VPN between ASA5505 Easy VPN Server and 881G Router as Easy VPN Client

Similar Messages

• Network Load Balancing between SharePoint 2013 App server and WFE

  Hi,
  Can we do NLB between SharePoint 2013 App server and WFE Server ?
  Below is our Architecture,
  1. WFE Server (1) 
  2. APP Server (1)
  3. Database Server
  4. Domain Controller
  We have configured NLB but, when we stop IIS on APP server, SharePoint 2013 web app link is not working. 
  is it possible ?
  Please help us

  You can do NLB between WFE and APP server however make sure that web application service is started from central admin which host sharepoint sites.
  Why do you stop IIS on APP server, definitely it will not be able to host web app sites. rather you can just disable APP node on NLB to test it.

• What is the differece between Apache htttp web server and tomcat

  Hi friends,
  what is the difference between Apache htttp web server and apache tomcat.
  Can i run php in tomcat

  hi
  1) different of apache and tomcat
  http://forum.java.sun.com/thread.jspa?threadID=254299
  2) different of apache tomcat and jakarta tomcat
  http://forum.java.sun.com/thread.jspa?threadID=5191004

• Remote VPN between ASA5505 and Netscreen SSG140

  Dears,
  I'm trying to set up a VPN between an ASA 5505 and  SSG40Juniper and the VPN keep flaping:
  Nov 27 04:47:27 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, NP encrypt rule look up for crypto map TEST 1 matching ACL ACL_VPN: returned cs_id=cd2e0998; encrypt_rule=cd39bd50; tunnelFlow_rule=cd488220
  Nov 27 04:47:27 [IKEv1]Group = 89.XXX, IP = 89.XXX, Security negotiation complete for LAN-to-LAN Group (89.XXX)  Responder, Inbound SPI = 0xb98f5dbe, Outbound SPI = 0xddd1484a
  Nov 27 04:47:27 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, IKE got a KEY_ADD msg for SA: SPI = 0xddd1484a
  Nov 27 04:47:27 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, Pitcher: received KEY_UPDATE, spi 0xb98f5dbe
  Nov 27 04:47:27 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, Starting P2 rekey timer: 3060 seconds.
  Nov 27 04:47:27 [IKEv1]Group = 89.XXX, IP = 89.XXX, PHASE 2 COMPLETED (msgid=f46e307a)
  Nov 27 04:47:31 [IKEv1]IKE Receiver: Packet received on 81.1XXX:500 from 89.XXX:500
  Nov 27 04:47:31 [IKEv1]Group = 89.XXX, IP = 89.XXX, Duplicate Phase 2 packet detected.  Retransmitting last packet.
  Nov 27 04:47:31 [IKEv1]Group = 89.XXX, IP = 89.XXX, Responder resending lost, last msg
  Nov 27 04:47:31 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, Starting P2 rekey timer: 3056 seconds.
  Nov 27 04:47:31 [IKEv1]Group = 89.XXX, IP = 89.XXX, PHASE 2 COMPLETED (msgid=f46e307a)
  Nov 27 04:47:35 [IKEv1]IKE Receiver: Packet received on 81.XXX:500 from 89.XXX:500
  Nov 27 04:47:35 [IKEv1]Group = 89.XXX, IP = 89.XXX, Duplicate Phase 2 packet detected.  Retransmitting last packet.
  Nov 27 04:47:35 [IKEv1]Group = 89.XXX, IP = 89.XXX, Responder resending lost, last msg
  Nov 27 04:47:35 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, Starting P2 rekey timer: 3052 seconds.
  Nov 27 04:47:35 [IKEv1]Group = 89.XXX, IP = 89.XXX, PHASE 2 COMPLETED (msgid=f46e307a)
  Nov 27 04:47:38 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, Sending keep-alive of type DPD R-U-THERE (seq number 0x1a4070b7)
  Nov 27 04:47:38 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing blank hash payload
  Nov 27 04:47:38 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing qm hash payload
  Nov 27 04:47:38 [IKEv1]IP = 89.XXX, IKE_DECODE SENDING Message (msgid=8977946c) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  Nov 27 04:47:38 [IKEv1]IKE Receiver: Packet received on 81.XXX:500 from 89.XXX:500
  Nov 27 04:47:38 [IKEv1]IP = 89.XXX, IKE_DECODE RECEIVED Message (msgid=8e9a1247) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  Nov 27 04:47:38 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, processing hash payload
  Nov 27 04:47:38 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, processing notify payload
  Nov 27 04:47:38 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, Received keep-alive of type DPD R-U-THERE-ACK (seq number 0x1a4070b7)
  Nov 27 04:47:39 [IKEv1]IKE Receiver: Packet received on 81.XXX:500 from 89.XXX:500
