VRF issue with Firewall in transparent Mode.
Hi Guys,
I have 7609 Router and 6513 L3 Switch connected Through ASA 5545.
I am running Multiple VRF between router and Switch and BGP routing Protocol. When they are connected directly to each other everything is normal, however, when I have connected them via ASA 5545 then everything fails. I am using ASA in transparent Mode.
My question is: Do ASA require different setting in case of VRF? If yes, then please give me sample config.
I have taken following output from Firewall will this be any help?
sh interface ouTSIDE
Interface GigabitEthernet0/1 "OUTSIDE", is up, line protocol is up
Hardware is i82574L rev00, BW 1000 Mbps, DLY 10 usec
Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps)
Input flow control is unsupported, output flow control is off
MAC address 7c69.f68f.df78, MTU 1500
IP address 175.4.8.35, subnet mask 255.255.255.248
8435 packets input, 680680 bytes, 0 no buffer
Received 8135 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 pause input, 0 resume input
8138 L2 decode drops
0 packets output, 0 bytes, 0 underruns
0 pause output, 0 resume output
0 output errors, 0 collisions, 1 interface resets
0 late collisions, 0 deferred
0 input reset drops, 0 output reset drops
input queue (blocks free curr/low): hardware (476/461)
output queue (blocks free curr/low): hardware (511/511)
Traffic Statistics for "OUTSIDE":
297 packets input, 118503 bytes
0 packets output, 0 bytes
297 packets dropped
1 minute input rate 0 pkts/sec, 13 bytes/sec
1 minute output rate 0 pkts/sec, 0 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 0 pkts/sec, 6 bytes/sec
5 minute output rate 0 pkts/sec, 0 bytes/sec
5 minute drop rate, 0 pkts/sec
ciscoasa# show asp drop
Frame drop:
FP L2 rule drop (l2_acl) 297
ASA Version 9.0(1)
firewall transparent
ciscoasa# show module all
Mod Card Type Model Serial No.
0 ASA 5545-X with SW, 8 GE Data, 1 GE Mgmt ASA5545
ips ASA 5545-X IPS Security Services Processor ASA5545-IPS
Mod MAC Address Range Hw Version Fw Version Sw Version
0 7c69.f68f.df77 to 7c69.f68f.df80 1.0 2.1(9)8 9.0(1)
ips 7c69.f68f.df75 to 7c69.f68f.df75 N/A N/A 7.1(4)E4
Mod SSM Application Name Status SSM Application Version
ips IPS Up 7.1(4)E4
Mod Status Data Plane Status Compatibility
0 Up Sys Not Applicable
ips Up Up
Mod License Name License Status Time Remaining
ips IPS Module Enabled perpetual
ciscoasa#
I have create Ehtertype ACL and permit any traffic.
cdp traffic has passed through but I am still not able to ping :(
Similar Messages
-
Hello guys! This is a great source of information and I've learned a TON browsing this place (on company time, hehe), but I've hit a road block that I can't maneuver around.
System Config
Neo K8T Neo Fisr mobo
Athlon64 3200+ CPU
1 Gig Kingston RAM
Ti4200 64 MB video card
520 Watt Antec Power Supply (after getting schooled by Bas's great posts on the importance of PSUs, I found out my lame-o 350 watt (!!!!) PSU, errr, ain't gonna quite cut it.)
Problem:
Windows98 won't boot all the way to normal mode. It only boots to safe mode. Apparently a driver issue?
Symptoms/Clues:
- Only detects my Western Digital harddrive (and only after some finegling)
- Wierdness with my 1.44 3.5" floppy (A:) drive. At first the BIOS would tell me the A: drive was there, regardless of whether it was plugged in. Then I plugged in the A: drive and Win98 in safe mode couldn't read from it. Right now, I don't have my A: drive connected and it's not in my Boot Order sequence (hard drive only for now).
- BIOS doesn't detect my new CD-ROM (SONY) drive at all. Note, this is a brand new drive that was NOT on my old system.
- I disabled the S.ATA controller. (This was confusing because there's an option to disable some SATA thing under an "Integrated Peripherals" menu. However, there's another setting to disable s SATA thing under a PCI Controller's menu. Seemed vague to me,, but then it's been a while since I've done this sort of thing.)
- I cleared the CMOS earlier because of wierdness were the system would hang on bootup and would ask me about starting a "Flash Recovery" process, upon which it would just sit there ( I left it running overnight once).
