Using a content rule for port translation.
If I set up a content rule to grab traffic on a VIP on port 81, can I then send it to a server that is configured for port 80 ?
cheers,
Mike
If I receive a udp packet with the sourse port 123. Can CSS forward this packet to the Server, but replace sourse port to something greater than 1023 ???
As I know CSS doesn't NAT for udp ports less than 1023.
Similar Messages
-
REMSH unix command issues when adding rule for port 514
Has anyone experienced any issues with Unix systems when adding rules to WAAS for port 514? This is the port RCOPY uses and is not handled by WAAS by default. We created a rule for port 514 but when we implement any type of optimization (even TFO Only) we start having problems with REMSH. This is used in one of our production scripts that normally take 10 minutes to run. When we apply the rule for port 514 the time goes as high as 45 minutes.
We wrote a test script that uses just the REMSH command and with out the 514 rule works fine but with the 514 rule goes down the tubes.
Just to add a little more information, I do not see an entry under Monitor/ Connection Statistics with the servers in question when the test script is running so am not sure where to go from here. I know there is a way to do a TCP capture from the WAAS so figure that will be the next step to see what is causing the issues.
Thoughts?? Ideas?? Suggestions??Well TAC came back with a answer. They found other people with the same issue.
"It was found that the applications always used the same source and destination TCP ports. WAAS has the first connection in a "WAIT-CLOSE" state so when the next packet comes in with the same ports it is dropped." , "A defect was opened for this issue, but has not been fixed yet."
He wanted us to do a packet capture but after finding these other tickets decided it would be a waste of time and only tell us we are having a similar issue as others.
Still waiting on a suggested work around or a patch, 4.15 is suppose to come out soon but haven't heard if it will fix the problem.
With the new information I don't think even putting 514 in pass-through will fix the issue.
I will let you know if I hear anything else. -
[SOLVED] how to use diffrent iptables rules for different ppp account?
x86 plantform run arch linux system , have two network interface etn1 eth0 .eth1 connect to internet. eth0 connect to other terminals through switch. want use different iptables rules for different pppoe account .also want to know how to forbidden more than one terminals established pppoe link use same account at the same time .
Last edited by linuxsir (2013-09-26 06:48:01)(You establish PPPoE sessions over the local network to the Arch machine? Which then routes the traffic?)
first question ,yes that is exactly what i am done. second question i also have a small scripts on windows pc to solve routes traffic problem
route -p delete 0.0.0.0
route -p add 192.168.9.0 mask 255.255.255.0 192.168.9.1
route -p add 0.0.0.0 mask 0.0.0.0 192.168.22.0
but after a while i found scripts is not necessary because windows always attempt to use PPPoE sessions as default internet connection local connection is also ok
and use -i pppX in my iptables rules dose not solve my problem , because same account start PPPoE session could be marked as ppp0 or ppp1. it is hard to identified which account start session. -
Can I use a OID rule for a Query SQL Lov of BIP?
Hi. Can I use OID data (rules) for a query sql lov in BIP? Ex. filters users/store.
Thank you.
R.Hi,
I didn't look at the example, but if you want to secure your application then you should use container managed security. Read this .
Anyway, you could add this before return "good"; in your login_action()
FacesContext.getCurrentInstance().getExternalContext().getSessionMap().put("username", user);Then, you can access this from anywhere in the application by using #{sessionScope.username}.
Pedja -
Using SAP Content Server for SAP E-Recruitment
Hi SAP Experts,
We are presently implementing SAP E-Recruitment using BSP services, We are successfully runnig with Whole E-recruitng cycle when we use SAP system DB as storgae for External Candidtes' Documents.
But, Our Client wants to have SAP Content Server to store all documents uploaded by External/Internal Candidates becuase client is worrying that if SAP system DB holds such huge data base of Resumes, it may slow down the performance of SAP System.
So, We need inputs from you suggesting whether is it feasible to use SAP Content server for SAP E-Recruitment Implementation. SAP no where suggests to Content server. So, we are in deliema to go for content server or not. If it is feasible to use Content server, pls provide me proper links or documents for reference.
Please give your valuable inputs,
Thanks & Regards,
Sudheer Kumar PHi Sudheer,
We are considering the same option. We are concerned about performance after all these documents are uploaded too. Did you install a content server? How did it go and was it difficult to set up with e-rec?
