Vip not responding on a specific port

Similar Messages

• New WSUS install does not respond to clients over ports 8530 or 8531

  I've recently installed WSUS on a Server 2012 machine, and am struggling to get it to respond to requests from other hosts. I cannot get it to respond to any host in any manner, except for requests from itself.
  My setup is as follows:
  WSUS installed on a Server 2012 domain controller, DC01.
  Other roles installed include AD CS, AD DS, DNS, IIS, and Print Services.
  WSUS is using all default settings.
  The firewall has inbound and outbound exceptions for ports 8530 and 8531
  A bit of information about what's happening:
  IIS will respond over port 80. I can open a Web browser from my workstation and connect to http://dc01/. If I attempt to connect to http://dc01:8530 (which I know should not work, but
  should respond with a 403 error), it times out. Identical behavior is observed over port 8531 with https.
  IIS will respond with a 403 if I make this same connection in a browser on DC01, it will work if I connect using either the loopback IP or hostname, but will time out if I attempt to make the connection using the server's local IP (IPv4).
  If I try to connect from my workstation using the WSUS configuration snap-in, I get an error: The remote server could not be contacted. Please verify that IIS on the server is correctly configured and is running.
  If I try to connect from DC01 using the WSUS configuration snap-in, it works correctly.
  The above is true for both http (8530) and https (8531).
  IIS logs show inbound connections from my workstation and show that IIS is responding with a 200. However, Wireshark running on DC01 shows three attempts by my workstation to open a connection -- three SYN packets, one initial attempt then two identical
  retries -- over a period of about ten seconds, with no responses from DC01. If IIS is responding, the responses are getting lost sometime before they hit the NIC.
  Bindings in IIS are correct, 8530 for http and 8531 for https.
  Given that everything works fine when making a local connection, I think I can safely assume that WSUS itself is running properly, and the issue is related to IIS. Nonetheless, in the hopes of this simply being a failed install, I have uninstalled and reinstalled
  both IIS and WSUS multiple times. (One thing to note, though I doubt it's related: WSUS consistently fails to set the path for the local update cache, failing the post-deployment configuration. I have to manually edit the UpdateServices-Services.xml file to
  include the path for the local cache. Everything goes fine after I do that.)
  I'm pretty stumped on this, and would happily accept any help. Thanks!

  I've recently installed WSUS on a Server 2012 machine, and am struggling to get it to respond to requests from other hosts. I cannot get it to respond to any host in any manner, except for requests from itself.
  My setup is as follows:
  WSUS installed on a Server 2012 domain controller, DC01.
  Other roles installed include AD CS, AD DS, DNS, IIS, and Print Services.
  Fundamentally you have two issues here:
  The first is the question of co-existence between WSUS and AD CS.
  The second is whether this machine was a DC before, or after, you installed WSUS.
  With Windows Server 2003 systems, running 'dcpromo' after installing IIS (and WSUS) would break IIS (and thus WSUS). With Windows Server 2012, installing WSUS with the AD DS role present results in a broken WSUS installation (if not an outright installation
  failure). This is because on a WS2012 Domain Controller, there are GPO restrictions on "Log On As A Service" which impact the ability of certain LOCAL accounts to do so ... one of which being the Network Service which is required for WSUS and another local
  use account, which is used for WID.
  Regarding ports and IIS -- WSUS is designed to work on port 8530 by default on a Windows Server 2012 box. It can also be made to work on port 80, but you have to use the correct utilities and procedures to make that change. As for your observation
  that "port 6000" seems to be a cutoff.... I'll (re)direct your attention to the installation of Active Directory Certificate Services, which I suspect is a contributing factor, and in general firewall configuration rules -- which are probably the most likely
  culprit on the port range of 6000+ (not including 8530 which I promise you is open by a rule explicitly created by/for WSUS).
  So, here's my suggestion:
  Install the WSUS role first.
  Install the AD DS role if you must (but Domain Controllers should not also be web or application server).
  Install the AD CS role elsewhere.
  Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
  SolarWinds Head Geek
  Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
  My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
  http://www.solarwinds.com/gotmicrosoft
  The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