Call for help
Unfortunately I have no boot floppies, so I was hoping this was something I could fix without one, perhaps by changing some BIOS settings. Maybe it's a RealTek Boot Agent thing?
Any help is appreciated!
BamaBoyIm running win 98se with no real problems, and its doing so well that I still dont even feel like trying anything else..........
I'd say RE-clear your c-mos , using the jumper, and unplugging the power for 5 seconds..... then reset your bios settings.......Also, maybe just reinstall the via 4-in1 chipset drivers...... I remember fiddling with some bios setttings before, like the acpi by os or by bios etc.... that helped.....but its been awhile......The great thing about 98 is that you CAN tweak so much.......
You can reinstall over itself also, which can help redetect the hardware, yyou should always have the 98 files on the hard drive so you dont need the floppy or cd...... So many things you can try....... Resolve yourself to trying as many as possible , its fun when you get it right........... My prob. is that I never remember what I did to fix stuff heheheheh.......good luck
ps, the "flash recovery" thingy has to do with the realtek ethernet lan thingy....which you should disable in its bios.....I forgot how to get to it, I think F11 or something like that while it shows when you are booting....Then it will still ask when you boot, but wwont hang...... -
Macbook Pro issues with WRT120 in 11n mode
WRT120 in N mode have the following problems
- When MBP wake from sleep, the wireless scan takes awhile (10s?) to find the router but doesn't connect. Forcing a connection to the router works.
- Occurs on 2 MBPs. A 2011 model and a 2008 model
- I can confirm the radio is in N mode by inspecting System Report->Wi-Fi->SSID->PHY Mode.
- Security is WPA2 Personal with TK2 or AES
Usability problem is bascially opening the MBP screen to wake up from sleep results in no network connection unless user force the connection.
WRT120 running the latest firmware (v1.0.07 build 2 released in 6/28/2012)
If I set to G mode (Mixed or B/G mode) with WEP. The wake from sleep scan finds SSID right away and connects perfectly quicklyI'm running latest OSX Lion on both MPBs and there are no additional driver updates.
The wireless chipsets are interesting.
- 2008 MBP has a Atheros WiFi chip
- 2011 MBP has a BroadCom WiFi chip
- WRT120N has a Atheres chip
There does seem to be quite a few problems with OSX Lion and WiFi connections. There are lots of online postings. This problem seems to be on Apple's end so I may have to wait for Mountain Lion to see if there is a fix. -
Issue with Aperture full screen mode on HD 5870
I have a very strange problem with Aperture, which may be linked to the HD 5870 and it's probably faulty drivers and would be very grateful if somebody with the same hardware could try this out if he/she can replicate this behavior:
I have a brand new 6-core with the 5870 optional card using a dual display setup (ACD 23" and NEC PA241W).
Whenever I enter full screen mode and activate the brushes, the image on the full screen monitor is reduced in size to about 70% of the full screen resolution. This also gets triggered, when I use the HUD display ("H" key) and lock the floating window on the browser display.
It's a bit hard to describe, but anybody with the same or similar setup, please try this:
- enter full screen mode in Aperture by hitting "F"
- press "H" and lock the window using the small slider in the upper right corner
- activate any of the quick brushes, like dodge or burn
Is your image, which is displayed full screen on the main monitor, getting smaller in size or is it starting to flicker a bit, getting darker? If yes, we have a universal bug here.
I could narrow the problem down in a sense, that it does not matter if either screen is hooked up using the DVI or the Mini-Display-Port. It also happens when I switch the main screen over to the other, so it's (fortunately) not a problem of my new NEC display, the ACD shows the same behavior.
My best guess right now is some kind of bug in Aperture combined with a faulty driver of the HD 5870.
Any help here is greatly appreciated.People have said that Aperture library benefits from, and should not be, on the boot drive, and placing on SSD or alternate drive, maybe RAID 0 in some cases.
64-bit kernel mode helps overcome some of the limitations and obstacles when working with large data sets, which is why I always kept data off the system and placed on RAID 0 which does improve system responsiveness.
If you have already done that and taken steps to optimize your storage layout hard to imagine it is a graphic driver.
And I would limit removing caches to just Aperture's own, though can't hurt to clean out the system's, that is something that SuperDuper will do if you use it, as it doesn't copy those and just skips caches and temp files best rebuilt (but does not touch user caches).
