Unable to see logs while using split tunnel for RA

Similar Messages

• Unable to access inside network using Split tunnel RA VPN

  Hi Everyone,
  I configured RA Split tunnel VPN.
  Connection works fine.
  Inside Interface of ASA has connection to Switch IP 10.1.12.1.
  When connected via RA VPN i try https://10.1.12.1 but it does not open up.
  Inside Interface of ASA has IP 10.0.0.1
  ASA1#                                                                         $
  Session Type: IKEv1 IPsec Detailed
  Username     : ipsec-user             Index        : 23
  Assigned IP  : 10.0.0.51              Public IP    : 192.168.98.2
  Protocol     : IKEv1 IPsec
  License      : Other VPN
  Encryption   : IKEv1: (1)AES256  IPsec: (1)AES128
  Hashing      : IKEv1: (1)SHA1  IPsec: (1)SHA1
  Bytes Tx     : 2130969                Bytes Rx     : 259008
  Pkts Tx      : 6562                   Pkts Rx      : 3682
  Pkts Tx Drop : 0                      Pkts Rx Drop : 0
  Group Policy : ipsec-group            Tunnel Group : ipsec-group
  Login Time   : 11:10:41 MST Sun Jan 26 2014
  Duration     : 0h:40m:30s
  Inactivity   : 0h:00m:00s
  NAC Result   : Unknown
  VLAN Mapping : N/A                    VLAN         : none
  IKEv1 Tunnels: 1
  IPsec Tunnels: 1
  IKEv1:
    Tunnel ID    : 23.1
    UDP Src Port : 62751                  UDP Dst Port : 500
    IKE Neg Mode : Aggressive             Auth Mode    : preSharedKeys
    Encryption   : AES256                 Hashing      : SHA1
    Rekey Int (T): 86400 Seconds          Rekey Left(T): 83975 Seconds
    D/H Group    : 2
    Filter Name  :
    Client OS    : WinNT                  Client OS Ver: 5.0.07.0440
  IPsec:
    Tunnel ID    : 23.2
    Local Addr   : 0.0.0.0/0.0.0.0/0/0
    Remote Addr  : 10.0.0.51/255.255.255.255/0/0
    Encryption   : AES128                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 26375 Seconds
    Idle Time Out: 30 Minutes             Idle TO Left : 29 Minutes
    Bytes Tx     : 2137160                Bytes Rx     : 259088
    Pkts Tx      : 6571                   Pkts Rx      : 3684
  NAC:
    Reval Int (T): 0 Seconds              Reval Left(T): 0 Seconds
    SQ Int (T)   : 0 Seconds              EoU Age(T)   : 2426 Seconds
    Hold Left (T): 0 Seconds              Posture Token:
    Redirect URL :
  From ASA i can ping the switch IP
  ASA1#  ping 10.1.12.1
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 10.1.12.1, timeout is 2 seconds:
  Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms
  ASA1#
  logs from firewall
  Jan 26 2014 11:53:20: %ASA-6-302014: Teardown TCP connection 51636 for outside:10.0.0.51/50747(LOCAL\ipsec-user) to identity:10.0.0.1/443 duration 0:00:00 bytes 1075 TCP Reset-O (ipsec-user)
  Jan 26 2014 11:53:20: %ASA-6-106015: Deny TCP (no connection) from 10.0.0.51/50747 to 10.0.0.1/443 flags FIN ACK  on interface outside
  Why firewall logs show https connection to 10.0.0.1 instead of  10.1.12.1?
  Regards
  Mahesh

  Hi Jouni,
  ASA1# sh ip address
  System IP Addresses:
  Interface                Name                   IP address      Subnet mask     Method
  Vlan1                    inside                 10.0.0.1        255.255.255.0   CONFIG
  Vlan2                    outside                192.168.1.171   255.255.255.0   CONFIG
  Vlan3                    sales                  10.12.12.1      255.255.255.0   CONFIG
  Current IP Addresses:
  Interface                Name                   IP address      Subnet mask     Method
  Vlan1                    inside                 10.0.0.1        255.255.255.0   CONFIG
  Vlan2                    outside                192.168.1.171   255.255.255.0   CONFIG
  Vlan3                    sales                  10.12.12.1      255.255.255.0   CONFIG
  Connection is split tunnel.
  when i check stats on vpn client all i see bypassed packets.
  ASA1#                                                       sh run group-polic$
  group-policy ipsec-group internal
  group-policy ipsec-group attributes
  dns-server value 64.59.144.19
  vpn-tunnel-protocol ikev1
  split-tunnel-policy tunnelspecified
  ipv6-split-tunnel-policy excludespecified
  split-tunnel-network-list value ipsec-group_splitTunnelAcl
  Regards
  Mahesh
  Message was edited by: mahesh parmar

• Unable to activate namespace while using external defintions for mapping.