• Cisco ACE VIP not responding to Pings

  I've searched.....  I cannot figure out why my VIPs do not ping.  I have two vlans that both replay to a ping on the interface IPs.  And I'm new at this, thanks in advace.
  GKEL2-ACE1/35568059-Axia# show run
  Generating configuration....
  no ft auto-sync startup-config
  logging enable
  logging timestamp
  logging trap 5
  logging host 10.85.242.100 udp/514
  login timeout 60
  crypto chaingroup walnut-wcrt100
    cert .dom.cer
    cert wcrt100.pem
  crypto chaingroup .dom-wcrt100
    cert .dom.cer
    cert wcrt100.pem
  crypto csr-params .dom
    country CA
    state AB
    organization-unit IT
    common-name .dom
    serial-number 1000
    email support
  crypto csr-params .dom
    country CA
    state AB
    organization-unit IT
    common-name .dom
    serial-number 1001
    email support
  access-list ANYONE line 10 extended permit ip any any
  access-list ANYONE line 20 extended permit icmp any any
  access-list All line 1 extended permit ip any any
  probe http HTTP1025
    port 1025
    interval 2
    faildetect 2
    passdetect interval 2
    request method get url /Login.css
    open 1
  probe icmp PING
    interval 2
    faildetect 2
    passdetect interval 60
  probe tcp PROBE-TCP
    interval 2
    faildetect 2
    passdetect interval 10
    passdetect count 2
    open 1
  rserver redirect REDIRECT-HTTPS
    webhost-redirection https://%h%p 302
    inservice
  rserver host WL1
    ip address 10.205.70.100
    inservice
  rserver host WL2
    ip address 10.205.70.101
    inservice
  rserver host WLDev1
    ip address 10.205.71.202
    inservice
  rserver host WLDev2
    ip address 10.205.71.203
    inservice
  rserver host WLTest1
    ip address 10.205.71.150
    inservice
  rserver host WLTest2
    ip address 10.205.71.151
    inservice
  serverfarm redirect REDIRECT-SERVERFARM
    rserver REDIRECT-HTTPS
      inservice
  serverfarm host WEBLOGIC-7433
    predictor leastconns
    probe PING
    rserver WL1 7433
      inservice
    rserver WL2 7433
      inservice
  serverfarm host WEBLOGIC-PROD
    predictor leastconns
    probe PING
    rserver WL1 1025
      inservice
    rserver WL2 1026
      inservice
  serverfarm host WEBLOGIC-TEST-SSH
    predictor leastconns
    rserver WLTest1 22
      inservice
    rserver WLTest2 22
      inservice
  sticky http-cookie acecookie STICKY-INSERT-COOKIE
    cookie insert
    serverfarm WEBLOGIC-PROD
  action-list type modify http REWRITE
    header insert response Via header-value "1.1 web:%ps (ace10-8/a2)value"
    header insert request Via header-value "1.1 web:%ps (ace10-8/a2)value"
    header insert request X-Forwarded-Proto header-value "%pd"
    ssl url rewrite location "*.*"
    ssl header-insert session Id
  ssl-proxy service ssl-client
  ssl-proxy service ssl-proxy
    key netcracker.cal.dom.key
    cert netcracker.cal.dom.cer
    chaingroup netcracker.cal.dom-wcrt100
  class-map match-any L4VIPCLASS
    2 match virtual-address 10.205.70.80 any
  class-map type http loadbalance match-any L7-URL
    2 match http url /*.*
  class-map type http loadbalance match-all L7SLBCLASS
    2 match http url /*
  class-map type management match-any REMOTE-MANAGEMENT
    2 match protocol telnet any
    3 match protocol icmp any
    4 match protocol ssh any
    5 match protocol snmp any
    6 match protocol http any
    7 match protocol https any
  class-map match-any SSH_Test
    2 match virtual-address 10.205.71.80 tcp eq 22
  class-map match-any weblogic-7433
    2 match virtual-address 10.205.70.80 tcp eq 7433
  class-map match-any weblogic-http
    2 match virtual-address 10.205.70.80 tcp eq www
  class-map match-any weblogic-https
    2 match virtual-address 10.205.70.80 tcp eq https
  policy-map type management first-match REMOTE-MANAGEMENT
    class REMOTE-MANAGEMENT
      permit
  policy-map type loadbalance first-match L7SLBPOLICY
    class L7SLBCLASS
      ssl-proxy client ssl-client
  policy-map type loadbalance first-match SSH_Test_Policy
    class class-default
      serverfarm WEBLOGIC-TEST-SSH
  policy-map type loadbalance first-match weblogic-7433-policy
    class class-default
      serverfarm WEBLOGIC-7433
      ssl-proxy client ssl-client
  policy-map type loadbalance first-match weblogic-http-policy
    class class-default
      serverfarm REDIRECT-SERVERFARM
  policy-map type loadbalance first-match weblogic-https-policy
    class L7-URL
      sticky-serverfarm STICKY-INSERT-COOKIE
    class class-default
      serverfarm WEBLOGIC-PROD
      action REWRITE
      ssl-proxy client ssl-proxy
  policy-map multi-match L4LSBPOLICY
    class L4VIPCLASS
      loadbalance policy L7SLBPOLICY
  policy-map multi-match LB-VIP
    class weblogic-http
      loadbalance vip inservice
      loadbalance policy weblogic-http-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3440
    class weblogic-https
      loadbalance vip inservice
      loadbalance policy weblogic-https-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3440
      ssl-proxy server ssl-proxy
    class weblogic-7433
      loadbalance vip inservice
      loadbalance policy weblogic-7433-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3440
      ssl-proxy server ssl-proxy
  policy-map multi-match LB-VIP-Test
    class SSH_Test
      loadbalance vip inservice
      loadbalance policy SSH_Test_Policy
      loadbalance vip icmp-reply
  interface vlan 3440
    description Internal Production
    ip address 10.205.70.250 255.255.255.0
    access-group input All
    access-group output All
    nat-pool 1 10.205.70.249 10.205.70.249 netmask 255.255.255.0 pat
    service-policy input REMOTE-MANAGEMENT
    service-policy input LB-VIP
    service-policy input L4LSBPOLICY
    no shutdown
  interface vlan 3516
    description Internal Test/Dev
    ip address 10.205.71.250 255.255.255.0
    access-group input All
    access-group output All
    nat-pool 2 10.205.71.249 10.205.71.249 netmask 255.255.255.0 pat
    service-policy input REMOTE-MANAGEMENT
    service-policy input LB-VIP-Test
    no shutdown
  interface vlan 3520
    description LB
    ip address 10.205.72.1 255.255.255.0
    access-group input All
    access-group output All
    no shutdown
  ip route 0.0.0.0 0.0.0.0 10.205.70.253
  username admin password 5 $1$r2r0NmEH$z8S0RxYdhwOE4RGXQ41  role Admin domain default-domain
  username cust_admin password 5 $1$/tOIIfUK$yigE519cqLq1IFgX.  role Admin domain default-domain