And a touch of Disk Warrior just for good preventative maintenance measure of course. -
I created a rule in CSA 6.0 that, by default, blocks any application on any machine being connected as a server. On a DC we made an exception for the server to be connected on UDP 53 for DNS. However, we are seeing the following messages below. The port ranges from, so far, 30,000-65,000. It seems odd that dns.exe would be accepting a connection as a server on all of those ports. Has anyone seen this before or had this happen to them or is this normal? Also, it is running OpenDNS.
Thanks,
Jay
Audit: The process 'C:\WINDOWS\system32\dns.exe' (as user NT AUTHORITY\SYSTEM) attempted to accept a connection as a server on UDP port 61660 from 208.67.220.220 using interface Wired\HP NC7761 Gigabit Server Adapter. The operation would have been denied.You are behind a hardware/appliance firewall right ? if so, that port should not be open, which tells me that this is an accept of a udp reply from opendns on a request the server made, and not an actual request from opendns to your server, cause all dns traffic works on port 53 tcp/udp as destination port.
-
Issues with waking from "sleep" mode
On a few occasions now and more often than not, after waking the computer from sleep - I get the Message "You need to restart your computer".
Usually I have a few programs open, but not running and sometimes I have an external hard drive connected and mounted, though not always.
Any advice or suggestions would be welcomed
Thanks
TonyHi Eco,
You are getting a Kernel Panic, which can be related to quite few things and only discoverable by eliminating all the options. Here's a few causes of Kernel Panics, bad RAM, peripheral driver conflicts, overheating and a few more obscure reasons that aren't worth mentioning now. The most common cause is RAM failure. Also, It's not unusual to have the hardware test come up with no faults when there clearly are faults.
Do a web search Kernel Panics and see what further info you can come up with. There is a good explanation on the Mac support site, but you can find some better info from other sources. -
The firewall doesn't seem to be working properly. When set to “Set access for specific services and applications” Any software that should get added to the list isn't doing so.
So i added them manually and to test it out had Safari on "block incoming connection" but it is still able to connect.
Is there something i'm doing wrong?MaR13,
Welcome to the Forums! From what I take on it is if you open Safari then the firewall allows you to use it, what blocking inbound connections does is stop someone outside of your computer from starting Safari and navigating it to a hostile site. Same goes for other such apps.
Some light reading:
http://www.macworld.com/article/131116/2007/12/firewall.html
http://www.macworld.com/article/132558/2008/03/connect2504.html
Hope that helps,
Weston -
ASA 5510 in Transparent Mode-Guidelines.
Dear all,
I need to convert routed mode to transparent mode on my ASA-5510 with inbuilt IPS.
let me know which of the following features configured on my firewall will have issue if converted to transparent mode:
1. static routes.
2. object-groups.
3. ACLS.
4. URL-filter (Websense).
5. IPS . ( i doubt this )
6. have 3 data and 1 Mgmt interfaces.
7. syslog.
8. SNMP
I'm sure point 5 and 6 will have issues, need to confirm.
need to confirm this by EOD,
( 5 hours more).
thanks in advance.
Shukla.Does not participate in routing protocols but can still pass routing protocol traffic through it. You can define static routes for the traffic originated by the ASA.
in transparante mode the devices dehind and infront of the firewall will be in the same ip subnet as the firewall will be a L2 device!!
ACLs can be configured normally
syslog as well
obgect groups as well
Address translation is inherent when a firewall is configured for routed mode. Beginning with
ASA 8.0, address translation can be used in transparent mode as well
Does not participate in multicast. However, it allows passing the multicast traffic through it using the ACLs.
Does not support QoS.
Inspects Layer 2 and higher packet headers
as long as u can use
policy-map global_policy
then u can integrate with IPS if u mean AIP-ssm modul
transparent also known as a Layer 2 firewall or a stealth firewall, because its
interfaces have no IP addresses and cannot be detected or manipulated. Only a single
management address can be configured on the firewall
In transparent mode, a firewall can support only two interfaces-the inside and the outside. If
your firewall supports more than two interfaces from a physical and licensing standpoint, you
can assign the inside and outside to two interfaces arbitrarily. As soon as those interfaces are
configured, the firewall does not permit a third interface to be configured.
Some platforms also support a dedicated management interface, which can be used for all
firewall management traffic. However, the management interface cannot be involved in
accepting or inspecting user traffic
Configure a management address:
Firewall(config)# ip address ip_address subnet_mask
The firewall can support only a single IP address for management purposes. The address is
not bound to an interface, as in routed mode. Rather, it is assigned to the firewall itself,
accessible from either of the bridged interfaces.
