Unabe to ping Remote Node
Hi:
I have PS FMS 9.0 and PS HRMS 9.0 IBs (both PT 8.49.18) configured for SSO and messaging. I am able to ping remote node - PSFT_EP from HRMS environment but unable to ping remote node - PSFT_HR from FMS environment. I have performed the steps mentioned in the following thread:
Re: PeopleSoft Integration Broker from FSCM9 [PT8.48] to CRM9 [PT8.49]
But still I get the following message in app server log file:
PeopleSoft Token authentication failed: token has expired: VP1@JavaClient
Any suggestions?
Thanks,
Sameer.
Is your gateway configured on SSL?
If its the default value on both the sides is same you could try the following:
1> Ensure the time zone diff (*IF ANY*) b/w the web n App server of the HR & FMS is catered for.
2> Try increasing the log fence to 5 on both the sides and ping the nodes to capture the Auth Token value.
Similar Messages
-
Integration Broker - PTool 8.50 - Pinging remote node errors out
Hi! I am trying to configure default local nodes on HCM 9.1 and FSCM 9.1, both systems have PeopleTools 8.50.
HCM 9.1 is installed on Windows 7 Home Premium. DB is Oracle 10g
FSCM 9.1 is installed on Windows 2003 server. DB is Oracle 10g
Problem:
=====
When I ping remote node from HCM 9.1 it displayes the following message
“PeopleSoftTargetConnector - The application server is down (or not responding). Check AppServer URL.”
When I ping the remote node from FSCM 9.1 then I get the following message:
“PSFT Authentication token failed for Node PSFT_HR. (158,454)”
Setup Details:
=========
Here are steps I followed on both systems:
FSCM 9.1. side :
=========
1.Defined local gateway. http://<My-Machine B>:/PSIGW/PeopleSoftListeningConnector When I ping it from Gateway page, it shows it is active.
2.Renamed default node PSFT_EP to PSFT_TRN. Before renaming ran the appmsgpurgeall.dms script from <PS_HOME>\scripts\ to make sure there are no references to PSFT_EP in runtime tables. This is PS supplied dms script and they recommend to run this script before renaming any node (It should be done at the initial setup time).
3.On the Node page, PSFT_TRN node is defined as default node. Specified the default user Id as ‘PTINT’ the common User id created by cloning ‘VP1’. On the ‘Connectors’ tab Gateway ID is ‘LOCAL’ and connector id is ‘PSFTTARGET’. From the ‘Connectors’ tab Pinged the PSFT_TRN node and it was pinged successfully.
4.On Gateway Properties page, defined "APP Server URL" as ‘<Machine Name B>:9000, user Id/pwd as ‘PTINT’ and tool release as ‘8.50’.
5.Defined PSFT_TRN node, with APP Server URL as ‘<Machine Name B>:9000, user Id/pwd as ‘PTINT’ and tool release as ‘8.50’. When I ping this node, it is pinged successfully.
6.Inserted another node PSFT_HR, with APP Server URL as ‘<Machine Name A>:9000, user Id/pwd as ‘PTINT’ and tool release as ‘8.50’. When I ping PSFT_HR node from this page I get the following error:
“PSFT Authentication token failed for Node PSFT_HR. (158,454)”
HCM 9.1. side:
=========
1.Defined local gateway. http://<My-Machine A>:/PSIGW/PeopleSoftListeningConnector. When I ping it from Gateway page, it shows it is active.
2.On the Node page made sure ‘PSFT_HR’ node is default and active. Specified the default user Id as ‘PTINT’ the common User id created by cloning ‘PS’. On the ‘Connectors’ tab Gateway ID is ‘LOCAL’ and connector id is ‘PSFTTARGET’. From the ‘Connectors’ tab clicked on ‘Ping Node’ button for PSFT_HR node and it was pinged successfully.
3.On Gateway Properties page, defined "APP Server URL" as '<Machine Name A>:9000', user Id/pwd as ‘PTINT’ and tool release as ‘8.50’.
4.Defined PSFT_TRN node, with "APP Server URL" as ‘<Machine Name B>:9000', user Id/pwd as ‘PTINT’ and tool release as ‘8.50’. When I ping this node, the following message is displayed:
“PeopleSoftTargetConnector - The application server is down (or not responding). Check AppServer URL.”
Basically, I am unable to ping remote node on both systems. Local node ping successfully on both systems.
Has any one encountered similar problem and found a solution?
Thanks
Raj
Edited by: 865522 on Jun 13, 2011 2:18 PMYes, I could ping both machines from each other.
Here is the host file contents from Windows 7:
127.0.0.1 localhost
::1 localhost
127.0.0.1 activate.adobe.com
192.168.1.106 RAJ-PC
Here is from Window 2003 server:
127.0.0.1 localhost
192.168.1.100 saroja
Both nodes are listed under PeopleTools>Security Objects> Single Signon
Both nodes are secured with userid/pwd on Node page.
One of my machine had fire wall on, so I swtiched the fire wall off. Now machine A can ping both nodes but machine B can ping only local node. Pinging remote node displays "User name not defined in database".
Raj
Edited by: Raj on Jun 13, 2011 11:37 PM -
SSH User equivalence is not set up on the remote nodes
I'm getting the above message when trying to push deploy a Linux agent 10.2.0.2 from an OEM.
I have run the sshUserSetupNT.sh succesfully - I believe there were no error messages being returned.
I can cygwin ssh to connect successfully to the linux box and issue commands without providing a password.
- and I've run the failing command from the log below successfully from a command prompt. (changed it to run date)
C:/cygwin/bin/ssh.exe -o FallBackToRsh=no -o PasswordAuthentication=no -o StrictHostKeyChecking=yes -l oraoem centos5 /bin/sh -c '/bin/date '
I appears to be complaining about an RSA key - but how can that be when I can connect from a command prompt succesfully.
Any suggestions!
snip from deployment logfile
=======================================================================
Performing check for CheckSSHEquivalence
Does SSH equivalence exist with the remote nodes
Setting username to oraoem
Setting FallbackToRSH to false
Setting REMOTE_PATH_PROPERTIES_LOC to D:\OracleHomes\oms10g\/sysman/agent_download/10.2.0.2.0/linux/agentdeploy
C:\WINDOWS\system32\ping.exe#centos5#-n#5#-w#5000
C:\WINDOWS\system32\ping.exe centos5 -n 5 -w 5000
Exitcode of the remote command [rnode centos5]: 0
Errstream [rnode centos5]:
CommandResult status [rnode centos5]: true
C:/cygwin/bin/ssh.exe#-o#FallBackToRsh=no#-o#PasswordAuthentication=no#-o#StrictHostKeyChecking=yes#-l#oraoem#centos5#/bin/sh#-c#'/bin/true '
C:/cygwin/bin/ssh.exe -o FallBackToRsh=no -o PasswordAuthentication=no -o StrictHostKeyChecking=yes -l oraoem centos5 /bin/sh -c '/bin/true '
Exitcode of the remote command [rnode centos5]: 255
Errstream [rnode centos5]: No RSA host key is known for centos5 and you have requested strict checking.