  I have removed that service policy completely.  It was from some knowledgebase article when I was trying to get http redirection working. 
  There is no more L4LSBPOLICY nor L4VIPCLASS, Thanks a lot for looking at this...
  GKEL2-ACE1/35568059-Axia# show service-policy summary
  service-policy: LB-VIP
  Class                            VIP             Prot  Port        VLAN          State    Curr Conns   Hit Count  Conns Drop
  weblogic-http                    10.205.70.80    tcp   eq 80       1,3440        IN-SRVC           0       50773         53
  weblogic-https                   10.205.70.80    tcp   eq 443      1,3440        IN-SRVC           0        7406        112
  weblogic-7433                    10.205.70.80    tcp   eq 7433     1,3440        IN-SRVC           0      145321         30
  service-policy: LB-VIP-Dev
  Class                            VIP             Prot  Port        VLAN          State    Curr Conns   Hit Count  Conns Drop
  weblogic-http-dev                10.205.71.90    tcp   eq 80       1,3516        IN-SRVC           0           0          0
  weblogic-https-dev               10.205.71.90    tcp   eq 443      1,3516        IN-SRVC           0           0          0
  weblogic-7433-dev                10.205.71.90    tcp   eq 7433     1,3516        IN-SRVC           0           0          0
  service-policy: LB-VIP-Test
  Class                            VIP             Prot  Port        VLAN          State    Curr Conns   Hit Count  Conns Drop
  SSH_Test                         10.205.71.80    tcp   eq 22       1,3516        IN-SRVC           0          29         24
  weblogic-http-test               10.205.71.80    tcp   eq 80       1,3516        IN-SRVC           0         117         40
  weblogic-https-test              10.205.71.80    tcp   eq 443      1,3516        IN-SRVC           0         161         61
  weblogic-7433-test               10.205.71.80    tcp   eq 7433     1,3516        IN-SRVC           0          27         11
  class-map type http loadbalance match-any L7-URL
    2 match http url /*.*
  class-map type http loadbalance match-all L7SLBCLASS
    2 match http url /*
  class-map type management match-any REMOTE-MANAGEMENT
    2 match protocol telnet any
    3 match protocol icmp any
    4 match protocol ssh any
    5 match protocol snmp any
    6 match protocol http any
    7 match protocol https any
  class-map match-any SSH_Test
    2 match virtual-address 10.205.71.80 tcp eq 22
  class-map match-any weblogic-7433
    2 match virtual-address 10.205.70.80 tcp eq 7433
  class-map match-any weblogic-7433-dev
    2 match virtual-address 10.205.71.90 tcp eq 7433
  class-map match-any weblogic-7433-test
    2 match virtual-address 10.205.71.80 tcp eq 7433
  class-map match-any weblogic-http
    2 match virtual-address 10.205.70.80 tcp eq www
  class-map match-any weblogic-http-dev
    2 match virtual-address 10.205.71.90 tcp eq www
  class-map match-any weblogic-http-test
    2 match virtual-address 10.205.71.80 tcp eq www
  class-map match-any weblogic-https
    2 match virtual-address 10.205.70.80 tcp eq https
  class-map match-any weblogic-https-dev
    2 match virtual-address 10.205.71.90 tcp eq https
  class-map match-any weblogic-https-test
    2 match virtual-address 10.205.71.80 tcp eq https
  policy-map type management first-match REMOTE-MANAGEMENT
    class REMOTE-MANAGEMENT
      permit
  policy-map type loadbalance first-match L7SLBPOLICY
    class L7SLBCLASS
      ssl-proxy client ssl-client
  policy-map type loadbalance first-match SSH_Test_Policy
    class class-default
      serverfarm WEBLOGIC-TEST-SSH
  policy-map type loadbalance first-match weblogic-7433-dev-policy
    class class-default
      serverfarm WEBLOGIC-7433-Dev
  policy-map type loadbalance first-match weblogic-7433-policy
    class class-default
      serverfarm WEBLOGIC-7433
      ssl-proxy client ssl-client
  policy-map type loadbalance first-match weblogic-7433-test-policy
