Unable to access E1 instance from client

Similar Messages

• Unable to access Scan IP from clients!

  Dear All,
  I am posting this question again, I am still struck here. I cant access my Database 11gR2 on Linux from clients like toad, using scan IP address.
  I have struggled a lot but couldnt find anything helping me.
  Kindly help. This is the status of my database currently:
  Output of crsctl status resource -t is
  ora.etisldb.db
  1 ONLINE ONLINE racnode1 Open
  2 ONLINE ONLINE racnode2 Open
  SQL> select name, enabled from dba_services;
  NAME ENA
  SYS$BACKGROUND NO
  SYS$USERS NO
  etisldbXDB NO
  etisldb NO
  Status of listener from one of the RAC node
  LSNRCTL> status
  Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER)))
  STATUS of the LISTENER
  Alias LISTENER
  Version TNSLSNR for Linux: Version 11.2.0.1.0 - Production
  Start Date 19-MAR-2012 16:47:06
  Uptime 0 days 18 hr. 55 min. 5 sec
  Trace Level off
  Security ON: Local OS Authentication
  SNMP OFF
  Listener Parameter File /u01/app/11.2.0/grid/network/admin/listener.ora
  Listener Log File /u01/app/grid/diag/tnslsnr/racnode1/listener/alert/log.xml
  Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=LISTENER)))
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.168.20.31)(PORT=1521)))
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.168.20.32)(PORT=1521)))
  Services Summary...
  Service "+ASM" has 1 instance(s).
  Instance "+ASM1", status READY, has 1 handler(s) for this service...
  Service "etisldb" has 2 instance(s).
  Instance "etisldb1", status UNKNOWN, has 1 handler(s) for this service...
  Instance "etisldb1", status READY, has 1 handler(s) for this service...
  Service "etisldbXDB" has 1 instance(s).
  Instance "etisldb1", status READY, has 1 handler(s) for this service...
  The command completed successfully
  [grid@racnode1 ~]$ srvctl status scan_listener
  SCAN Listener LISTENER_SCAN1 is enabled
  SCAN listener LISTENER_SCAN1 is running on node racnode1
  vi /etc/hosts
  # Single Client Access Name (SCAN)
  10.168.20.29 etisldb-scan
  [grid@racnode1 ~]$ srvctl config scan_listener
  SCAN Listener LISTENER_SCAN1 exists. Port: TCP:1521
  When I run srvctl status service -d etisldb (I think this is where the problem lies)
  It shows nothing, not even error.
  My Service Name is etisldb and instance name is etisldb1
  # tnsnames.ora Network Configuration File: /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/tnsnames.ora
  # Generated by Oracle configuration tools.
  tnsnames.ora
  ETISLDB =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = 10.168.20.29)(PORT = 1521))
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = etisldb)
  etisldb1 =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = 10.168.20.29)(PORT = 1521))
  (CONNECT_DATA =
  (SERVER = DEDICATED)(SERVICE_NAME = etisldb)
  (INSTANCE_NAME = etisldb1)
  listener.ora
  LISTENER=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER)))) # line added by Agent
  LISTENER_SCAN1=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER_SCAN1)))) # line added by Agent
  ENABLE_GLOBAL_DYNAMIC_ENDPOINT_LISTENER_SCAN1=ON # line added by Agent
  ENABLE_GLOBAL_DYNAMIC_ENDPOINT_LISTENER=ON # line added by Agent
  SID_LIST_LISTENER =
  (SID_LIST =
  (SID_DESC =
  (GLOBAL_DBNAME = etisldb)
  (ORACLE_HOME = /u01/app/11.2.0/grid)
  (SID_NAME = etisldb1)
  SID_LIST_LISTENER_SCAN1 =
  (SID_LIST =
  (SID_DESC =
  (GLOBAL_DBNAME = etisldb)
  (ORACLE_HOME = /u01/app/11.2.0/grid)
  (SID_NAME = etisldb1)
  Still I am unable to access RAC when i give service as RACDB and IP 10.168.20.29. If you require any other information kindly let me know.
  Kindly Help,
  Imran

  Hi Imran,
  If you are going to use SCAN for serious client connectivity , then it should be registered with the DNS .
  Putting SCAN name in /etc/hosts file will only provide you a workaround during installation.
  If you don't have a DNS setup , then use tns entries with VIP names.
  If you want to use SCAN for client connections, then
  1. configure SCAN in DNS and make sure nslookup scan-name resolves to 3 IPs
  2. Use SCAN name rather than IP for HOST in your tnsnames, jdbc URL . Currently you've set IP in your tnsnames , (HOST = 10.168.20.29 )
  3. Now, set REMOTE_LISTENER = scan-name:port on all nodes so that SCAN listener can handover the client connections to the least loaded local listeners.

