Sonicwall DHCP over VPN drops packets

Similar Messages

• Send broadcast packets over VPN

  How can I send broadcast packets over vpn , something like bcrelay in poptop linux ?

  Hi,
  Do you want forward NetBIOS broadcast?
  If so, open RRAS console, right clieck VPN server, properties, IPv4, check the option Enable broadcast name resolution.
  Hope this helps.

• Odbc connection drops after some time over vpn -- help needed

  hi,
  sorry to tell u that i am not able to find the right suggestion/ solution in previous posts in this forum. my problem is like this:
  I am running oracle database (11g) on windows 2003 server. my oracle client (9i) is accessing database on that server. if the server is on a simple LAN, all the clients are able to login and the connection is lasting fine. recently, the server is configured in a VPN. now the clients are not able to sustain the connection for long time, the connection is getting dropped within minutes. whats the problem with VPN? even though the cluster configuration (VPN) is said to be done properly, whats going to be the problem?
  my client side application is with VC++ and using ODBC for accessing database. with oracle Net Configuration Assistant, the connection is working fine even on VPN, but when my application is trying to access the database over VPN, the connection seems to be intermoittent. please suggest me in this regard. thank you in advance.
  swamy.

  hi,
  sorry to tell u that i am not able to find the right suggestion/ solution in previous posts in this forum. my problem is like this:
  I am running oracle database (11g) on windows 2003 server. my oracle client (9i) is accessing database on that server. if the server is on a simple LAN, all the clients are able to login and the connection is lasting fine. recently, the server is configured in a VPN. now the clients are not able to sustain the connection for long time, the connection is getting dropped within minutes. whats the problem with VPN? even though the cluster configuration (VPN) is said to be done properly, whats going to be the problem?
  my client side application is with VC++ and using ODBC for accessing database. with oracle Net Configuration Assistant, the connection is working fine even on VPN, but when my application is trying to access the database over VPN, the connection seems to be intermoittent. please suggest me in this regard. thank you in advance.
  swamy.

• SoftPhone over VPN audio issue

  Having a "one-way" audio issue when IPC connects over VPN to any Main Office IP Phones (7960). Remote IPC (softphone) shows "0 Received" Packets, but the IP Phone shows them as being sent.
  This does NOT happen if IPC contacts another IPC on a PC at Main Site, or any kind of phone at the other branch offices.
  Have looked at all of the audio settings on the VPN IPC unit, they are correct.
  Any ideas?

  Try to sniff the Ethernet traffic during call setup at the CallManager. When Callmanager sends Call Control messages to remote party, it could send wrong IP address or UDP port as an RTP parameters.
  Another components could block the traffic are firewalls. How do you have your VPN tunnel built? Do you use Cisco VPN Client? What terminates your VPN traffic at the central location? PIX, VPN3000 or Router? Traffic may go one way without a change, and some protocol FixUp may be triggered for this traffic on the way back. If you have access to firewall logs, check if you have any traffic dropped.
  Good luck,
  Mike
  http://www.headsetadapter.com

• Firewall Dropping Packets - %FW-6-DROP_PKT: Dropping tcp session X.X.X.X X.

  Hi,
  Can anyone explain this error and what is a stray Segment with the IP ident 46866. I can't seem to find this error on the Cisco web site the only bug appears to be to do with Zone firewalls. I have an 877 Router on a remote site configured with IPSEC and a Tunnel back to the main office and I'm getting reported connection issues to network drives on servers located local to the LAN and on the headend LAN. Can't seem to find any other errors apart from this one.
  %FW-6-DROP_PKT: Dropping tcp session X.X.X.X X.X.X.X due to
  Stray Segment with ip ident 46866 tcpflags 0x5010 seq.no 1237259566 ack 3465174792
  If any one could help or point me in the right direction that would be great. Failing that I'm jumping off this building.
  Ta
  Jim

