Webaccess issue

Similar Messages

• Groupwise DCA and webaccess issues

  I have read many of the threads in regards to DCA issues...but It seems to be suffering a bit of a different issue with it...
  We did a clean install of groupwise 8 about two years ago, and I didi not even know of the gwdca issues, as everything was running fine...we have be running perfectly for the full 2 years...recently, we started getting gwdca errors and the server said it could not unload the memory spaces..as well, this would use up a substantial amount of memory and the server would slow down to a halt..and getting mail and webaccess was unberably slow...
  Based on other forum posts I added the /nodca switch to the .poa file for our domain..everything loads fine up until the loading of webaccess, as soon as I load webaccess, the server slows down to a HALT again...there is some uderlying issue, but I have not idea what it is...can someone help me?

  On 06.04.2011 17:36, Techlord wrote:
  >
  > I have read many of the threads in regards to DCA issues...but It seems
  > to be suffering a bit of a different issue with it...
  >
  > We did a clean install of groupwise 8 about two years ago, and I didi
  > not even know of the gwdca issues, as everything was running fine...we
  > have be running perfectly for the full 2 years...recently, we started
  > getting gwdca errors and the server said it could not unload the memory
  > spaces..as well, this would use up a substantial amount of memory and
  > the server would slow down to a halt..and getting mail and webaccess was
  > unberably slow...
  >
  > Based on other forum posts I added the /nodca switch to the .poa file
  > for our domain..everything loads fine up until the loading of webaccess,
  > as soon as I load webaccess, the server slows down to a HALT
  > again...there is some uderlying issue, but I have not idea what it
  > is...can someone help me?
  You're mixing up DCA (Post Office) and DVA (Webaccess). Your issue most
  certainly comes from the DVA, and *not* the DCA. E.G, you have to
  disable that. Add /gwdvadisable to the webaccess' .waa file.
  CU,
  Massimo Rosen
  Novell Product Support Forum Sysop
  No emails please!
  http://www.cfc-it.de

• Font Issue In Webaccess

  We recently upgraded to GroupWise 2012 and have been getting complaints from some webaccess users regarding symbols that are showing up in certain e-mails. When using Internet Explorer and viewing the e-mail in HTML mode it appears that when the sender of the e-mail hit the return key twice, that empty line is showing up with 3 empty square boxes instead of a blank space. When viewing the same e-mail in Firefox, those empty boxes show up as �.
  If you switch the e-mail over to plain text mode it appears normal.
  Also when you view the e-mail using the Groupwise client, the e-mail appears like normal in HTML and plain text mode.
  Any help on this would be appreciated.
  James

  krazyz28,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://www.novell.com/support and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Forums Team
  http://forums.novell.com

• IPad issue with WebAccess (8.0.2.hp2)

  Hi.
  Accessing the webaccess page is generally fine, when using an iPad.
  writing a new email also opens. recepient's address can be entered fine, same for
  subject. But the main "edit" for the email text cannot be used to enter any text,
  the focus & cursor cannot be placed in it.
  Who knows, what's going wrong here?
  Regards, Rudi.

  Hi.
  >This is the only way at the moment, I think... 'How to Enable IPads and
  >IPod Touches to Automatically Use GroupWise Webaccess Simple Templates'
  >(http://www.novell.com/support/php/se...rnalId=7006843)
  >There should be better support for iPad/iPhone in next GW release.
  I can't believe it!
  Hm. Just tried the "basic interface", now I'm wondering, if this really is the same
  as "Webaccess Simple Templates", I'll edit the config files as mentioned in
  TID7006843, thanks so far, Rudi.
  When using an IPad to access GroupWise Webaccess, the ability to navigate is
  hampered by the css (Cascading Style Sheets) that are used in the default view
  presented.
  Resolution
  The Webaccess Application can be modified to detect when an IPad or IPod Touch
  browser is accessing the system and return the simple templates instead of the css
  templates.
  To set this up, please follow the directions below:
  1. Locate the webacc.cfg file for your Webaccess Application. The default locations
  are listed below:
  a) Linux /OES2 - /var/opt/novell/groupwise/webaccess
  b) NetWare - sys:/novell/webaccess
  c) Windows - c:\novell\groupwise\webaccess
  2. Make a backup copy of the file before changes are made
  3. Open the file with a text editor
  4. Within the file, there will be a section where there will be many entries that
  start with "Templates.UserAgent.#.id=*string reported by browser*". Note the entry
  listed with the largest number. Afterward, create 4 new lines. If the highest
  existing number in an existing entry is 8, then an entry should be created like the
  one below:
  Templates.UserAgent.9.id=*iPad
  Templates.UserAgent.9.interface=simple
  Templates.UserAgent.10.id=*iPod
  Templates.UserAgent.10.interface=simple
  5. Save and exit the file
  6. Restart Tomcat using the one of the commands below and then test with your IPad.
  a. To restart Tomcat on NetWare enter the following commands from the console
  java -exit
  tomcat4.ncf
  b. To restart Tomcat on Windows, open the Services Console and right-click Tomcat
  5.5 and choose Stop and then right click again and choose Start.
  c. To restart Tomcat on Linux/OES2, open an terminal window as the root user and
  issue the command "rcnovell-tomcat5 restart". On other SuSE Linux Enterprise
  distributions, the command will be "rctomcat# restart" where the # sign represents
  the version of Tomcat that is running.