• Unable to access the data from Data Management Gateway: Query timeout expired

  Hi,
  Since 2-3 days the data refresh is failing on our PowerBI site. I checked below:
  1. The gateway is in running status.
  2. Data source is also in ready status and test connection worked fine too.
  3. Below is the error in System Health -
  Failed to refresh the data source. An internal service error has occurred. Retry the operation at a later time. If the problem persists, contact Microsoft support for further assistance.        
  Error code: 4025
  4. Below is the error in Event Viewer.
  Unable to access the data from Data Management Gateway: Query timeout expired. Please check 1) whether the data source is available 2) whether the gateway on-premises service is running using Windows Event Logs.
  5. This is the correlational id for latest refresh failure
  is
  f9030dd8-af4c-4225-8674-50ce85a770d0
  6.
  Refresh History error is –
  Errors in the high-level relational engine. The following exception occurred while the managed IDataReader interface was being used: The operation has timed out. Errors in the high-level relational engine. The following exception occurred while the
  managed IDataReader interface was being used: Query timeout expired. 
  Any idea what could have went wrong suddenly, everything was working fine from last 1 month.
  Thanks,
  Richa

  Never mind, figured out there was a lock on SQL table which caused all the problems. Once I released the lock it PowerPivot refresh started working fine.
  Thanks.

• UNABLE TO ACCESS THE INTERNET FROM LOCAL PROVIDER ON A SITE-TO-SITE VPN CONNECTION

  Dear All,
  I have a site-to-site connection  from point A to point B. From point B i am unable to access the internet from local internet provider.
  I am trying to ping from 192.168.20.1 the dns 8.8.8.8   but i receive the  message "destination net unreachable".
  When i run "show ip nat translation" i receive nothing.
  The vpn connection is working properly, i can ping the other side 192.168.10/24
  Below is the configuration of the cisco router on point B.
  dot11 syslog
  ip source-route
  no ip dhcp use vrf connected
  ip dhcp excluded-address 192.168.21.254
  ip dhcp pool voice
   network 192.168.21.0 255.255.255.0
   default-router 192.168.21.254 
   option 150 ip 192.168.5.10 
  ip cef
  ip domain name neocleous.ru
  ip inspect name IOS_FIREWALL tcp
  ip inspect name IOS_FIREWALL udp
  ip inspect name IOS_FIREWALL icmp
  ip inspect name IOS_FIREWALL h323
  ip inspect name IOS_FIREWALL http
  ip inspect name IOS_FIREWALL https
  ip inspect name IOS_FIREWALL skinny
  ip inspect name IOS_FIREWALL sip
  no ipv6 cef
  multilink bundle-name authenticated
  vty-async
  isdn switch-type primary-net5
  redundancy
  crypto isakmp policy 5
   hash md5
   authentication pre-share
   group 2
  crypto isakmp policy 10
   encr aes
   authentication pre-share
   group 2
   lifetime 28800
  crypto isakmp policy 50
   encr 3des
   hash md5
   authentication pre-share
   group 2
  crypto isakmp key Pb85heuvMde9Wdac5Qohha7lziIf142u address [ip address]
  crypto isakmp invalid-spi-recovery
  crypto isakmp keepalive 10
  crypto ipsec transform-set TRANSET esp-aes esp-sha-hmac 
  crypto ipsec transform-set TRANSET2 esp-des esp-md5-hmac 
  crypto ipsec df-bit clear
  crypto map CryptoMAP1 ipsec-isakmp 
   set peer [ip address]
   set transform-set TRANSET 
   match address CryptoACL
  interface FastEthernet0/0
   description Primary Provider
   ip address [PUBLIC IP MAIN PROVIDER] 255.255.255.252
   ip access-group outside_acl in
   ip mtu 1390
   ip nat outside
   ip virtual-reassembly in