Host key verification failed.
CommandResult status [rnode centos5]: false
Expected result: centos5
Actual Result: Problem: 'PROV-16018: The command C:/cygwin/bin/ssh.exe failed.'
Check complete. The overall result of this check is: Failed <<<<
Check complete: Failed <<<<
Problem: SSH equivalence check has failed
Recommendation: Setup SSH equivalence with the remote hosts and retryReboot the box and try again.
-
The selected remote nodes 'node3' are not accessible
Hello,
I removed node3 from 2 node RAC Cluster.
After this I have re-add this node to my RAC. I added without any problem to CRS but I have a problem with script addNode.sh (/u01/app/oracle/product/crs/oui/bin).
I have to separate homes for ORACLE_HOME and ASM_HOME, so I need to run this script twice for each ORACLE_HOME.
I run addNode.sh from one of the cluster nodes (node1), if I run:
export ORACLE_HOME=/u01/app/oracle/product/11.1.0/asm
cd $ORACLE_HOME/oui/bin
./addNode.sh -silent CLUSTER_NEW_NODES={node3} CLUSTER_NEW_PRIVATE_NODE_NAMES={node3-priv} CLUSTER_NEW_VIRTUAL_HOSTNAMES={node3-vip}
I got the following error:
Performing tests to see whether nodes node2,node3 are available
............................................................SEVERE:The selected remote nodes 'node3' are not accessible.
... 100% Done.
I reviewed logs located in /u01/app/oraInventory/logs I found
Status of node 'node3':
null
The virtual host name 'node3-vip' for node 'node3' is already in use.
I checked crs_stat from $ORA_CRS_HOME, but all applications (ons, gsd, vip) and targets are ONLINE. I tried to run vipca -nodelist node1,node2,node3 and updated a configuration. I checked /etc/hosts, connection via SSH between all hosts belonging to RAC: node1, node1-vip, node1-priv etc. Everything looks like fine, so I have no idea what caused this problem.
Software which I used:
Linux: UNL 5.4 x86_64
11g Release 11.1.0.7.0 - 64bit, Oracle Clusterware
Thank you for your answer,
Best Regards,
Edited by: user4924714 on 2010-02-15 07:50Hi,
Thanks for your reply.
I am running addNode.sh from node which already exist in the Rac Cluster. I tried on node1, node2 but the resulat are the same.
Best regards, -
11gr2 - 11.2.0.2 -root.sh executed on remote node first can harm anything ?
Hello Expert,
It seems like we have Oracle GRID forum having some issue so i am posting grid Question on Real Application Clusters forum.
I am installing 11gr2 - 11.2.0.2 Grid infrastructure on Red hat linux 5- x86_64 (Host01-04, Host01-LOCAL and Host 02-04 REMOTE) . During install it pop up to execute
orainstRoot.sh,root.sh as root and they clearly mentioned that execute
orainstRoot.sh,root.sh on local node first and then the remote node. But by mistake i have executed root.sh on remote node first HOST02 (Host01-04, Host01-LOCAL and Host 02-04 REMOTE).
Does it really affect anything?
Thanks in Advance.
BillyYes, you're right.
Its a empty Prod Box where nothing is running but eventually it would become Production LIVE box with Prod Database instances.
Yes, Only concerns about the master instance .As you seen below host 2 is master right node right now.without bringing down the node 2 can i convert node 1 to master.
we are not using ASM so you'll see ASM services in OFFLINE state.
HOST1: crsstat
Resource Target State
ora.LISTENER.lsnr ONLINE ONLINE on host1
ora.LISTENER_SCAN1.lsnr ONLINE ONLINE on host1
ora.LISTENER_SCAN2.lsnr ONLINE ONLINE on host3
ora.LISTENER_SCAN3.lsnr ONLINE ONLINE on host2
ora.asm OFFLINE OFFLINE
ora.cvu ONLINE ONLINE on host2---
ora.gsd OFFLINE OFFLINE
ora.net1.network ONLINE ONLINE on host1
ora.oc4j ONLINE ONLINE on host2---
ora.ons ONLINE ONLINE on host1
ora.registry.acfs OFFLINE OFFLINE
ora.scan1.vip ONLINE ONLINE on host1
ora.scan2.vip ONLINE ONLINE on host3
ora.scan3.vip ONLINE ONLINE on host2
ora.host1.ASM2.asm OFFLINE OFFLINE
ora.host1.LISTENER_host1.lsnr ONLINE ONLINE on host1
ora.host1.gsd OFFLINE OFFLINE
ora.host1.ons ONLINE ONLINE on host1
ora.host1.vip ONLINE ONLINE on host1
ora.host2.ASM1.asm OFFLINE OFFLINE
ora.host2.LISTENER_host2.lsnr ONLINE ONLINE on host2
ora.host2.gsd OFFLINE OFFLINE
ora.host2.ons ONLINE ONLINE on host2
ora.host2.vip ONLINE ONLINE on host2
ora.host3.ASM3.asm OFFLINE OFFLINE
ora.host3.LISTENER_host3.lsnr ONLINE ONLINE on host3
ora.host3.gsd OFFLINE OFFLINE
ora.host3.ons ONLINE ONLINE on host3
ora.host3.vip ONLINE ONLINE on host3
ora.host4.ASM4.asm OFFLINE OFFLINE
ora.host4.LISTENER_host4.lsnr ONLINE ONLINE on host4
ora.host4.gsd OFFLINE OFFLINE
ora.host4.ons ONLINE ONLINE on host4
ora.host4.vip ONLINE ONLINE on host4
Billy. -
Want to keep the data on one node and allow remote nodes to read it?
by default, we have a distributed cache with backupcount=1 and data is kept over all the members in equal parts
is there a way to do set it another way: i need only one 'main' node to put entries into the cache and keep them locally, while remote nodes can only read entries? the reason for that - i want to update the entries on the main node quite frequently (do not them travel anywhere over the network) - while remote read operations are infrequent. Also, Iwant the whole dataset survive the shutdown of any secondary node. In other words, I need 'all eggs in one backet' with remote read access.Andrey -
Provided the 'remote/secondary' nodes are within the local area network, you could use a dedicated distributed cache service; storage enabled
on the 'main' node and storage disabled on the 'secondary' nodes. Access from outside the LAN will require configuring a proxy service on the
'main' node and 'secondary' node access over Coherence*Extend.