    class class-default
      serverfarm WEBLOGIC-7433-Test
      ssl-proxy client ssl-client
  policy-map type loadbalance first-match weblogic-http-dev-policy
    class class-default
      serverfarm REDIRECT-SERVERFARM
  policy-map type loadbalance first-match weblogic-http-policy
    class class-default
      serverfarm REDIRECT-SERVERFARM
  policy-map type loadbalance first-match weblogic-http-test-policy
    class class-default
      serverfarm REDIRECT-SERVERFARM
  policy-map type loadbalance first-match weblogic-https-dev-policy
    class L7-URL
      sticky-serverfarm STICKY-INSERT-COOKIE-DEV
    class class-default
      serverfarm WEBLOGIC-DEV
      action REWRITE
  policy-map type loadbalance first-match weblogic-https-policy
    class L7-URL
      sticky-serverfarm STICKY-INSERT-COOKIE
    class class-default
      serverfarm WEBLOGIC-PROD
      action REWRITE
      ssl-proxy client ssl-proxy
  policy-map type loadbalance first-match weblogic-https-test-policy
    class L7-URL
      sticky-serverfarm STICKY-INSERT-COOKIE-TEST
    class class-default
      serverfarm WEBLOGIC-TEST
      action REWRITE
      ssl-proxy client ssl-proxy-nctest
  policy-map multi-match LB-VIP
    class weblogic-http
      loadbalance vip inservice
      loadbalance policy weblogic-http-policy
      loadbalance vip icmp-reply active
      nat dynamic 1 vlan 3440
    class weblogic-https
      loadbalance vip inservice
      loadbalance policy weblogic-https-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3440
      ssl-proxy server ssl-proxy
    class weblogic-7433
      loadbalance vip inservice
      loadbalance policy weblogic-7433-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3440
      ssl-proxy server ssl-proxy
  policy-map multi-match LB-VIP-Dev
    class weblogic-http-dev
      loadbalance vip inservice
      loadbalance policy weblogic-http-dev-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3516
    class weblogic-https-dev
      loadbalance vip inservice
      loadbalance policy weblogic-https-dev-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3516
    class weblogic-7433-dev
      loadbalance vip inservice
      loadbalance policy weblogic-7433-dev-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3516
  policy-map multi-match LB-VIP-Test
    class SSH_Test
      loadbalance vip inservice
      loadbalance policy SSH_Test_Policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3516
    class weblogic-http-test
      loadbalance vip inservice
      loadbalance policy weblogic-http-test-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3516
    class weblogic-https-test
      loadbalance vip inservice
      loadbalance policy weblogic-https-test-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3516
      ssl-proxy server ssl-proxy-nctest
    class weblogic-7433-test
      loadbalance vip inservice
      loadbalance policy weblogic-7433-test-policy
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 3516
      ssl-proxy server ssl-proxy-nctest
  interface vlan 3440
    description Internal Production
    ip address 10.205.70.250 255.255.255.0
    mac-sticky enable
    access-group input All
    access-group output All
    nat-pool 1 10.205.70.249 10.205.70.249 netmask 255.255.255.0 pat
    service-policy input REMOTE-MANAGEMENT
    service-policy input LB-VIP
    no shutdown
  interface vlan 3516
    description Internal Test/Dev
    ip address 10.205.71.250 255.255.255.0
    mac-sticky enable
    access-group input All
    access-group output All
    nat-pool 1 10.205.71.240 10.205.71.249 netmask 255.255.255.0 pat
    service-policy input REMOTE-MANAGEMENT
    service-policy input LB-VIP-Test
    service-policy input LB-VIP-Dev
    no shutdown
  interface vlan 3520
    description LB
    ip address 10.205.72.1 255.255.255.0
    access-group input All
    access-group output All
    no shutdown
  ip route 0.0.0.0 0.0.0.0 10.205.70.253