The management address is used for all types of firewall management traffic, such as Telnet,
SSH, HTTP, SNMP, Syslog, TFTP, FTP, and so on.
A transparent firewall can also support multiple security contexts. In that case, interface IP
addresses must be configured from the respective context. The system execution space uses
the admin context interfaces and IP addresses for its management traffic
You do not have to configure a static route for the subnet directly connected to the firewall
interfaces. However, you should define one static route as a default route toward the outside
public network
i wish i covered all ur questions
good luck
if helpful Rate -
Cisco ASA 5512 Transparent mode
Hi all - hope this is the right place to ask this question-
I'm having trouble understanding how to configure an ASA 5512X in what should be a really easy way -
I simply want the ASA to be a transparent Layer 2 "bump" in a routed link between two networks, and then I'll use the Management interface to actually see the firewall ASDM,Syslog, configure, etc.
I have the interfaces set up thusly:
interface GigabitEthernet0/0
nameif UnTrustedNetwork
security-level 0
interface GigabitEthernet0/1
nameif TrustedNetwork
security-level 100
interface Management0/0
nameif ManagementAccess
security-level 100
ip address 192.168.X.Y 255.255.255.0
management-only
I cannot figure out how to install a default route so that interface Management0/0 with it's IP of 192.168.X.Y can be reached from
other networks, like 10.6.X.Y, etc.
I thought the point of a Management interface was that you could set things up in such a way that the Management interface
was the only way you could access the firewall, and you did not have to have IP addresses on the Gig interfaces,
(at least not in transparent mode, for NAT you obviously would have to)
I tried to add a static route entry to 10.6.X.Y , but
when I typed "route.." my only available destination interfaces were either TrustedNetwork or UnTrustedNetwork ??
How do I configure the Management interface for non-local subnets to be reachable on the firewall in transparent mode?transparent firewall is configured differently from routed mode.
here's a basic config required:
firewall transparent (erases the current config; does not require a reboot)
interface BVI1
ip address 192.168.10.10 255.255.255.0
interface GigabitEthernet0
nameif outside
bridge-group 1
security-level 0
interface GigabitEthernet1
nameif inside
bridge-group 1
security-level 100
route outside 0.0.0.0 0.0.0.0 192.168.10.254
route inside 10.0.0.0 255.0.0.0 192.168.10.100
I think that you need a BVI interface with an IP address before the ASA starts forwarding traffic
The old syntax (pre 8.3 or 8.2 not sure) forces only 2 interfaces and no BVI was configured... the IP was assigned in global config.
Hope that helps,
Patrick -
Rather unconventional design that i am trying to test with transparent mode firewall.... attached diagram
Clients [VLAN 100] connected on L3 Switch with SVI as default gateway
Firewall using one physical port which is sub-interfaced with INSIDE-100 and OUTSIDE-200 interfaces
What's working
- ICMP when initiated from L3 Switch SVI to Client VLAN 100 works fine as i can see traffic through firewall
What's not working
- Packet inspection when ICMP initiated from Client 10.x.100.10 to Client 10.x.100.20 does not go through firewall
As L3 Switch is holding arp and mac, client to client will work. This is where i would like transparent firewall to be the bump and have all client to client traffic go through the firewall. Note the default gateway for the clients is on the L3 switch which cannot be changed.
Will appreciate your comments. I will rather not want to go the routed mode path and test to see if any solution with transparent mode works.Okay so lets discuss the use of subinterface from ASA point of view first.
the subinterface with vlan in transparent mode is only used for carrying traffic from one interface and pass it on to other interface. It doesn't exactly work like switch where traffic received on one vlan will be only passed in same vlan. To avoid the confusion Cisco now term it as BVI. Where you can keep two separate vlan under same BVI. What this does it say I have following configuation on ASA
interface gi0/1.100
vlan 100
nameif inside
bridge-group 10
interface gi0/1.200
vlan 200
bridge-group 10
nameif outside
So this BVI interface bridges between vlan 100 and 200. It means if traffic is coming from vlan 100, ASA switches vlan 100 with vlan 200 and forwards the traffic
so there points to remember
1) transparent firewall is a switch with two interface with layer 2 capability.