  Nov 27 04:47:39 [IKEv1]Group = 89.XXX, IP = 89.XXX, Duplicate Phase 2 packet detected.  Retransmitting last packet.
  Nov 27 04:47:39 [IKEv1]Group = 89.XXX, IP = 89.XXX, Responder resending lost, last msg
  Nov 27 04:47:39 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, Starting P2 rekey timer: 3048 seconds.
  Nov 27 04:47:39 [IKEv1]Group = 89.XXX, IP = 89.XXX, PHASE 2 COMPLETED (msgid=f46e307a)
  Nov 27 04:47:43 [IKEv1]IKE Receiver: Packet received on 81.XXX:500 from 89.XXX:500
  Nov 27 04:47:43 [IKEv1]Group = 89.XXX, IP = 89.XXX, Duplicate Phase 2 packet detected.  Retransmitting last packet.
  Nov 27 04:47:43 [IKEv1]Group = 89.XXX, IP = 89.XXX, QM FSM error (P2 struct &0xcd58eee8, mess id 0xf46e307a)!
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, IKE QM Responder FSM error history (struct &0xcd58eee8)  <state>, <event>:  QM_DONE, EV_ERROR-->QM_ACTIVE, EV_RESEND_MSG-->QM_ACTIVE, NullEvent-->QM_ACTIVE, EV_VM_START-->QM_ACTIVE, EV_ACTIVE-->QM_RSND_LST_MSG, EV_RESET_LIFETIME-->QM_RSND_LST_MSG, EV_IS_REKEY_SECS-->QM_RSND_LST_MSG, EV_RESEND_MSG
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, sending delete/delete with reason message
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing blank hash payload
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing IPSec delete payload
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing qm hash payload
  Nov 27 04:47:43 [IKEv1]IP = 89.XXX, IKE_DECODE SENDING Message (msgid=57422aa9) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 64
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, IKE Deleting SA: Remote Proxy 172.24.0.0, Local Proxy 10.143.0.0
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, IKE SA MM:08bcc57b rcv'd Terminate: state MM_ACTIVE  flags 0x00000042, refcnt 1, tuncnt 0
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, IKE SA MM:08bcc57b terminating:  flags 0x01000002, refcnt 0, tuncnt 0
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, sending delete/delete with reason message
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing blank hash payload
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing IKE delete payload
  Nov 27 04:47:43 [IKEv1 DEBUG]Group = 89.XXX, IP = 89.XXX, constructing qm hash payload
  Nov 27 04:47:43 [IKEv1]IP = 89.XXX, IKE_DECODE SENDING Message (msgid=c364409e) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 76
  Nov 27 04:47:43 [IKEv1 DEBUG]Pitcher: received key delete msg, spi 0xb98f5dbe
  Nov 27 04:47:43 [IKEv1 DEBUG]Pitcher: received key delete msg, spi 0xb98f5dbe
  Nov 27 04:47:43 [IKEv1]Group = 89.XXX, IP = 89.XXX, Session is being torn down. Reason: Lost Service
  Nov 27 04:47:43 [IKEv1]Ignoring msg to mark SA with dsID 1658880 dead because SA delete
  On the Cisco side
  crypto ipsec ikev1 transform-set ESP-3DES-ESP-MD5-HMAC esp-3des esp-md5-hmac
  crypto ipsec security-association pmtu-aging infinite
  crypto map TEST 1 match address ACL_VPN
  crypto map TEST 1 set peer 89.XXX.XXX.XXX
  crypto map TEST 1 set ikev1 transform-set ESP-3DES-ESP-MD5-HMAC
  crypto map TEST interface outside
  crypto ca trustpool policy
  no crypto isakmp nat-traversal
  crypto ikev1 enable outside
  crypto ikev1 policy 1
   authentication pre-share
   encryption 3des
   hash md5
   group 2
   lifetime 86400
  access-list ACL_VPN extended permit ip 10.143.0.0 255.255.0.0 172.24.0.0 255.255.0.0
  On the juniper side:
  set ike gateway "TO_XXX_ASA" address 81.XXX.XXX.XXX Main outgoing-interface "ethernet0/2" preshare "XXXXXXX" proposal "pre-g2-3des-md5"
  set vpn "DATACENTER_XXX_ASA" proxy-id local-ip 172.24.0.0/16 remote-ip 10.143.0.0/16 "ANY" 
  set vpn "DATACENTER_XXX_ASA" gateway "TO_XXX_ASA" no-replay tunnel idletime 0 proposal "nopfs-esp-3des-md5" 
  set vpn "DATACENTER_XXX_ASA" monitor optimized rekey
  set vpn "DATACENTER_XXX_ASA" id 0x78 bind interface tunnel.2
  set vpn "DATACENTER_XXX_ASA" gateway "TO_XXX_ASA" no-replay tunnel idletime 0 proposal "nopfs-esp-3des-md5" 
  set vpn "DATACENTER_XXX_ASA" monitor source-interface ethernet0/2 destination-ip 10.143.0.1 optimized rekey
  set vpn "DATACENTER_XXX_ASA" id 0x7b bind interface tunnel.2
  PFS is disabled.
  Any idea why I receive these errors?
   Duplicate Phase 2 packet detected.  Retransmitting last packet.
  QM FSM error (P2 struct &0xcd58eee8, mess id 0xf46e307a)!

