Using domain names in access rules

Similar Messages

• Can I use domain name to access local web (& other) services via VPN?

  I've just set up a VPN service for our office but, when connected via VPN, I can't seem to access our Wiki Server via our domain (http://example.private/groups/). Instead it will only let me access it via IP (http://192.168.1.2/groups/)
  Is it possible to access it via http://example.private/groups/ and if so what do I need to do?
  EDIT: actually, same goes with the local iChat and iCal services too.
  Message was edited by: Christiaan

  Okay, it's sorted. I phone Apple Support.
  The solution is to open Server Admin. Go to VPN Settings, then click on the Client Information tab, then add your local DNS server to the DNS Servers list (in our case 192.168.1.2).
  I would have expected the Standard configuration of Leopard Server setup to have added this by default, so I'll submit a bug report when I get a chance.

• Using Multiple Domain Names to Access Our Portal

  We operate one domain corp.company.com but all internal intranet web servers get  assigned the address inside.ZZZ. The inside.ZZZ is on our IE exclusion list but company.com is not. Adding company.com seems to be a miserable task so we are looking at adding an alias so our users can access the server at the new inside.ZZZ url. We have DNS pointing the URL to the right server and that seems to be working properly.
  Something within the application is redirecting the page to gnwhepdev.corp. company .com (our server’s domain address) after the initial login.  Since *.corp. company .com is not in the exclusion list, it is considered an outside address and rerouted.  We are trying to find some way to pass the alias within the  application itself so that we don’t need *.corp. company .com in the exclusion list and we can point users to the inside.ZZZ url.
  Our team researched this issue and found documentation that supported the use of multiple domain names to access a Enterprise Portal.  The documentation that we found is below:
  How To…Configure the J2EE Engine Deployment Descriptor (Version 1.00 – July 2004)
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d0eb8120-b66c-2910-5795-894f384fc054
  Particularly on page 13-15 in the documentation it talks about enabling the portal via multiple domain names (Section 3.7:  Using Multiple Domain Names to Access the Portal).  Also, the documentation says the following:
       You must have sever proxy servers, each with a different domain name.  You then activate the filter mechanism and configure it to work with several proxy servers
  We have several questions about the possiblities of being able to set this up and whether it would require another server where Web Dispatcher would need to be installed for this configuration to work properly.  Can someone please provide some insight into what needs to be configured and answer the question about the Web Dispatcher?  Also, if Web Dispatcher is required, what steps need to be done to configure?  If Web Dispatcher is not needed, what will we need to do apart from that to set this up for our Enterprise Portal system?

  It is but you have to use masking......
  http://iwebfaq.org/site/iWeb_Domains.html

• OBIEE presentation url to use domain name

  Experts,
  I would like to make OBIEE presentation url to use domain name instead of ip address.  What and where is the change required for this?
  Currently the url is like this - http://10.20.123.456:9704/analytics/saw.dll?Dashboard and we want something like this http://myobiee.com:9704/analytics/saw.dll?Dashboard
  OBIEE : 10.1.3.4
  Regards,
  Sarvan

  Hi Vamsy,
  Thanks for your response.  I tried your suggestion in my local installation, but no luck.
  Network Error (dns_server_failure) 
  Your request could not be processed because an error occurred contacting the DNS server.......
  Am I missing something here.  Do you think it is this simple to achieve?
  Regards,
  Sarvan

• Using domain name instead of ip address

  I have a tomcat server installed on machine1(server). I can access this server from other computer on intranet using http://ipAddressOfServer/. Now, I want to access the server using a domain name, for example http://domainName.com. Can we do that in Tomcat or does it require to install any third party software.

  You can associate a Virtual Host to the loopback IP address 127.0.0.1 read about Virtual Hosts here: http://tomcat.apache.org/tomcat-6.0-doc/virtual-hosting-howto.html
  But with the above configuration alone you can access your app via http://somedomainname.com only on your local machine, no one else on the internet will see it.

• Domain name to access within the LAN

  Friends !
  Let me know how can I create a domain name (like : www.myapp.com) so that it can be accessed from within the LAN.