2) transparent firewall cannot be used for routing
3) transparent firewall cannot do U-TURN of traffic (if you will do a "same-secuirty traffic permit intra-interface " it will give you error)
Now coming to the topic of discussion.
vlan 200, vlan 100
client 1 (vlan 100)------ switch -----------------------gi0/1 ASA
10.x.10.100 /24) | trunk
|
|
client 2 (vlan 200) 10.x.10.200/24
okay now 10.x.10.100 has to ping 10.x.10.200
1) Client find the destination is same network. So no question of default gateway coming into picture. client 1 will try to find mac address of client 2. Hence it will send an arp broadcast
2) Switch receives arp broadcast on vlan 100. Switch sends this broadcast to all interface which is in vlan 100 (this is important). On the trunk link switch will add vlan tag 100 in broadcast mac address.
3) ASA will receive this broadcast and since it is mac with vlan tag 100, it it will mark it in inside interface.
here ASA will have the information
inside mac address of client
4) Now since it is BVI, so ASA will simply change the broadcast mac with vlan 200.
5) When the switch will get this brodcast, since it has received it from vlan 200. So it will forward it out of all interface with vlan 200. (This is where in Amar's case since there is no interface in vlan 200, ARP dies here.)
6) Client 2 will now receive arp broadcast opens it and finds it related to it.
This procedure will be repeated since client 2 also needs client 1 mac address.
Any other questions? -
Problems with Firewall settings
Hello,
I'm having some odd issues with Firewall. Clicking on "Security", causes me to get the pinwheel. It eventually loads, but it's very slow. I also have issues when I turn on the Firewall, I allow connections for screen sharing, but Back to My Mac shows Orange and that it may have issues. I also have issues with DVD sharing when I have also allowed CD/DVD sharing in the options. Everything revolved around Security/Firewall. Is there anything I can do to diagnose these issues? I have a Time Capsule as my router.
Thanks.
I did look and Console and I do see this error sometimes when I click on the Security preferences tab:
2/4/10 3:24:17 PM System Preferences[91476] Could not connect the action resetLocationWarningsSheetOk: to target of class AppleSecurity_Pref
2/4/10 3:24:17 PM System Preferences[91476] Could not connect the action resetLocationWarningsSheetCancel: to target of class AppleSecurity_Pref
Message was edited by: theBigD23I have a Time Capsule. I don't think that has anything turned on. I have the default settings. I know of other uses with Time Capsule with the exact same problem.
-
Any compatibility issues with IE8 for STVN 2.1 Orgchart?
Hi Experts,
Just curious if there are any issues with running IE8 compatibility mode for Nakisa STVN 2.1 Orgchart?
Thanks,
Michael DinhHi Michael,
IE8 Compatibility Mode is fine for use with STVN2.1 applications. As Stephen said, IE7 and IE8 are certified for SVSN3.0 but IE6 support has been discontinued.
Best regards,
Luke -
Firewall Transparent Mode with IPS
Dear All,
I have network setup shown below
Router --- Firewall Transparent Mode --- cisco layer 3 switch
I am planning to implement ips. Which is the right place to put the IPS
IPS is separate hardware. Let me know on which mode IPS has to be enabled? Rgds - pramodHello,
If you have the separate hardware of IPS then, place the IPS in between Router and firewall.
you can use the IPS in inline and promiscuous mode.
In inline mode all traffic will pass through the IPS first then after inspection will move to firewall.
And if you are using the IPS in promiscuous mode then the copy of traffic will send to the IPS and after that inspection will done.
Thanks. -
Connectivity Issues Cisco ASA 5515 in Transparent Mode
Hi,
we´re having problems with one transparent mode setup at one customer site. The ASA is equiped with a CX Module, but we´re not using it, so far in the service policy rules it was enabled and matched all traffic, but in "monitor only" mode. There is a global acl that allows any-any-IP.
Firewall-Info:
- ASA Version 9.1(2)
- Interfaces gi0/0 + gi0/2 without any interface errors
The ASA 5515x is configured as a "bump in the wire". In general our setup is working but with beginning of the installation of the firewall the customer faces following connection issues, without the firewall no problems:
- Connections to SAP-Servers behind the MPLS begin to drop, affected all users
- Incoming monitoring sessions (ping/snmp) from central management are facing ping timeouts, connection timeouts
- http downloads are stopping, Customer: it will stop responding and the download will fail.
In general the customer describes it this way: "We do not have the best connection here so once we connected the firewall all the problems are magnified"
I recognized, that we unconfigured the default inspection during initial setup and reconfigured this entry for the cx module. So the the default inspection with all the settings are not present any more... How important are these settings? One phenomen is, that I´ve seen a large numbers of concurrent connections that increased over time. And we already had that situation, that the firewall reached the max-conn count.
