Substring matching for lists

Can anyone suggest efficient data structure or algorithm to get the "subset" or "superset" of a string. What I mean by subset/superset is this:
  "new york",
  "new york city",
  "new york state",
  "york city"
superset("new york") = {"new york", "new york city", "new york state"}  // left side is substring of every string on right side
subset("new york city") = {"new york", "new york city", "york city"}  // every string on right side is substring of the left side
subset("new york state") = {"new york", "new york state"}The brute force way is use loop through each string and do string contains comparison but is there a more efficient method especially w/ith large string lists??

So if string A is a substring of string B than the subset of B contains A and the superset of A contains B.
A classical algorithm that is used sometime to speed substring searching works like this. You create an integer signature for each string. For example, you could set a bit in the integer to indicate the presence of each individual letter of the alphabet. (Since there are more letters than the 32 bit location, you would actually hash each individual letter to a number between 1 and 32 and set that bit). What the signatures do is let you do a very fast substring rejection. If the integer signature of A is NOT a subset of the signature of B it means that A has character that does not show up in B and thus A could NOT be a subset of B.
Note integer subset testing is very fast. A is subset of B iff (A & B) == A
More typically, this encoding is done not on letters themselves but rather on di-grams. So to encode "new york" you hash "ne", "ew", "w ", " y"...
Now, this structure, only gives you a fast reject. If signature of A really is a subset of signature of B it does NOT tell you that A is a substring of B. You must do the substring comparison to check, but it can reject lots of strings that could not possibly match quickly.
The use of 32 bits for the signature was arbitrary and may not be appropriate. If your strings are long, way more than 32 characters, you would find yourself in general setting most of the bits, and if most of the bits are set you will typically get no rejections. So you must choose the length of your signature to match the characteristics (average length) of the data you expect to be processing.
Thus to find the superset of String A, you would rip through the entire list of strings using the fast signature comparison to do a fast reject and only do the slower substring comparison on the ones where the signatures were compatible.
There is a sense in which this is still just the brute force method, in that you compare every string to every other string, but by preprocessing each string once to create a signature, you can potentially speed up all subsequent substring processing.
BTW I think Jos was pulling your leg about Patricia trees. They are a very efficient method for storing a dictionary of words that allow you to quickly decide if a word is in the dictionary but they are used for matching full strings against full strings, or full strings against prefixes and are not useful for matching substrings. Of course I could be wrong about this. I'd be happy to let Jos teach me a new use for Patricia trees.

Similar Messages

  • Report for List of Transfer orders in warehouse management

    hi,
    i want generate a report for list of transfer order orders in warehouse management
    is there any report with you guys kindly help me,
    or any standard report is there to display list of transfer orders in warehouse management
    Thanks,
    Rajesh
    Edited by: rajesh kumar kandagatla on Feb 11, 2009 9:27 PM

    Hi,
    If it is one time requirement, you can run the report LT23 and download the data to excel sheet and donwload material details in another sheet and you can match the temperature column in excel file.
    If it is permanent requirement, create a query and attach transaction code to that or write a seperate report for this requirement.
    Please let me know.
    Thanks
    Nagarajan

  • Match code list setting

    Hello,
    We have a specific match code list for a new field in the screen . We use Screen painter .
    When we display match code it will be displayed by default a list ALV . But here How can we change to a list Basic for the values of this match code . ( SAP Basic list not ALV list)
    Is there some way to change this setting for user ?
    Thanks

    Hi,
    I already added the field search help into screen, But here user need to have basic list for search help ,( This search help is for KUNNR,Name1...etc, And they want to have basic list when they press F4 , not normally AVL liste