  This may help:
  Caveat "CSCsj30582"
  http://www.cisco.com/en/US/docs/ios/12_4t/release/notes/124TCAVS.html
  Symptoms: A Cisco IOS router that is running ZPF (Zone-based Policy Firewall) intermittently drops ESP packets even when it is configured to pass them. This causes traffic over an IPsec VPN tunnel through this router to fail intermittently, although the tunnel is up and phase 1 (isakmp) and phase 2 (ipsec) SAs have been established. If the router is configured to log dropped packets, it will log a %FW-6-DROP_PKT syslog message for these packets.
  Conditions: This symptom is observed on a Cisco IOS router that is enabled with ZPF (Zone-based Policy Firewall) and that is configured to pass the ESP traffic based on a "match access-group" policy, where the access list has entries to permit the ESP traffic specifically from one host to another.
  For example:
  class-map type inspect match-any cm-esp match access-group 100
  policy-map type inspect in2out class type inspect cm-esp pass
  access-list 100 permit esp host 10.0.0.2 host 10.1.1.2 access-list 100 permit esp host 10.1.1.2 host 10.0.0.2
  Workaround: Configure the access list so that the source is "any", for example:
  access-list 100 permit esp any host 10.1.1.2 access-list 100 permit esp any host 10.0.0.2
  First Alternate Workaround: Use the classic Cisco IOS firewall instead of ZPF; that is, use "ip inspect".
  Further Problem Description: If an explicit deny rule is added to the above example, for example:
  access-list 100 permit esp host 10.0.0.2 host 10.1.1.2 access-list 100 permit esp host 10.1.1.2 host 10.0.0.2 access-list 100 deny esp any any
  Then the show access-list command will indicate that the dropped packets are hitting the deny rule, although they should match one of the permit rules:
  Router# show access-lists 100
  Extended IP access list 100 10 permit esp host 10.0.0.2 host 10.1.1.2 (999 matches) 20 permit esp host 10.1.1.2 host 10.0.0.2 (999 matches) 30 deny ip any any (1 match)

• VPN - can't access internet over VPN

  Hi,
  I have an issue with VPN.
  For my work I need to be able to log into my office network remotely and then access remote desktop connection from within my work network.
  This won't work unless I am accessing the internet from inside the VPN.
  I have got this working on a PC, just had to select "Use default gateway on remote network" and now when I access the VPN on a windows laptop I am accessing the internet over the VPN.
  When I connect to the VPN on the Mac I can access the network, email server, file servers etc, but can not access the internet through the VPN.
  I have tried:
  - changing the service order
  - ticking and unpicking the send all traffic over VPN setting
  I can get to the point where I can access my work network over the VPN while also accessing the internet over my wifi but cannot get it so I can access the internet over the VPN connection. It is a PPTP VPN.
  Does anyone know how I get my Mac to use the default gateway on the remote network?

  If this server is behind a (NAT-) router you need to turn on "ipforwarding only" in Server Admin NAT configuration otherwise the server wont route packets beyond it's subnet.

• Is there a solution for Airprint over VPN connection?

  I use a new HP airprint enabled printer in a WIFI network at home. It all works fine that far, the printer is recognized by Airprint feature on both iPhone and iPad..
  Furthermore, I have established a VPN connection on my Fritzbox router and setup VPN connection on iPhone and iPad. The VPN connection (IPSec) works without any problem.
  Only problem: If I try to print using the VPN connection, no printer is found. I understand it has something to do with Bonjour not working properly over VPN.
  But is there any workaround or tweak to make it work somehow?
  (Note: I know there is the eprint-feature on the HP printer as well, but I don´t want to use it)
  Thanks

  I am having the same problem.  When on my local network, I have 2 AirPrint printers I can print to just fine from iPhone, iPad and iPod.  However, while connected to the VPN, it doesn't see any printers.
  The VPN is OS X Lion 10.7.5 VPN.  It is serving addresses in the same domain and subnet as the main network.  However, there is no option for routing control, so I assume routing across the network is somehow limited.  Incidentally, one printer is shared from an iMac, the other is a WiFi printer.
  When I connect to the VPN with my Macbook Pro, the printers don't show up as online either.  However, I can ping other machines on my network, including the Lion Server (I also have a Linux server that is serving DNS and DHCP - I can log into that machine with VNC or SSH no problem).
  The only ports I have open on the firewalls are the L2TP and PPTP ports, and the VNC port.  But anything with printing should be within the tunnel, and not filtered by the firewall once a virtual circuit is established, right?  Is there a way I can have finer control over the VPN settings, like editing a config file or something?