  Sorry - forgot the "LAN" part. You need to set up a DNS server or something. But this is completely unrelated to Java.

• How to configure internet domain name for P6 website using weblogic

  After installing and configuring weblogic for P6 you get the following address https://servername:7002/console/login/LoginForm.jsp to access P6 website.  Anyone know how to configure a purchase domain such as www.mydomain.com have it redirect to https://servername:7002/console/login/LoginForm.jsp Is this configured in weblogic server? If not, what is needed to redirect the purchased domain?

  HI
  You could have that domain resolving to/by some DNS servers and set up a load balancer / proxy to redirect every incoming request to that domain / site to your weblogic console.
  however , what is it you are trying to do? It is very unsual of redirecting/ using Domain names to redirect to wls consoles.
  could you explain your use case in detail please
  Sri

• ASA 5505, error in Access Rule

  Hello.
  Tha ASA 5505 is working, but I try to allow http and https from internet to a server running 2012 Essentials. The server has the internal IP 192.168.0.100. I have created an Object called SERVER with IP 192.168.0.100
  The outside Interface is called ICE
  I have configured NAT:
  I have also configured Access Rules:
  But when I test it With the Packet Tracer I get an error:
  Whats wrong With the Access Rule?
  I do prefer the ASDM :)
  Best regards Andreas