  • Asymmetric NAT rules matched for forward and reverse flows - NAT Issue

    Having a problem with a VPN site trying to communicate to a subnet off my ASA 5505.   The network is simple, VPN IPSEC remote site is 192.168.6.0/24 and I can ping and access hosts on 192.168.10.0/24 (called InfraNet).   I am now trying to allow communications between 192.168.6.0/24 (called FD_net) to 192.168.9.0/24 (called Inside)
    The Error:
    5          Nov 12 2012          13:52:50                    192.168.9.19                                        Asymmetric NAT rules matched for forward and reverse flows; Connection for icmp src outside:192.168.6.11 dst inside:192.168.9.19 (type 8, code 0) denied due to NAT reverse path failure
    I understand this is a NAT issue; but I not seeing the error and could use a second set of eyes.   Here's my current running configuration.
    : Saved
    ASA Version 8.3(2)
    hostname fw1
    domain-name xxxxxxxx.xxx
    enable password <removed>
    passwd <removed>
    names
    interface Vlan1
    description Town Internal Network
    nameif inside
    security-level 100
    ip address 192.168.9.1 255.255.255.0
    interface Vlan2
    description Public Internet
    nameif outside
    security-level 0
    ip address 173.xxx.xxx.xxx 255.255.255.248
    interface Vlan3
    description DMZ (CaTV)
    nameif dmz
    security-level 50
    ip address 192.168.2.1 255.255.255.0
    interface Vlan10
    description Infrastructure Network
    nameif InfraNet
    security-level 100
    ip address 192.168.10.1 255.255.255.0
    interface Vlan13
    description Guest Wireless
    nameif Wireless-Guest
    security-level 25
    ip address 192.168.1.1 255.255.255.0
    interface Vlan23
    nameif StateNet
    security-level 75
    ip address 10.63.198.2 255.255.255.0
    interface Vlan33
    description Police Subnet
    shutdown
    nameif PDNet
    security-level 90
    ip address 192.168.0.1 255.255.255.0
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    switchport trunk allowed vlan 1,5,10,13
    switchport trunk native vlan 1
    switchport mode trunk
    speed 100
    duplex full
    interface Ethernet0/2
    switchport access vlan 3
    interface Ethernet0/3
    interface Ethernet0/4
    switchport trunk allowed vlan 1,10,13
    switchport trunk native vlan 1
    switchport mode trunk
    interface Ethernet0/5
    switchport access vlan 23
    interface Ethernet0/6
    shutdown
    interface Ethernet0/7
    switchport trunk allowed vlan 1
    switchport trunk native vlan 1
    switchport mode trunk
    shutdown
    banner exec                     Access Restricted to Personnel Only
    banner login                     Access Restricted to Personnel Only
    ftp mode passive
    clock timezone EST -5
    clock summer-time EDT recurring
    dns server-group DefaultDNS
    domain-name xxxxxxx.xxx
    same-security-traffic permit inter-interface
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object service IMAPoverSSL
    service tcp destination eq 993
    description IMAP over SSL     
    object service POPoverSSL
    service tcp destination eq 995
    description POP3 over SSL     
    object service SMTPwTLS
    service tcp destination eq 465
    description SMTP with TLS     
    object network obj-192.168.9.20
    host 192.168.9.20
    object network obj-claggett-https
    host 192.168.9.20
    object network obj-claggett-imap4
    host 192.168.9.20
    object network obj-claggett-pop3
    host 192.168.9.20
    object network obj-claggett-smtp
    host 192.168.9.20
    object network obj-claggett-imapoverssl
    host 192.168.9.20
    object network obj-claggett-popoverssl
    host 192.168.9.20
    object network obj-claggett-smtpwTLS
    host 192.168.9.20
    object network obj-192.168.9.120
    host 192.168.9.120
    object network obj-192.168.9.119
    host 192.168.9.119
    object network obj-192.168.9.121
    host 192.168.9.121
    object network obj-wirelessnet
    subnet 192.168.1.0 255.255.255.0
    object network WirelessClients
    subnet 192.168.1.0 255.255.255.0
    object network obj-dmznetwork
    subnet 192.168.2.0 255.255.255.0
    object network FD_Firewall
    host 74.94.142.229
    object network FD_Net
    subnet 192.168.6.0 255.255.255.0
    object network NETWORK_OBJ_192.168.10.0_24
    subnet 192.168.10.0 255.255.255.0
    object network obj-TownHallNet
    subnet 192.168.9.0 255.255.255.0
    object network obj_InfraNet
    subnet 192.168.10.0 255.255.255.0
    object-group service EmailServices
    description Normal Email/Exchange Services
    service-object object IMAPoverSSL
    service-object object POPoverSSL
    service-object object SMTPwTLS
    service-object tcp destination eq https
    service-object tcp destination eq imap4
    service-object tcp destination eq pop3
    service-object tcp destination eq smtp
    object-group service DM_INLINE_SERVICE_1
    service-object object IMAPoverSSL
    service-object object POPoverSSL
    service-object object SMTPwTLS
    service-object tcp destination eq pop3
    service-object tcp destination eq https
    service-object tcp destination eq smtp
    object-group service DM_INLINE_SERVICE_2
    service-object object IMAPoverSSL
    service-object object POPoverSSL
    service-object object SMTPwTLS
    service-object tcp destination eq https
    service-object tcp destination eq pop3
    service-object tcp destination eq smtp
