VLANs unable to reach outside world

Similar Messages

• Unable send mails to outside world thru centeral mail host

  I have installed IMS 5.1 on solaris 8 . I could able to send mails internal users (in the same server) I could able to receive external mails. But I am unable to send mails to outside world. I have to send mails to corporate mails server. Pls can u help me out . My server Ip is 191.254.4.10 and 191.254.1.28 is corporate mail server.

  What error message or messages are you getting when you try to send?
  I suspect you need to do things. First change your INTERNAL_IP mapping to allow those IP or networks that you wish to be able to relay through your host. Second you need to use a smart host, i.e. the mail hub you talk about. To do that look at putting the daemon channel keyword on the tcp_local channel.

• Mailx unable to send mails to outside world?

  hi
  on a solaris sparc 9 environment mailx command is unable to send mails to the outside world. What could be the reason & needs to be checked?
  thanks

  sounds basic, but what's your entry of malhost in /etc/hosts pointing to? If it's not there, add the entry with the IP address of your SMTP host.
  when sending test mail from mailx, have another window open thats tail-ing the contents of /var/log/syslog - that usually contains good info about sendmail.
  another thing worth checking is the rules on your SMTP gateway. If this is a new host, it may need adding to the list of authorised relay list. Also check to see if the SMTP host is alowed to relay mail outside of its own domain too.

• Runcluvfy.sh stage -pre crsinst: error Unable to reach any of the nodes

  Hii all,
  Well, I've gone through the pre-reqs for trying to install 11G clusterware on RHEL 5.3.
  I'm to the point where i'm trying to run:
  ./runcluvfy.sh stage -pre crsinst -n node1 -verbose
  I get this:
  Performing pre-checks for cluster services setup
  Checking node reachability...
  Node reachability check failed from node "node1 ".
  Check failed on nodes:
  node1
  ERROR:
  Unable to reach any of the nodes.
  Verification cannot proceed.
  Pre-check for cluster services setup was unsuccessful on all the nodes.
  I'm just wanting right now, to install a one node RAC system (I will add servers later as I get them online).
  I've verified that ssh is working (thinking it may be trying to connect to itself by ssh). I have the keys generated and installed...if I connect ssh as the oracle user back to the same machine, it gets me right on with no prompts for passwords.
  nslookup on node1 looks great.
  This box has 2 cards....eth0 and eth1. Right now in the /etc/hosts file, I have node1 to the IP for eth0, and node1-priv set for the IP address eth1.
  I do have a little trouble understanding what the node1-vip is supposed to do or be set. I found the an IP address one higher than for eth0 wasn't being used, and set node1-vip to be that.
  (Can someone explain to me a little more about the vip host?? Is it supposed to somehow point to node1's IP address on eth0 like the regular one does?)
  Since this is a one box, one node install...hoping clusterware and checks are just looking at the /etc/hosts file. I've tried playing around, and setting node1-vip to be the same as node1 (IP)...that doesn't work either.
  One thing I can guess 'might' be wrong. Does runcluvfy use "ping"? I found the oracle user cannot ping this box from this box. The box (node1) can be pinged from outside the box...it is registered on DNS, I can ssh into it no problem, and again, oracle can ssh into himself on same box with keys properly generated).
  I've been looking around, and I just don't see much of what to look at to troubleshoot with this error, I guess everyone gets past the verification the first time with no host unreachable errors?
  I'm a bit weak when it comes to networking. Any help greatly appreciated...suggestions, links...etc!!
  cayenne

  Ok...looks like this was the problem. It appears the SA's, per newer policy, had turned off "ping" for any other user on the box besides root.
  I took a shot in the dark, and had them turn it on (as that ssh'ing and other items to check seemed to work outside the runcluvfy script). They turned on ping. The nodes from the script are now reachable and test positive for equivalency.
  Performing pre-checks for cluster services setup
  Checking node reachability...
  Check: Node reachability from node "node1"
  Destination Node Reachable?
  node1 yes
  Result: Node reachability check passed from node "node1".
  Checking user equivalence...
  Check: User equivalence for user "oracle"
  Node Name Comment
  node1 passed
  Result: User equivalence check passed for user "oracle".
  Pre-check for cluster services setup was unsuccessful on all the nodes.
  I"m guessing that last line...was due to not having the clusterware running on any other boxes?
  Anyway, will try to config. RAC, and get things installed.