• AEBS; Poor throughput, Dropping Packets(Wired or Not)

  I have an AEBS that was purchased in 2007.
  So very recently I started noticing very poor network performance.  Throughput to the internet was horrible, around 2mbps at times.  Power cycling the AEBS would make it be ok for a while... about 9-10Mbps.  However I usually was getting around 20mbps even when using wifi.  This was wired!!!
  Also, I noticed that packets were dropping.  Anywhere from 1.5-4% packet loss when doing 1,000 pings to google.com.  I thought for sure it was my internet connections... but it's not
  When wired directly to the cable modem, no dropped packets over several days.  Ping response is 5-10ms better.  Also speeds are back at their max.
  I have an old Westell 7501 router, and that as well is performing stellar over wifi and wired.  Speedtests from wired connections are just under the speed when using the modem only, and even speedtests to my iDevices is near identical.
  I've tried resetting the router to default, but I immediately start dropping packets, even when using wired.
  Just thought I'd post here and see if theres anything I can try to resurrect this thing, or if it's officially done.  I really don't feel like dumping $180 on a new AEBS.  Thinking about doing dd-wrt on something.

  The first thing I would recommend that you do is to verify if the issue is data throughput performance on the local network OR on the WAN-to-LAN interface across the AEBS itself.
  To test the local network throughput performance, I would recommend a free utility, like AJA System Test. You would use it to test throughput between the System Test host device and another device on the local network. If after running a series of these tests using network connected devices that are connected by both wire or wireless, you should get a basic idea of the overall throughput performance of your local network. If all appears well here, we can go on to testing the WAN-to-LAN interface. Please post back your results for the local network tests.