  Hello Jeevak.
  This is the running config (Vlan 13 (Interface ICE) is the one in use:
  domain-name DOMAIN.local
  names
  name 192.168.0.150 Server1 description SBS 2003 Server
  name 192.168.10.10 IP_ICE
  name x.x.x.0 outside-network
  name x.x.x.7 IP_outside
  name 192.168.0.100 SERVER description Hovedserver
  interface Vlan1
   nameif inside
   security-level 100
   ip address 192.168.0.1 255.255.255.0
  interface Vlan2
   description Direct Connect
   backup interface Vlan13
   nameif outside
   security-level 0
   pppoe client vpdn group PPPoE_DirectConnect
   ip address pppoe
  interface Vlan3
   description Gjestenettet
   nameif dmz
   security-level 50
   ip address 10.0.0.1 255.255.255.0
  interface Vlan13
   description Backupnett ICE
   nameif ICE
   security-level 0
   ip address IP_ICE 255.255.255.0
  interface Vlan23
   description
   nameif USER
   security-level 50
   ip address 10.1.1.1 255.255.255.0
  interface Ethernet0/0
   switchport access vlan 2
  interface Ethernet0/1
   switchport access vlan 13
  interface Ethernet0/2
   switchport access vlan 23
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
   switchport access vlan 3
  interface Ethernet0/7
   switchport access vlan 3
  ftp mode passive
  clock timezone CEST 1
  clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
  dns domain-lookup dmz
  dns server-group DefaultDNS
   domain-name DOMAIN.local
  same-security-traffic permit inter-interface
  same-security-traffic permit intra-interface
  access-list outside_access_in extended permit tcp any host IP_outside eq https
  access-list outside_access_in extended permit tcp any host IP_outside eq www
  access-list outside_access_in extended permit icmp any host IP_outside echo-reply
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list outside_access_in remark For RWW
  access-list DOMAINVPN_splitTunnelAcl standard permit any
  access-list inside_nat0_outbound extended permit ip any 192.168.0.192 255.255.255.192
  access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.255.0 192.168.0.192 255.255.255.192
  access-list DOMAIN_VPN_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0
  access-list ICE_access_in extended permit tcp any host IP_ICE eq https
  access-list ICE_access_in extended permit tcp any host IP_ICE eq www
  access-list ICE_access_in extended permit icmp any host IP_ICE echo-reply
  access-list ICE_access_in remark For RWW
  access-list ICE_access_in remark For RWW
  access-list USER_access_in extended permit ip any any
  pager lines 24
  logging enable
  logging asdm warnings
  mtu inside 1500
  mtu outside 1500
  mtu dmz 1500
  mtu ICE 1500
  mtu USER 1500
  ip local pool VPNPool 192.168.10.210-192.168.10.225 mask 255.255.255.0
  no failover
  monitor-interface inside
  monitor-interface outside
  monitor-interface dmz
  monitor-interface ICE
  monitor-interface USER
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit outside-network 255.255.255.0 outside
  icmp permit 192.168.10.0 255.255.255.0 ICE
  asdm image disk0:/asdm-524.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  global (ICE) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 1 0.0.0.0 0.0.0.0
  nat (dmz) 1 10.0.0.0 255.255.255.0
  nat (USER) 1 10.1.1.0 255.255.255.0
  static (inside,ICE) tcp interface www SERVER www netmask 255.255.255.255
  static (inside,outside) tcp interface www SERVER www netmask 255.255.255.255
  static (inside,ICE) tcp interface https SERVER https netmask 255.255.255.255
  static (inside,outside) tcp interface https SERVER https netmask 255.255.255.255
  access-group outside_access_in in interface outside
  access-group ICE_access_in in interface ICE
  access-group USER_access_in in interface USER
  route outside 0.0.0.0 0.0.0.0 x.x.x.1 1 track 123
  route ICE 0.0.0.0 0.0.0.0 192.168.10.1 254
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  http server enable
  http 192.168.0.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  sla monitor 1
   type echo protocol ipIcmpEcho x.x.x.1 interface outside
   num-packets 3
   frequency 10
  sla monitor schedule 1 life forever start-time now
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto dynamic-map outside_dyn_map 20 set pfs group1
  crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 40 set pfs group1
  crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA
  crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
   authentication pre-share
   encryption 3des
   hash sha
   group 2
   lifetime 86400
  track 123 rtr 1 reachability
  no vpn-addr-assign local
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  management-access inside
  dhcpd auto_config outside
  dhcpd address 10.0.0.10-10.0.0.39 dmz
  dhcpd dns y.y.y.2 z.z.z.z interface dmz
  dhcpd lease 6000 interface dmz
  dhcpd enable dmz
  dhcpd address 10.1.1.100-10.1.1.120 USER
  dhcpd dns y.y.y.2 z.z.z.z interface USER
  dhcpd lease 6000 interface USER
  dhcpd domain USER interface USER
  dhcpd enable USER
  ntp server 64.0.0.2 source outside
  group-policy DOMAIN_VPN internal
  group-policy DOMAIN_VPN attributes
   dns-server value 192.168.0.150
   vpn-tunnel-protocol IPSec
   split-tunnel-policy tunnelspecified
   split-tunnel-network-list value DOMAIN_VPN_splitTunnelAcl
   default-domain value DOMAIN.local
  class-map inspection_default
   match default-inspection-traffic
  class-map imblock
   match any
  class-map P2P
   match port tcp eq www
  policy-map type inspect dns preset_dns_map
   parameters
    message-length maximum 512
  policy-map type inspect im impolicy
   parameters
   match protocol msn-im yahoo-im
    drop-connection log
  policy-map global_policy
   class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect pptp
  policy-map type inspect http P2P_HTTP
   parameters
   match request uri regex _default_gator
    drop-connection log
   match request uri regex _default_x-kazaa-network
    drop-connection log
   match request uri regex _default_msn-messenger
    drop-connection log
   match request uri regex _default_gnu-http-tunnel_arg
    drop-connection log
  policy-map IM_P2P
   class imblock
    inspect im impolicy
   class P2P
    inspect http P2P_HTTP
  service-policy global_policy global
  service-policy IM_P2P interface inside
  prompt hostname context
  : end
  asdm image disk0:/asdm-524.bin
  asdm location Server1 255.255.255.255 inside
  asdm location IP_ICE 255.255.255.255 inside
  asdm location outside-network 255.255.255.0 inside
  asdm location SERVER 255.255.255.255 inside
  no asdm history enable
  What is wrong? Everything Works well except port forwarding.
  Andreas