• Xserve Bad MAC address - Unable to reach DNS

  I have just set up our new Xserver, and have had many difficulties diagnosing network problems. I am able to log into the system via ssh using it's fixed ip number and domain name, but I am unable to use the server admin tools to connect to the system (The Xserve is rack-mounted at a remote location, we have no monitor or graphics card installed. According to /var/log/system.log, when the system boots, it is unable to locate DNS, and is unable to properly set its hostname. While I can log in, I am unable to reach (ping) any outside host. I am certain the DNS IP numbers are correct in the network settings (both resolve.conf and networksetup properly report it).
  However, after reviewing the /var/log/system.log and using networksetup command-line inquires, I have determined the MAC addresses for the two en0 and en1 ports are incorrect in the system log. networksetup reports the correct DNS IP numbers and hostname... but the MAC addresses do not match the ones in the system.log
  Is my only alternative to re-install the OS? or is there an easier way to correct the problem via a command-line?
  When I set up the system the MAC addresses, I read them and the serial number from the tab on the back of the Xserve. It was so poorly printed I was unable to properly distinguish between an "E" and a "3" or and "8" or an "F"... it was nearly impossible to read the numbers in the pull-out tab in the back of the machine because too much ink was used in the printing... I even used a magnifying glass!

  Well, it took over a week for Apple to get the replacement install DVD to me, and I finally did successfully re-install the OS. I followed a previous posters advice and only used one ethernet port for both my regular and LOM ethernet setup, and that seems to have been the ticket.
  This whole process would have been a lot easier if we had added the graphics card for the Xserve. I would have used it only once, but it would have saved me a days instead of trying to do a headless boot nad setting up over a network. My other tibbit of advice is to do the install plugged into the network you plan on using. In my case, the location we co-locate our servers was initially hesitant to let me in the main computer room to do the setup, and I tried doing it in their office location on a different LAN. I should have insisted at the beginning I needed to be in the computer room. Highly inconvienent though, freezing, hundreds of fans in the room going, setting up my client system on a chair, etc. This is my third server install, and all three were very difficult to perform. Once these servers are running though, they still take a tiny fraction of the time mantaining compared to our old Solaris/Windows systems!

• Unable to reach Adobe servers, Please check firewall settings and try again

  I have been a creative cloud customer since it started and I've never experienced such buggy software as the app manager. The customer experience is just shocking and I wish Adobe would just offer direct downloads for the software we need rather than use the app manager.
  I'm currently trying to install the latest versions of the programs but the app manager keeps showing "Unable to reach Adobe servers, Please check firewall settings and try again in a few minutes".
  I do not have any firewalls on my network.
  I've uninstalled all previous versions of the applications.
  The app manager will download a few % and then the message appears again. I click retry and it downloads another few % before showing the message again. I keep doing this until the program is fully downloaded and installed which take hours. Because I am able to eventually download the app, the error should be anything to do with my setup or internet connection as I've never had this issue before when installing adobe products.
  Is there a way we can bypass the app manager and install the programs directly? This is getting very annoying and I just need my apps to install without wasting days clicking the retry button.

  I'm having the exact same problem. Photoshop is stuck at 0%.
  Have the links for direct download changed? When I went to  http://prodesigntools.com/adobe-cc-direct-download-links.htmland then scrolled down the page to:
  Photoshop CC 2014 (64-bit)
  740 MB
  File 2
  801 MB
  File 1
  and then clicked on File 1 and File 2, I reached a page that says "You don't have permission to access "http://trials3.adobe.com/AdobeProducts/PHSP/15/win64/Photoshop_15_LS20_win64.7z?" on this server."