  Hey,
  anybody any idea on this problem? We encountered this problem also.
  i can see in ASA log that phase1 is completed.
  after that we get the msg for phase2 completed.
  but followed with a "responder resending lost, last msg" this 3 times, than a QM FSM error and the tunnel being shut down on our end.
  the other side, is getting an active SA, but ofc not working.
  any idea?
  5 Jan 23 2015 14:59:14 713120 Group = xx.xx.xx.xx, IP = xx.xx.xx.xx, PHASE 2 COMPLETED (msgid=440ce73e)
  7 Jan 23 2015 14:59:18 713906 IKE Receiver: Packet received on yy.yy.yy.yy:500 from xx.xx.xx.xx:500
  5 Jan 23 2015 14:59:18 713201 Group = xx.xx.xx.xx, IP = xx.xx.xx.xx, Duplicate Phase 2 packet detected.  Retransmitting last packet.
  6 Jan 23 2015 14:59:18 713905 Group = xx.xx.xx.xx, IP = xx.xx.xx.xx, Responder resending lost, last msg
  7 Jan 23 2015 14:59:18 715080 Group = xx.xx.xx.xx, IP = xx.xx.xx.xx, Starting P2 rekey timer: 27357 seconds.
  5 Jan 23 2015 14:59:18 713120 Group = xx.xx.xx.xx, IP = xx.xx.xx.xx, PHASE 2 COMPLETED (msgid=440ce73e)
  3x times
  3 Jan 23 2015 14:59:30 713902 Group = xx.xx.xx.xx, IP = xx.xx.xx.xx, QM FSM error (P2 struct &0x00007fff2a9921f0, mess id 0x440ce73e)!
  with kind regards,
  Bernd

• Differance between microsoft sql 7 server and oracle 8

  can anybody give me the exact technical differances between microsoft 7 server and
  oracle8 server ?

  hi,
  below i listed few differences known to me.
  Oracle is a multiplatform rdbms whereas sqlserver is restricted to NT server workstations.
  Oracle does not include the concept of master db. All db runs independently, with their own data files,mem management, and control.
  Sql server has much larger set of fundamental data types than oracle.
  Oracle uses row-level locking whereas sqlserver uses page level locking.
  Oracle is more mature product. It should be used for high throughput and availability and reliable backup and recovery.
  hope it will give u some idea.
  regards,
  arun.

• Is there a difference between the Mac Mini Server and installing the Lion Server on an iMac?

       So, I was wondering what the difference is between installing the Lion Server on an iMac as opposed to buying the Mac Mini Server because the iMac may be a cheaper solution for me since I intend to purchase a new monitor, keyboard, mouse and accessories if i purchase the Mac Mini Server.