/Mark -
How to asmcmd cp non ASM files to ASM on a remote node
We have a 8TB database, RDBMS 11,1. on Solaris 10, non ASM. Need to copy the 1290 files to remote node of AIX ASM to prepare for a upgrading to 11.2.0.2.
We tried to use asmcmd cp to copy the files directly from non ASM too ASM remotely, but did not work.
$ asmcmd cp -ifr [email protected]:/oradata/prdsdev/datafiles/dev_4.dbf +PRDSU_DATA/PRDSU/TEMPFILE/dev_4.dbf
Enter password: ********
Argument "normal" isn't numeric in numeric ge (>=) at /optware/oracle/11.2.0.2/grid/lib/asmcmdshare.pm line 1676.
errors
ORA-01031: insufficient privileges (DBD ERROR: OCISessionBegin)
We were using the user fttr. Do we need to login as SYSASM, do we need to go through OS auth, any other privilege required. What instance do we need to login, regular database that is using the data files, or ASM instance is goin g to manage the files.
Thanks in advance1. my previous question is if asmcmd cp can accomplish the task.
2. RMAN COPY, as I know, will either copy non asm files to ASM files locally, or copy files asm to asm across nodes. which means that we have to do two steps, rather copy the non asm files to a node of asm directly. -
DBCA does not show the remote nodes on a RAC 10.2.0.2 HP-ITANIUM
HI at all,
I have a problem and I hope someone can help me.
A collegue have installed CRS and the Oracle HOME for a RAC 10.2.0.2 on a HP-ITANIUM ( two nodes) .
Im'm using the dbca for creating a cluster database.
I can see the RAC option pages , but in the "select nodes page" I found only the local node and not the remote node.
Any suggestion is appreciated
thank you
Adriano
$ crs_stat
NAME=ora.itmicz50.LISTENER_ITMICZ50.lsnr
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz50
NAME=ora.itmicz50.gsd
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz50
NAME=ora.itmicz50.ons
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz50
NAME=ora.itmicz50.vip
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz50
NAME=ora.itmicz51.LISTENER_ITMICZ51.lsnr
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz51
NAME=ora.itmicz51.gsd
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz51
NAME=ora.itmicz51.ons
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz51
NAME=ora.itmicz51.vip
TYPE=application
TARGET=ONLINE
STATE=ONLINE on itmicz51
and the olsnodes command :
$ olsnodes
itmicz50
itmicz51
Message was edited by:
user549224
nullHI Chandra,
thank you very much for your reply. I suppose the oraInventory is the same, however the contents of inventory.xml file is this:
<?xml version="1.0" standalone="yes" ?>
<!-- Copyright (c) 2005 Oracle Corporation. All rights Reserved -->
<!-- Do not modify the contents of this file by hand. -->
<INVENTORY>
<VERSION_INFO>
<SAVED_WITH>10.2.0.1.0</SAVED_WITH>
<MINIMUM_VER>2.1.0.6.0</MINIMUM_VER>
</VERSION_INFO>
<HOME_LIST>
<HOME NAME="OUIHome1" LOC="/work/app/oracle/product/CRS" TYPE="O" IDX="1" CRS="true">
<NODE_LIST>
<NODE NAME="itmicz50"/>
<NODE NAME="itmicz51"/>
</NODE_LIST>
</HOME>
<HOME NAME="OUIHome2" LOC="/work/app/oracle/product/RAC10g" TYPE="O" IDX="2">
<NODE_LIST>
<NODE NAME="itmicz50"/> <===== EVIDENCE
</NODE_LIST>
</HOME>
</HOME_LIST>
</INVENTORY>
I can see that within the node_list tag I have only one hostname It is correct?
thank you in advance
Adriano Capruzzi -
Hi all experts,
I am trying to install rac on vmware 9 in linux platform OEL 6.4. Everything went smooth but i cannot ping between nodes. I tried many different ways but it says destination is un reachable. I bridged the network adopter but still having errors. May be i did not bridge it correctly since i am too bad about networking stuff. I will appreciate your help. Here is my detailed explaination and error
https://forums.oracle.com/thread/2575594. I will appreciate your help.Moderator Action:
Stay with your original discussion.
https://forums.oracle.com/thread/2575594
Do NOT ever open a new post just because you might be impatient.
These are user-to-user forums and no one is sitting around waiting to assist you and only you.
These forums are NOT a method to make contact to Oracle Technical Support.
This new post is locked. -
Restart adminserver from a remote node?
Greetings,
Is there a command to restart ( not stop / start ) admin server from a remote node using nodemanager?
thanks
SeetharamanHi Seetharaman,
I don't think so you can restart the admin server using nodemanager without stop and start as there is no dedicated command for it. The commands with Node Manager Commands can be seen below.
Topic: Node Manager Commands
http://download.oracle.com/docs/cd/E13222_01/wls/docs90/config_scripting/reference.html#1030876
Regards,
Ravish Mody -
Pinging remote server in servlet
hello guys. i hope one of you can help. I want to ping remote servers from within a servlet. anyone has any idea about how that can be achieved?. i have read that it is impossible to write a pure java application to do that. I am supposed to use java.lang.Runtime but not quite sure how to go about it...
please helpThanks for your suggestions..
Basically, I am tring to ping several streaming servers to determine the time it takes to get a response packet. for more user friendliness, i have decided to do it via a jsp page which connects to a ser vlet. the actual "pingin" code is expected to reside in the servlet.
Sorry for not being clear enough in my previous post. I am not trying to test the availability of a servlet. I just want to ping a remote server and retrieve results from within a servlet and display them on another jsp page..
thanks -
Installing RAC Problem: Oracle Clusterware 10g is present on remote node
Folks,
Hello.
I am installing Oracle 11gR2 RAC using 2 Virtual Machines (rac1 and rac2 whose OS are Oracle Linux 5.6) in VMPlayer.
I have been installing Grid Infrastructure using runInstaller in the first VM rac1 from step 1 to step 9 of 10.
On the step 9 of 10 in the Wizard, accidentally, I touch the Mouse, and the Wizard is gone.
The directory for installing Grid in the 2 VMs is the same: /u01
In order to make sure everything is correct, I delete entire directory /u01 in the 2 VMs and install Grid in rac1 again.
But get the error message as follows:
[INS-40915] The Installer has detected the presence of Oracle Clusterware 10g on the remote node rac2.localdomain.
Cause: Oracle Clusterware 10g is present on remote node rac2.localdomain but not on the local node.
Action: To upgrade the Oracle Clusterware 10g Installation to this release, run Installer on a node where Oracle Clusterware 10 installation is located. To create a new cluster, choose a set of nodes that are not part of an existing cluster.
Regarding the above error message, I do not install any Oracle Clusterware 10g in rac2 because it's the first time when I install Grid using rac1 and rac2.