• EJB transaction hanging over VPN connection

  EJB transaction hanging over VPN connection
  I am trying to diagnose a problem that only occurs when I am doing testing from home and connected via VPN to work.
  We are using WL 10.3. Our clusters are setup to communicate via multicast. We have a stateless session bean that uses many different resources (Sybase DB, other EJBs, Sonic JMS). I have a local EJB on my home network that I am testing and it connects with other EJBs and resources on my corporate network. While I don't think it is related to the problem, there is a cluster of the same EJB I am trying to test deployed to my corporate environment. i.e. I am testing ResetService EJB and there is a deployed domain cluster of several ResetService EJBs in the environment I am connecting to. My local server and admin domain are named differently than the one deployed and my local ejb shouldn't try to connect to the cluster in the environment.
  When I make a call into my local ejb everything seems to work as expected until it gets to the commit part of the transaction (after my ejb returns). At this point the executing thread hangs at the following location
  "[STUCK] ExecuteThread: '16' for queue: 'weblogic.kernel.Default (self-tuning)'" daemon prio=2 tid=0x2e8cb400 nid=0x22fc in Object.wait() [0x3031f000]
     java.lang.Thread.State: TIMED_WAITING (on object monitor)
          at java.lang.Object.wait(Native Method)
          - waiting on <0x091a4b18> (a weblogic.transaction.internal.ServerTransactionImpl)
          at weblogic.transaction.internal.ServerTransactionImpl.globalPrePrepare(ServerTransactionImpl.java:2130)
          - locked <0x091a4b18> (a weblogic.transaction.internal.ServerTransactionImpl)
          at weblogic.transaction.internal.ServerTransactionImpl.internalCommit(ServerTransactionImpl.java:266)
          at weblogic.transaction.internal.ServerTransactionImpl.commit(ServerTransactionImpl.java:233)
          at weblogic.ejb.container.internal.BaseRemoteObject.postInvoke1(BaseRemoteObject.java:621)
          at weblogic.ejb.container.internal.StatelessRemoteObject.postInvoke1(StatelessRemoteObject.java:60)
          at weblogic.ejb.container.internal.BaseRemoteObject.postInvokeTxRetry(BaseRemoteObject.java:441)
          at advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean_shnf9c_EOImpl.resetTradeByRate(ResetTradeServiceBean_shnf9c_EOImpl.java:1921)
          at advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean_shnf9c_EOImpl_WLSkel.invoke(Unknown Source)
          at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
          at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
          at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
          at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
          at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
          at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
          at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
          at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
          at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)This thread is obviously waiting for a notification from some other thread but it is unclear what exactly it is waiting for. This only seems to happen when I am connected via VPN because when I try this same setup connected directly to my corporate network at work it works fine.
  I connected w/ debugger and tried to dig. Some interesting observations I see are.
  1) The ServerTransactionImpl object that is hanging has a 'preferredHost' of a different machine on my corporate network. It is an EJB that my service got some information from but it wasn't involved in any create, update, or delete aspects of the tran so in theory it shouldn't be part of it. Does anyone know what exactly this peferredHost attribute is signifying? I also see this same remote ejb server reference defined in a ServerCoordinatorDescriptor variable.
  2) I also sometimes see other XA resources (JMS) with this ServerTransactionImpl that point to references of resources that live on other machines on my corporate network (not my local ejb). This doesn't always seem to be the case though.
  VPN will definetly block multicast packets from the corporate env back to my machine. I don't think it works from my machine to the corporate env machines either.
  I also have two IPs when connected over VPN. One for my local home network and one given to me by my VPN client. I have setup my local WL server to listen on the VPN client provided IP which the corporate machines should be able to resolve and send TCP message over.
  This definetly seems to be transaction related because when I remove the tran support from my ejb things work as expected. The problem is I need to test within the transaction just like it runs in a deployed environment so this isn't really a fix.
  My theory: My local test WL EJB is waiting for a communication from some other server before it can commit the tran. This communication is blocked due to my VPN connection. I just don't know what exactly it is trying to communicate and how to resolve if that is in fact the problem. I thought about looking into unicast rather than multicast for cluster communication but in my mind that doesn't come into play here because I am not deploying a local cluster for my EJB and I thought multicast was just used for inter-cluster communication.
  I also saw some docs talking about resources need to be uniquely named when inter-domain communication is performed (http://docs.oracle.com/cd/E13222_01/wls/docs81/ConsoleHelp/jta.html#1120356).
  Anyone have any thoughts on what might be going on?
  Here is some log output from my local WL instance:
  Servers in this output--
  My test Server - AdminServer+10.125.105.14:7001+LJDomain+t3
  Server in env I read data from during ejb method call - TradeAccessTS_lkcma00061-1+171.149.24.240:17501+TradeSupportApplication2+t3
  Server in env I read data from during ejb method call - MesaService_lkcma00065-1+171.149.24.244:17501+MESAApplication1+t3
  Server in env I read data from during ejb method call - DataAccess_lkcma00055-0+171.149.24.234:17500+AdvantageApplication1+t3
  Server in env I read data from during ejb method call - DataAccess_lkcma00053-6+171.149.24.232:17506+AdvantageApplication1+t3
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606895> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: ServerTransactionImpl.commit()>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606895> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: TX[BEA1-0005C168CCCC337F43A8] active-->pre_preparing>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606896> <BEA-000000> <SC[LJDomain+AdminServer] active-->pre-preparing>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606896> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: before completion iteration #0>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606896> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: Synchronization[weblogic.ejb.container.internal.TxManager$TxListener@11b0cf9].beforeCompletion()>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606897> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: Synchronization[weblogic.ejb.container.internal.TxManager$TxListener@11b0cf9].beforeCompletion() END>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606898> <BEA-000000> <SC[LJDomain+AdminServer] pre-preparing-->pre-prepared>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606898> <BEA-000000> <SC[TradeSupportApplication2+TradeAccessTS_lkcma00061-1] active-->pre-preparing>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606898> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: delist