  If you intend to leave the server running all the time a Mac mini server would probably make more sense.  It isn't necessary to keep a monitor, mouse and keyboard connected to the server as you can use the server management tools, remote desktop and SSH via the terminal window on your iMac to manage the server remotely once it's up and running.

• URGENT Connection lost between 10.5.4 Server and 10.4.11 & winXP clients

  Hi,
  We are running into a big problem. We just upgrade our server to a new Xserver 8 core running OS X 10.5.4. Previously the server was and older Xserver running 10.4.11, we didn't have problems then.
  After the connection is established everything works and the clients that are running OSX 10.4.11 and windows XP can see the shares via NFS and Samba.
  After an hour or so of working, the clients start loosing the connection and the shares mounted are not accessible anymore. To regain the access we need to reboot the client machine or disconnect and rejoin the domain.
  Each client machine losses its connection independently from the other clients, this means that some people still have access while others don't.
  The connection between the Mac server and the Mac clients is done using NFS, for the windows clients is using Samba.
  Thanks a lot!!

  For starters, use AFP for Macs, not NFS. Seriously.
  Check the logs for smb and the system logs, and post relevant error messages.
  Next step consider wireshark or tcpump to watch your network traffic and try to capture
  a client droppage/disconnect if at all possible.
  Also post the UNedited result of (using the terminal):
  sudo changeip -checkhostname

• Can't make Secure AFP work between 10.3.9 Server and 10.4.6 client

  Ultimately, I want to be able to access our Xserve from the Internet, through the firewall, securely. But for now, I'm just trying to get the AFP Server on Server 10.3.9 to accept Secure AFP connections (from 10.4.6 clients). In short, it's not working.
  I've checked the Enable Secure Connections under the AFP > Settings > Access panel in Server Admin. When I choose Go > Connect to Server from my G5 (10.4.6), and select Allow Secure Connections, and choose Connect... I'm told that "The Server does not allow secure connections" (or something like this) "would you like to connect with reduced security?" I click OK, and it connects, albeit without SSH.
  Any ideas what I can try to fix this? (These two computers, by the way, are on the same local network. First thing's first.)
  Thanks.
  ...Rene
  Xserve G5 Dual 2GHz   Mac OS X (10.3.9)   Mac OS X Server 10.3.9
  Xserve G5    

  Try restarting the AFP Server. Sometimes it takes a couple of times for the setting to take.
  Can you ssh into that server from the client as that user?
  You may be better served in the long run by using a VPN instead.
  - Leland

• Are there any example vi's for implementing a circular buffer between a plc, opc server, and labview dsc??

  I am storing a block of data inside plc registers and reading this group into labview as a continuous set of datapoints. I am counting the number of scans in the plc and sometimes the number of points collected inside labview doesn't match.

  To explain a a little bit about tag updating:
  The LabVIEW DSC tag engine is not just updated on any change of the value within the plc. There are, in fact, several "deadbands" that must be crossed before those tags are updated:
  1) The OPC Server has a deadband - where the plc register value has to change a certain % before it is recorded.
  2) In the LabVIEW DSC moduel, there is an I/O Group Deadband that determines when the tag engine is actually updated.
  Both of these deadbands must be satisfied before a new "value" is recorded in the LabVIEW DSC tag engine.
  Therefore, I would check your OPC Server's deadband (configurable in the OPC Server configuration utility) and also the I/O Group deadband for those tags (configurable in the tag configuration
  editor).
  If this doesn't resolve the issue, please let me know. Thanks.

• SSL connection between Dist Auth UI Server and Access Manager

  Hi,
  I have a Dist Auth UI Server installed in Web Server 7 and working properly, but now i want to configure it to talk with Access Manager with a secure port.
  I have configured Access Manager (also deployed in Web Server 7) in a secure port (443). I have requested and installed the server certificate in the Access Manager Web Server instance and also the root entity certificate.
  My question is: how must i configure the UI Server to communicate with the Access Manager Server in a secure way and trust the certificate that the WS of the AM presents ?
  Regards,