My question is:
Do any folk understand how to remove something in rac2 to solve the above issue so that I can install Grid again ?
Thanks.Folks,
Hello. Thanks a lot for replying.
The tutorial http://docs.oracle.com/cd/E11882_01/install.112/e22489/rem_orcl.htm#CBHEFHAC is about the regular procedure to deinstall Grid Clusterware and Database.
I have just installed Grid and have not installed the Database. I have removed ORACLE HOME /u01 completely in both VMs. There is no way to follow the regular procedure to deinstall at this time.
I do not install any Oracle Clusterware 10g in the VM rac2 because it's the first time when I install Grid using VM rac1 and rac2.
When install Grid again. I get the error message:
"[INS-40915] The Installer has detected the presence of Oracle Clusterware 10g on the remote node rac2.localdomain."
This is strange! It seems that we need to remove some files in the VM rac2 like /etc/oracle that I am not sure.
My questions are:
First, where is 10g directory to remove ?
Second, what files left on the system to clean up ?
Third, what does " Follow 239998.1" means regarding asanqa's replying to me ?
Thanks. -
VPN clients not able to ping Remote PCs & Servers : ASA 5520
VPN is connected successfully. But not able to ping any remote ip or fqdn from client pc. But able to ping ASA 5520 firewalls inside interface. Also some clients able to access, some clients not able to access. I new to these firewalls. I tried most of ways from internet, please any one can help asap.
Remote ip section : 192.168.1.0/24
VPN IP Pool : 192.168.5.0/24
Running Config :
ip address 192.168.1.2 255.255.255.0
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
no nameif
no security-level
no ip address
management-only
passwd z40TgSyhcLKQc3n1 encrypted
boot system disk0:/asa722-k8.bin
ftp mode passive
clock timezone GST 4
dns domain-lookup outside
dns domain-lookup inside
dns server-group DefaultDNS
name-server 213.42.20.20
domain-name default.domain.invalid
access-list outtoin extended permit tcp any host 83.111.113.114 eq 3389
access-list outtoin extended permit tcp any host 83.111.113.113 eq https
access-list outtoin extended permit tcp any host 83.111.113.114 eq smtp
access-list outtoin extended permit tcp any host 83.111.113.114 eq https
access-list outtoin extended permit tcp any host 83.111.113.114 eq www
access-list outtoin extended permit tcp any host 83.111.113.115 eq https
access-list outtoin extended permit tcp any host 94.56.148.98 eq 3389
access-list outtoin extended permit tcp any host 83.111.113.117 eq ssh
access-list fualavpn_splitTunnelAcl standard permit 192.168.1.0 255.255.255.0
access-list outside_nat0_outbound extended permit ip 192.168.5.0 255.255.255.0
92.168.1.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 1
2.168.5.0 255.255.255.0
access-list inet_in extended permit icmp any any time-exceeded
access-list inet_in extended permit icmp any any unreachable
access-list inet_in extended permit icmp any any echo-reply
access-list inet_in extended permit icmp any any echo
pager lines 24
logging enable
logging asdm informational
logging from-address [email protected]
logging recipient-address [email protected] level errors
logging recipient-address [email protected] level emergencies
logging recipient-address [email protected] level errors
mtu outside 1500
mtu inside 1500
ip local pool fualapool 192.168.5.10-192.168.5.50 mask 255.255.255.0
ip local pool VPNPool 192.168.5.51-192.168.5.150 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound outside
nat (inside) 1 192.168.1.0 255.255.255.0
static (inside,outside) 94.56.148.98 192.168.1.11 netmask 255.255.255.255
static (inside,outside) 83.111.113.114 192.168.1.111 netmask 255.255.255.255
access-group inet_in in interface outside
route outside 0.0.0.0 0.0.0.0 83.111.113.116 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
group-policy DfltGrpPolicy attributes
banner none
wins-server none
dns-server none
dhcp-network-scope none
vpn-access-hours none
vpn-simultaneous-logins 10
vpn-idle-timeout 30
vpn-session-timeout none
vpn-filter none
vpn-tunnel-protocol IPSec l2tp-ipsec webvpn
password-storage disable
ip-comp disable
re-xauth disable
group-lock none
pfs disable
ipsec-udp disable
ipsec-udp-port 10000
split-tunnel-policy tunnelall
split-tunnel-network-list none
default-domain none
split-dns none
intercept-dhcp 255.255.255.255 disable
secure-unit-authentication disable
user-authentication disable
user-authentication-idle-timeout 30
ip-phone-bypass disable
leap-bypass disable
nem disable
backup-servers keep-client-config
msie-proxy server none
msie-proxy method no-modify
msie-proxy except-list none
msie-proxy local-bypass disable
nac disable
nac-sq-period 300
nac-reval-period 36000
nac-default-acl none
address-pools none
client-firewall none
client-access-rule none
webvpn
functions url-entry
html-content-filter none
homepage none
keep-alive-ignore 4
http-comp gzip
filter none
url-list none
customization value DfltCustomization
port-forward none
port-forward-name value Application Access
sso-server none
deny-message value Login was successful, but because certain criteria have no
been met or due to some specific group policy, you do not have permission to u
e any of the VPN features. Contact your IT administrator for more information
svc none
svc keep-installer installed
svc keepalive none
svc rekey time none
svc rekey method none
svc dpd-interval client none
svc dpd-interval gateway none
svc compression deflate
group-policy fualavpn internal
group-policy fualavpn attributes
dns-server value 192.168.1.111 192.168.1.100
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value fualavpn_splitTunnelAcl
username test password I7ZgrgChfw4FV2AW encrypted privilege 0
username Mohamed password Vqmmt8cR/.Qu7LhU encrypted privilege 0
username Moghazi password GMr7xgdqmGEQ2SVR encrypted privilege 0
username Moghazi attributes
password-storage enable
username fualauaq password E6CgvoOpTKphiM2U encrypted privilege 0
username fualauaq attributes
password-storage enable
username fuala password IFtijSYb7LAOV/IW encrypted privilege 15
username Basher password Djf15nXIJXmayfjY encrypted privilege 0
username Basher attributes
password-storage enable
username fualafac password VGC/7cKXW1A6eyXS encrypted privilege 0