• Business catalyst transfer hosting / domain name issues

  Hello,
  Hopefully someone can help with this. There is no information to be found anywhere about this anywhere. So here goes..
  -Basically I have a an old site using my  .com hosted away from CC. I also have a newer version of my website hosted at CC and using the same .com BUT using the 'Business catalyst" tag"
  -I now want to shut down my old site hosted away from CC-to free up the .com so I can use me new website WITHOUT having to use the Business catalyst tag (While remain being hosted on CC)
  This is what my other host has asked me to get - (and that Adobe has no information on)
  My old host:
  "In order to transfer the domain name to your new provider (CC) you need to organise the following:
  .co.uk domain - In order to transfer the .co.uk domain name,
  we need to be given the new 'Nominet Tag' for your new provider (CC). We can then switch the tag at our end and your new provider (CC) can gain access to the domain name.
  .com domain - In order to transfer the .com domain name, your new provider (CC) will need to request a transfer of the .com domain from their end. We have unlocked the domain so this can be requested. Once they have done this, we will be able to provide an authorisation code that will enable them to complete the transfer."
  Please help. This is very confusing..
  Thanks in advance to anyone that can help!!

  Hi,
  If planning on reusing a domain for another site...
  First you need to remove the domain from our old site/host. Once you have done this you can then add your domain to whichever site you require.  Then set up your DNS accordingly whether you want to host with BC or externally. 
  Adding domain references:
  http://forums.adobe.com/docs/DOC-1741
  https://helpx.adobe.com/business-catalyst/using/domain-names.html
  Let me know if you have any remaining concerns. 
  Cheers!
  -Sidney

• Web Domain Name Question??

  So this is going to sound really noobie like...well because I'm not really a network admin by day.
  I have my server set and functioning with DNS, Web, OD, and a mixture of file sharing services. So...when creating a new Site in Web service, I set a 'Domain Name' (like www.example.com) and 'Aliases' (like example.com). If I then go to a web browser and type "www.example.com" or "example.com" I get nothing...but, if I type in the FQDN of the server (like "http://ns1.mydomain.com"), it will go to my site.
  Now, I know that the domain I'm setting isn't a registered domain, but with all of my client computers pointing to the DNS of the server, shouldn't it resolve to be like a 'local host' kinda thing?
  I don't need this to be live to the internet...just a local site. Any help or suggestion is much appreciated!
  Thank you!!

  Hi Corey
  To put it simply you really don't need any other IP address in the Server's DNS Server's field other than its own address. Of course this assumes the server is also the DNS Server. The Server in effect is using its own DNS to resolve itself locally and any client computers that are using it for their DNS as well as accessing the internet. Obviously clients using the Server for their DNS will also be accessing the internet using the Server.
  If the Server is down then it won't matter whether if it can get on the internet - its down. For clients using the server it will matter. So for clients you could either not bother using the Server and use either the Router IP address (if the router is not your server) or any ISP supplied DNS Server addresses. Or place these addresses as secondary addresses.
  A lot depends on how you want clients to access server hosted domains? If you want to use domain names then clients have to know which DNS Server resolves that name to an IP address. Of course you could just simply use the server's IP address locally - clients will still access the site.
  This explanation is as simple as I can make it. There are others on these forums who could (or may if they post) explain things a lot better?
  Glad I could help and thank you for the feedback.
  Tony

• Adding a personal domain name

  I want to add a new personal domain name in my mobile me account, but through all the tutorials the ADD button does not appear.  Can anyone advise as to why?

  With MobileMe being discontinued next June 30th you might want to start looking for a new web host to publishs your websites to.  That way you can have multiple domain names all accessed the same way.
  This may be of help to you: Life After MobileMe, particulary the tutorial: 28 - Using HostExcellence.com with iWeb.
  OT

• CLARIFICATION RE: 2 DOMAIN names - ONE website

  I want 2 personal domain names to access ONE website? How do I set that up? My domain registry has pointed both of the domain names to "web.me.com", but only one of them is accepted by MobileME.

  You can only have one personal domain name option for every MobileMe account, so yes, your first domain name will be set-up with the CNAME option that is forwarded to web.me.com.
  For the second site, you will need to use web forwarding, so you need to contact your domain registrar and have them point your second domain name to web.me.com/username/sitename. So the CNAME is pointing to web.me.com because you have entered the personal domain, therefore, the web forwarding needs to point to the same iWeb site, but using web.me.com/username/site name and both domain should then point to your one iWeb site.