   load-interval 30
   duplex auto
   speed auto
   crypto map CryptoCY
   crypto ipsec df-bit clear
  interface FastEthernet0/1
   description TO LAN
   no ip address
   load-interval 30
   speed 100
   full-duplex
  interface FastEthernet0/1.1
   description DATA VLAN
   encapsulation dot1Q 20
   ip address 192.168.20.254 255.255.255.0
   ip access-group inside_acl in
   ip nat inside
   ip inspect IOS_FIREWALL in
   ip virtual-reassembly in
   ip tcp adjust-mss 1379
  interface FastEthernet0/1.2
   description VOICE VLAN
   encapsulation dot1Q 21
   ip address 192.168.21.254 255.255.255.0
  interface Serial0/2/0:15
   no ip address
   encapsulation hdlc
   isdn switch-type primary-net5
   isdn incoming-voice voice
   no cdp enable
  interface FastEthernet0/3/0
   no ip address
   ip access-group outside_acl in
   ip nat outside
   ip virtual-reassembly in
   shutdown
   duplex auto
   speed auto
   crypto map CryptoCY
  ip local pool VPNPool 192.168.23.2 192.168.23.10
  ip forward-protocol nd
  ip http server
  no ip http secure-server
  ip nat inside source list nat_list interface FastEthernet0/3/0 overload
  ip route 0.0.0.0 0.0.0.0 [default gateway ip]
  ip access-list standard VTY
    permit 192.168.20.0 0.0.0.255
  ip access-list extended CryptoACL
   permit ip 192.168.20.0 0.0.0.255 192.168.3.0 0.0.0.255
   permit ip 192.168.21.0 0.0.0.255 192.168.5.0 0.0.0.255
   permit ip 192.168.21.0 0.0.0.255 192.168.6.0 0.0.0.255
   permit ip 192.168.21.0 0.0.0.255 192.168.12.0 0.0.0.255
   permit ip 192.168.21.0 0.0.0.255 192.168.2.0 0.0.0.255
   permit ip 192.168.20.0 0.0.0.255 192.168.10.0 0.0.0.255
   permit ip host 192.168.22.1 192.168.5.0 0.0.0.255
   permit ip host 192.168.20.1 192.168.5.0 0.0.0.255
   permit ip host 192.168.22.1 192.168.6.0 0.0.0.255
  ip access-list extended DFBIT_acl
   permit tcp any any
  ip access-list extended inside_acl
   permit ip 192.168.20.0 0.0.0.255 host 192.168.3.35
   permit ip 192.168.20.0 0.0.0.255 host 192.168.3.39
   permit ip 192.168.20.0 0.0.0.255 host 192.168.3.23
   permit ip 192.168.20.0 0.0.0.255 host 192.168.3.18
   permit ip 192.168.20.0 0.0.0.255 host 192.168.3.55
   permit ip 192.168.20.0 0.0.0.255 host 192.168.10.144
   permit ip 192.168.20.0 0.0.0.255 host 192.168.10.146
   permit ip 192.168.20.0 0.0.0.255 host 192.168.10.141
   permit ip host 192.168.20.253 host 192.168.3.21
   permit ip host 192.168.20.254 host 192.168.3.21
   permit ip 192.168.20.0 0.0.0.255 host 192.168.3.10
   permit ip 192.168.20.0 0.0.0.255 host 192.168.20.254
  ip access-list extended nat_list
   deny   ip host 192.168.20.254 192.168.10.0 0.0.0.255
   deny   ip host 192.168.20.254 192.168.3.0 0.0.0.255
   deny   ip host 192.168.20.1 192.168.3.0 0.0.0.255
   deny   ip host 192.168.20.1 192.168.10.0 0.0.0.255
   deny   ip host 192.168.20.2 192.168.3.0 0.0.0.255
   deny   ip host 192.168.20.2 192.168.10.0 0.0.0.255
   permit ip host 192.168.20.1 any
   permit ip host 192.168.20.2 any
   permit ip host 192.168.20.254 any
  ip access-list extended outside_acl
   permit gre any host [ip address]
   permit esp any host [ip address]
   deny   ip any any
  ip sla 2
   icmp-echo 192.168.10.254 source-interface FastEthernet0/1.1
   frequency 180
   timeout 500
  ip sla schedule 2 life forever start-time now
  logging 192.168.3.21
  route-map DFBIT_routemap permit 10
   match ip address DFBIT_acl
   set ip df 0
  route-map ISP2 permit 10
   match ip address nat_list
   match interface FastEthernet0/3/0
  route-map nonat permit 10
   match ip address nonat_acl
  route-map ISP1 permit 10
   match ip address nat_list
   match interface FastEthernet0/0