  Hi,
  In my scenario, am using XSD's imported as External defintions as my req and res message types. In the message interface the req and res namespace of the imported XSD's are different to the one in which the rest of the objects are created. Now, when I activate the objects, am getting the follwing error - Namespace urn:wb.apdrp.testwsdl.com is not defined in the software component version WBSEDCL_TEST_00 , 1.0 of wbsedcl, please help...
  Regards
  Sathish

  Hi,
  It is possible to activate the objects in the namespace and not the namespace. I got the following error when i tried to activate my message interface.
  Internal problem occurred (INTERNAL_PROBLEM) -
  MESSAGE ID: com.sap.aii.utilxi.swing.framework.rb_exceptions.INTERNAL_PROBLEM
  STACKTRACE:
  com.sap.aii.utilxi.swing.framework.FrameworkException: Internal problem occurred
  java.lang.NullPointerException -
  com.sap.aii.utilxi.swing.framework.FrameworkException: Internal problem occurred
  java.lang.NullPointerException
      at com.sap.aii.ibrep.gui.interfaces.ExternalDefinitionController.genericFrameworkEvent(ExternalDefinitionController.java:92)

• I am unable to print anything while using firefox as my browser !

  i am unable to print anything while using firefox as my browser !

  Hi Philip,
  This could be an issue with some corrupt print preferences. In your toolbar go to about:config and reset all of your print.preferences. This could hopefully help!
  - Sarah

• Error: 1013231 Unable to update database while in readonly mode for backup

  Hi all,
  Wen im deleting the members for dimendsion , its giving error (hyperion 11.1 aso)
  Error: 1013231 Unable to update database while in readonly mode for backup , how can i solve this problem ,plz can any one help on this
  Thanks

  Has somebody set the database ready for archiving, maybe some maxl has been run and the db has not been returned from read only mode.
  Try running the following Maxl (change app.db to match your app/db)
  alter database app.db end archive;
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Xcelsius error: Unable to load URL while using QAAWS on XI 3.0.

  Hi Experts,
  I am getting "unable to load url" in xcelsius 2008 while importing a qaaws url.
  After all the testing below are my observations:-
  1) This has something to do with QAAWS.
  2) When I logged into QAAWS and tried accessing the newly created url from the browser. It gave this error " can not communicate to the server mcc69u01:6400" but intrestingly the cms port is located at 6464 and not 6400.
  3) For every other application like infoview and cmc it picks the correct port i.e. 6464.
  4) Server is present on a UNIX box.
  5) I read somewhere that I need to make changes in the dsws.properties file under war files folder. There I enetered "domain= mcc69u01:6464" and restarted TOMCAT.
  6) After making this change I was unable to even log into QAAWS as it gave the error 02718 " you are not authorized to create query".
  7) After reverting the changes now I am able to log into QAAWS and create new queries but the same problem persist.
  8) TOMCAT is listening to port 8088 for our environment.
  9) Tried the same thing from a different client machine with fairly new BO XI 3.0 client installation(same server) but no success.
  I believe somehow QAAWS is not able to connect to the correct port 6464 and that is the reason for this issue.
  Could anyone suggest what I should do???
  Thanks in anticipation,
  Anshul

  hi Anshul,
  The QAAWSservletprincipal is not related to how you log into the server when creating queries
  It is used when the queries are actually running, or when you are trying to load the query to a tool like Xcelsius. I had the same unable to load error and it was caused by the QAAWSservletprincipal being set to concurrent licence when my server was all named users.
  I think the issue you are seeing is more likely a bug caused by hardcoded cms port, but I think it is worth ruling out.
  Regards
  Alan

• Is it possible to force some urls through the vpn using split tunneling?

  Hi all,
  just that. We have some urls accessible only from our office lan, and will be nice to allow the clients to split tunnel all but this specific urls.
  Possible? Thanks in advance!

  Simon,
  I was thinking that you were trying to reach a web server hosted on the LAN. I see now that you are trying to reach external sites that are only accessible from the LAN. I am not aware of any way to allow a partially split tunnel, if I find anything I will update.
  - Marty

• Unable to support application while using data services

  I have a curve9220
  all time good product
  but unable to use any application while using data services 
  but i can browes from explore. 

  Yes, if you want to use them on mobile network you must have a BB data plan.
  1. Please thank those who help you by clicking the "Like" button at the bottom of the post that helped you.
  2. If your issue has been solved, please resolve it by marking the post "Solution?" which solved it for you!