Should I try to reconfigure the default inspection, as it ships from factory? And whats the best way to check for problems? What can be the reason for the dropping connections?
I attached a network plan and the firewall config, hopefully, that somebody has an idea. Of course I can provide additional information...
Best Regards
SebastianHi Vibhor,
thanks for your reply. Does this also affect the traffic, even the setting is set to "Monitor Only" ?
Is it recommend to configure the default-inspection rule as a default setting?
Further Question: I´ve read sth. about, that service policy rules must be "reloaded" to take effect, after they have been changed. Is that right and how do I reload them?
Here is an output from sh asp drop, do I have to care about certain values? This values result from two connected users doing some downloads over a 2Mbit connection.
ciscoasa# show asp drop
Frame drop:
Invalid encapsulation (invalid-encap) 10
First TCP packet not SYN (tcp-not-syn) 114
TCP failed 3 way handshake (tcp-3whs-failed) 3
TCP RST/FIN out of order (tcp-rstfin-ooo) 18
Dst MAC L2 Lookup Failed (dst-l2_lookup-fail) 33
L2 Src/Dst same LAN port (l2_same-lan-port) 260
FP L2 rule drop (l2_acl) 2958
Interface is down (interface-down) 9420
No management IP address configured for TFW (tfw-no-mgmt-ip-config) 117
Dropped pending packets in a closed socket (np-socket-closed) 66
Thanks
Sebastian -
Transparent mode with AIP-SSM-20
I currently have an ASA5510 in routed mode with an AIP-SSM-20.
There is a requirement to use a fibre optic connection between this ASA and another ASA across campus, so the AIP-SSM will have to be removed and replaced with the SSM-4GE. This part should present no issue.
However, this will remove the IPS device, and I still want to use IPS.
So, what I am thinking is to get another ASA5510, install the AIP-SSM, configure ASA for transparent mode and put it in between the inside of the routed ASA and my LAN. The transparent ASA would be functioning strictly as an IPS appliance.
Setup would look something like this:
Internal LAN <> transparent ASA with IPS <> routed ASA <> WAN
Can the AIP-SSM still perform IPS with the ASA in transparent mode?
Is there a way to configure the ASA and AIP-SSM such that traffic to/from a particular server completely bypasses the AIP-SSM?
I have a couple of fileservers that generate heavy traffic and could overload the AIP-SSM.
Regards.AFAIR, There is no problem to setup AIP in a transparent firewall.
"An ASA in transparent mode can run an AIP. In the event the AIP fails,
the IPS will fail-open and the ASA will continue to pass traffic.
However, if an interface or cable fails, then traffic will stop. You
would need a failover pair to account for this failure event, which
means another ASA and matching AIP."
And no there is no problem to exclude certain hosts/ports/subnets from inspection by IPS via MPF.
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ips.html#wp1050744
What I however consider however is if the ASAs 5510 as second tier firewall for 5520s will be enough.
http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html
HTH,
Marcin
Maybe you are looking for
-
How to Undo Multiple Actions in ActionScript [CS5]
I am wwriting an InDesign extension for CS5 using ActionScript. I want to be able to undo a group of actions as a sungle transaction. In JS, I would use doScript() for this purpose. How do I do it in ActionScript? TIA, mlavie
-
Standard Inventory Management in SAP BI 07
Hi experts, I have a fresh implememtation requirement for the standard inventory management, i have gone through few documents, but i am confused with the version of the documents, at it seems the functionality of the inventory mangement has changed
-
VBA: How do I add a shortcut to an email into the body of an appointment
Dear all, I want to write a macro for outlook that lets me do the following: 1. Move a selected email to a specific folder (with selection box) 2. create an appointment in a non default calendar with the same subject as the email 3. Put a link into t
-
3 computers (all Win 7, 64 bit): 1) upgraded to 4.0 from 3.6.16 and since reverted back to 3.6.16 2) upgraded to 3.6.16 from 3.6.15 3) completely new 4.0 installation. When browser is opened to home page and any link (or bookmark) is selected, the ba
-
Installing photoshop cc and lightroom from old laptop to new desktop
Hi, I have a account for photoshop cc and lightroom under cc. Recently i bought a new desktop and want both the aaps to be installed as on my old laptop. I want it to be under same account. Please suggest. Thanks