• ACE VIP not Responding to Ping and cant Connect

  Hello All,
  I recently deployed an ACE 4710 Appliance. Configs seems right but clients cant Ping the VIP and acnt also connect to the VIP. Also VIP Dosent show in 'sh arp'.
  Pls HELP!!!
  See the configs!!
  =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2011.10.11 10:48:14 =~=~=~=~=~=~=~=~=~=~=~=
  sh runGenerating configuration....
  boot system image:c4710ace-mz.A4_2_0.bin
  hostname STERLING-ACE
  interface gigabitEthernet 1/1
    channel-group 1
    no shutdown
  interface gigabitEthernet 1/2
    channel-group 1
    no shutdown
  interface gigabitEthernet 1/3
    channel-group 1
    no shutdown
  interface gigabitEthernet 1/4
    channel-group 1
    no shutdown
  interface port-channel 1
    switchport trunk allowed vlan 10,200,205,210,215
    no shutdown
  --More--
  access-list INBOUND line 10 extended permit ip any any
  access-list INBOUND line 16 extended permit icmp any any
  access-list INBOUND line 24 extended permit icmp any any echo
  probe http BANK-APP
    interval 2
    faildetect 2
    passdetect interval 2
    expect status 200 200
    open 1
  probe icmp PING
    description ***simple ping monitor***
    interval 10
    passdetect interval 60
    passdetect count 2
    receive 1
  probe tcp TCP80
    interval 10
    passdetect interval 10
    passdetect count 2
  --More--
    receive 1
    open 5
  rserver host BANK-APP-SERVER1
    description ***GUI SERVER 1***
    ip address 172.20.1.50
    probe PING
    inservice
  rserver host BANK-APP-SERVER2
    description ***GUI SERVER 2***
    ip address 172.20.1.51
    probe PING
    inservice
  rserver host BANK-APP-SERVER3
    description ***GUI SERVER 3***
    ip address 172.20.1.52
    probe PING
    inservice
  rserver host BANK-APP-SERVER4
    description ***GUI SERVER 4***
    ip address 172.20.1.53
    probe PING
  --More--
    inservice
  rserver host THIN-CLIENT1
    description ***CLI SERVER 1***
    ip address 172.20.1.34
    probe PING
    inservice
  rserver host THIN-CLIENT2
    description ***CLI SERVER 2***
    ip address 172.20.1.35
    probe PING
    inservice
  rserver host THIN-CLIENT3
    description ***CLI SERVER 3***
    ip address 172.20.1.36
    probe PING
    inservice
  rserver host THIN-CLIENT4
    description ***CLI SERVER 4***
    ip address 172.20.1.37
    probe PING
    inservice
  --More--
  serverfarm host CLI-GROUP
    predictor leastconns
    probe TCP80
    rserver THIN-CLIENT1
      inservice
    rserver THIN-CLIENT2
      inservice
    rserver THIN-CLIENT3
      inservice
    rserver THIN-CLIENT4
      inservice
  serverfarm host GUI-GROUP
    predictor leastconns
    probe TCP80
    rserver BANK-APP-SERVER1
      inservice
    rserver BANK-APP-SERVER2
      inservice
    rserver BANK-APP-SERVER3
      inservice
    rserver BANK-APP-SERVER4
      inservice
  --More--
  parameter-map type connection TCP-PARAM-MAP
    set timeout inactivity 360000
  class-map type management match-any REMOTEACCESS
    description remote access traffic match
    2 match protocol ssh any
    3 match protocol icmp any
    4 match protocol telnet any
    5 match protocol xml-https any
    6 match protocol http any
    7 match protocol https any
  class-map match-all TCP-CLASS
    description TCP CONNECTION TIMER
    2 match any
  class-map match-all VS_WEB1
    2 match virtual-address 10.0.0.115 any
  class-map match-all VS_WEB2
    2 match virtual-address 10.0.0.113 any
  policy-map type management first-match REMOTEPOLICY
  --More--
    class REMOTEACCESS
      permit
  policy-map type loadbalance first-match HTTP_LB1
    class class-default
      serverfarm CLI-GROUP
  policy-map type loadbalance first-match HTTP_LB2
    class class-default
      serverfarm GUI-GROUP
  policy-map multi-match HTTP_MULTI_MATCH1
    class VS_WEB1
      loadbalance vip inservice
      loadbalance policy HTTP_LB1
      loadbalance vip icmp-reply
  policy-map multi-match HTTP_MULTI_MATCH2
    class VS_WEB2
      loadbalance vip inservice
      loadbalance policy HTTP_LB2
      loadbalance vip icmp-reply
  policy-map multi-match TCPIP-POLICY
    class TCP-CLASS
  connection advanced-options TCP-PARAM-MAP
  service-policy input REMOTEPOLICY
  service-policy input TCPIP-POLICY
  interface vlan 10
    description ***LAN LEG***
    ip address 10.0.0.66 255.255.255.0
    no icmp-guard
    access-group input INBOUND
    no shutdown
  interface vlan 200
    description ***THIN CLIENT VLAN****
    ip address 172.20.1.33 255.255.255.240
    no icmp-guard
    access-group input INBOUND
    service-policy input HTTP_MULTI_MATCH1
    no shutdown
  interface vlan 210
    description ***BANK APP SERVER VLAN****
    ip address 172.20.1.49 255.255.255.240
    no icmp-guard
  --More--
    access-group input INBOUND
    service-policy input HTTP_MULTI_MATCH2
    no shutdown
  ip route 0.0.0.0 0.0.0.0 10.0.0.200
  username admin password 5 $1$ouG5.Okh$jwBoWkMiWstoTPwb9K9ku1  role Admin domain
  default-domain
  username www password 5 $1$M31zwdiF$iY8Y5e9nV2sMM2HxwrQI7/  role Admin domain de
  fault-domain
  STERLING-ACE/Admin#
  Thanks!!