  You cannot access internet, because all traffic is tunneled for VPN !!!!
  Please see cisco tech documentation and bypass traffic for internet.
  eg.  if lan traffic is going from site a to site b  then through vpn
        else
         lan traffic to internet (any) should be out thorugh the vpn .

• Unable to get command line from client!

  Does anyone know what this means? My G5 shuts itself down and I don't know what is causing it.
  Mac OS X Version 10.4.11 (Build 8S165)
  2009-02-12 11:01:19 -0800
  2009-02-12 11:01:21.760 SystemUIServer[199] lang is:en
  Feb 12 11:01:33 mDNSResponder: NAT Port Mapping (LLQ event port.): timeout
  Feb 12 11:01:37 cups-lpd[221]: Unable to get command line from client!
  Feb 12 11:10:48 Zelle-Olson cups-lpd[233]: Unable to get command line from client!
  Feb 12 11:17:37 cups-lpd[235]: Unable to get command line from client!

  Hello golferky,
  CUPS stands for Common Unix Printing System and is just one of the many background processes that is running on your system and is of no harm. What you are seeing in your message console is your Mac attempting to talk to a printer you have may have had or still have it connected to.
  Here is more information if you want to look into it.
  http://www.cups.org/
  B-rock

• Unable to access/lan2lan ping from VPN Fortigate to Cisco ASA 5505

  Problem : Unable to access user A to user B
  User A --- router A (122, fortigate 80c) --- (Site to Site VPN between fortigate & cisco asa) --- router B (93, cisco Asa 5505{in front asa got cisco800[81] before to internet} )  --- User B
  After using wizard to configure the cisco ASA site to site VPN, the site-to-site tunnel is up.
  Ping is unsuccessful from user A to user B
  Ping is successful from user B to user A, data is accessable
  After done the packet tracer from user A to user B,
  Result :
  Flow-lookup
  Action : allow
  Info: Found no matching flow, creating a new flow
  Route-lookup
  Action : allow
  Info : 192.168.5.203 255.255.255.255 identity
  Access-list
  Action : drop
  Config Implicit Rule
  Result - The packet is dropped
  Input Interface : inside
  Output Interface : NP Identify Ifc
  Info: (acl-drop)flow is denied by configured rule
  Below is Cisco ASA 5505's show running-config
  ASA Version 8.2(1)
  hostname Asite
  domain-name ssms1.com
  enable password ZZZZ encrypted
  passwd WWWW encrypted
  names
  name 82 B-firewall description Singapore office firewall
  name 192.168.1.0 B-inside-subnet description Singapore office internal LAN IP
  name 192.168.200.0 A-inside-VLAN12 description A-inside-VLAN12 (fortinet)
  name 192.168.2.0 fw-inside-subnet description A office internal LAN IP
  name 122 A-forti
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.5.203 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 93 255.255.255.240
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/7
  ftp mode passive
  dns server-group DefaultDNS
  domain-name ssms1.com
  object-group network obj_any
  network-object 0.0.0.0 0.0.0.0
  access-list inside_nat0_outbound extended permit ip any 80 255.255.255.240
  access-list inside_nat0_outbound extended permit ip fw-inside-subnet 255.255.255.0 B-inside-subnet 255.255.255.0
  access-list inside_nat0_outbound extended permit ip 192.168.5.0 255.255.255.0 A-inside-VLAN12 255.255.255.0
  access-list outside_cryptomap extended permit ip fw-inside-subnet 255.255.255.0 B-inside-subnet 255.255.255.0
  access-list Outside_nat-inbound extended permit ip A-inside-VLAN12 255.255.255.0 192.168.5.0 255.255.255.0
  access-list Outside_nat-inbound extended permit ip host A-forti 192.168.5.0 255.255.255.0
  access-list outside_1_cryptomap extended permit ip 192.168.5.0 255.255.255.0 A-inside-VLAN12 255.255.255.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-631.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 101 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 101 0.0.0.0 0.0.0.0
  route outside 0.0.0.0 0.0.0.0 81 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http B-inside-subnet 255.255.255.0 inside
  http fw-inside-subnet 255.255.255.0 inside
  http 0.0.0.0 255.255.255.255 outside
  http 0.0.0.0 0.0.0.0 outside
  http 192.168.5.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set pfs
  crypto map outside_map 1 set peer A-forti
  crypto map outside_map 1 set transform-set ESP-3DES-SHA
  crypto map outside_map 2 match address outside_cryptomap
  crypto map outside_map 2 set peer B-firewall
  crypto map outside_map 2 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 20
  authentication pre-share
  encryption aes-192
  hash md5
  group 2
  lifetime 86400
  crypto isakmp policy 30
  authentication pre-share
  encryption aes-256
  hash md5
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  dhcpd address 192.168.5.10-192.168.5.20 inside
  dhcpd dns 165 165 interface inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  group-policy DfltGrpPolicy attributes
  vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
  username admin password XXX encrypted privilege 15
  tunnel-group 122 type ipsec-l2l
  tunnel-group 122 ipsec-attributes
  pre-shared-key *
  class-map inspection_default
  match default-inspection-traffic
  class-map outside-class
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
    message-length maximum client auto
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect icmp
  policy-map outside-policy
  description ok
  class outside-class
    inspect dns
    inspect esmtp
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect icmp
    inspect icmp error
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect sip
    inspect skinny
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect xdmcp
  service-policy global_policy global
  service-policy outside-policy interface outside
  prompt hostname context
  Cryptochecksum: XXX
  : end
  Kindly need your expertise&help to solve the problem

  any1 can help me ?

• Urgent ! problem in accessing pdf file from client

  Problem : Unable to access the temp(.pdf) file from the client.
  Scenario: I,m working on pdf reports.Pdf file is created each time the user submits the form.
  The file can be accessed from the server itself.But can't be accessed from the client.
  Description :
  Path i,m specifying for run time creation of the .pdf file is :
  C:\PStudio\RepMenu|RepMenuWeb\tempp_files\
  The C:\ drive is of the server machine.
  After creating the temp file say,
  C:\PStudio\RepMenu|RepMenuWeb\tempp_files\temp_rpt_53881.pdf
  I assign this path to the variable as :
  dir_Path=C:\PStudio\RepMenu|RepMenuWeb\tempp_files\temp_rpt_53881.pdf
  and also create the hidden variable as :
  out.println("<input type='hidden' name='hfile' value="+dir_Path+">");
  Now onClick of image I invoke js function as :
  function clickOn()
       var path="";
       path=document.form1.hfile.value;     
       document.form1.action = path;
       document.form1.submit();
  Help me to figure out where I,m making the mistake.
  For any futher query Kindly mail me at [email protected]

  I had similar issue. Despite of having "Define workstation application in network" for PDF setup for Application Type 3 "print" with Application %AUTO% I was only getting the .pdf file displayed in Adobe Reader instead of getting it printed.
  Solution:
  set Application to "AcroRd32.exe /t" to get the files opened in the Adobe Reader, printed and closed. The only thing I wasn't able to do was to get the Adobe Reader application closed after the print.
  regards,
  Jacek

• Unable to access public ip from branch vpn (Cisco ASA 5510 Firewall)