    object-group network obj_clerkpc
    description Clerk's PCs
    network-object object obj-192.168.9.119
    network-object object obj-192.168.9.120
    network-object object obj-192.168.9.121
    object-group network TownHall_Nets
    network-object 192.168.10.0 255.255.255.0
    network-object object obj-TownHallNet
    object-group network DM_INLINE_NETWORK_1
    network-object 192.168.10.0 255.255.255.0
    network-object 192.168.9.0 255.255.255.0
    access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_2 any interface outside
    access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any host 192.168.9.20
    access-list StateNet_access_in extended permit ip object-group obj_clerkpc any
    access-list outside_2_cryptomap extended permit ip object-group DM_INLINE_NETWORK_1 object FD_Net
    pager lines 24
    logging enable
    logging asdm debugging
    logging mail errors
    logging from-address hostmaster@xxxxxxxxx
    logging recipient-address john@xxxxxxxxx level errors
    mtu inside 1500
    mtu outside 1500
    mtu dmz 1500
    mtu Wireless-Guest 1500
    mtu StateNet 1500
    mtu InfraNet 1500
    mtu PDNet 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-635.bin
    no asdm history enable
    arp timeout 14400
    nat (InfraNet,outside) source static TownHall_Nets TownHall_Nets destination static FD_Net FD_Net
    nat (inside,outside) source static TownHall_Nets TownHall_Nets destination static FD_Net FD_Net
    object network obj_any
    nat (inside,outside) static interface
    object network obj-claggett-https
    nat (inside,outside) static interface service tcp https https
    object network obj-claggett-imap4
    nat (inside,outside) static interface service tcp imap4 imap4
    object network obj-claggett-pop3
    nat (inside,outside) static interface service tcp pop3 pop3
    object network obj-claggett-smtp
    nat (inside,outside) static interface service tcp smtp smtp
    object network obj-claggett-imapoverssl
    nat (inside,outside) static interface service tcp 993 993
    object network obj-claggett-popoverssl
    nat (inside,outside) static interface service tcp 995 995
    object network obj-claggett-smtpwTLS
    nat (inside,outside) static interface service tcp 465 465
    object network obj-192.168.9.120
    nat (inside,StateNet) static 10.63.198.12
    object network obj-192.168.9.119
    nat (any,StateNet) static 10.63.198.10
    object network obj-192.168.9.121
    nat (any,StateNet) static 10.63.198.11
    object network obj-wirelessnet
    nat (Wireless-Guest,outside) static interface
    object network obj-dmznetwork
    nat (any,outside) static interface
    object network obj_InfraNet
    nat (InfraNet,outside) static interface
    access-group outside_access_in in interface outside
    access-group StateNet_access_in in interface StateNet
    route outside 0.0.0.0 0.0.0.0 173.166.117.190 1
    route StateNet 10.0.0.0 255.0.0.0 10.63.198.1 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    dynamic-access-policy-record DfltAccessPolicy
    http server enable 5443
    http 192.168.9.0 255.255.255.0 inside
    http 74.xxx.xxx.xxx 255.255.255.255 outside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto map outside_map 2 match address outside_2_cryptomap
    crypto map outside_map 2 set pfs
    crypto map outside_map 2 set peer 173.xxx.xxx.xxx
    crypto map outside_map 2 set transform-set ESP-3DES-SHA
    crypto map outside_map interface outside
    crypto isakmp enable outside
    crypto isakmp policy 10
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    telnet 192.168.9.0 255.255.255.0 inside
    telnet timeout 5
    ssh 192.168.9.0 255.255.255.0 inside
    ssh timeout 5
    console timeout 0
    dhcpd dns 208.67.222.222 208.67.220.220
    dhcpd lease 10800
    dhcpd auto_config outside
    dhcpd address 192.168.2.100-192.168.2.254 dmz
    dhcpd dns 8.8.8.8 8.8.4.4 interface dmz
    dhcpd enable dmz
    dhcpd address 192.168.1.100-192.168.1.254 Wireless-Guest
    dhcpd enable Wireless-Guest
    threat-detection basic-threat
    threat-detection statistics host number-of-rate 2
    threat-detection statistics port
    threat-detection statistics protocol
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    ntp server 63.240.161.99 source outside prefer
    ntp server 207.171.30.106 source outside prefer
    ntp server 70.86.250.6 source outside prefer
    webvpn
    group-policy FDIPSECTunnel internal
    group-policy FDIPSECTunnel attributes
    vpn-idle-timeout none
    vpn-tunnel-protocol IPSec l2tp-ipsec
    username support password <removed> privilege 15
    tunnel-group 173.xxx.xxx.xxx type ipsec-l2l
    tunnel-group 173.xxx.xxx.xxx general-attributes
    default-group-policy FDIPSECTunnel
    tunnel-group 173.xxx.xxx.xxx ipsec-attributes
    pre-shared-key *****
    smtp-server 192.168.9.20
    prompt hostname context
    call-home
    profile CiscoTAC-1
      no active
      destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
      destination address email [email protected]
      destination transport-method http
      subscribe-to-alert-group diagnostic
      subscribe-to-alert-group environment
      subscribe-to-alert-group inventory periodic monthly
      subscribe-to-alert-group configuration periodic monthly
      subscribe-to-alert-group telemetry periodic daily
    Cryptochecksum:e4dc3cef0de15123f11439822880a2c7
    : end
    Any ideas would be appreciated.
    John