  There have been a few reports of the same behaviour with other customers - specifically with the handling of the encoding of "+" characters to " ". It relates to how cookie encoding/decoding is performed (as you have already observed).
  The solution for these customers was the following:
  => AM server/client side:
  Ensure that com.iplanet.am.cookie.encode=false in AMConfig.properties and AMAgent.properties on all systems.
  => AM client (UWC) side:
  - Set <property name="encodeCookies" value="false"/> in /var/opt/SUNWuwc/WEB-INF/sun-web.xml. This will prevent UWC from trying to urldecode the cookie it receives and therefore stops it turning the + into a space e.g.
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE sun-web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 7.0 Servlet 2.3//EN' 'file:///net/wajra.india.sun.com/export/share/dtd/sun-web-app_2_3-1.dtd'>
  <sun-web-app>
     <property name="encodeCookies" value="false"/>
     <session-config>
        <session-manager/>
     </session-config>
     <jsp-config/>
  <property name="allowLinking" value="true" />
  </sun-web-app>Regards,
  Shane.

• Internal DNS server and NAT routing issue.

  Hi -- I am not terribly experienced with DNS and I am running into an issue that I can't seem to resolve. My company.com DNS information is hosted by an outside ISP for email, web, etc... but I have configured an A record there to point to the public IP to my mac os x server (server.company.com).
  We have a cisco router configured with one to one NAT from the public IP to the internal IP for our server in a 192.168.15.x subnet. The same router is running DHCP and and NAT on that subnet under a different public IP provided by our ISP.
  Our server is running DNS with recursion and has a "company.private" zone set up for internal services and machine names. Thus, the server is accessible via "server.company.com" from the outside and "server.company.private" from the private LAN.
  The problem is that I would like to be able to access some services simply via "server.company.com" both inside and outside the private network. Now, accessing the "server.company.com" services from the private lan does not work because the name resolves to the external IP and the external IP cannot be used internally due to NAT.
  Is there a way to configure my internal DNS server to respond with the appropriate private address when receiving a query only to "server.company.com" and forward requests on for anything else on "company.com"?
  I know that I could manually duplicate all entries for our domain from my ISP and host the same entries for internal clients, but it would be much easier to only have our server handle requests for itself. The server is running OS X Server 10.4.11.
  Thanks

  Is there a way to configure my internal DNS server to respond with the appropriate private address when receiving a query only to "server.company.com" and forward requests on for anything else on "company.com"?
  Ordinarily, no. Once your server thinks it is responsible for a zone (e.g. company.com) then it will answer all queries for that domain and never pass them upstream. Therefore you'd have to replicate all the zone data, including all the public records, and maintain them both.
  The one possible exception to this (I haven't tried) is to create a zone for server.company.com that has your internal address. In theory (like I said, I haven't tried this), the server should respond to 'server.company.com' lookups with its own zone data and defer all other lookups (including other company.com names since they're not in a zone it controls). Might be worth trying.

• Switching WSUS server and Windows 8.1/Server2008/Server2012 clients won't connect, Windows 7/Server2003 is fine

  I need to split the load of my WSUS on to another site because the amount of computers is straining the internet connection in the amount of uploads performed.
  However I'm having an issue at the second WSUS where only Windows 7 and Server 2003 clients will update...
  Windows 8.1 and Server 2008 and Server2012 won't update giving the following error codes: 8024400A and 80072EE2
  The WSUS is a Server 2012 with Local Update Publisher 1.1 installed. It works fine locally at the site but not across our WAN. 
  The clients appear in the WSUS console but fail to check for updates.
  I've tried it with the firewall turned off...  
  Both WSUS servers are using Microsoft SCEP 2012.
  Has anyone out there experienced this? Or have any suggestions to fix?
  Cheers.