                     Hi,
  As per the above diagram
  in Head office -  able to access public ips
  In Branch office - unable to access public ips only accessing head office servers and internet is shared from head office.
  please see the below configuration in Branch office router:
  access-list 1 permit any
  access-list 100 remark ****** Link to Firewall-HO1 ******
  access-list 100 permit ip 10.21.211.0 0.0.0.255 172.16.35.0 0.0.0.255
  access-list 100 permit ip 10.21.211.0 0.0.0.255 10.10.0.0 0.0.255.255
  access-list 100 permit ip 10.21.211.0 0.0.0.255 10.11.0.0 0.0.255.255
  access-list 100 permit ip 10.21.211.0 0.0.0.255 10.12.0.0 0.0.255.255
  access-list 100 permit ip 10.21.111.0 0.0.0.255 172.16.35.0 0.0.0.255
  access-list 100 permit ip 10.21.111.0 0.0.0.255 10.10.0.0 0.0.255.255
  access-list 100 permit ip 10.21.111.0 0.0.0.255 10.11.0.0 0.0.255.255
  access-list 100 permit ip 10.21.111.0 0.0.0.255 10.12.0.0 0.0.255.255
  access-list 100 permit ip 10.21.10.0 0.0.0.255 172.16.35.0 0.0.0.255
  access-list 100 permit ip 10.21.10.0 0.0.0.255 10.10.0.0 0.0.255.255
  access-list 100 permit ip 10.21.10.0 0.0.0.255 10.11.0.0 0.0.255.255
  access-list 100 permit ip 10.21.10.0 0.0.0.255 10.12.0.0 0.0.255.255
  access-list 100 permit ip 10.21.211.0 0.0.0.255 host 78.93.190.226
  access-list 100 permit ip 10.21.111.0 0.0.0.255 host 78.93.190.226
  access-list 100 permit ip any any
  access-list 101 deny   ip 10.21.211.0 0.0.0.255 10.10.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.211.0 0.0.0.255 10.11.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.211.0 0.0.0.255 10.12.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.211.0 0.0.0.255 172.0.0.0 0.255.255.255
  access-list 101 deny   ip 10.21.111.0 0.0.0.255 10.10.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.111.0 0.0.0.255 10.11.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.111.0 0.0.0.255 10.12.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.111.0 0.0.0.255 172.0.0.0 0.255.255.255
  access-list 101 deny   ip 10.21.10.0 0.0.0.255 10.10.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.10.0 0.0.0.255 10.11.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.10.0 0.0.0.255 10.12.0.0 0.0.255.255
  access-list 101 deny   ip 10.21.10.0 0.0.0.255 172.0.0.0 0.255.255.255
  access-list 101 permit ip host 10.21.211.51 any
  access-list 101 permit tcp 10.21.211.0 0.0.0.255 host 66.147.240.160 eq pop3
  access-list 101 permit tcp 10.21.211.0 0.0.0.255 host 66.147.240.160 eq smtp
  access-list 101 permit tcp 10.21.211.0 0.0.0.255 host 78.93.56.10 eq pop3
  access-list 101 permit tcp 10.21.211.0 0.0.0.255 host 78.93.56.10 eq smtp
  access-list 102 permit ip 10.21.211.0 0.0.0.255 any
  route-map nonat permit 10
  match ip address 101
  Thanks for your valuable time and cosiderations

  any1 can help me ?

• Unable to access web setup from 4 different Win7 machines with IE9 / FireFox

  I Hope someone can help, I suspect this may have something to do with a recent update to Windows or IE since this worked at least a couple of months ago.
  I'm unable to access the  web setup screen from 4 different windows machines running IE 9 or Firefox (various combinations of wireless, wired, etc.). When I get to the certificate error and hit the "yes, i understand, continue", it comes back with a 'can't be reached' page and looking into the details says the 'connection was dropped'.  However If I connect from a MacBook / safari, I'm able to reach the page fine (and admin the router).
  Summary:
  Using a wrt610n
  I am connected to the router, the ip address hasn't changed, the password hasn't changed
  I can use the router & connect to the internet
  I have the router set to require HTTPS, but switching it to allow HTTP doesn't help.
  Both Wired & Wireless Win 7 / IE9 machines can't connect.
  Tried setting the router ip address to 'trusted' zone in IE
  Tried setting the router ip address to the 'compatibility' mode in IE
  Tried using latest version of Firefox with the same results.
  Thanks in Advance!
  Stephen

  Before I suggest you any troubleshooting steps, I would like to ask few question. Like did you try opening the “https://192.168.1.1” in Internet Explorer 8. If not, then try to open the Router Management page in the same manner in Internet Explorer 8 and check whether it opens or not. As it should show up.

• Unable to access my hotmail from 'mail' anymore.

  For the last 6 months i've been unable to access my hotmail either from 'Mail' on my mac or from my iphone 5s or my ipad.
  The error message reads 'incorrect password'. It is the correct password. It always was the correct password but suddenly in August 2013 it wasn't.
  Its the same password i use to access my hotmail account directy from any computer and thats fine..  I just cant access it remotely.
  i've deleted the account on all three device, several times then re-created it, but always the same error message. I've not got the cap-lock on or anything like that . I'm deffo putting the right password in there.
  I'm getting desperate now and cant seem to find anyone who knowas or has the exact same problem.
  I called moicrosoft uk but they dont know either [nor could they speak english]
  Any ideas folks?
  I'm generally a patient kinda guy but this is driving me CRAZY !!