username fualafac attributes
password-storage enable
username fualaab password ONTH8opuP4RKgRXD encrypted privilege 0
username fualaab attributes
password-storage enable
username fualaadh2 password mNEgLxzPBeF4SyDb encrypted privilege 0
username fualaadh2 attributes
password-storage enable
username fualaain2 password LSKk6slwsVn4pxqr encrypted privilege 0
username fualaain2 attributes
password-storage enable
username fualafj2 password lE4Wu7.5s7VXwCqv encrypted privilege 0
username fualafj2 attributes
password-storage enable
username fualakf2 password 38oMUuwKyShs4Iid encrypted privilege 0
username fualakf2 attributes
password-storage enable
username fualaklb password .3AMGUZ1NWU1zzIp encrypted privilege 0
username fualaklb attributes
password-storage enable
username fualastr password RDXSdBgMaJxNLnaH encrypted privilege 0
username fualastr attributes
password-storage enable
username fualauaq2 password HnjodvZocYhDKrED encrypted privilege 0
username fualauaq2 attributes
password-storage enable
username fualastore password wWDVHfUu9pdM9jGj encrypted privilege 0
username fualastore attributes
password-storage enable
username fualadhd password GK8k1MkMlIDluqF4 encrypted privilege 0
username fualadhd attributes
password-storage enable
username fualaabi password eYL0j16kscNhhci4 encrypted privilege 0
username fualaabi attributes
password-storage enable
username fualaadh password GTs/9BVCAU0TRUQE encrypted privilege 0
username fualaadh attributes
password-storage enable
username fualajuh password b9QGJ1GHhR88reM1 encrypted privilege 0
username fualajuh attributes
password-storage enable
username fualadah password JwVlqQNIellNgxnZ encrypted privilege 0
username fualadah attributes
password-storage enable
username fualarak password UE41e9hpvcMeChqx encrypted privilege 0
username fualarak attributes
password-storage enable
username fualasnk password ZwZ7fVglexrCWFUH encrypted privilege 0
username fualasnk attributes
password-storage enable
username rais password HrvvrIw5tEuam/M8 encrypted privilege 0
username rais attributes
password-storage enable
username fualafuj password yY2jRMPqmNGS.3zb encrypted privilege 0
username fualafuj attributes
password-storage enable
username fualamaz password U1YUfQzFYrsatEzC encrypted privilege 0
username fualamaz attributes
password-storage enable
username fualashj password gN4AXk/oGBTEkelQ encrypted privilege 0
username fualashj attributes
password-storage enable
username fualabdz password tg.pB7RXJx2CWKWi encrypted privilege 0
username fualabdz attributes
password-storage enable
username fualamam password uwLjc0cV7LENI17Y encrypted privilege 0
username fualamam attributes
password-storage enable
username fualaajm password u3yLk0Pz0U1n.Q0c encrypted privilege 0
username fualaajm attributes
password-storage enable
username fualagrm password mUt3A60gLJ8N5HVr encrypted privilege 0
username fualagrm attributes
password-storage enable
username fualakfn password ceTa6jmvnzOFNSgF encrypted privilege 0
username fualakfn attributes
password-storage enable
username Fualaain password Yyhr.dlc6/J7WvF0 encrypted privilege 0
username Fualaain attributes
password-storage enable
username fualaban password RCJKLGTrh7VM2EBW encrypted privilege 0
username John password D9xGV1o/ONPM9YNW encrypted privilege 15
username John attributes
password-storage disable
username wrkshopuaq password cFKpS5e6Whp0A7TZ encrypted privilege 0
username wrkshopuaq attributes
password-storage enable
username Talha password 3VoAABwXxVonLmWi encrypted privilege 0
username Houssam password Cj/uHUqsj36xUv/R encrypted privilege 0
username Faraj password w2qYfE3DkYvS/oPq encrypted privilege 0
username Faraj attributes
password-storage enable
username gowth password HQhALLeiQXuIzptCnTv1rA== nt-encrypted privilege 15
username Hameed password 0Kr0N1VRmLuWdoDE encrypted privilege 0
username Hameed attributes
password-storage enable
username Hassan password Uy4ASuiNyEd70LCw encrypted privilege 0
username cisco password IPVBkPI1GLlHurPD encrypted privilege 15
username Karim password 5iOtm58EKMyvruZA encrypted privilege 0
username Shakir password BESX2bAvlbqbDha/ encrypted privilege 0
username Riad password iB.miiOF7qMESlCL encrypted privilege 0
username Azeem password 0zAqiCG8dmLyRQ8f encrypted privilege 15
username Azeem attributes
password-storage disable
username Osama password xu66er.7duIVaP79 encrypted privilege 0
username Osama attributes
password-storage enable
username Mahmoud password bonjr0B19aOQSpud encrypted privilege 0
username alpha password x8WO0aiHL3pVFy2E encrypted privilege 15
username Wissam password SctmeK/qKVNLh/Vv encrypted privilege 0
username Wissam attributes
password-storage enable
username Nabil password m4fMvkTgVwK/O3Ms encrypted privilege 0
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 outside
http 192.168.1.4 255.255.255.255 inside
http 192.168.1.100 255.255.255.255 inside
http 192.168.1.111 255.255.255.255 inside
http 192.168.1.200 255.255.255.255 inside
http 83.111.113.117 255.255.255.255 outside
http 192.168.1.17 255.255.255.255 inside
http 192.168.1.16 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set pfs
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
tunnel-group fualavpn type ipsec-ra
tunnel-group fualavpn type ipsec-ra
tunnel-group fualavpn general-attributes
address-pool fualapool
address-pool VPNPool
default-group-policy fualavpn
tunnel-group fualavpn ipsec-attributes
pre-shared-key *
tunnel-group fualavpn ppp-attributes
authentication pap
authentication ms-chap-v2
authentication eap-proxy
telnet 0.0.0.0 0.0.0.0 outside
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
management-access inside
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
inspect icmp error
service-policy global_policy global
prompt hostname context
Cryptochecksum:38e41e83465d37f69542355df734db35
: endHi,
What about translating the traffic on the local ASA (Active unit) for traffic received from the VPN tunnel to the internal interface IP address? You can try something like nat (outside,inside) source dynamic obj-VpnRemoteTraffic interface destination static StandbyIP StandbyIP
Regards, -
ASA firewall wont ping remote site
We have remote office which I can ping while at the main office, but when I am connected to VPN from office or home, I cant ping the remote office.