• Unable to remove *.log files using utl_file.fremove

  Hi,
  I want to remove .log files using the below command
  I want to remvoe all the *.log files but its remvoing only one .log file
  utl_file.fremove(location => dir_name, filename => log_file_name);
  Any help will be needful for me

  In the documentation for your unknown version of oracle you can view the definition of utl_file.fremove.
  Everywhere it states utl_file.fremove removes a file, not 1 or more, and the documentation doesn't discuss the use of wildcards.
  It seems like the question could have been prevented by reading docs (which almost no one here does), and you need to use Java to address your requirement.
  Personally I wouldn't misuse Oracle to perform O/S tasks.
  Sybrand Bakker
  Senior Oracle DBA

• Unable to see the application in BPM Workspace for Sales Quote tutorial

  I have created the Sales Quote tutorial steps and deployed the process. The Enter Quote Details user task is in the "SalesRep" role and I have assigned a user from WebLogic user store to "SalesRep" role in the BPM Organization artifact.
  In order to kick off the process, I logged-in to BPM workspace with the user I have assigned as "SalesRep" role but don't find the Sales Quote application under the "Applications" tab.
  I am using 11g PS4(11.1.1.5) and didn't seed the demo users, instead just created the user using WLS console.
  Any thoughts why the user is unable to see the application in BPM Workspace?
  Thanks,
  Satya

  Check two things:
  1. Login to Workspace as weblogic and click the Administration link at the top to verify the role is actually set to a user (just to double check this).
  2. Login to EM, click the SalesQuote composite, scroll down and click the EnterQuote human task component, and click the Administration tab.
  This shows you if there is a task form URI associated with this human task. If not, the initiate link won't show up in the Applications menu in Workspace.
  If not, you can either deploy again from JDeveloper, making sure you have selected the task forms in the deploy wizard and making sure the deployment is successful in the Deployments log window.
  Heidi.

• Reg : I am getting an error while Using MicroSoft ODBC For Oracle Driver

  I am Using MicroSoft ODBC For Oracle Driver  for JDBC. Why i am using this driver is i could not able to get  the arabic content if i use the other driver  .I Right now i cannot change the NLS Lang because its a production server    also it has around 300 gb of data  and i can not take risk now by changing the NLS lang.. coming to the below error .i could able to access my data up to 4 Hours after that i am getting this error.If i restart my tomcat i can use my application  one more 4 hrs  .Please get back to me if u have any solution.Its very very helpful to me......+*
  [java.sql.SQLException] [ Microsoft ODBC for Oracle ]
  at sun.jdbc.odbc.JdbcOdbc.createSQLException(JdbcOdbc.java:6957)
  at sun.jdbc.odbc.JdbcOdbc.standardError(JdbcOdbc.java:7114)
  at sun.jdbc.odbc.JdbcOdbc.SQLDriverConnect(JdbcOdbc.java:3073)
  at sun.jdbc.odbc.JdbcOdbcConnection.initialize(JdbcOdbcConnection.java:3
  23)
  at sun.jdbc.odbc.JdbcOdbcDriver.connect(JdbcOdbcDriver.java:174)
  at java.sql.DriverManager.getConnection(DriverManager.java:582)
  at java.sql.DriverManager.getConnection(DriverManager.java:185)
  at com.iton.eoffice.DatabaseBean.connecteOfficeMoEnq(DatabaseBean.java:4
  60)
  at org.apache.jsp.MhewProfilesearchMoEnq_jsp._jspService(MhewProfilesear
  chMoEnq_jsp.java:434)
  at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper
  .java:384)
  at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:3
  20)
  at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
  icationFilterChain.java:290)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
  ilterChain.java:206)
  at com.iton.eoffice.tree.CharacterEncodingFilter.doFilter(CharacterEncod
  ingFilter.java:63)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
  icationFilterChain.java:235)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
  ilterChain.java:206)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
  alve.java:228)
  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
  alve.java:175)
  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
  ava:128)
  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
  ava:104)
  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
  ve.java:109)
  at org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.j
  ava:347)
  at org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBin
  derValve.java:209)
  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
  a:212)
  at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
  :844)
  at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
  ss(Http11Protocol.java:634)
  at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
  5)
  at java.lang.Thread.run(Thread.java:619)
  ------------1234-----------
  java.lang.NullPointerException
  at com.iton.eoffice.DatabaseBean.getSQLRows(DatabaseBean.java:764)
  at org.apache.jsp.MhewProfilesearchMoEnq_jsp._jspService(MhewProfilesear
  chMoEnq_jsp.java:435)
  at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper
  .java:384)
  at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:3
  20)
  at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
  icationFilterChain.java:290)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
  ilterChain.java:206)
  at com.iton.eoffice.tree.CharacterEncodingFilter.doFilter(CharacterEncod
  ingFilter.java:63)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl

  <BLOCKQUOTE><font size="1" face="Verdana, Arial, Helvetica">quote:</font><HR>Originally posted by sreenivas navuluri:
  Oracle(tm)Client and networking components not found. These components are supplied by Oracle Corporation and part of Oracle Version 7.2 or greater Client software installation. You will be unable to use this driver until these components have been installed . This error occurs while selecting the Microsoft Odbc for Oracle driver from the ODBC in control panel. Pls suggest<HR></BLOCKQUOTE>
  null

• Error while using Noetix Generator for OBIEE 11.1.1.6.8

  Hi Gurus,
  We are trying to implement Noetix views for OBIEE 11.1.1.6.8 using Noetix generator for oracle business intelligence,, but we are facing below error..
  Please help, thanks in advance.
  " *Validation encountered following warnings..*
  *Could not verify server version. Double check that your server version matches the target specified.*
  *Cause: access denied for user to path /system/version*. "

  Hi,
  I'm the Director of Engineering at Noetix that is responsible for Noetix Generator for OBIEE.
  Noetix Generator utilizes OBI's web services in order to validate that your OBI admin client and server have matching versions. The validation error you're seeing appears to be caused by a permission issue while accessing the "/system/version" folder of your web catalog through that web service.
  One thing you could check is the OBI account you're using in Noetix Generator to access the BI Server. That account should have administrative privileges in OBI.
  I also noticed that you're attempting to use OBI 11.1.1.6.8, which we don't currently support. Your existing version of Noetix Generator may work with it, but we won't claim official support until we certify our generator against it. That will come in a future release.
  Please contact Noetix Support at http://support.noetix.com if you need additional information. Our support staff can assist you in resolving this issue.
  Thanks,
  Jay Shipley

• R/3 Secure Store and Forward, while using SAP portal for SSO

  Hello,
  We are using SAP Portal UME for authentication, then SAP SSO tickets to log into the SAP R/3 system.  Initially we decided that the end users would have a "disabled password" so that they must use the portal authentication mechanism to get into R/3 and therefore could not log in straight to R/3 system via SAP GUI.
  All was working fine until during integration testing when someone tried to use the electronic signature function on a QM t-code (QA11) that prompted for an e-sig.  Since local passwords have been disabled, the user could not execute the e-sig. 
  We do not want to activate local R/3 passwords for the users.  Can anyone give some advice or a best practice regarding how to set up electronic sigs in R/3 while using an external authentication source? FYI, we are also trying to avoid using the LDAP connector from R/3 to our LDAP.
  Please comment for any clarity needed or comments,
  Thanks in advance,
  Ryan

  Good point - but I'm afraid of not knowning an instant answer.
  Well, theoretically one could make use of the fact that an NWAS ABAP can act as http client (submitting http requests to the NWAS Java to validate logon data); but that's just a rough idea.
  Regards, Wolfgang

• Problem while using BCP utility for witing data in file

  hi all,
  I have a batch file in which I am using bcp command for reading data from MS SQL and writing it in delimiter file. Now there are some exceptions in MS SQL that while writing into file whenever it encounters new line character it switches to next line while writing and starts writing the rest of the data on next.
  Could you help me in getting rid of this problem. I wanted to replace the new line character with space.
  Thanks and regards
  Nitin

  Hi Dilip,
  Before going for any other table,
  As Kalnr is only one of the primary keys of table KEKO, You can try creating secondary index on KEKO, which might help in improving your report performance.
  Also, you can add more conditions in where clause if possible, which will also help in improving performance.
  Thansk,
  Archana

• Monetization rejected while using imovie trailer for film on youtube

  i love to use the trailer for making quick an nice movies. As I uploaded them to youtube and tried monetize them via youtube they get rejected due to the music.
  How do I clarify that this is music from iMovie and I bought it with the software?

  This question comes up from time to time. YouTube and Facebook are both wrong.
  There are a number of con-men who think that they can earn a quick buck from claiming that they own the copyright to Apple’s royalty-free jingles and sound effects included with the iLife applications. These are all free to use, as clearly stated in section 2.C of the iLife Software License Agreement:
  “You may use the Apple and third party audio content (“Audio Content”) contained in or otherwise included with the Apple software, on a royalty-free basis, to create your own original soundtracks for your video and audio projects. You may broadcast and/or distribute your own soundtracks that were created using the Audio Content, however, individual samples, sound sets, or audio content may not be commercially or otherwise distributed on a standalone basis, nor may they be repackaged in whole or in part as audio samples, sound files, sound effects or music beds.”
  http://images.apple.com/legal/sla/docs/ilife09.pdf
  You should quote this (also providing the above link) when following the dispute process with YouTube.