    I don't see any inspection-commands in your config. Is there a reason for not using any of them?
    If your problem is only with ICMP, then you should enable at least icmp-inspection. You can do that easiely with the legacy command " fixup protocol icmp"
    Sent from Cisco Technical Support iPad App

  • %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.159.159.3/49204 dst tru777:10.1.34.19/3389 denied due to NAT reverse path failure

    Hi,
    I have an ASA5510 running version 8.2(5). I have set up a new network on interface Ethernet0/1.777 of the fwl. The firewall works perfectly with remote access VPNs but has now given me the error with the new network that has been set up:
    %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.159.159.3/49204 dst tru777:10.1.34.19/3389 denied due to NAT reverse path failure
    The difference between the other networks and the new one that I have set up is that this is the first one using a private addressing scheme. I understand that NAT is not allowing something along the way but I cant figure out what needs to change in order to get it to work. My config is as follows:
    interface Ethernet0/1.777
    description TRU 777
    vlan 777
    nameif tru777
    security-level 50
    ip address 10.1.34.17 255.255.255.240 standby 10.1.34.18
    access-list acl_tru777 remark * ALLOW ALL OUTBOUND *
    access-list acl_tru777 extended permit ip any any
    access-list RA-VPN extended permit ip 10.1.34.16 255.255.255.240 10.159.159.0 255.255.255.0
    access-list acl_no-nat extended permit ip 10.1.34.0 255.255.255.0 10.0.0.0 255.0.0.0
    access-list acl_no-nat extended permit ip 10.1.34.0 255.255.255.0 172.16.0.0 255.240.0.0
    access-list acl_no-nat extended permit ip 10.1.34.0 255.255.255.0 192.168.0.0 255.255.0.0
    access-list acl_ra-lock-tru777 extended permit ip 10.1.34.16 255.255.255.240 10.159.159.0 255.255.255.0
    access-list acl_ra-lock-tru777 extended permit ip 10.159.159.0 255.255.255.0 10.1.34.16 255.255.255.240
    ip local pool ra-pool 10.159.159.0-10.159.159.254 mask 255.255.255.0
    nat (tru777) 4 access-list acl_no-nat
    nat (tru777) 2 10.1.34.16 255.255.255.240
    global (outside) 2 x.x.x.x
    crypto isakmp nat-traversal 20
    I think that is everything you should need, if not please just ask.
    Thank you very much in advance,
    Chris

    Hi Julio,
    Here you go:
    FWL01# sh nameif
    Interface                Name                     Security
    Ethernet0/0              outside                    0
    Ethernet0/1              CLIENTS                 50
    Ethernet0/1.314        tru01                      50
    Ethernet0/1.313        dmz01                    50
    Ethernet0/1.316        tru02                      50
    Ethernet0/1.776        dmz776                  50
    Ethernet0/1.777        tru777                     50
    Management0/0       management           100
    FWL01#  sh run nat
    nat (tru02) 1 192.168.3.0 255.255.255.240
    nat (tru777) 4 access-list acl_no-nat
    nat (tru777) 2 10.1.34.16 255.255.255.240
    FWL01#    sh run glob
    global (outside) 1 interface
    global (outside) 2 x.x.x.x
    Thanks,
    Chris

  • Asymmetric NAT rules matched for forward and reverse flows

    Hi! I don't know why this comes up in the logs when I have configured my vpn like so:
    crypto dynamic-map L2L_MAP 50 set reverse-route
    crypto dynamic-map OUTSIDE_dyn_map 20 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 40 set pfs
    crypto dynamic-map OUTSIDE_dyn_map 40 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 60 set pfs
    crypto dynamic-map OUTSIDE_dyn_map 60 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 65535 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 65535 set security-association lifetime seconds 288000
    crypto dynamic-map OUTSIDE_dyn_map 65535 set security-association lifetime kilobytes 4608000
    crypto dynamic-map INSIDE_dyn_map 20 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 20 match address IDP_VPN
    crypto map L2L_MAP 20 set peer x.x.x.x
    crypto map L2L_MAP 20 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 40 match address cp_l2l_map_40
    crypto map L2L_MAP 40 set peer x.x.x.x
    crypto map L2L_MAP 40 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 60 match address bwi_l2l
    crypto map L2L_MAP 60 set peer x.x.x.x
    crypto map L2L_MAP 60 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 80 match address outside_80_cryptomap
    crypto map L2L_MAP 80 set peer x.x.x.x
    crypto map L2L_MAP 80 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 65535 ipsec-isakmp dynamic OUTSIDE_dyn_map
    crypto map L2L_MAP interface outside
    crypto map INSIDE_map 65535 ipsec-isakmp dynamic INSIDE_dyn_map
    crypto map INSIDE_map interface inside
    I am able to connect successfully via vpn client.  Its just that i cant reach the internal servers...  Any ideas?
    i get this error:
    Oct 18 2012 00:52:37: %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for udp src outside:10.10.13.221/137 dst inside:10.10.13.255/137 denied