  Hi Joshua,
  class-map match-all VS_WEB1
    2 match virtual-address 10.0.0.115 any
  class-map match-all VS_WEB2
    2 match virtual-address 10.0.0.113 any
  You have  applied
  "service-policy input HTTP_MULTI_MATCH1"  in VLAN 200 and 210 but as per the config I believe it should be applied to VLAN10.
  interface vlan 10
    description ***LAN LEG***
    ip address 10.0.0.66 255.255.255.0
    no icmp-guard
    access-group input INBOUND
    no shutdown
  Can you apply the service policy in VLAN 10 and let me know the result.

• Fonts not recognized on a specific port

  Hi,
  We have a indesign server running as a service on two ports. When we try to process a indesign document on a 18383 port, it says certain fonts not available. But, if the same document is processed through 41000 port, fonts missing error doesn't come up.
  On changing the port from 18383 to 42000, it worked fine. Is there any reason for the port not able to find the fonts in the system?
  Thanks.

  Hello,
  Has anyone faced a similar problem before? We need to know the reason for this as if this happens in the future, we should be able to have the solution in hand.
  Thanks

• SAPSCRIPT TABS not responding

  hi guys , i have created a tab with 13 columns. column 1-7 is aligning correctly according to my specifications, column 8-13
  is misaligning and not responding to my specifications. i have tried editing my values in millimeters, still no luck. i have tried increasing the width of my window, stil nochange. i really need to solve this with yo help.
  my window is 193 mm width
  each tab has a diff of 12mm to the next.
  thanks in advance

  hi nick, the fields are not aligning, i'm making a cheque which has preprinted layout so my numbers which are in words have to go into a specific layout of the check paper. The sample lay out is like below. the amounts are the ones which are mis aligning
  after the 7th tab.
                   BILLION                      MILLIONS                  THOUSANDS   
  e.g  ZERO | ZERO  |ZERO  |ZERO  |ZERO   |ZERO  |ZERO  |        ZE|RO SEV|EN  |ONE    |EIG|HT

• OS X Server 3 outgoing mail relay no longer supports a specific port

  Just installed OS X Server 3 on Mavericks. All is well, but for some reason it does not allow adding a specific port for "Outgoing mail relay: mailout.isp.com:587"
  OS X Server 2 used to allow this and i used it to connect to my smtp relay from my isp. It does not allow port 25 connections. If you try this in OS X Server 3 it just complains with "bad formatting"
  Can anyone confirm this?

  Found another thread discussing this.
  https://discussions.apple.com/message/23544605#23544605
  Answer from there:
  You need to edit the postfix main.cf file manually with your favorite text editor:
  sudo vi /Library/Server/Mail/Config/postfix/main.cf
  find the line
  relayhost = host.example.com
  change it to
  relayhost = host.example.com:587 (or some other port)
  then do a
  sudo postfix reload
  to reload postfix configuration files
  and
  sudo postsuper -r ALL
  to retry sending the e-mails again.
  NOTE: If you open OS X Server 3 app and go to Mail -> Relay outgoing mail through ISP -> Edit the Outgoing server address will show as BLANK, this is normal, just click cancel and leave it alone.