• Creative Cloud is telling me "Unable to reach Adobe servers. Please check your firewall settings, and try again in a few minutes.

  Creative Cloud is telling me "Unable to reach Adobe servers. Please check your firewall settings, and try again in a few minutes.
  What do I do to access the cloud? I have checked my firewall settings to allow for me to be able to use adobe cloud. Any Suggestions?

  Try a different browser and/or turn your firewall off to download
  or
  A chat session where an agent may remotely look inside your computer may help
  Creative Cloud chat support (all Creative Cloud customer service issues)
  http://helpx.adobe.com/x-productkb/global/service-ccm.html

• I am unable to set up my iphone 5 after reset since am getting a error stating 'unable to reach server' . i tried restoring the same from my computer  but  i get a error stating server unavailable' .  please help me as my phone is stuck at the set up page

  i am unable to set up my iphone 5 after reset since am getting a error stating 'unable to reach server' . i tried restoring the same from my computer  but  i get a error stating server unavailable' .  please help me as my phone is stuck at the set up page. so i have already tried recovery mode as well.

  Contact Apple support for warranty service.

• Best Practice on Not Exposing your internal FQDN to the outside world

  Exchange server 2010, sits in DMZ, internet facing. The server is currently using the Default Receive Connector. This exposes the internal fqdn to the outside world (ehlo). Since you should not (can't) change the FQDN on your Default Receive connector, what
  is the best practice here?
  The only solution I can see is the following:
  1. Change the Network on the Default Receive Connector to only internal IP addresses.
  2. Create a new Internet Receive Connector port 25 for external IP addresses (not sure what to put in Network tab?) and use my external FQDN for ehlo responses (e.g. mail.domain.com)
  3. What do I pick for Auth and Permissions, TLS and Annoymous only?
  Michael Maxwell

  Yes, it fails PCI testing/compliance. I shouldn't be able to see my internal server and domain. I understand that is the recommendation, but my client doesn't want to host in the cloud or go with a Trend IHMS (trust me I like that better, but its
  not my choice). I have to work with the deck of cards dealt to me. Thanks, just want a solution with what I have now.
  Michael Maxwell
  Understand. I wont go into the value of those tests  :)
  If the customer is really concerned about exposing the internal name, then create a new receive connector with a different FQDN  ( and corresponding cert)  for anonymous connections as you mention above. Know that  it also means internal clients
  can connect to the server on port 25 as well if you dont have the ability to scope to set of ip addresses ( i.e. a SMTP gateway).
  The internal names of the servers will also be in the internet headers of messages sent out:
  http://exchangepedia.com/2008/05/removing-internal-host-names-and-ip-addresses-from-message-headers.html
  http://www.msexchange.org/kbase/ExchangeServerTips/ExchangeServer2007/SecurityMessageHygiene/HowtoremoveinternalservernamesandIPaddressesfromSMTPheaders.html
  Twitter!:
  Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• My adobe cloud desktop app seems to have stopped working.  I keep getting a error message saying Unable to reach adobe servers, please check firewall settings.

  My adobe cloud desktop app seems to have stopped working.  I keep getting a error message saying Unable to reach adobe servers, please check firewall settings.
  The creative cloud icon on the top menu bar is greyed out, and not updates show.
  I have spoke to our internal IT and my settings are the same as my colleagues who's is working fine, can anybody help with this ongoing problem?

  Grafix121 please ask your I.T. department to review the Adobe Creative Cloud Security FAQ for IT section of Creative Suite Enterprise Deployment | Adobe Developer Connection for information on how to configure your network to allow connections to the Adobe servers.