    I put in the important configs:
    interface GigabitEthernet0/0
    nameif outside
    security-level 0
    ip address x.x.x.x 255.255.255.0 standby x.x.x.x
    ospf cost 10
    interface GigabitEthernet0/1
    nameif inside
    security-level 100
    ip address 10.10.13.5 255.255.255.0 standby 10.10.13.6
    ospf cost 10
    interface GigabitEthernet0/2
    nameif dmz
    security-level 50
    no ip address
    ospf cost 10
    interface GigabitEthernet0/2.720
    vlan 720
    nameif dmz-vsp
    security-level 50
    ip address 172.24.0.1 255.255.255.0 standby 172.24.0.2
    ospf cost 10
    interface GigabitEthernet0/2.724
    vlan 724
    nameif dmz-dbz
    security-level 75
    ip address 172.24.4.1 255.255.255.0 standby 172.24.4.2
    ospf cost 10
    interface GigabitEthernet0/2.725
    vlan 725
    nameif dmz-smtp
    security-level 50
    ip address 172.24.5.1 255.255.255.0 standby 172.24.5.2
    ospf cost 10
    dns domain-lookup outside
    dns domain-lookup inside
    dns server-group DefaultDNS
    name-server 10.10.10.50
    domain-name xxxx.local
    access-list nonatacl extended permit ip 10.10.0.0 255.255.0.0 10.40.4.0 255.255.255.0
    access-list nonatacl extended permit ip 172.16.0.0 255.255.0.0 10.40.4.0 255.255.255.0
    access-list nonatacl extended permit ip 192.168.2.0 255.255.255.0 10.40.4.0 255.255.255.0
    access-list nonatacl extended permit ip 192.168.3.0 255.255.255.0 10.40.4.0 255.255.255.0
    access-list nonatacl extended permit ip 10.10.0.0 255.255.0.0 10.40.14.0 255.255.255.0
    access-list nonatacl extended permit ip 10.10.13.0 255.255.255.0 10.10.10.0 255.255.255.0
    access-list nonatacl extended permit ip 10.10.10.0 255.255.255.0 10.10.13.0 255.255.255.0
    access-list nonatacl extended permit ip 10.10.13.0 255.255.255.0 192.168.6.0 255.255.255.0
    access-list nonatacl extended permit ip 192.168.6.0 255.255.255.0 10.10.13.0 255.255.255.0
    ip local pool inshse-vpn-pool2 192.168.6.220-192.168.6.230 mask 255.255.255.0
    global (outside) 201 192.168.16.1-192.168.16.250
    global (outside) 202 10.201.5.145-10.201.5.158
    global (outside) 4 10.10.13.180-10.10.13.189 netmask 255.0.0.0
    global (outside) 101 interface
    global (outside) 1 x.x.x.x netmask 255.0.0.0
    global (inside) 204 10.10.13.70-10.10.13.79 netmask 255.0.0.0
    nat (inside) 0 access-list nonatacl
    nat (inside) 201 access-list NAT_TO_IDP
    nat (inside) 202 access-list inside2-vsp_nat_outbound
    nat (inside) 101 0.0.0.0 0.0.0.0
    nat (dmz-vsp) 202 access-list dmz-vsp_nat_outbound
    nat (dmz-vsp) 101 0.0.0.0 0.0.0.0
    route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
    route inside 10.0.0.0 255.240.0.0 10.10.13.1 1
    route inside 10.40.1.0 255.255.255.0 10.10.13.1 1
    route inside 10.40.2.0 255.255.255.0 10.10.13.1 1
    route inside 10.40.3.0 255.255.255.0 10.10.13.1 1
    route inside 10.40.4.0 255.255.255.0 10.10.13.1 1
    route inside 10.40.13.0 255.255.255.0 10.10.13.1 1
    route inside 10.40.254.0 255.255.255.0 10.10.13.1 1
    route inside 172.16.0.0 255.255.0.0 10.10.13.1 1
    route inside 192.168.2.0 255.255.255.0 10.10.13.1 1
    dynamic-access-policy-record DfltAccessPolicy
    aaa-server VPN_Auth protocol radius
    aaa-server VPN_Auth (inside) host 10.10.2.20
    timeout 5
    key *****
    no mschapv2-capable
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map L2L_MAP 50 set reverse-route
    crypto dynamic-map OUTSIDE_dyn_map 20 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 40 set pfs
    crypto dynamic-map OUTSIDE_dyn_map 40 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 60 set pfs
    crypto dynamic-map OUTSIDE_dyn_map 60 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 65535 set transform-set ESP-3DES-SHA
    crypto dynamic-map OUTSIDE_dyn_map 65535 set security-association lifetime seconds 288000
    crypto dynamic-map OUTSIDE_dyn_map 65535 set security-association lifetime kilobytes 4608000
    crypto dynamic-map INSIDE_dyn_map 20 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 20 match address IDP_VPN
    crypto map L2L_MAP 20 set peer x.x.x.x
    crypto map L2L_MAP 20 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 40 match address cp_l2l_map_40
    crypto map L2L_MAP 40 set peer x.x.x.x
    crypto map L2L_MAP 40 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 60 match address nonatacl
    crypto map L2L_MAP 60 set peer x.x.x.x
    crypto map L2L_MAP 60 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 80 match address outside_80_cryptomap
    crypto map L2L_MAP 80 set peer x.x.x.x
    crypto map L2L_MAP 80 set transform-set ESP-3DES-SHA
    crypto map L2L_MAP 65535 ipsec-isakmp dynamic OUTSIDE_dyn_map
    crypto map L2L_MAP interface outside
    crypto map INSIDE_map 65535 ipsec-isakmp dynamic INSIDE_dyn_map
    crypto map INSIDE_map interface inside
    crypto isakmp enable outside
    crypto isakmp enable inside
    crypto isakmp enable dmz
    crypto isakmp enable dmz-vsp
    crypto isakmp policy 20
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    crypto isakmp policy 65535
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    no vpn-addr-assign aaa
    no vpn-addr-assign dhcp
    group-policy ihasavpn2_gp internal
    group-policy ihasavpn2_gp attributes
    dns-server value 10.10.10.52
    vpn-tunnel-protocol IPSec
    default-domain value xxxx.local
    tunnel-group ihasavpn2 type remote-access
    tunnel-group ihasavpn2 general-attributes
    address-pool inshse-vpn-pool2
    authentication-server-group VPN_Auth
    authentication-server-group (inside) VPN_Auth
    default-group-policy ihasavpn2_gp
    tunnel-group ihasavpn2 ipsec-attributes
    pre-shared-key *****
    tunnel-group ihasavpn2 ppp-attributes
    authentication ms-chap-v2