VPN gives me an ip 10.21.18.x
remote site's IP is: 172.29.x.x
i have the access-list information for the ASA firewall and router below:
below is the multilayer:
OFFICE-CORE-01#show ip access-lists
Extended IP access list verizon-INTERNET-TRAFFIC
10 deny ip 10.21.0.0 0.0.255.255 10.0.0.0 0.255.255.255
20 deny ip 10.21.0.0 0.0.255.255 172.16.0.0 0.15.255.255
30 deny ip 10.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255
40 permit ip 10.23.20.0 0.0.0.255 any
50 permit ip 10.23.21.0 0.0.0.255 any
60 permit ip 10.23.22.0 0.0.0.255 any
70 permit ip 10.23.23.0 0.0.0.255 any
80 permit ip 10.23.24.0 0.0.0.255 any
90 permit ip 10.23.25.0 0.0.0.255 any
100 permit ip 10.23.26.0 0.0.0.255 any
Extended IP access list PAETEC-INTERNET-TRAFFIC
10 deny ip 10.21.0.0 0.0.255.255 10.0.0.0 0.255.255.255
20 deny ip 10.21.0.0 0.0.255.255 172.16.0.0 0.15.255.255
30 deny ip 10.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255
40 permit ip 10.23.20.0 0.0.0.255 any
50 permit ip 10.23.21.0 0.0.0.255 any
60 permit ip 10.23.22.0 0.0.0.255 any
70 permit ip 10.23.23.0 0.0.0.255 any
80 permit ip 10.23.24.0 0.0.0.255 any
90 permit ip 10.23.25.0 0.0.0.255 any
100 permit ip 10.23.26.0 0.0.0.255 any
Extended IP access list system-cpp-all-routers-on-subnet
10 permit ip any host 224.0.0.2
Extended IP access list system-cpp-all-systems-on-subnet
10 permit ip any host 224.0.0.1
Extended IP access list system-cpp-dhcp-cs
10 permit udp any eq bootpc any eq bootps
Extended IP access list system-cpp-dhcp-sc
10 permit udp any eq bootps any eq bootpc
Extended IP access list system-cpp-dhcp-ss
10 permit udp any eq bootps any eq bootps
Extended IP access list system-cpp-energywise-disc
10 permit udp any eq any eq 0
Extended IP access list system-cpp-hsrpv2
10 permit udp any host 224.0.0.102
Extended IP access list system-cpp-igmp
10 permit igmp any 224.0.0.0 31.255.255.255
Extended IP access list system-cpp-ip-mcast-linklocal
10 permit ip any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ospf
10 permit ospf any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-pim
10 permit pim any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ripv2
10 permit ip any host 224.0.0.9
----------------------------------ASA ACCESS-LIST is below the brief version-------
access-list CompanyName-vpn-maint_splitTunnelAcl line 10 standard permit 172.29.0.0 255.255.0.0 (hitcnt=0) 0x52bc4d4c
-----------------------below is the ASA routes-----------------------
Gateway of last resort is 53.138.58.129 to network 0.0.0.0
S 192.168.10.0 255.255.255.0 [1/0] via 10.21.0.1, inside
C 172.17.21.0 255.255.255.0 is directly connected, dmz_tier2
S 172.16.142.0 255.255.254.0 [1/0] via 53.138.58.129, outside
C 172.16.21.0 255.255.255.0 is directly connected, dmz_tier1
C 172.19.21.0 255.255.255.0 is directly connected, dmz_tier4
S 172.23.181.0 255.255.255.0 [1/0] via 10.21.0.1, outside
S 172.25.181.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.25.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.24.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 172.26.181.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.26.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.29.181.0 255.255.255.0 [1/0] via 10.21.0.1, outside
S 172.29.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.28.181.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.28.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 192.168.20.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S 10.11.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 10.13.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 10.10.21.1 255.255.255.255 [1/0] via 10.21.0.1, inside
S 10.10.21.2 255.255.255.255 [1/0] via 10.21.0.1, inside
S 10.22.0.0 255.255.0.0 [1/0] via 53.138.58.129, outside
S 10.23.3.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S 10.23.2.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S 10.21.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 10.10.21.10 255.255.255.255 [1/0] via 10.21.0.1, inside
C 10.21.0.0 255.255.255.0 is directly connected, inside
S 10.22.3.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 10.10.41.0 255.255.255.0 [1/0] via 53.138.58.129, outside
C 53.138.58.128 255.255.255.128 is directly connected, outside
S 192.168.2.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S* 0.0.0.0 0.0.0.0 [1/0] via 53.138.58.129, outside
S 0.0.0.0 0.0.0.0 [255/0] via 10.21.0.1, inside tunneled
------------------------------------below is the router's routes----------
Gateway of last resort is 10.21.0.11 to network 0.0.0.0
205.232.16.0/32 is subnetted, 1 subnets
S 205.232.16.25 [1/0] via 10.21.0.11
62.0.0.0/32 is subnetted, 1 subnets
S 62.100.0.146 [1/0] via 10.21.0.12
178.78.0.0/32 is subnetted, 1 subnets
S 178.78.147.193 [1/0] via 10.21.0.12
C 192.168.10.0/24 is directly connected, Vlan29
172.16.0.0/16 is variably subnetted, 5 subnets, 3 masks
S 172.16.141.0/24 [1/0] via 10.21.0.11
S 172.16.142.0/23 [1/0] via 10.21.0.11
S 172.16.40.1/32 [1/0] via 10.21.2.12
S 172.16.40.10/32 [1/0] via 10.21.2.12
S 172.16.21.0/24 [1/0] via 10.21.0.11
172.19.0.0/24 is subnetted, 1 subnets
S 172.19.21.0 [1/0] via 10.21.0.11
172.18.0.0/24 is subnetted, 1 subnets
S 172.18.21.0 [1/0] via 10.21.0.12
172.23.0.0/24 is subnetted, 3 subnets
S 172.23.186.0 [1/0] via 10.21.0.6
S 172.23.184.0 [1/0] via 10.21.0.6
S 172.23.181.0 [1/0] via 10.21.0.6
S 172.25.0.0/16 [1/0] via 10.21.0.11
172.24.0.0/24 is subnetted, 3 subnets
C 172.24.181.0 is directly connected, Vlan31
C 172.24.186.0 is directly connected, Vlan32
C 172.24.187.0 is directly connected, Vlan33
S 172.26.0.0/16 [1/0] via 10.21.0.11
172.29.0.0/24 is subnetted, 3 subnets
S 172.29.181.0 [1/0] via 10.21.0.6
S 172.29.184.0 [1/0] via 10.21.0.6
S 172.29.190.0 [1/0] via 10.21.0.6
S 172.28.0.0/16 [1/0] via 10.21.0.11
C 192.168.20.0/24 is directly connected, Vlan30
10.0.0.0/8 is variably subnetted, 35 subnets, 4 masks
S 10.11.0.0/16 [1/0] via 10.21.0.6
C 10.21.28.0/24 is directly connected, Vlan28
C 10.21.26.0/24 is directly connected, Vlan26
C 10.21.25.0/24 is directly connected, Vlan25
S 10.12.0.0/16 [1/0] via 10.21.0.6
C 10.21.24.0/24 is directly connected, Vlan24
S 10.13.0.0/16 [1/0] via 10.21.0.6
C 10.21.23.0/24 is directly connected, Vlan23
C 10.21.22.0/24 is directly connected, Vlan22
C 10.21.21.0/24 is directly connected, Vlan21
C 10.21.20.0/24 is directly connected, Vlan20
C 10.21.19.0/24 is directly connected, Vlan19
S 10.21.18.0/24 [1/0] via 10.21.0.12
S 10.21.17.0/24 [1/0] via 10.21.0.11
C 10.21.16.0/24 is directly connected, Vlan16
C 10.21.15.0/24 is directly connected, Vlan15
C 10.21.14.0/24 is directly connected, Vlan14
C 10.21.13.0/24 is directly connected, Vlan13
C 10.21.12.0/24 is directly connected, Vlan12
C 10.21.11.0/24 is directly connected, Vlan11
C 10.10.21.1/32 is directly connected, Loopback0
S 10.31.0.0/16 [1/0] via 10.21.0.6
D 10.10.21.2/32 [90/130816] via 10.21.252.10, 7w0d, Vlan999
C 10.21.5.0/24 is directly connected, Vlan5
C 10.21.4.0/24 is directly connected, Vlan4
S 10.22.0.0/16 [1/0] via 10.21.0.11
C 10.21.3.0/24 is directly connected, Vlan3
C 10.21.2.0/24 is directly connected, Vlan2
C 10.23.2.0/24 is directly connected, Vlan900
S 10.22.3.0/24 [1/0] via 10.21.0.11
C 10.21.0.0/24 is directly connected, Vlan1000
S 10.41.0.0/16 [1/0] via 10.21.0.11
S 10.10.41.0/24 [1/0] via 10.21.0.11
S 10.51.0.0/16 [1/0] via 10.21.0.6
C 10.21.252.8/30 is directly connected, Vlan999
62.0.0.0/32 is subnetted, 1 subnets
S 62.138.58.129 [1/0] via 10.21.0.11
S 192.168.2.0/24 [1/0] via 10.21.0.12
S* 0.0.0.0/0 [1/0] via 10.21.0.11We have remote office which I can ping while at the main office, but when I am connected to VPN from office or home, I cant ping the remote office.