Thanks
Shane -
Use of content rule vs source group for NATing
To NAT outgoing flows out of two servers, is it necessary to define a content rule and source group (or is just a source group sufficient?).
Having trouble with Option 2.
Option 1:
service svr1
ip address 192.168.10.1
no port
protocol tcp
active
Also does CSS do NAPT i.e. alter the source port number for outgoing packets from source groups?
service svr2
ip address 192.168.10.2
no port
protocol tcp
active
content outflows
protocol tcp
add service svr1
add service svr2
vip address <externalip>
active
group outgrp
vip address <external ip>
add service svr1
add service svr2
active
<add appropriate acl>
Option 2:
service svr1
ip address 192.168.10.1
no port
protocol tcp
active
service svr2
ip address 192.168.10.2
no port
protocol tcp
active
group outgrp
vip address <external ip>
add service svr1
add service svr2
active
<add appropriate acl>to nat connections initiated by the server, you only need a source group.
No need for a content rule.
The CSS will port nat.
Gilles. -
Using DMS Content server for Archiving HR documents
Hi SAP Gurus,
with the details gathered from the forum we could suggest the client to go for Archiving there Documents for storing there HR related Documents, like Resumes, salary hike litters, leaves etc....
but as we do have DMS here and intending to get a Content server for DMS, can we use the same content server for archiving the HR documents also,
or the other way round if we go a Big archiving server, can we store DMS documents there using it as Content Server,
Thanks and Regards,
Priya SYes, you can use the content server. Just create an ArchiveLink Repository on the server and you can use it for HR.
-
Use of content server for cFolder
For cFolder, the use of content server is optional. My question is when should we use it ?
Hi,
cFolder can be used as a content server,Knowledge management system.
It is depend on the organization need and kind of development they are doing.
It is used best when are project team is working globally and virtually same.
we can share project docs,maintain BOM , Material management,discussion thread,and also used for online meetings.
Shiv -
SRP547W, How to use multiple WAN IPs for port forwarding?
Hi folks,
We've run into some difficulty trying to take advantage of multiple WAN IPs in conjunction with the SRP547, and I'm hoping someone here can help out or at least tell us that we're going to need to buy a different router...
What we're trying to acheive is the ability to port forward from our distinct public IPs to different internal servers. Looking at the options under Port Forwarding it looks like we can only configure forwards at the "WAN interface" level, but our problem is that we can't work out how to set up separate interfaces for each of our Public IPs...
Our ISP provides us with a fully managed NTU/router with a single "Internet" ethernet port, which we can use by statically configuring IPs on our end. For this configuration this port has been directly patched to the WAN ethernet port on the SRP547W.
We have been allocated a 255.255.255.248 (/29) subnet, giving us 5 usable IPs after the ISP's gateway address is taken into account, like so:
a.b.c.208 Network Address (/29 subnet)
a.b.c.209 ISP Gateway
a.b.c.210 IP1
a.b.c.211 IP2
a.b.c.212 IP3
a.b.c.213 IP4
a.b.c.214 IP5
a.b.c.215 Broadcast Address
On the SRP we've set up the default "Ethernet WAN2" sub-interface with the following details for IP1
VLAN ID: 4088 (Uneditable)
Connection Type: Static IP
Internet IP Address: a.b.c.210
Subnet Mask: 255.255.255.248
Default Gateway: a.b.c.209
The next step (I would have thought) would be to add a second sub-interface, using similar info for IP2
VLAN ID: 4000 (Chosen arbitrarily)
Connection Type: Static IP
Internet IP Address: a.b.c.211
Subnet Mask: 255.255.255.248
Default Gateway: a.b.c.209
When we try to do so however we get:
Fail!
Conflict with Ether_WAN2 interface address type
I should mention at this point that we're running on firmware version 1.02.01 (023).
Any suggestions on how we can proceed?
Is there a CLI or other method of configuration that might work if the web interface won't?
Thanks,
Tim.OK, I've seen reference to this solution before but not much in the way of details. Perhaps you can spell out how this ought to work, as the Software DMZ doesn't behave as I'd expected it to.
As before, on the SRP we've set up the default "Ethernet WAN2" sub-interface with the details for IP1 with a /29 subnet.