weblogic.jdbc.wrapper.JTSXAResourceImpl, TMSUSPEND, beforeState=new, startThread=null>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606898> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: delist weblogic.jdbc.wrapper.JTSXAResourceImpl, afterStatenew>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606899> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: sc(TradeAccessTS_lkcma00061-1+171.149.24.240:17501+TradeSupportApplication2+t3+).startPrePrepareAndChain>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606900> <BEA-000000> <SC[TradeSupportApplication2+TradeAccessTS_lkcma00061-1] pre-preparing-->pre-preparing>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606902> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: delist weblogic.jdbc.wrapper.JTSXAResourceImpl, TMSUSPEND, beforeState=new, startThread=null>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606903> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: delist weblogic.jdbc.wrapper.JTSXAResourceImpl, afterStatenew>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTANaming> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606903> <BEA-000000> <SecureAction.runAction Use Subject= <anonymous>for action:sc.startPrePrepareAndChain to t3://171.149.24.240:17501>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278606903> <BEA-000000> <PropagationContext: Peer=null, Version=4>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278606904> <BEA-000000> < +++ otherPeerInfo.getMajor() :: 10>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278606904> <BEA-000000> < +++ otherPeerInfo.getMinor() :: 3>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278606904> <BEA-000000> < +++ otherPeerInfo.getServicePack() :: 1>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278606905> <BEA-000000> < +++ otherPeerInfo.getRollingPatch() :: 0>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278606905> <BEA-000000> < +++ otherPeerInfo.hasTemporaryPatch() :: false>
  ####<Mar 20, 2012 4:23:26 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0005C168CCCC337F43A8> <> <1332278606905> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: waitForPrePrepareAcks AdminServer+10.125.105.14:7001+LJDomain+t3+=>pre-prepared TradeAccessTS_lkcma00061-1+171.149.24.240:17501+TradeSupportApplication2+t3+=>pre-preparing MesaService_lkcma00065-1+171.149.24.244:17501+MESAApplication1+t3+=>active DataAccess_lkcma00055-0+171.149.24.234:17500+AdvantageApplication1+t3+=>active DataAccess_lkcma00053-6+171.149.24.232:17506+AdvantageApplication1+t3+=>active>
  $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
  Then eventually I get timeout errors like below in log
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789379> <BEA-000000> < +++ otherPeerInfo.getMajor() :: 10>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789380> <BEA-000000> < +++ otherPeerInfo.getMinor() :: 3>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789380> <BEA-000000> < +++ otherPeerInfo.getServicePack() :: 1>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789381> <BEA-000000> < +++ otherPeerInfo.getRollingPatch() :: 0>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789382> <BEA-000000> < +++ otherPeerInfo.hasTemporaryPatch() :: false>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789382> <BEA-000000> < +++ Using new Method for reading rollback reason....>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTANaming> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789383> <BEA-000000> <RMI call coming from = TradeSupportApplication2>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTANaming> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789384> <BEA-000000> <SecureAction.stranger Subject used on received call: <anonymous> for action: startRollback AUTHENTICATION UNDETERMINABLE use SecurityInteropMode>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789385> <BEA-000000> <PropagationContext.getTransaction: tx=null>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789385> <BEA-000000> <PropagationContext.getTransaction: xid=BEA1-0005C168CCCC337F43A8, isCoordinator=true, infectCoordinatorFirstTime=false, txProps={weblogic.transaction.name=[EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)], weblogic.jdbc=t3://171.149.24.240:17501}>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789391> <BEA-000000> < +++ looking up class : weblogic.transaction.internal.TimedOutException :: in classloader : java.net.URLClassLoader@15e92d7>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789397> <BEA-000000> < +++ looking up class : weblogic.transaction.TimedOutException :: in classloader : java.net.URLClassLoader@15e92d7>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789398> <BEA-000000> < +++ looking up class : java.lang.Exception :: in classloader : java.net.URLClassLoader@15e92d7>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789398> <BEA-000000> < +++ looking up class : java.lang.Throwable :: in classloader : java.net.URLClassLoader@15e92d7>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789402> <BEA-000000> < +++ looking up class : [Ljava.lang.StackTraceElement; ::  in classloader : java.net.URLClassLoader@15e92d7>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789403> <BEA-000000> < +++ looking up class : java.lang.StackTraceElement :: in classloader : java.net.URLClassLoader@15e92d7>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTAPropagate> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789404> <BEA-000000> < +++ converted bytes to rollback reason : weblogic.transaction.internal.TimedOutException: Timed out tx=BEA1-0005C168CCCC337F43A8 after 30000 seconds>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789404> <BEA-000000> <Name=[EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)],Xid=BEA1-0005C168CCCC337F43A8(21880283),Status=Marked rollback. [Reason=weblogic.transaction.internal.TimedOutException: Timed out tx=BEA1-0005C168CCCC337F43A8 after 30000 seconds],numRepliesOwedMe=0,numRepliesOwedOthers=0,seconds since begin=502,seconds left=29497,activeThread=Thread[[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads],XAServerResourceInfo[weblogic.jdbc.wrapper.JTSXAResourceImpl]=(ServerResourceInfo[weblogic.jdbc.wrapper.JTSXAResourceImpl]=(state=new,assigned=none),xar=null,re-Registered = false),SCInfo[LJDomain+AdminServer]=(state=pre-prepared),SCInfo[TradeSupportApplication2+TradeAccessTS_lkcma00061-1]=(state=pre-preparing),SCInfo[MESAApplication1+MesaService_lkcma00065-1]=(state=active),SCInfo[AdvantageApplication1+DataAccess_lkcma00055-0]=(state=active),SCInfo[AdvantageApplication1+DataAccess_lkcma00053-6]=(state=active),properties=({weblogic.transaction.name=[EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)], weblogic.jdbc=t3://171.149.24.240:17501}),OwnerTransactionManager=ServerTM[ServerCoordinatorDescriptor=(CoordinatorURL=AdminServer+10.125.105.14:7001+LJDomain+t3+, XAResources={LJDomain.AdminServer.JMSXASessionPool.advantage.jms.queue.sonicConnectionFactory, LJDomain.AdminServer.JMSXASessionPool.advantage.jms.topic.sonicConnectionFactory, WLStore_LJDomain__WLS_AdminServer, WSATGatewayRM_AdminServer_LJDomain},NonXAResources={})],CoordinatorURL=AdminServer+10.125.105.14:7001+LJDomain+t3+) wakeUpAfterSeconds(60)>
  ####<Mar 20, 2012 4:26:29 PM CDT> <Debug> <JTA2PC> <F68B599F56D71> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1332278789406> <BEA-000000> <BEA1-0005C168CCCC337F43A8: [EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]: setProperty: weblogic.transaction.name=[EJB advantage.tradesupport.rates.resets.ejb.ResetTradeServiceBean.resetTradeByRate(java.lang.Long,java.util.Set,java.lang.String,java.lang.String,boolean,advantage.common.service.context.ServiceContext)]>