VPN gives me an ip 10.21.18.x
remote site's IP is: 172.29.x.x
i have the access-list information for the ASA firewall and router below:
below is the multilayer:
OFFICE-CORE-01#show ip access-lists
Extended IP access list verizon-INTERNET-TRAFFIC
10 deny ip 10.21.0.0 0.0.255.255 10.0.0.0 0.255.255.255
20 deny ip 10.21.0.0 0.0.255.255 172.16.0.0 0.15.255.255
30 deny ip 10.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255
40 permit ip 10.23.20.0 0.0.0.255 any
50 permit ip 10.23.21.0 0.0.0.255 any
60 permit ip 10.23.22.0 0.0.0.255 any
70 permit ip 10.23.23.0 0.0.0.255 any
80 permit ip 10.23.24.0 0.0.0.255 any
90 permit ip 10.23.25.0 0.0.0.255 any
100 permit ip 10.23.26.0 0.0.0.255 any
Extended IP access list PAETEC-INTERNET-TRAFFIC
10 deny ip 10.21.0.0 0.0.255.255 10.0.0.0 0.255.255.255
20 deny ip 10.21.0.0 0.0.255.255 172.16.0.0 0.15.255.255
30 deny ip 10.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255
40 permit ip 10.23.20.0 0.0.0.255 any
50 permit ip 10.23.21.0 0.0.0.255 any
60 permit ip 10.23.22.0 0.0.0.255 any
70 permit ip 10.23.23.0 0.0.0.255 any
80 permit ip 10.23.24.0 0.0.0.255 any
90 permit ip 10.23.25.0 0.0.0.255 any
100 permit ip 10.23.26.0 0.0.0.255 any
Extended IP access list system-cpp-all-routers-on-subnet
10 permit ip any host 224.0.0.2
Extended IP access list system-cpp-all-systems-on-subnet
10 permit ip any host 224.0.0.1
Extended IP access list system-cpp-dhcp-cs
10 permit udp any eq bootpc any eq bootps
Extended IP access list system-cpp-dhcp-sc
10 permit udp any eq bootps any eq bootpc
Extended IP access list system-cpp-dhcp-ss
10 permit udp any eq bootps any eq bootps
Extended IP access list system-cpp-energywise-disc
10 permit udp any eq any eq 0
Extended IP access list system-cpp-hsrpv2
10 permit udp any host 224.0.0.102
Extended IP access list system-cpp-igmp
10 permit igmp any 224.0.0.0 31.255.255.255
Extended IP access list system-cpp-ip-mcast-linklocal
10 permit ip any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ospf
10 permit ospf any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-pim
10 permit pim any 224.0.0.0 0.0.0.255
Extended IP access list system-cpp-ripv2
10 permit ip any host 224.0.0.9
----------------------------------ASA ACCESS-LIST is below the brief version-------
access-list CompanyName-vpn-maint_splitTunnelAcl line 10 standard permit 172.29.0.0 255.255.0.0 (hitcnt=0) 0x52bc4d4c
-----------------------below is the ASA routes-----------------------
Gateway of last resort is 53.138.58.129 to network 0.0.0.0
S 192.168.10.0 255.255.255.0 [1/0] via 10.21.0.1, inside
C 172.17.21.0 255.255.255.0 is directly connected, dmz_tier2
S 172.16.142.0 255.255.254.0 [1/0] via 53.138.58.129, outside
C 172.16.21.0 255.255.255.0 is directly connected, dmz_tier1
C 172.19.21.0 255.255.255.0 is directly connected, dmz_tier4
S 172.23.181.0 255.255.255.0 [1/0] via 10.21.0.1, outside
S 172.25.181.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.25.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.24.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 172.26.181.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.26.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.29.181.0 255.255.255.0 [1/0] via 10.21.0.1, outside
S 172.29.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.28.181.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 172.28.184.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 192.168.20.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S 10.11.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 10.13.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 10.10.21.1 255.255.255.255 [1/0] via 10.21.0.1, inside
S 10.10.21.2 255.255.255.255 [1/0] via 10.21.0.1, inside
S 10.22.0.0 255.255.0.0 [1/0] via 53.138.58.129, outside
S 10.23.3.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S 10.23.2.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S 10.21.0.0 255.255.0.0 [1/0] via 10.21.0.1, inside
S 10.10.21.10 255.255.255.255 [1/0] via 10.21.0.1, inside
C 10.21.0.0 255.255.255.0 is directly connected, inside
S 10.22.3.0 255.255.255.0 [1/0] via 53.138.58.129, outside
S 10.10.41.0 255.255.255.0 [1/0] via 53.138.58.129, outside
C 53.138.58.128 255.255.255.128 is directly connected, outside
S 192.168.2.0 255.255.255.0 [1/0] via 10.21.0.1, inside
S* 0.0.0.0 0.0.0.0 [1/0] via 53.138.58.129, outside
S 0.0.0.0 0.0.0.0 [255/0] via 10.21.0.1, inside tunneled
------------------------------------below is the router's routes----------
Gateway of last resort is 10.21.0.11 to network 0.0.0.0
205.232.16.0/32 is subnetted, 1 subnets
S 205.232.16.25 [1/0] via 10.21.0.11
62.0.0.0/32 is subnetted, 1 subnets
S 62.100.0.146 [1/0] via 10.21.0.12
178.78.0.0/32 is subnetted, 1 subnets
S 178.78.147.193 [1/0] via 10.21.0.12
C 192.168.10.0/24 is directly connected, Vlan29
172.16.0.0/16 is variably subnetted, 5 subnets, 3 masks
S 172.16.141.0/24 [1/0] via 10.21.0.11