VLAN ID: 4088 (Uneditable)
Connection Type: Static IP
Internet IP Address: a.b.c.210
Subnet Mask: 255.255.255.248
Default Gateway: a.b.c.209
We'd now like to expose a server function on IP2, let's say LAN details for this server are:
VLAN: 3000
VLAN IP Range: 192.168.1.1/24
Server IP: 192.168.1.10
Server Port: 80
So first we turn on Software DMZ:
Status: Enabled
Public IP: a.b.c.211
Private IP: 192.168.1.10
WAN Interface: Ether_WAN2
My understanding, based on what you've said, is that this should expose the whole server to external access via IP2. Unfortunately, it doesn't seem to work this way - we don't seem to have any access at all. Perhaps there's a default deny rule on the firewall?
Just to be sure, I tried creating a rule to allow HTTP traffic to the server in the Advanced Firewall page.
In Interface (WAN): All
Out Interface (LAN): VLAN.3000
Source IP: 0.0.0.0
Source Subnet: 0.0.0.0
Destination IP: 192.168.1.10
Destination Subnet: 255.255.255.255
Protocol: TCP
Source Port: Any
Destination Port: Single:80
Action: Permit
Schedule: Everyday
Times: 24 Hours
Still no dice. What am I missing?
Cheers,
Tim. -
Idoc to File Scenarion Using File Content Conversion for Sales order data.
Hi Frineds,
WOuld like to know in what strucuture should i design my output strucutre to get data from idoc coming from SAP system.
How to enbble file contenct conversion to get txt file.
Need a detial view of this scenario.
Please help.Hi,
Get the target file structure format from the system or applicaiton which wants to use this data...
Based on this create message type in ESR and then configure the FCC parameters in the file adapter ..
if the structure is available and based on that want to know FCC ..then post the same some one here can help..
based on your requirement structure needs to be implemented and mapping as well
HTH
Rajesh -
Defining virtual servers using content-rules
Can multiple virtual servers be "bound" to a single real server when all of the virtual servers have the same ip address and port, with the only difference between each virtual server being a unique content rule applied to each? (This is more of a migration issue, than a load-balance issue)
I assume you are saying Web(HTTP) and the answer is yes.
1. Your server should has name-based virtual hosting enabled if your server only use 1 IP address.
2. In CSS, you can use single service for this server or use different services with different keepalive uri for each service.
3. You can use a number of unique Content rules (same VIP, TCP 80 with different URLs) and add the service to it.
Remarks: If you want to use unique Content rules, you should make them difference with URL, otherwise all the content rules are the same and you can't activate all.
Another suggestion: If your server already support Name-VHOST, you can use just single L4 Content rule and all the traffic would be handled by that server (service). -
CS-150-LAN extra content rule disables all access to website
We have a CS-150-LAN Content switch with software version 6.10Build203. Yesterday for no apparent reason we lost connectivity to our website through our CSS. To get around this issue we removed all content rules except for the "everything-else" rule.
owner http://www.acmi.net.au
content AIC
add service acmi-web3
url "//www.acmi.net.au/AIC*"
protocol tcp
port 80
vip address 203.14.59.174
content everything-else
add service acmi-web1
vip address 203.14.59.174
protocol tcp
port 80
active
owner http://www.vceart.com
content everything
add service acmi-web3
vip address 203.14.59.175
protocol tcp
port 80
active
What is happening now is that when l create an addional content rule it then times out all connections to our website http://www.acmi.net.au. If l suspend the additional rule "AIC" the website comes back online. We need these additional content rules for accessing subsites. Please help.
ThanksHere are the sho service summary and show summmary outputs
Owner Content Rules State Services Service Hits
www.acmi.net.au AIC Suspended acmi-web3 6
everything-else Active acmi-web1 243
acmi-web2 340
www.vceart.com everything Active acmi-web3 23
sec-css-11150# sh service summary
Service Name State Conn Weight Avg State Idx
Load Transitions
acmi-web1 Alive 2 1 2 2 2
acmi-web2 Alive 9 1 23 2 3
acmi-web3 Alive 1 1 17 2 4
The content rule AIC is suspended because if l activate it, it then makes the website www.acmi.net.au unreachable and timesout.
This config was working from day one with the AIC content rule and about another 9 content rules under the owner www.acmi.net.au
If l add the url "/*" command to the content rule "everything-else this also hangs the site www.acmi.net.au -
Netwearver WAS version 640 of the content server for PLM DMS
Hi,
We have SAP R/3 4.7 version & have implemented PLM-DMS with content server on WAS620.We are contemplating to use distributed content server for our requirement. Has anyone used multiple content servers? if so, could you please share your experiences.