  Hi there,
  I spoke too soon, I think I got one Windows 8 client to update yesterday by fluke. Now today it won't. 
  There's not much different between the W7 and W8 systems they both use the same antivirus. Same software but updated on W8. 
  Here is the windows update.log:
  2014-06-05 10:44:14:561
  976 954
  Misc ===========  Logging initialized (build: 7.9.9600.17093, tz: +1000)  ===========
  2014-06-05 10:44:14:639
  976 954
  Misc  = Process: C:\Windows\system32\svchost.exe
  2014-06-05 10:44:14:639
  976 954
  Misc  = Module: c:\windows\system32\wuaueng.dll
  2014-06-05 10:44:14:561
  976 954
  Service *************
  2014-06-05 10:44:14:639
  976 954
  Service ** START **  Service: Service startup
  2014-06-05 10:44:14:639
  976 954
  Service *********
  2014-06-05 10:44:15:311
  976 954
  IdleTmr Non-AoAc machine.  Aoac operations will be ignored.
  2014-06-05 10:44:15:311
  976 954
  Agent  * WU client version 7.9.9600.17093
  2014-06-05 10:44:15:326
  976 954
  Agent WARNING: SleepStudyTracker: Machine is non-AOAC. Sleep study tracker disabled.
  2014-06-05 10:44:15:326
  976 954
  Agent  * Base directory: C:\Windows\SoftwareDistribution
  2014-06-05 10:44:15:326
  976 954
  Agent  * Access type: No proxy
  2014-06-05 10:44:15:326
  976 954
  Service UpdateNetworkState Ipv6, cNetworkInterfaces = 1.
  2014-06-05 10:44:15:326
  976 954
  Service UpdateNetworkState Ipv4, cNetworkInterfaces = 1.
  2014-06-05 10:44:15:326
  976 954
  Agent  * Network state: Connected
  2014-06-05 10:44:15:326
  976 954
  Service UpdateNetworkState Ipv6, cNetworkInterfaces = 1.
  2014-06-05 10:44:15:326
  976 954
  Service UpdateNetworkState Ipv4, cNetworkInterfaces = 1.
  2014-06-05 10:44:16:123
  976 954
  Agent ***********  Agent: Initializing global settings cache  ***********
  2014-06-05 10:44:16:123
  976 954
  Agent  * Endpoint Provider: 00000000-0000-0000-0000-000000000000
  2014-06-05 10:44:16:123
  976 954
  Agent  * WSUS server: http://10.155.194.59:8530
  2014-06-05 10:44:16:123
  976 954
  Agent  * WSUS status server: http://10.155.194.59:8530
  2014-06-05 10:44:16:123
  976 954
  Agent  * Target group: Test Group
  2014-06-05 10:44:16:123
  976 954
  Agent  * Windows Update access disabled: No
  2014-06-05 10:44:16:170
  976 954
  WuTask WuTaskManager delay initialize completed successfully..
  2014-06-05 10:44:16:170
  976 954
  AU    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2014-06-05 00:24:13, not idle-only, not network-only
  2014-06-05 10:44:16:170
  976 954
  AU    Timer: CF1ABEC6-7887-4964-BB93-B2E21B31CEC1, Expires 2014-06-05 05:36:25, not idle-only, not network-only
  2014-06-05 10:44:16:170
  976 954
  AU    Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2014-06-05 05:36:25, not idle-only, not network-only
  2014-06-05 10:44:16:170
  976 954
  Report CWERReporter::Init succeeded
  2014-06-05 10:44:16:170
  976 954
  Agent ***********  Agent: Initializing Windows Update Agent  ***********
  2014-06-05 10:44:16:170
  976 954
  DnldMgr Download manager restoring 0 downloads
  2014-06-05 10:44:16:170
  976 954
  AU ###########  AU: Initializing Automatic Updates  ###########
  2014-06-05 10:44:16:170
  976 954
  AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Scheduled} added to AU services list
  2014-06-05 10:44:16:170
  976 954
  AU AIR Mode is disabled
  2014-06-05 10:44:16:170
  976 954
  AU  # Policy Driven Provider: http://10.155.194.59:8530
  2014-06-05 10:44:16:170
  976 954
  AU  # Detection frequency: 22
  2014-06-05 10:44:16:170
  976 954
  AU  # Target group: Test Group
  2014-06-05 10:44:16:170
  976 954
  AU  # Approval type: Scheduled (Policy)
  2014-06-05 10:44:16:170
  976 954
  AU  # Auto-install minor updates: Yes (Policy)
  2014-06-05 10:44:16:170
  976 954
  AU  # ServiceTypeDefault: Service 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 Approval type: (Scheduled)
  2014-06-05 10:44:16:170
  976 954
  AU  # Will interact with non-admins (Non-admins are elevated (Policy))
  2014-06-05 10:44:16:186
  976 954
  AU WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80070032
  2014-06-05 10:44:16:186
  976 954
  AU AU finished delayed initialization
  2014-06-05 10:44:16:202
  976 954
  AU Adding timer: 
  2014-06-05 10:44:16:202
  976 954
  AU    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2014-06-05 03:47:12, not idle-only, not network-only
  2014-06-05 10:44:16:217
  976 99c
  DnldMgr Asking handlers to reconcile their sandboxes
  2014-06-05 10:45:17:562
  976 954
  AU ReAttemptDownloadsAsUserIfNecessary, No calls in download progress.
  2014-06-05 10:45:31:453
  976 778
  IdleTmr Incremented idle timer priority operation counter to 1
  2014-06-05 10:45:34:562
  976 778
  AU Triggering AU detection through DetectNow API
  2014-06-05 10:45:34:562
  976 778
  AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Scheduled} added to AU services list
  2014-06-05 10:45:34:562
  976 778
  AU Triggering Online detection (interactive)
  2014-06-05 10:45:34:562
  976 778
  AU Adding timer: 
  2014-06-05 10:45:34:562
  976 778
  AU    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2014-06-05 00:45:34, not idle-only, not network-only
  2014-06-05 10:45:34:609
  976 954
  AU #############
  2014-06-05 10:45:34:609
  976 954
  AU ## START ##  AU: Search for updates
  2014-06-05 10:45:34:609
  976 954
  AU #########
  2014-06-05 10:45:34:609
  976 954
  AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Scheduled} added to AU services list
  2014-06-05 10:45:34:609
  976 954
  IdleTmr WU operation (CSearchCall::Init ID 1) started; operation # 15; does use network; is not at background priority
  2014-06-05 10:45:34:609
  976 954
  IdleTmr Incremented idle timer priority operation counter to 2
  2014-06-05 10:45:34:797
  976 954
  Report ***********  Report: Initializing static reporting data  ***********
  2014-06-05 10:45:34:797
  976 954
  Report  * OS Version = 6.3.9600.0.0.65792
  2014-06-05 10:45:34:797
  976 954
  Report  * OS Product Type = 0x00000004
  2014-06-05 10:45:34:813
  976 954
  Report  * Computer Brand = Microsoft Corporation
  2014-06-05 10:45:34:813
  976 954
  Report  * Computer Model = Virtual Machine
  2014-06-05 10:45:34:813
  976 954
  Report  * Platform Role = 1
  2014-06-05 10:45:34:813
  976 954
  Report  * AlwaysOn/AlwaysConnected (AOAC) = 0
  2014-06-05 10:45:34:813
  976 954
  Report  * Bios Revision = 090004 
  2014-06-05 10:45:34:813
  976 954
  Report  * Bios Name = BIOS Date: 03/19/09 22:51:32  Ver: 09.00.04
  2014-06-05 10:45:34:813
  976 954
  Report  * Bios Release Date = 2009-03-19T00:00:00
  2014-06-05 10:45:34:813
  976 954
  Report  * Bios Sku Number unavailable.
  2014-06-05 10:45:34:813
  976 954
  Report  * Bios Vendor = American Megatrends Inc.
  2014-06-05 10:45:34:813
  976 954
  Report  * Bios Family unavailable.
  2014-06-05 10:45:34:828
  976 954
  Report  * Bios Major Release unavailable.
  2014-06-05 10:45:34:828
  976 954
  Report  * Bios Minor Release unavailable.
  2014-06-05 10:45:34:828
  976 954
  Report  * Locale ID = 3081
  2014-06-05 10:45:35:578
  976 954
  Agent *** START ***  Queueing Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 1]
  2014-06-05 10:45:35:609
  976 954
  AU <<## SUBMITTED ## AU: Search for updates  [CallId = {CDA6DEA2-9874-4DB5-AAA7-9A05D933C012} ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}]
  2014-06-05 10:45:35:609
  976 fc4
  Agent ***  END  ***  Queueing Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 1]
  2014-06-05 10:45:35:609
  976 fc4
  Agent *************
  2014-06-05 10:45:35:609
  976 fc4
  Agent ** START **  Agent: Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 1]
  2014-06-05 10:45:35:609
  976 fc4
  Agent *********
  2014-06-05 10:45:35:609
  976 fc4
  Agent  * Online = Yes; Ignore download priority = No
  2014-06-05 10:45:35:609
  976 fc4
  Agent  * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0
  and DeploymentAction='Uninstallation' and RebootRequired=1"
  2014-06-05 10:45:35:609
  976 fc4
  Agent  * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
  2014-06-05 10:45:35:609
  976 fc4
  Agent  * Search Scope = {Machine & All Users}
  2014-06-05 10:45:35:609
  976 fc4
  Agent  * Caller SID for Applicability: S-1-5-21-1323361640-3159480285-1943353560-1532
  2014-06-05 10:45:35:609
  976 fc4
  Agent  * RegisterService is set
  2014-06-05 10:45:35:625
  976 fc4
  EP Got WSUS Client/Server URL: "http://10.155.194.59:8530/ClientWebService/client.asmx"
  2014-06-05 10:45:35:641
  976 fc4
  Setup Checking for agent SelfUpdate
  2014-06-05 10:45:35:641
  976 fc4
  Setup Client version: Core: 7.9.9600.17093  Aux: 7.9.9600.17093
  2014-06-05 10:45:35:641
  976 fc4
  EP Got WSUS SelfUpdate URL: "http://10.155.194.59:8530/selfupdate"
  2014-06-05 10:45:35:672
  976 fc4
  Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
  2014-06-05 10:45:35:734
  976 fc4
  Misc Microsoft signed: NA
  2014-06-05 10:45:35:734
  976 fc4
  Misc Infrastructure signed: Yes
  2014-06-05 10:45:35:734
  976 fc4
  Misc WARNING: Cab does not contain correct inner CAB file.
  2014-06-05 10:45:35:734
  976 fc4
  Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
  2014-06-05 10:45:35:734
  976 fc4
  Misc Microsoft signed: NA
  2014-06-05 10:45:35:750
  976 fc4
  Misc Infrastructure signed: Yes
  2014-06-05 10:45:35:766
  976 fc4
  Setup Skipping SelfUpdate check based on the /SKIP directive in wuident
  2014-06-05 10:45:35:766
  976 fc4
  Setup SelfUpdate check completed.  SelfUpdate is NOT required.
  2014-06-05 10:45:35:907
  976 fc4
  PT +++++++++++  PT: Synchronizing server updates  +++++++++++
  --continued--