• Mac Mini unable to reach NAS while MacBook Air can

  Hi Everyone,
  I've got an issue with my LAN. One computer on the LAN, a Mac Mini, is unable to reach the NAS even though all other devices can.
  The setup is nothing exotic. It's a home wifi router from my local telco provider. On the Cabled interface I have a NAS, on the Wifi side I have several devices amongst which a Mac Mini and a Macbook Air. All IP addresses are handed out through DHCP. The DHCP server is set to assign a fixed address to both the NAS and the Mac Mini.
  The Macbook and the Mac Mini can see each other just fine, the Macbook can access the NAS but the Mini can not. The Mini has no other issues to speak of, it can access everything else just fine.
  The issue appears intermittent but I have not found a pattern. Rebooting the NAS, Mini or router individually had no effect. Below is a log of commands and output from the mac mini.
  What should I be looking for to troubleshoot this appropriately?
  [admin@htpc] ~ $ system_profiler SPSoftwareDataType
  Software:
      System Software Overview:
        System Version: OS X 10.8.4 (12E55)
        Kernel Version: Darwin 12.4.0
        Boot Volume: Macintosh HD
        Boot Mode: Normal
        Computer Name: HTPC
        User Name: admin (admin)
        Secure Virtual Memory: Enabled
        Time since boot: 25 minutes
  [admin@htpc] ~ $ ifconfig
  lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
          options=3<RXCSUM,TXCSUM>
          inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
          inet 127.0.0.1 netmask 0xff000000
          inet6 ::1 prefixlen 128
  gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
  stf0: flags=0<> mtu 1280
  en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
          options=2b<RXCSUM,TXCSUM,VLAN_HWTAGGING,TSO4>
          ether 10:9a:dd:6d:8b:b7
          media: autoselect (none)
          status: inactive
  en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
          ether 10:9a:dd:ba:d4:96
          inet6 fe80::129a:ddff:feba:d496%en1 prefixlen 64 scopeid 0x5
          inet 192.168.1.19 netmask 0xffffff00 broadcast 192.168.1.255
          media: autoselect
          status: active
  fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 4078
          lladdr 70:cd:60:ff:fe:5a:f2:30
          media: autoselect <full-duplex>
          status: inactive
  p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
          ether 02:9a:dd:ba:d4:96
          media: autoselect
          status: inactive
  [admin@htpc] ~ $ arp -a
  livebox.home (192.168.1.1) at 3c:81:d8:d7:bc:a4 on en1 ifscope [ethernet]
  lightmac.home (192.168.1.15) at 10:93:e9:7:a8:66 on en1 ifscope [ethernet]
  droboshare.home (192.168.1.20) at 0:1a:62:0:7:ce on en1 ifscope [ethernet]
  ? (192.168.1.255) at ff:ff:ff:ff:ff:ff on en1 ifscope [ethernet]
  [admin@htpc] ~ $ ping droboshare.home
  PING droboshare.home (192.168.1.20): 56 data bytes
  Request timeout for icmp_seq 0
  Request timeout for icmp_seq 1
  Request timeout for icmp_seq 2
  Request timeout for icmp_seq 3
  Request timeout for icmp_seq 4
  Request timeout for icmp_seq 5
  Request timeout for icmp_seq 6
  Request timeout for icmp_seq 7
  Request timeout for icmp_seq 8
  Request timeout for icmp_seq 9
  ^C
  --- droboshare.home ping statistics ---
  11 packets transmitted, 0 packets received, 100.0% packet loss

  Hi Linc,
  The NAS responds to pings from other devices on the network.
  The Mac Mini has no other issues with regards to accessing the network or the Internet.
  I'll restart the router once more to see if this has an effect, but so far no positive change.

• Open our portal to outside world

  Hi,
  We Installed SAP HCM and also SAP EP systems .  Currently all the users are connecting using Http: and not https:(Secure)
  In order to setup https  and We are planning to open our portal to outside world.
  I have few questions . Your answers are greatly appreciated.
  1. In order to setup https connectivity do we need SSL
  2. In order to use SSL do we need a web dispatcher. If Yes, is this something which SAP is recommending or it is must to use SAP Web dispatcher inroder to enable SSL in SAP.
  Thanks
  Pradeep.G

  Hi,
  >
  > 1. In order to setup https connectivity do we need SSL
  >
  Yes, you need SSL for that.
  > 2. In order to use SSL do we need a web dispatcher. If Yes, is this something which SAP is recommending or it is must to use >SAP Web dispatcher inroder to enable SSL in SAP.
  >
  Its not mandatory to use web dispatcher for SSL. But i will recommend you to use web dispatcher so that you should not expose your actual system IP and host to outer world and at same time security will be enhanced.
  Thanks
  Sunny

• How to expose a web service to the outside world?