  • Break Up of Actual Costs in a report for list of orders

    Hi All,
    SAP standard reports displays only the total planned & total actual costs.
    Is there any standard report available which can display break up of planned & actual costs along with total costs, for list of orders (e.g: time, material and external resources consumption).
    Thanks in advance
    JK

    hi
    you can find the material cost,external service etc in the standard cost report itself select the change layout and select the items you want to display ,you can get the result
    regards
    thyagarajan

  • Report For list of material Master with PO text

    Hi all,
    I need a report whether it is available in Standard SAP or a customized, for List of Material Master with their PO text.
    If any one can help, please reply to this theard.
    Regards,
    Kapil Kulkarni

    To get the material number combined with the PO text you will need the help of an ABAP programmer.  The programmer can create a report for you using the function module READ_TEXT in the function group STXD.  The tables to use are:
    STXH - STXD SAPscript text file header
    STXL - STXD SAPscript text file lines
    The selection screen should have at least the following:
    OBJECT - STXH-TDOBJECT
    NAME - STXH-TDNAME
    LANGUAGE - STXH-TDSPRAS
    TEXTID - STXH-TDID
    You find the information for these fields by going to the PO text entry screen and displaying the header information under Goto -> Header.  For materials, the object is MATERIAL, the name is "material number", the language is "EN", and the text ID is BEST.  You can use this program to get long text in lots of places like information records, purchase order texts, etc.
    Hope this helps.

  • Report for list of POs for with Invoice has not been posted

    Hi All
    Can anybody tell me the report for list of PO' for which GR has already been done but Invoice is not posted
    Thnks
    Ranjith

    Hi
    Try Report ME2M,
    With input selection parameter  "WE101".
    Hope this helps.
    Harish

  • Report on delivery data in item level for list of po

    Dear all
             How to take Report on delivery data in item level for list of po
    regards
    M.Chandra mohan

    You can check any of the standard reports like ME2M with the selection variant as "PO where GR exists"

  • Report for List of Park Doc in FB60

    What Want a report for  List of Park Doc in FB60?

    Hi
    You can see the it in FBV3 and click on the list , here you can see the complete list based on the parameters entered by you.
    you can post it using FBV0.
    Anand

  • ITunes match for a large number of devices, 4 people, and as a backup solution.