  Thanks for your help folks but it still didn't solve my problem.
  Now i've deleted my account and cant re-creat it.
  This is as far as i get
  Logging in to the Hotmail IMAP server “imap-mail.outlook.com” failed. Make sure the user name and password you entered are correct, then click Continue. If the information isn’t correct, you cannot receive messages.
  I log in as [email protected] then i put in my password [which is the correct password]
  Am i missing something here?
  If i do go ahead and create the account the dropdown box tells me 'mail cant connect to the account hotmail'
  I'm about to give up and just use my hotmail page in safari on all my devices which is a pain when it comes to sending photos from my phone an ipad.
  Any more ideas folks?
  Cheers

• Unable to access nokia account from my 5800

  I cannot access nokia account from my 5800 even though i have an account registered with nokia

  hi mate,
  have you checked that you have the correct network data settings from your network carrier, and that your data plan is activated? also check the condition of your SIM card. also check that everything is correct on your details of your Nokia Account at http://account.nokia.com

• Unable to access secondary subnet from VPN client

  Please can someone help with the following; I have an ASA 5510 running v8.4(3)9 and have setup a remote user VPN using the Cisco VPN client v5.0.07.0410 which is working appart from the fact that I cannot access resources on a secondary subnet.
  The setup is as follows:
  ASA inside interface on 192.168.10.240
  VPN clients on 192.168.254.x
  I can access reources on the 192.168.10 subnet but not any other subnets internally, I need to specifically allow access to the 192.168.20 subnet, but I cannot figure out how to do this please advise, the config is below: -
  Result of the command: "show startup-config"
  ASA Version 8.4(3)9
  hostname blank
  domain-name
  enable password encrypted
  passwd encrypted
  names
  dns-guard
  interface Ethernet0/0
  nameif outside
  security-level 0
  ip address 255.255.255.224
  interface Ethernet0/1
  nameif inside
  security-level 100
  ip address 192.168.10.240 255.255.255.0
  interface Ethernet0/2
  nameif DMZ
  security-level 50
  ip address 10.10.10.253 255.255.255.0
  interface Ethernet0/3
  shutdown
  no nameif
  no security-level
  no ip address
  interface Management0/0
  nameif management
  security-level 100
  ip address 192.168.1.1 255.255.255.0
  management-only
  boot system disk0:/asa843-9-k8.bin
  boot system disk0:/asa823-k8.bin
  ftp mode passive
  clock timezone GMT/BST 0
  clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
  dns domain-lookup outside
  dns domain-lookup inside
  dns server-group DefaultDNS
  name-server 194.168.4.123
  name-server 194.168.8.123
  domain-name nifcoeu.com
  object network obj-192.168.0.0
  subnet 192.168.0.0 255.255.255.0
  object network obj-192.168.5.0
  subnet 192.168.5.0 255.255.255.0
  object network obj-192.168.10.0
  subnet 192.168.10.0 255.255.255.0
  object network obj-192.168.100.0
  subnet 192.168.100.0 255.255.255.0
  object network obj-192.168.254.0
  subnet 192.168.254.0 255.255.255.0
  object network obj-192.168.20.1
  host 192.168.20.1
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network obj_any-01
  subnet 0.0.0.0 0.0.0.0
  object network obj-0.0.0.0
  host 0.0.0.0
  object network obj_any-02
  subnet 0.0.0.0 0.0.0.0
  object network obj-10.10.10.1
  host 10.10.10.1
  object network obj_any-03
  subnet 0.0.0.0 0.0.0.0
  object network obj_any-04
  subnet 0.0.0.0 0.0.0.0
  object network obj_any-05
  subnet 0.0.0.0 0.0.0.0
  object network NS1000_EXT
  host 80.4.146.133
  object network NS1000_INT
  host 192.168.20.1
  object network SIP_REGISTRAR
  host 83.245.6.81
  object service SIP_INIT_TCP
  service tcp destination eq sip
  object service SIP_INIT_UDP
  service udp destination eq sip
  object network NS1000_DSP
  host 192.168.20.2
  object network SIP_VOICE_CHANNEL
  host 83.245.6.82
  object service DSP_UDP
  service udp destination range 6000 40000
  object service DSP_TCP
  service tcp destination range 6000 40000
  object network 20_range_subnet
  subnet 192.168.20.0 255.255.255.0
  description Voice subnet
  object network 25_range_Subnet
  subnet 192.168.25.0 255.255.255.0
  description VLAN 25 client PC devices
  object-group network ISP_NAT
  object-group protocol TCPUDP
  protocol-object udp
  protocol-object tcp
  object-group service SIP_INIT tcp-udp
  port-object eq sip
  object-group service DSP_TCP_UDP tcp-udp
  port-object range 6000 40000
  access-list inside_nat0_outbound extended permit ip 192.168.10.0 255.255.255.0 192.168.254.0 255.255.255.0
  access-list inside_nat0_outbound extended permit ip object 20_range_subnet 192.168.254.0 255.255.255.0