S 172.16.142.0/23 [1/0] via 10.21.0.11
S 172.16.40.1/32 [1/0] via 10.21.2.12
S 172.16.40.10/32 [1/0] via 10.21.2.12
S 172.16.21.0/24 [1/0] via 10.21.0.11
172.19.0.0/24 is subnetted, 1 subnets
S 172.19.21.0 [1/0] via 10.21.0.11
172.18.0.0/24 is subnetted, 1 subnets
S 172.18.21.0 [1/0] via 10.21.0.12
172.23.0.0/24 is subnetted, 3 subnets
S 172.23.186.0 [1/0] via 10.21.0.6
S 172.23.184.0 [1/0] via 10.21.0.6
S 172.23.181.0 [1/0] via 10.21.0.6
S 172.25.0.0/16 [1/0] via 10.21.0.11
172.24.0.0/24 is subnetted, 3 subnets
C 172.24.181.0 is directly connected, Vlan31
C 172.24.186.0 is directly connected, Vlan32
C 172.24.187.0 is directly connected, Vlan33
S 172.26.0.0/16 [1/0] via 10.21.0.11
172.29.0.0/24 is subnetted, 3 subnets
S 172.29.181.0 [1/0] via 10.21.0.6
S 172.29.184.0 [1/0] via 10.21.0.6
S 172.29.190.0 [1/0] via 10.21.0.6
S 172.28.0.0/16 [1/0] via 10.21.0.11
C 192.168.20.0/24 is directly connected, Vlan30
10.0.0.0/8 is variably subnetted, 35 subnets, 4 masks
S 10.11.0.0/16 [1/0] via 10.21.0.6
C 10.21.28.0/24 is directly connected, Vlan28
C 10.21.26.0/24 is directly connected, Vlan26
C 10.21.25.0/24 is directly connected, Vlan25
S 10.12.0.0/16 [1/0] via 10.21.0.6
C 10.21.24.0/24 is directly connected, Vlan24
S 10.13.0.0/16 [1/0] via 10.21.0.6
C 10.21.23.0/24 is directly connected, Vlan23
C 10.21.22.0/24 is directly connected, Vlan22
C 10.21.21.0/24 is directly connected, Vlan21
C 10.21.20.0/24 is directly connected, Vlan20
C 10.21.19.0/24 is directly connected, Vlan19
S 10.21.18.0/24 [1/0] via 10.21.0.12
S 10.21.17.0/24 [1/0] via 10.21.0.11
C 10.21.16.0/24 is directly connected, Vlan16
C 10.21.15.0/24 is directly connected, Vlan15
C 10.21.14.0/24 is directly connected, Vlan14
C 10.21.13.0/24 is directly connected, Vlan13
C 10.21.12.0/24 is directly connected, Vlan12
C 10.21.11.0/24 is directly connected, Vlan11
C 10.10.21.1/32 is directly connected, Loopback0
S 10.31.0.0/16 [1/0] via 10.21.0.6
D 10.10.21.2/32 [90/130816] via 10.21.252.10, 7w0d, Vlan999
C 10.21.5.0/24 is directly connected, Vlan5
C 10.21.4.0/24 is directly connected, Vlan4
S 10.22.0.0/16 [1/0] via 10.21.0.11
C 10.21.3.0/24 is directly connected, Vlan3
C 10.21.2.0/24 is directly connected, Vlan2
C 10.23.2.0/24 is directly connected, Vlan900
S 10.22.3.0/24 [1/0] via 10.21.0.11
C 10.21.0.0/24 is directly connected, Vlan1000
S 10.41.0.0/16 [1/0] via 10.21.0.11
S 10.10.41.0/24 [1/0] via 10.21.0.11
S 10.51.0.0/16 [1/0] via 10.21.0.6
C 10.21.252.8/30 is directly connected, Vlan999
62.0.0.0/32 is subnetted, 1 subnets
S 62.138.58.129 [1/0] via 10.21.0.11
S 192.168.2.0/24 [1/0] via 10.21.0.12
S* 0.0.0.0/0 [1/0] via 10.21.0.11 -
Hyper-V only able to ping remote (laptop) using IPV4, fails with IPV6
I have a desktop setup to remotely manage Hyper-V and it is working fine.
I am trying to setup remote management from my laptop.
The server is failing to ping the laptop using IPV6.
The desktop can ping both the server an the laptop using names and IPV6 option -6
The laptop can ping the desktop and the Hyper-V server using name and IPV6 option -6
Hyper-V server can ping the desktop, but not the laptop using IPV6 option -6
Everything works fine with IPV4 .
I have checked and rechecked the Hyper-V server Host table and it has what appears to be correct issues for both the desktop and the laptop.
Any other thoughts on what to check?
Thanks!
RossHi Ross,
It seems that this is not a Hyper-v issue .
Please try to use
net work monitor to check the procedure of ping to find some clue .
Best Regards
Elton Ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Maybe you are looking for
-
Am I being charged for international texting?
So I am doing a masters program in Ireland, so I'm international. Everyone that I talk to back home has an iphone just like I do, and I have a question that I cannot find an answer to. Since I'm in Ireland, I don't want to have a huge phone bill ever
-
How can it transfer pictures from a PC to an ipad
I am trying to take pictures off my dell and put them on my iPad. How can I do so if possible ? Or maybe transfer through iCloud?
-
How to fix, that changing to another tab in firefox won't change the content displayed?
The problem showed up some weeks ago on my ubuntu linux system. Switching tabs works in a second seperate firefox windows if i open more than one but not in the first one. Dragging tabs between windows works. The problem persists even after some regu
-
I just bought a new iMac with Pages, Keynote, iPhoto etc preloaded. I immediately upgraded to Yosemite. App Store recommended new upgrades for all of those Apps. But when I hit Upgrade I got a message saying "update Unavailable for this Apple iD". I
-
Hi I am creating a material for updating excise information also. It is a asset material. In MM01 i selected Doreign import data screen and entered chapter id and materoa; type asset. At the time of saving an error ' Record 21 MORE does not exist i