    I am interested in using iTunes match for two central reasons:
    1.  Backing up my music library.  Is iTunes Match an solution for this?  Or not really?  I get the fact that my purchases are protected, but what about the music I uploaded from purchased CD's. 
    Question:  Can I consider iTunes Match at $24.99/year the cost of backing up 60GB of music to the cloud?
    2.  Sharing my music library across a number of devices.  We are a family of 4 with farily extensive MAC, iPhone, iPad usage, including ...
    1 iMac (Music server), 3 Power books (Indivudal work machines), 2 iPads, Apple TV,  and 4 iPhones.  We have 4 Mobile me accounts, moving to ICloud.
    The problem I have is that I can never effectively coordinate the music library across the devices.  80GB of iTunes library is too much to load across all the devices and I never seem to have the song I'm looking for at the time I desire it on a particular device, other then the family iMAC server which has the whole library on it.
    Question:  Seems like iTunes Match is an ideal solution, but can it handle the diverse spectrum and number of devices I have?  Ideally I want to thnk of iTunes Matchas, 1 central library avaialble on all devices, all the time.
    Thank you in advance for any opinions.
    MikeK

    mek wrote:
    Question:  Seems like iTunes Match is an ideal solution, but can it handle the diverse spectrum and number of devices I have?  Ideally I want to thnk of iTunes Matchas, 1 central library avaialble on all devices, all the time.
    Think of iTunes Match as a central library from which "satellite" libraries can pull any time they have an Internet connection.
    Functionally, if all those devices are in your house, iTunes Match doesn't give you much that Home Sharing doesn't already offer.  With Home Sharing all your Macs can easily "fill in the gaps" from the "master" library.  Of course, that requires that the machine with the "master" library is always online and iTunes is always running on it, which might not be the case.  AppleTVs and iPads sync to that "master" library and so what is on them is configured from the master library computer, not the device itself.
    What iTunes Match offers you is:
    1.  Your "canonical" library lives "in the cloud" and so you don't have to have a home server up and running iTunes at all times.
    2.  Your "canonical" library lives "in the cloud" and so you can update from it any time you have an internet connection, not just when you are at home.
    3.  The workflow for updating from the canonical library is much better than the clunky "Home Sharing" interface.
    4.  Any "matched" songs (I found that in my library only about 65% were successfully matched; I'm not sure why) will be available at 256kbps AAC, which might be higher quality than what you have in your library currently (especially if you have imperfections like CD skipping, etc, in the tracks).  Of course, anything iTunes can't match to its own library will remain just as imperfect as ever.
    The downside (versus Home Sharing) is:
    1.  Everything needs to get copied onto a device from the Internet, which is likely to take much longer than just Home Sharing over your home wireless network.
    Seems like a pretty good system.  I've signed up for it and am happy with what I've seen so far.

  • HT204074 I have our music collection on iTunes Match for my PC, ipad and iphone.  Can I share that music collection with my wife so she can play that with her iphone?  Even though she has a different Apple ID from me?

    I have our music collection on iTunes Match for my PC, ipad and iphone. 
    Can I share that music collection with my wife so she can play that with her iphone?  Even though she has a different Apple ID from me?

    Her iPhone will need to be set up to iTunes Match using your Apple ID to be able to share music via iTunes Match. Otherwise you'll have to download the music to your computer and then copy those tracks into her iTunes library, assuming hers is separate.
    Regards.

  • Create search refiner for list name in sharepoint 2013

    Hi everybody!
    How could I create a search refiner for list name in SharePoint 2013?? I think I can create a search refiner for list ID but how could I show list name base on list id to users in refinement webpart??

    you can create your custom Manged property and use content enrichment to fill the managed property 
    http://blogs.msdn.com/b/richard_dizeregas_blog/archive/2013/06/19/advanced-content-enrichment-in-sharepoint-2013-search.aspx
    Hope that helps|Amr Fouad|MCTS,MCPD sharePoint 2010

  • SCCM 2012 SP1 - OS Deployment - hash could not be matched for the downloded content