  Hello asirigaya,
  MSDTC configure does not belong to this forum, this forum topic is "Discuss client application development using Windows Forms controls and features."
  I didn't see MSDN has this kind of forum so I will help you move this case to "Where is the forum for"
  Regards,
  Barry Wang
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• SG500X Dropped packets

  I have been having issues for a long time with the SG500X units. I keep getting many "Drop Events", or dropped packets (as seen in the attachment). There are no real "errors" or issues that I can see otherwise. I have 2 stacked SG500X-48 port switches connected with 10GB cables. I have 13 different LAG groups that span the 2 switches (8 are down-links to SG200 switches for clients). I have 2 physical vmware boxes, and 1 SAN connected with 10GB cables. I have one main physical server that almost everyone accesses to connect to a foxpro database. The drops happen on the highest utilization ports, especially the physical server that is running foxpro. There are about 100 users total (connected to the SG200's).
  Any ideas? I have gone through the configurations multiple times with Cisco, and with others. But no change. I have tried everything to correct.

  Hi Aleksandra,
  Thank you for replying. Boot version is 1.3.7.01, and firmware is 1.3.7.18.
  I know there is a newer version, but I have applied about 5 new firmware versions over the last 2 years to try to fix this. I will upgrade soon, but it is a bigger process now that SAN and vmware boxes are tied together over these switches.
  EDIT: Of note is that the drops are on the highest utilization ports (vmware, SAN, and a very busy server hosting a foxpro database). We have been thinking it is a buffer issue onthe switch (whether a switch issue or us exceeding its capacity, though not sure how), but have not been able to confirm that.
  Mike

• What is the "ingress over sub drops" counter // ASR1000?

  Hello,
  can you tell me what is the "ingress over sub drops" counter in the following output (ASR1004, 15.2(2)S1)?
  asr#show controllers
  <...>
  TenGigabitEthernet0/1/0
       21830397 input vlan errors
       7712082 ingress over sub drops
       18 Number of sub-interface configured
  <...>
  Thank you,
  best regards,
  Gergely

  Hello,
  thank you for your reply!
  This is a tengig interface which is not likely to oversubscribe (typical traffic rate is below 2.5 Gbps) however there could be some bursty traffic concerning this counter.
  There is no input queue drop on the interface - I wonder if the "input queue drop" related to "ingress over sub drops"?
  Best regards,
  Gergely
       asr#sh int ten 0/1/0 controller
       TenGigabitEthernet0/1/0 is up, line protocol is up
         Hardware is SPA-1X10GE-L-V2, address is a493.4cd0.c510 (bia a493.4cd0.c510)
         MTU 9216 bytes, BW 10000000 Kbit/sec, DLY 10 usec,
            reliability 255/255, txload 1/255, rxload 60/255
         Encapsulation 802.1Q Virtual LAN, Vlan ID  1., loopback not set
         Keepalive not supported
         Full Duplex, 10000Mbps, link type is force-up, media type is 10GBase-SR
         output flow-control is on, input flow-control is on
         ARP type: ARPA, ARP Timeout 04:00:00
         Last input 00:00:00, output 00:01:29, output hang never
         Last clearing of "show interface" counters never
         Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 195
         Queueing strategy: fifo
         Output queue: 0/40 (size/max)
         30 second input rate 2371308000 bits/sec, 218149 packets/sec
         30 second output rate 2000 bits/sec, 4 packets/sec
            295771623646 packets input, 401390419037397 bytes, 0 no buffer
            Received 17352252 broadcasts (294214973196 IP multicasts)
            0 runts, 0 giants, 0 throttles
            0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
            0 watchdog, 2559103491 multicast, 0 pause input
            205479375 packets output, 266095482233 bytes, 0 underruns
            0 output errors, 0 collisions, 2 interface resets
            0 unknown protocol drops
            0 babbles, 0 late collision, 0 deferred
            0 lost carrier, 0 no carrier, 0 pause output
            0 output buffer failures, 0 output buffers swapped out
       TenGigabitEthernet0/1/0
            21831585 input vlan errors
            7712082 ingress over sub drops
            18 Number of sub-interface configured
       asr#

• Jabber call to voice mail fails with fast busy over VPN

  I have an issue that I ran into with CIPC phones over a VPN.  If a CIPC phone called over a VPN and started ringing a phone the call would fail with fast busy at the time the call would be forwarded to voicemail.  I found the issue was when remote the CIPC phone would negotiate the g.729 codec, when forwarded to a voicemail pilot over a SIP trunk set to g.711 the call would fail due to codec missmatch when no transcoders are present.
  So now I am running into what I believe to be the same issue with Jabber, when on premise the calls to voice mail work just fine, but when remote they fail.  I can directly call the voicemail pilot without error, but if calling a phone the call gets fast busy at the point we are forwarded to voicemail.  Even though all my regions are set to talk to all other regions on G.711 and the voicemail SIP trunk is set to G.711, I believe with the new features in CUCM9 that a lower speed codec has been negotiated since the we are going over the VPN, or Jabber has done this as it knows it's over VPN (not sure).  WIth CIPC I could go into the settings and turn off the Optimize for Bandwidth check box and the call would negotiate G.711.  With Jabber I can't find anything that would tell my Jabber client to stay on G.711 and I can only imagine this is a codec missmatch as the following are true.
  1. CIPC and Jabber share the same line
  2. VPN established and CIPC optimised for low bandwidth un-checked
  3. Over the same VPN the CIPC phone can leave a voicemail
  4. Over the same VPN the Jabber client gets fast busy once forwarded to voicemail
  5. Voicemail environment is Exchange-UM over SIP trunk
  6. SIP trunk is assigned a Device Pool, that is assigned to a region that all other regions communicate G.711 to
  7. On CIPC if optimised for low bandwidth is checked I get the exact same issue as I get with the Jabber client (fast busy when forwarded to voicemail)
  Would anyone know what I can do in CUCM 9 to fix this issue, as said no issue when all devices are on premise.  Wondering if there is a service parameter or a way to change the codec selection so the Jabber client attempts to always negotiate G.711.  The correct answer would be to get some PVDM DSP resources and kick up a transcoder in my resource group, and that may be what I talk them into doing if I have no other options.                  

  We have been getting the exact same thing for almost a year now... since switching to FiOS Digital Voice in May of last year!  Every time I call in to report it they 'escalate' the issue but it never gets resolved.  The problem seems to be in the initial connection.  Most of the time it works fine but, several times a month, after I call to get messages and it starts to play the new message it goes dead and I get the busy signal.  I get the same message when I call back:  “I’m sorry – that account is in use at this time.  Please try again later!”  I have even called in with my cell phone and get the same message!  I HAVE EVEN used the Internet to see if I could get my messages and, when I hit Play, I get a pop-up saying: “Your Voice Mail box is currently in being accessed; please try again later.  If the problem continues, please contact our Customer Support Center at 1-888-553-1555. We apologize for any inconvenience.”  This is obviously a software bug that Verizon has no clue on how to troubleshoot OR fix!!!  I wonder how many people have the problem and just don’t bother reporting it because of the hassle?  When it first started happening they destroyed my entire mailbox and I had to re-enter the complete mailbox setup again – 3 times!!!  NEVER let them talk you into that!!!  It’s their problem and they need to fix it!!!!!!!  I wish I could go back to the ‘normal’ voicemail we originally had… they want hundred$ to switch back because I’d be breaking my #$@%^&* contract!  Good luck if you have Verizon………

• How can i use an existing vpn connection without using the option "Send all traffic over vpn connection"?

  I have been trying to get my computer (os x.7) to astablish a remote desktop connection to my work computer via a vpn tunnel. In fact I have just discovered that it works fine if i select to "send all traffic over vpn connection" from the options in the advanced setup of the vpn.
  If the option is selected microsofts "Remote desktop connection for mac" works just fine. However without selecting the option it is not taking advantage of the tunnel but tries to connect as if the tunnel would not exist.
  Now the question is how do I get program to use the vpn tunnel without checking the above option?
  Thanks for any hints and pointers.

  Then can her computer be authorized to both accounts?
  Absolutely. You can authorize any given computer to up to five iTunes Store accounts.
  If purchases are made on her account, to a computer authorized to my account, can I put those songs on my iPod?
  If you connect your iPod to her computer, yes. Tracks download only to the computer from which they're purchased, regardless of which iTunes Store account is used for the purchase. Or you could copy the tracks from her computer to yours and then authorize your computer to her iTunes Store account. But that's sort of defeating the original purpose, it would seem to me.
  is it better to buy music through Amazon downloads and/or actually purchasing CDs to avoid the security features iTunes puts on its music?
  That's certainly an option. If it's an entire album I want, I buy CDs. That way I can import them at the quality I want and to whichever of my systems I want. Amazon or one of the other download stores that offer tracks as MP3 are also an option, though for me download stores are best when you just want a couple of tracks off a given CD.

• DNS over VPN

  Hi community,
  I am having some trouble with dns over vpn. On server side of VPN the dns is working 100% i.e servername.domain.com resolves to local IP address correctly from within network. However, when i connect into network over VPN the dns does not work correctly - it resolves servername correctly but not servername.domain.com. I can overcome this by setting VPN above my Ethernet adaptor in service order but then all my traffic gets routed over VPN connection (which i don't want) - even if I try adding network routing defn on VPN server. I probably need to do something on the VPN client (Snow leopard 10.6.1)?
  Please help!

  Rather than dnsmasq and openwrt, I'd look at the DNS server here.
  My guess here would be that the DNS configuration is invalid, or the domain name incorrect, or such.
  For a simple split-brain, you'll have one forward zone with your local Mac OS X Server box as the DNS server, and one (created for you) reverse DNS zone. And you'll be using a unique domain name or (far better) a publicly-registered DNS domain. But this smells like a DNS error.
  Post the +dig -x+ of the IP address on your LAN, and the +dig host+ and +dig host.example.com+ of the domain name on your LAN. And given this DNS information is either public or is behind a firewall and thus accessible only via VPN, please post the real data rather than masked data.

• VOIP over VPN need clarification

  Hi,
  Recently I have implemented Site-to-Site VPN between ASA and sonic wall firewall.
  Problem: I can able to make call from ASA side(inside) Ip phone to sonic wall (inside) side Ip phone and vice versa and it’s ringing, But not able to hear voice. So I created VOIP over VPN configuration and applied appropriate service policy towards outside interface. But still I was not able to hear voice.
  Tried below mentioned t’shot steps:
  From ASA side we had two subnets (10.20.1.x/24 – Data and 10.20.2.x/24 – Voice ) and one subnet (192.168.x.x/24 ) from sonic wall side as interesting traffic ( lan to lan). When I configured site-to-site configuration on both ends my phase-1 and phase-2 came UP and can able to communicate between each other. (In interesting traffic I created two objects and bind those objects as one object-group for source i.e. ASA side lan subnet and one object for remote-Lan as destination)
  My call manager is rest behind ASA and Ip phones needs to communicate from sonic wall side to inside ASA.
  I can able to make call from ASA side(inside) Ip phone to sonic wall (inside) side Ip phone and vice versa and it’s ringing, But not able to hear voice. So I created VOIP over VPN configuration and applied appropriate service policy towards outside interface. But still I was not able to hear voice.
  So, I  done supernetting the data subnet and voice subnet into single network i.e. 10.20.x.x/16 at ASA side and applied the configuration changes (changed ACL, nonat rule, Voice QOS ACL accordingly), and I’m able to hear voice both end and I can communicate properly from ASA inside Ip phone to Sonic wall inside Ip phone and vice versa.
  My question: I’m not understanding the logic how this supernetting resolved dead voice issue.
  Pls clarify my question I’m bit confused on this.

  It's not recommended. Although VPNs guarantee a secure pipe end-to-end, they don't guarantee latency and variations in latency (Jitter).