  access-list Remote-VPN_splitTunnelAcl standard permit 192.168.10.0 255.255.255.0
  access-list Remote-VPN_splitTunnelAcl standard permit 192.168.20.0 255.255.255.0
  access-list 100 extended permit object-group TCPUDP object SIP_REGISTRAR object NS1000_INT object-group SIP_INIT
  access-list 100 extended permit object-group TCPUDP object SIP_VOICE_CHANNEL object NS1000_DSP object-group DSP_TCP_UDP
  access-list 100 extended permit ip 62.255.171.0 255.255.255.224 any
  access-list 100 extended permit icmp any any echo-reply inactive
  access-list 100 extended permit icmp any any time-exceeded inactive
  access-list 100 extended permit icmp any any unreachable inactive
  access-list 100 extended permit tcp any host 10.10.10.1 eq ftp
  access-list 100 extended permit tcp any host 10.10.10.1 eq ftp-data
  pager lines 24
  logging enable
  logging asdm informational
  mtu outside 1500
  mtu inside 1500
  mtu DMZ 1500
  mtu management 1500
  ip local pool VPN-Pool 192.168.254.1-192.168.254.254 mask 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-647.bin
  asdm history enable
  arp timeout 14400
  nat (inside,any) source static obj-192.168.0.0 obj-192.168.0.0 destination static obj-192.168.5.0 obj-192.168.5.0 no-proxy-arp route-lookup
  nat (inside,any) source static obj-192.168.10.0 obj-192.168.10.0 destination static obj-192.168.100.0 obj-192.168.100.0 no-proxy-arp route-lookup
  nat (inside,any) source static obj-192.168.10.0 obj-192.168.10.0 destination static obj-192.168.254.0 obj-192.168.254.0 no-proxy-arp route-lookup
  nat (outside,inside) source static SIP_REGISTRAR SIP_REGISTRAR destination static interface NS1000_INT service SIP_INIT_TCP SIP_INIT_TCP
  nat (outside,inside) source static SIP_REGISTRAR SIP_REGISTRAR destination static interface NS1000_INT service SIP_INIT_UDP SIP_INIT_UDP
  object network obj_any
  nat (inside,outside) dynamic interface
  object network obj_any-01
  nat (inside,outside) dynamic obj-0.0.0.0
  object network obj_any-02
  nat (inside,DMZ) dynamic obj-0.0.0.0
  object network obj-10.10.10.1
  nat (DMZ,outside) static 80.4.146.134
  object network obj_any-03
  nat (DMZ,outside) dynamic obj-0.0.0.0
  object network obj_any-04
  nat (management,outside) dynamic obj-0.0.0.0
  object network obj_any-05
  nat (management,DMZ) dynamic obj-0.0.0.0
  access-group 100 in interface outside
  route outside 0.0.0.0 0.0.0.0 80.4.146.129 1
  route inside 192.168.20.0 255.255.255.0 192.168.10.254 1
  route inside 192.168.25.0 255.255.255.0 192.168.10.254 1
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  http server enable
  http 192.168.1.0 255.255.255.0 management
  http 192.168.10.0 255.255.255.0 inside
  http 192.168.25.0 255.255.255.0 inside
  http 62.255.171.0 255.255.255.224 outside
  http 192.168.254.0 255.255.255.0 outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ca trustpoint ASDM_TrustPoint0
  enrollment self
  subject-name CN=
  crl configure
  crypto ca trustpoint _SmartCallHome_ServerCA
  crl configure
  crypto ca certificate chain ASDM_TrustPoint0
  certificate 2f0e024d
    quit
  crypto ca certificate chain _SmartCallHome_ServerCA
  certificate ca 6ecc7aa5a7032009b8cebcf4e952d491
    quit
  crypto isakmp identity address
  crypto ikev1 enable outside
  crypto ikev1 policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet 192.168.1.0 255.255.255.0 management
  telnet timeout 5
  ssh 62.255.171.0 255.255.255.224 outside
  ssh 192.168.254.0 255.255.255.0 outside
  ssh 192.168.10.0 255.255.255.0 inside
  ssh 192.168.25.0 255.255.255.0 inside
  ssh timeout 5
  ssh version 2
  console timeout 0
  vpn-sessiondb max-other-vpn-limit 250
  vpn-sessiondb max-anyconnect-premium-or-essentials-limit 2
  dhcpd address 192.168.1.2-192.168.1.254 management
  dhcpd enable management
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ntp server 192.168.10.6 source inside prefer
  webvpn
  group-policy Remote-VPN internal
  group-policy Remote-VPN attributes
  wins-server value 192.168.10.21 192.168.10.22
  dns-server value 192.168.10.21 192.168.10.22
  vpn-tunnel-protocol ikev1
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value Remote-VPN_splitTunnelAcl
  default-domain value
  username blank password blank encrypted privilege 0
  username blank attributes
  vpn-group-policy Remote-VPN
  username blank password encrypted privilege 0
  username blank attributes
    vpn-group-policy Remote-VPN
  tunnel-group Remote-VPN type remote-access
  tunnel-group Remote-VPN general-attributes
  address-pool VPN-Pool
  default-group-policy Remote-VPN
  tunnel-group Remote-VPN ipsec-attributes
  ikev1 pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect sip 
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  contact-email-addr
  profile CiscoTAC-1
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:b8263c5aa7a6a4d9cb08368c042ea236