Also, if anyone has anyone upgraded the content server to version 640, i would like you to share your experiences with me.
Thanks,
Viji
[email protected]Sap R/3 4.6C - CS630 (patch-lvl15)
We do not use SapDB or MaxDB to store the document on the content server, we store the documents directly in the file system.
Our Content servers run on win2003 servers.
In my company we've currently got 15 different content servers in 10 countries.
We've got one content server and one cache server at each location for one SAP system. One physical server has 2 content servers and 1 cache server. One for our SAP production system and one for our SAP Quality test system. They use the same cache server (first we created 2 cache servers, but it was not possible for SAP to destuingish between the two, so both cache servers got used by both SAP systems)
We have also implemented a couple of add-ons:
1. Conversion and viewserver (by Seal AG). conversion server converts office documents to pdf when documents are released. Currently use only 2 conversion servers, planning to increase when the volume gets larger.
Viewserver adds stamps on pdf-files when you view or print a document.
2. Document Distribution Manager (by CENIT AG). Makes it easy to schedule prefill of cache. Also possible to move documents from one storage category to another. And Rules for transfering documents from one site to another can be made (Ex. "not allowed to move files larger than 20 MB between <certain> sites")
Perhaps I could be of assistance?
BUT, anyway, the reason I post this is because I have problems upgrading my CS630 (lvl15) to CS640 (lvl6).
Asked SAP via an OSS, and they said it was like a regular patching (stop webservice, copy *.dll files, and restart webservice). But when I try this, I can't get contact with the content server via CSADMIN in SAP. I get "HTTP error: 500 Internal Server Error" -
Hi
Please , help me in knowing the use of content tab for a fact table in the repository in OBIEE.
Thanks.if you have multiple LTS then you should set the content level approprately otherwise you can get errors during consistency checks.not able to find any link which talks only about content level.see these links and let us know if you have any doubts
http://kr.forums.oracle.com/forums/thread.jspa?threadID=604637
Content tab is also handy when you are using aggregate tables.
Regards,
Sandeep -
Hello,
I wanted to confirm if we can use the content server which is used to store the originals of a DIR, to store the scanned documents using Archivelink? Whats are the pros and cons?
Thanks,
PaddyDear Athol Hill,
Thanks fore the quick reply,
let me with other DMS community cleary understand the Pros and Cons of Going for the content server storing of original files,
i belive SAP recommends to go for the SAP Content server installation for storing of original files for DMS? please explain in your own words.
so if we use same content server for storing original directly and also Archiving, do you mean to say that the original files stored in Archiving portion of the content server be copied to CDs and DVDs,
if this is the case can there be tranfer of the Original files from one repository of the content server (acting as DMS storage ) to another Repository (acting as Archive Storage)
so if this transfer is made then any original files can be copied to Optical drives,
one basic question i have is all this original storage device like this Content server, Archive and Vault do only act as Secure storage system? or is that only the feature of Content server?
if so then even if we copy the Archived files in to CDs and DVDs. they cannot be viewed directly with out the Help of SAP Logon transaction. is my understanding right?
is there any Storage System that is Supported by SAP which allows Data be stored other than Secure storage Area,and making it available outside SAP transaction for later use.
Thanks and regards
Shanti
Maybe you are looking for
-
We do have 2 reporting requirement which is as below - Vendor purchase report and vendor sales report . I can understand about the vendor purchase but just got confused with the vendor sales . They want to have below KF from Vendor sales report . Qua
-
Employee vendor account posting to facilitate cheque printing
Hi, Can someone please help me with the process of posting net pay amount to individual employee vendor account from payroll. We need to post to individual vendor account to facilitate cheque printing. Quick help would be appreciated. Regards, DDutta
-
Few Questions About Migrating Site & Editing Many Pages at Once
OK. First things first. My manager doesn't want me listing our company name in this post since we are currently trying to get out of our hosting contract and she doesn't want to jeapordize anything in case someone stumbled across the post by a search
-
Importing photos from iphoto into aperture
Hi I am currently importing my photos one album at a time from iphoto into aperture as this is what I was told is the best way to do it. My organization up to now ***** so I am trying to organize everything now. But I have pictures in my iphoto libra
-
I used to have Spotify student, now it's gone back to normal Spotify ($9.99/month). 1. Why did it do this?2. Why do I have switch accounts to free just to go back to Student? (Simply put, why can't you just go from Premium to Student?)