• Can I export a PDF in InDesign Server and return it to the calling client?

  Using Java/CORBA between a client machine and InDesign Server, I would like to:
  1. Make a remote call to InDesign server  to create a document, passing IDML as a parameter on the call
  2. Make another remote call to InDesign server to export a PDF, returning the PDF on the call return.
  Is this possible? I notice that the doExport method does not return a PDF to the calling client. Instead, it saves the PDF on the server. I don't see any apis which would allow me to do the above.
  The use case here is a web application which need to "preview" an image. The image consists of a template and some variable data which is sent to an InDesign server for composition and is returned as an image.
  Thanks for any help.

  I fail to see the issue. You have added crop marks, have you not? For all intents and purposes those are marks that are supposed to be visible and printable for cutting in the real world. If you don't want them, don't use them. Acrobat can generate them on the fly for printing, anyway.
  Mylenium

• Is it possible to turn of DHCP server and still route?

  I would like to use my airport extreme as a router but have another computer be the DHCP server. It looks like if I turn on routing DHCP turns on and there is no way to turn it off.
  Thanks for any help.

  That's pretty unfortunate. It seems like a pretty normal thing to do. So I am going to have to have a separate router just because airport extreme doesn't support this. Seems like most of the routers out there do allow this.
  Thanks.

• Lync Enterprise with Single BE Server and Voice Routing

  Hi team,
  I read that the best way for a HA topology is to go ahead with 3 FE server pool(Although MS has said it's workable, many recommend not to). Now this leaves me with another problem, can I go ahead with just 1 SQL Back-End server. I know in this case SQL will
  have no failover. But if we ok with the downtime, will it work properly when the BE is up?
  The front-end includes the following:
  Basic Lync functions
  Mediation
  Monitoring
  Archiving
  Thank you.
  Chris!

  Hi Crypto_J,
  After the Back End Server is up, you could verify if the services of Lync Servers are normally started, and take a test.
  For more details about restoring the Back End Server, please click on the link below.
  Restoring the server hosting the Central Management store in Lync Server 2013
  http://technet.microsoft.com/en-us/library/hh202172.aspx
  To ensure high availability for your Back End Servers, you can use either synchronous SQL mirroring or SQL clustering.
  Using one of these solutions optional, but is recommended to maintain your organization's business continuity.
  Best regards,
  Eric