  Your config was missing a no-nat between your "192.168.20.0" and "obj-192.168.254.0"
  So, if you look at your config there is a no-nat for inside subnet "obj-192.168.10.0" as shown below.
  nat (inside,any) source static obj-192.168.10.0 obj-192.168.10.0 destination static obj-192.168.254.0 obj-192.168.254.0
  So all you have to do is create a no-nat for your second subnet, like I showed you before, the solution was already there on your config but I guess you over looked at it.
  I hope that helps.
  Thanks
  Rizwan Rafeek

• Unable to access gif files from the server

  hi all,
  i have successfully signed an applet and it is loading in the client system also. in that applet, i instantiated a jbutton as given below:
  JButton jb = new JButton(new ImageIcon("http://192.168.91.154:8080/success/set.gif"));
  but the icon din appear and a blank button appears, even when accessed from the server system.
  if i give the exact path like c:/blazix/webfiles/success/ set.gif, the icon is coming in the server system but not in other systems. i tried without port no also but in vain. pl solve my problem. what i need is how to
  specify the path of the file[any file] which is present in server.
  or if i put all the gif files in the jar file, can i access the gif files present in the jar file [set for archive] ? if i can, give me the soln for accessing the gif file present in the jar file, so that i need not access the server to get the gif files.(i.e) how to specify the path of the gif files present in the jar file?
  i ve one more doubt. the jni library file shld be in the server, and the client has to access the library in the server. i think the applet loaded in the client ll search for the library in the local m/c only . how to make the applet to search for library in the server??
  i feel only by using rmi we can solve this problem. am i correct? if so i feel that an appln or applet running in the server shld access the jni library, and the applet in the client side should communicate with this server appln using rmi to get the data.is it correct? is there
  anyother way?
  i appreciate your help in this regard. thanks in advance. bye, padmanbhan.

  Better information on what you are doing with JNI might help you get an answer.
  If you have some server process that needs to use JNI, then I would code a servlet to call, instead of using RMI to ge there.
  Depending on your environment, and the target audiences environment, RMI may just cause you a lot of grief. Firewalls etc, get in the way of RMI connections and force security holes to be opened in order to work.
  If you use a servlet, then traffic to your server process is done via standard http calls, which will already be enabled, because your app runs in a browser.
  If ther data requirements are heavy duty, your server could always send an XML stream to the client, which would allow you to describe complex data to the client.
  Running JNI stuff from the client directly means a lot of local infrastructure to run your app. The code you want to run, the JNI library ....
  If what you have is really an application, but want the convenience of starting it from a browser, look at Java WebStart. Then you can distribute an application via the browser, and WebStart will worry about the deployment issues for you.
  In Summary:
  Stay away from RMI from applets if you can help it.
  If you really have an App, then try WebStart to manage the distribution issues for you.

• Unable to access SP App from host machine. Page not found

  I have created a virtual machine and configured SharePoint environment for the trail period on my windows 7 machine. I am able to do the Remote desktop connection from my host machine and access my SharePoint sites from the host machine browsers.
  But when I try to access the apps created for SharePoint, it shows the page cannot be found. I am able to access the same App for the same user in the SharePoint server but not its host machine.
  I have added this App domain to the intranet zone of host machine and to the server.
  Could you pls suggest me what I am missing?
  Thanks Sandy (MCTS, MCP)

  Hi Sandy,
  You can check if this issue is related to your virtual machine application network settings.
  Please try to ping your SharePoint server from Windows 7 client see if it could be successful.
  Please try to access your SharePoint site via IP address from Windows 7 IE browser, see if it works, may add SharePoint server ip map in your hosts file  on windows 7 machine.
  also check if it is related to SharePoint AAM configuration.
  http://social.msdn.microsoft.com/Forums/sharepoint/en-US/f40c6451-8c49-46ea-a344-ebf9977024d9/sharepoint-top-site-page-keep-getting-the-webpage-cannot-be-found-on-the-remote-machine?forum=sharepointadminprevious
  http://social.technet.microsoft.com/Forums/sharepoint/en-US/16bc995d-de85-42f2-a082-98c357965191/sharepoint-on-virtual-machine?forum=sharepointgenerallegacy
  Thanks
  Daniel Yang
  TechNet Community Support

• Unable to access protected function from the child object

  Hi all ,
  I have an abstract class having one protected method
  package foo;
  public abstract class A {
    protected String getName(){
               return "ABC';
  package xyz;
  public class B extends A {
            public void print(){
                            *super.getName();//this will get called*
  package abc;
  public class Ex {
          public static void main(String [] args){
             B b = new B();
             *b.getName(); //Im not able to calll this function*
  }{code}
  My question is why I m not able to call the protected method from child instance but inside the class ???
  I have checked this link , it also didn't say about the instance access or access within class .
  [http://java.sun.com/docs/books/tutorial/java/javaOO/accesscontrol.html]
  Thanks and regards
  Anshuman
  Edited by: techie_india on Aug 31, 2009 11:25 AM                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

  jossyvjose wrote:
  Hi Winston,
  Did you mean like this? But still same behaviour.
  package abc;
  public class Ex extends A {
  public static void main(String [] args){
  B b = new B();
  b.getName(); //still i am not able to calll this function
  }No. Class 'Ex' would have to extend B in order to call b.GetName(). And I would definitely not make Ex part of your hierarchy (it's the sort of thing you see in SCJP questions, but definitely a bad idea).
  What you can do though is to override the method; and Java allows you to change the visibility of overriden methods, provided they are more open. Thus, the following would be allowed:
  package foo;
  public abstract class A {
     protected String getName(){
        return "ABC';
  package xyz;
  public class B extends A {
     public void print(){
        System.out.println(super.getName()); // your previous code does nothing...
     public String getName() { // Note the "public" accessor
        return super.getName();
  package abc;
  public class Ex {
     public static void main(String [] args){
        B b = new B();
        b.getName(); // And NOW it'll work...
  {code}Note that this is just example code. I wouldn't suggest it as general practise.
  Also, when you write *public* methods, you should generally make them *final* as well (there are exceptions, but it's a good habit to get into; like making instance variables *private* - just do it).
  HIH
  Winston