• Ports are being block (not responding)

  Ports are being block (not responding), port forwarding is configured on the router and firewall is turned off on the server (osx 10.8).  Am I missing anything?
  Server has a static IP which I forwarded to ports to
  I'm setting up VPN server and need ports 500, 1701, 1723, 4500 open
  Thanks
  -Allen

  Depending on the exact set-up of the network, L2TP requires UDP ports 500, 1701 and 4500 and the IP-ESP protocol, which is IP protocol 50; ESP. 
  Other than ESP (which is protocol 50 and not port 50), these are UDP ports, and not TCP.
  TCP 1723 is used for PPTP.  Not L2TP.
  It is common for L2TP passthrough to fail when more than one connection is active.
  As compared with L2TP, PPTP is usually easier to get going around NAT.  Though conversely, L2TP is rather more secure than PPTP.
  Check your Mac OS X Server firewall settings, too.  If you have some outboard network device providing a NAT gateway, try dropping the server firewall.
  Use of an external firewall-gateway with an embedded VPN server is something I've variously recommended, too.  (I find that VPN NAT passthrough is something best avoided, as VPNs and NAT are operating at crossed purposes.  VPNs seek to keep connection end-points known, while NAT tries to hide those connection end-points.  Doing the VPN processing on the Internet side of the NAT is just... well, easier.)
  Also ensure that your ISP is not blocking VPN connections.  While you might be on static IP, confirm the ports are open.  Trust, but verify.  Get yourself a UDP port scanner, and have a look. 
  If it's permissible within your ISP service tier (and depending on what protocols you're testing), probe the specific target ports using telnet or the openssl s_client command and (particularly for this case) the nc (netcat) tools, and see if the ports allow access.  nc can run port probes on UDP, which is the key piece here given telnet and s_client target TCP and TCP SSL connections.  Probably something like the nc -zu w.x.y.z udp-port command.

• USB port not responding

  The second USB port on my iBook is not responding to my Flashdrive. However, the other USB port is. Any suggestions for fixing or figuring out what the problem is?
  Thanks.

  Help. I too am having problems with my USB ports on a brand new 2.16ghz 15" Macbook Pro with 2GB Memory. More specifically, for my business, I use Vectorworks 12, a macintosh CAD program with a serial dongle that enables me to simply open and run the program. Well, the serial dongle is not lighting up as it should whwn plugging it into my MacBook Pro. My wife has a 15" PowerBook and G4 17" iMac, in which the dongle does NOT light up either! When I plug the dongle into my Dual 2 ghz "G5" Tower it lights up perfectly as it historically did! I plugged in a thumb drive that works in both my laptop and G5 tower. So why all of a sudden does the Vectorworks Serial Dongle become unrecognized by both USB ports in my MacBook Pro when Thumb drives, iPods, USB mouse etc. all work? The serial dongle should have at least lit up in my wifes 15" PowerBook or G4 iMac if the problem was isolated to my MacBook right? Something is messed up from the last firmware update maybe? So, what the heck happened! It was working a few days ago!? I need to use this serial dongle in my MacBook Pro but why is it, of all these computers mentioned, only being recognized on the G5? Please Help!

• Itunes7 not responding with a mobile connected with usb port

  Hello,
  I try to listen music connecting a nokia n91 (hard disk 4gbyte) with the usb port and itunes7.
  often itunes7 crashes (not responding status) and even I shut down the program, then it stops again, and again, and again..
  Obviously with the previous version of itunes I had NO PROBLEMS!!
  it seem that the version 7 has not been tested enough..
  regards,
  dave from italy

  If it boots from the enlosure then I agree with Shootist in that it's more than likely that there's a problem with your SATA cable. Call or contact OWC and tell them the problem that you're having with their drive. They may just ship you a cable free.
  Clinton

• My first generation AppleTV will not sync with iTunes anymore.  I get an error message that says: "The Apple TV is not responding Check that any firewall software running on this comptuter has been set to allow communication on port 3689"  firewall is off

  My first generation AppleTV will not sync with iTunes anymore.  I get an error message that says: "The Apple TV is not responding Check that any firewall software running on this comptuter has been set to allow communication on port 3689"  firewall is turned off.. Any ideas?