• Business Catalyst Help | Manage domain names

  This question was posted in response to the following article: http://helpx.adobe.com/business-catalyst/using/domain-names.html

  I followed all the steps to delete < www.onlyrealgamemovie.com > on Bc -- including re-direct so I could use GoDaddy for DNS.
  < www.onlyrealgamemovie.com > is registered with GoDaddy and it is pointing at the Muse site on BC < http://theonlyrealgameawayhome.businesscatalyst.com/ >
  My problem is adding <www.onlyrealgamemovie.com > back on BC -- I keep getting and error message:
  "cannot add domain because this domain already exisits. Please delete the domain."
  I DID delete it so I do not know what to do!
  HELP!!! The 5 producers are getting very anxious about the site not being up yet!!!

• How to change domain name in OD?

  Hi, I can't remember what I did to my installation of Server 10.5.6, but now whenever I promote it to OD Standalone, it automatically use domain name A.com. For example, oc=a,oc=a,...
  I want to change the domain name to B, and make OD to use the new name B.com.
  How do I do it?

  I'll second that it's probably a DNS issue, although it may also have to do with the server's configured hostname (which was entered when the server was first set up). Basically, the requirement is that a DNS lookup on the hostname should return the server's primary IP address, and a reverse DNS lookup on the primary IP address should return the server's configured hostname. If you want the server to be set up as B.com, you need to:
  a) make sure its configured hostname is "B.com" (you can check it with the "hostname" command). If it isn't, use the "changeip" command to fix it. If your server's IP address was 1.2.3.4, the command would be "sudo changeip - 1.2.3.4 1.2.3.4 A.com B.com".
  b) make sure the DNS forward and backward lookups work right. Use the command "host B.com" to check the forward lookup (it should answer with 1.2.3.4, or whatever the server's IP address actually is), then "host 1.2.3.4" to check the reverse lookup (it should return B.com). If any of this doesn't work, find out who's supplying your DNS service and bug them to fix it.

• The window where Domain Name, Edit, Modify doesn't show up to access my Fatcow website on my new iMac in Firefox (the only browser Macs can use). Help!

  Just got a new iMac. For the first few days, I was able to log in to, then access the window in Fatcow web host that allows me to make changes to my website. Now, the window that is supposed to say "Domain Name" and "Edit" and "Modify" is blank, so I cannot access my website to make changes. Firefox is the only browser available to Macs through Fatcow. In the two weeks before getting the iMac, I had the same problem on an Acer laptop. Hughesnet is our internet provider, since we live in the country. I have worked with several Fatcow techs, and they do not believe the problem is on their end. When I open Firefox, there is now also a message that says I'm missing plugins, yet when I follow the plugin link, no plugins are listed as missing. I have removed/reinstalled Firefox, to no avail. I have turned off the clear-cookies-automatically add-on, cleared the cache and history, etc., to no avail. I have printed out the HTML script for the Fatcow window from my Mac at work (from which I can access the window) and compared to the one at home. There doesn't appear to be any script missing, but I can't say for sure. I have read several articles, hoping for clues to fixing this problem. Now I need your technical expertise. HELP!

  Start Firefox in Safe Mode to check if one of the extensions (Firefox/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance).
  <b> To Enable SafeMode </b>
  *You can open Firefox 4.0+ in Safe Mode by holding the '''Shift''' key when you open the Firefox desktop or Start menu shortcut.
  * Or open the Help menu and click on the '''Restart with Add-ons Disabled...''' menu item while Firefox is running.
  *''Once you get the pop-up, just select "'Start in Safe Mode"''
  If it works in Safe Mode and in normal mode with all extensions (Tools > Add-ons > Extensions) disabled then try to find which extension is causing it by enabling one extension at a time until the problem reappears.
  Close and restart Firefox after each change via "Firefox > Exit" (Windows: Firefox/File > Exit; Mac: "Firefox > Quit Firefox"; Linux: "Firefox/File > Quit")
  * https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode
  *https://support.mozilla.org/kb/Safe+Mode
  *https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes