, I have a problem with the following process: 1. User creates a purchase order with returns item checked (it's internal return within the same company code) 2. User uses transaction VL10B to create delivery note 3. MIGO transactio
-
Using BEx 7 Query in BEx 3.x Web Template
Hi Experts, I was wondering whether it is possible to use 7 Queries in 3.x Web Templates?! I would like to run the Templates without any EP installation but with the features of BEx 7 Query Designer. Is this possible? Thanks & Cheers Tobias
-
Hi everyone, I am using LKM File to Oracle(SQLLDR) .My call sqlldr step like this: OdiOSCommand "-OUT_FILE=<%=odiRef.getSrcTablesList("[WORK_SCHEMA]/[TABLE_NAME].out", "")%>" "-ERR_FILE=<%=odiRef.getSrcTablesList("[WORK_SCHEMA]/[TABLE_NAME].err", "")