  Hello,
  i have created a Web service from a Session bean and successfully published it on one of my UDDI registries using the Admin tool.
  At this point, what do I need to do further in order to expose this Web service not just in our LAN but to the outside world?
  Roy

  Offcourse it should be published at UDDI.
  Four play  key roles in Web services: Universal Description, Discovery and Integration (UDDI), Web Services Description Language (WSDL), Web Services Inspection Language (WSIL), SOAP, and Web Services Interoperability (WS-I).
  The UDDI specification defines open, platform-independent standards that enable businesses to share information in a global business registry, discover services on the registry, and define how they interact over the Internet.
  See this link too:
  http://help.eclipse.org/help32/index.jsp?topic=/org.eclipse.jst.ws.consumption.ui.doc.user/concepts/cwsdlud.html
  Regards, Suresh KB

• Make VM accessible to the outside world (iptables question)

  I have a VM running on one of our internal servers on top of Oracle Enterprise Linux 4.x with VMware Server 3.x
  Inside the VM runs a Oracle Database and a WebLogic Server, and I need to access the Weblogic administrative interface and the applications running on it from another computer part of Oracle Internal Network.
  If I start the VM with its network interface in "bridged" mode, then the VM doesn't get any IP by DHCP. If I try to manually assign an IP to it, the network doesn't work, most probably because of some security rules enforced by the local SA.
  If I start the VM with its network interface in NAT mode, then the internal applications fail to start with network sockets errors.
  The only way to start the VM and the applications running inside it without errors is the "host network only" mode, but then the applications are not available from any other machine than the one on top this VM runs.
  So I guess that the easiest way to solve this problem would be to create some IPTABLES rules so that all http/https/ssl traffic passing through the physical machine network interface on certain ports to be forwarded to the VM host-only network interface.
  I do not have enough knowledge of IPTABLES rules and I know this is quite a huge subject, so starting to learn it now will take some days which I can not afford right now...
  Is someone with more knowledge on the subject able to help me here?
  Thanks and Regards
  Serban

  Can you get in touch with your local SA to see if there are any policy or network security restrictions that apply? DHCP is not a good solution for your situation anyway, and I would not bother to setup firewall with dynamic port forwarding and proxying to bypass networking restrictions. I think, the most, if not the only feasible option, to make your VM talk to the outside world, is to setup your VM in bridged network mode, so that the VM interface can broadcast at the same level as your host interface. Besides, your current external network security may prevent routing any IP address other than the one of your host computer, in which case you will be able to access your VM only from within your host computer, regardless.
  If you cannot work out a static IP address or direct access to your VM from outside, perhaps simple port forwarding may work in your case, which will automatically forward all traffic to a certain port on your host computer to the network of your VM, but then you won't be able to choose.
  Edited by: Dude on Nov 12, 2010 7:14 AM

• Different Business Cases where SAP needs to be Inegrated with outside world

  Hello Experts,
  Can I get some info, where SAP R/3 needs to be integrated with out side world(Business Flows) that are most commonly used in all industrial sectors.
  Inrgraton either with XI/PI or any other Interation tolls in the market.
  Thanks & Regards,
  Srikanth

  Dear Srikanth,
  Please go through the link:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/46d6c25d-0b01-0010-06a9-8e8218753c02
  Traditionally, integrating SAP applications with the outside world used to be extremely difficult, due to limited interfacing provided by SAP. EAI vendors like IBM and webMethods addressed this business need, providing SAP adapters as part of their integration offerings. Recently, SAP has also addressed this issue through its SAP Net Weaver/XI offering.
  Please let me know in case of any spcific queries.
  Regards,
  Rakesh