  Thanks Rudegar,
  I only synch and do not stream off of my 1st Gen AppleTV
  I will try with ethernet but will be a pain in the butt if i can not fix it with wifi for long term fix
  I may end up trying to do a named IP address vs DHCP for this appleTV (not sure if i can do both and do not want to remove DHCP as i have a bunch of sensors and other devices that I prefer to dynamically add to the network via DHCP vs. assign each one
  Will keep working on other fix options (factory reset, etc.)
  Thanks again

• Apple TV not responding-Port 3689

  I have been syncing with my Apple TV for almost 2 years. My only recent changes have been the upgrade to Snow Leopard. When I tried to sync today and clicked on the more info I received the following response:
  Once you have synced or paired the Apple TV to your Mac to establish a syncing or streaming connection, iTunes may say "The Apple TV [Name] is not responding. Check that any firewall software running on this computer has been set to allow communication on port 3689."
  Firewall is not enabled presently. Any help would be appreciated.
  Thanks

  AZWally wrote:
  .............. I received the following response:
  *Once you have synced or paired the Apple TV to your Mac to establish a syncing or streaming connection, iTunes may say "The Apple TV [Name] is not responding. Check that any firewall software running on this computer has been set to allow communication on port 3689."*
  Is that the message you get, or are you saying you have re-linked the library (pass code) as a troubleshooting step and then get the message: "The Apple TV [Name] is not responding. Check that any firewall software running on this computer has been set to allow communication on port 3689."

• Open ports not responding

  Dear All,
  I have open my 25, 110, 80 port on my Server from local i can telnet all those via my private ip but from public ip its not responding.
  2nd thing I can ping both ips of My server through private ip and through public ip.
  Any help to solve this issue.
  Thanks
  Rehman Ghani

  I have to agree with ngoldwat's statement.  The symptoms sound like misconfigure or non-configured NAT on your router.  Take a look at it and ensure your NAT statements are applied to the correct interface as well.  You may also have to tweak the ACL that identifies the traffic to be NATed.  Good luck.

• Apple TV not responding, check firewall port 3689

  Hi,
  I have this problem: "Apple TV not responding" with my PC wired to the router (Thomson Speedtouch 780i WL). I have read all the topics on this issue and tried everything: no success! With my XP laptop I can make a wireless connection and everything works fine. But not with the PC where I have all my music and photo archives on.
  Now I have a clean installed Vista and the problem remains the same. How is this possible?
  - the firewall port 3689 is open
  - i have rebooted everyting
  - i have made a new connection with the apple tv
  - apple tv software is updated
  I want to get this thing working. Could you please help me?
  Thanks, Sliek.

  The problem is not with the router nor the firewall. And with you having the issue on a PC and I having it on a Mac, this rules out the OS. That leaves a networking problem in either iTunes or the AppleTV. Or most likely a dropped packet of information between the two.
  Using NetBarrier I have watched the interaction between my Mac and the AppleTV. The sync occurs in three separate phases. The first phase initiates communications via port 3689 and a few high order ports (49xxx - 6xxxx). After this is finished about a dozen ports are opened by the AppleTV (all high order) for a couple of minutes. When these ports close and after a substantial wait, the AppleTV opens a whole s**t-load of ports (well over 200) and the actual sync occurs. It is this third phase that fails when I fail the sync. Or iTunes gets stuck waiting for a response from the AppleTV. I think that the AppleTV is dropping the ball and failing to respond properly.

• Apple TV Not Responding - Firewall Port 3689?

  I just purchased the Apple TV, and went through the setup. Everything seemed to go smoothly until I tried to sync through iTunes and I got an error saying:
  Apple TV is not responding, check that any firewall software is set to allow communications on port 3689
  Any idea what is going on? Could I have entered the password to my Airport Extreme wrong? I am on a Macbook Pro under 10.5.4.
  Thanks

  Well I say hijack because if the ATV connected to wireless, nothing else could. The computer sharing my iTunes library would stay connected for about 20 minutes, then whatever I was watching would freeze and then connection was lost. Had to reboot everything to get the connection back up. To figure it out I just realized that when the ATV was connected, it was the only thing connecting. iphone, desktop pc, mac mini, and laptop pc would all lose connection. I think I jumped the gun posting I got it working though, because after I set the reserves in DHCP it worked long enough to get my hopes up...now the other devices still have connections, but iTunes stops sharing about 20 minutes into whatever I'm watching. Very frustrating. Other forums are telling me to buy an airport, i may try it just to see if it works, but think its pretty shady if thats what I have to do to get this working right.
  BTW I'm using a Linksys WRT160N (http://www.linksys.com/servlet/Satellite?c=LProductC2&childpagename=US%2FLayout&cid=1175239516849&pagename=Linksys%2FCommon%2FVisit orWrapper) router. WEP enabled for now but was and will use WPA TKIP.