    I've got a newly deployed SCCM 2012 SP1 running on Windows Server 2012. The W2K12 runs as vm on ESX 5.1. I'm having very odd issues with OS deployment. The TS keeps failing when processing SCCM client installation - it downloads the package but then it fails
    straight away with the 80091007 - hash values couldn't be matched error - some extract from smsts.log attached below. It's very consistent, it happens every time - it downloads and applies the image fine straight after that it bombs out.
    What is very interesting is that it works perfectly fine when I deploy vms (on the same or different host) - the issue seems to be be only affecting physical machines (laptops desktops). This might suggest some network issues (vSwitch with Cisco switches) but
    the config on the switch is very simple and this shouldn't be the case.
    I had a few virtualised SCCM 2007 installations (ESX 5 and 4) and it always worked with no problems.
    I tried to recreate the package (changing source directory), turn binary differential replication on and off, copy the content of the package to the dist point or not copy. Push client installation (or other package deployments) work fine
    When I tried to deploy with no download - sometimes it works but most of the time I'd get the files/folder corrupt error (can't remember the No)
    This is starting to drive me crazy - There are some significant changes in the way SCCM 2012 is validating package integrity (like Content Lib folder) but the consistency of this problem is just very odd.
    Anyone has any clues?
    thanks
     - Downloaded file from http://GTKVMGMT05.GTK.LOC...m?/x64/wic_x64_enu.exe to C:\_SMSTaskSequence\Packages\GTK0000C\x64/wic_x64_enu.exe 
     - Download done setting progress bar to 100
    VerifyContentHash: Hash algorithm is 32780
    c:\_smstasksequence\packages\GTK0000c\i386 is a directory. Setting directory security
    c:\_smstasksequence\packages\GTK0000c\x64 is a directory. Setting directory security
     - Hash could not be matched for the downloded content. Original ContentHash = 5EF3A189C48F3469440A83026EC8ECD36EAD6EAF3B5D35663F8201BDE175413C, Downloaded ContentHash = FA4516EDD2D7907F8FA472A3E1B717DF2DD4A0976CD4CEAE11045EE62EC8C661
    0L == TS::Utility::VerifyPackageHash(pszContentID, sDestination), HRESULT=80091007 (e:\nts_sccm_release\sms\framework\tscore\resolvesource.cpp,2999)
     - DownloadContentAndVerifyHash(pszPackageID, L"SMSPackage", saHttpContentSources, saSMBContentSources, saMulticastContentSources, sDestination, dwFlags, L"", 0, dwPackageFlags, pszUserName, pszUserPassword ), HRESULT=80091007 (e:\nts_sccm_release\sms\framework\tscore\resolvesource.cpp,3106)
     - DownloadContentLocally(pszSource, sSourceDirectory, dwFlags, hUserToken, pszUserName, pszUserPassword), HRESULT=80091007 (e:\nts_sccm_release\sms\framework\tscore\resolvesource.cpp,3331)
    ResolveSource(pszSource, sSourceDirectory, dwFlags, 0, 0, 0), HRESULT=80091007 (e:\nts_sccm_release\sms\framework\tscore\resolvesource.cpp,3221)
    TS::Utility::ResolveSource(sClientPackageID, sClientPackagePath), HRESULT=80091007 (e:\nts_sccm_release\sms\client\osdeployment\osdgina\basesetuphook.cpp,1655)
     - Failed to resolve package source "GTK0000C"
     - Exiting ConfigureEx: 0x80091007
     - BaseSetupHook::configure(sWindowsDir), HRESULT=80091007 (e:\nts_sccm_release\sms\client\osdeployment\osdgina\osdsetuphook.cpp,292)
     - Failed to configure OSD setup hook (0x80091007)
     - Failed to configure OSD setup hook (0x80091007)

    is this the only indication of a problem in your smsts.log file ? did you apply the
    authenticode hotfix or have you
    downloaded the SP1 media after that hotfix was applied ?
    Step by Step Configuration Manager Guides >
    2012 Guides |
    2007 Guides | I'm on Twitter > ncbrady

Maybe you are looking for

  • How to re-install OS 10.2.8?

    There's a software glitch developed in OS 10.2.8 in my trusty Power Mac G4. Can't solve it, so I guess I have to do a re-install. Problems are: 1) I don't have the original software disks (the used system was a gift), and 2) I've never done an OS re-

  • FTP Receiver Adapter parameters

    Hello everyone! I have configured a scenario wherein XI sends a <b>PO.xml</b> file to a folder in an FTP server through the File Adapter (Receiver). Right now, I'm getting an error: <i><b>Error Category: XI_J2EE_ADAPTER_FILE Error Code: PROCESSING_ER

  • One way only video on ichat with aim to pc

    I can only get one way video. I have a imac and my friend has a pc. He downloaded aim 6.8 and I also got an aim account. When we try to video conference with ichat he can see me fine but I can't see him. He also has a built in camera. The instant mes

  • How-To Application Acknowledgment SAP - XI -Legacy

    Hi there, I need to implement in XI an interface which receive goods receipt records (in a batch file) from legacy, these records are then mapped into (ToBeDecided interface - Choices are Idoc or ABAP proxy) and sent to SAP. So far very straight forw

  • Best settings for highest quality for exporting a .mov  file to h.264

    Hi, I want to know what the best settings are for the highest quality for exporting a .mov file (720p50) to h.264. I want the same quality as the original. I want to know the data rate etc. regards, Jeroen Message was edited by: Woudgraaf-AV