• ASA 5505 Speed Issue - Help Requested if possible

  Hi All,
  I am wondering if anybody here can shed some light on any potential configuration issues with the configuration below (Sanitized). Current State:
  1.     SIte to Site VPN is up and running perfectly.
  2.     Client to Site VPNs work through L2PT/IPSEC and through mobile devices such as IPhone.
  3.     The outside interface is at line speed - approximately 5-6MBits per second.
  4.     When performing a download of a service pack from microsoft - Bit rate on the inside interface is approximately 1/3rd of the outside interface (A lot of loss). Interface shows no CRC errors and no input errors.
  5.     The outside interface shows CRC errors and INPUT errors but due to the line speed being optimal (as the client experienced via their WAN router direct (with the ASA out of the mix), have not looked in to this further. I suspect the device it is directly attached to does not auto negotiate correctly even though the interface is set to 100Mb Full Duplex.
  6.     Outside interface MTU is set to 1492, purposely set this way due to PPPOE over head (Please correct me if I am wrong). (Approx 8 bytes)
  7.     Inside Interface MTU is set to 1500, no drops or loss detected on that interface so have left it as is.
  8.     All inspection has been disabled on the ASA as I thought that scans on the traffic could have impaired performance.
  Current Environment Traffic Flow:   
  1.     All hosts on the network have there DNS pointed to external IP addresses currently as the DNS server is out of the mix. This usually points to DNS servers in the US. If the hosts use this, the DNS queries are performed over the site-to-site VPN but the internet traffic is routed around the VPN as the traffic is a seperate established session. Split tunneling is enabled on the ASA to only trust the internal hosts from accessing the US hosts. Everything else uses the default route.
  2.     The version of software on this ASA is 8.2(1). I have checked and there does not seem to be any underlying issues that would cause this type of behaviour.
  3.     Memory is stable at roughly 190Mb out of 512Mb
  4.     CPU is constant at approximately 12%.
  5.     WAN and INSIDE switch are Fast Ethernet and the ASA interfaces are all Ethernet - Potential compatibility issue between standards? I'm aware they should be compatible - any body that has experienced any issues regarding this would be greatly apprecaited.
  Current Issues:
  1.     Speed on the inside interface is approximately 1/3rd of the WAN/Outside interface - download speeds are sitting at approximately 250 - 300kb (should be sitting at approximately 700-800kb).
  2.     Noticed that when the DC is pointed to the USA Root Domain Controller (Across the tunnel) latency is approximately 400ms average. (Performed using host name).
  3.     I ping the IP address of the exact same server and the latency is still 400ms.
  4.     Changing the DCs DNS address to 8.8.8.8, I perform the same ping to the same servers. Still 400ms.
  5.     I ping google.co.nz and I still get 400ms (You would expect it to route out the default gateway but session is still active for that IP on the ASA).
  6.     I ping 74.x.x.x (The IP from the resolution from step 5) and I get the same result.
  7.     I flush dns, same issue for 5/6.
  8.     I clear xlate on the ASA and the same issue persists.
  9.     I close command line, repen it, and perform the test again - latency is now back to 40 - 50ms as we would expect for non-vpn traffic.
  I am currently out of ideas and would like some advice on what I have actually missed.
  Things I suspect that I may need to do:
  1.     Upgrade IOS to latest version (Other than that - I'm out of ideas).
  ASA Version 8.2(1)
  hostname BLAH
  enable password x.x.x.x encrypted
  passwd x.x.x.x encrypted
  names
  name x.x.x.x BLAHPC
  name 8.8.8.8 Google-DNS description Google-DNS
  name 202.27.184.3 Telecom-Alien-Pri description Telecom-Alien-Pri
  name 202.27.184.5 Telecom-Terminator-Sec description Telecom-Terminator-Sec
  name 203.96.152.4 TelstraClearPri description TCL-PRI
  name 203.96.152.12 TelstraClearSec description TCL-Sec
  name x.x.x.x BLAH_Network description BLAH-Internal
  name x.x.x.x DC description DC VPN Access
  name x.x.x.x Management-Home description Allow RDP Access from home
  name x.x.x.x SentDC description BLAHDC
  name x.x.x.x Outside-Intf
  dns-guard
  interface Vlan1
  nameif inside
  security-level 100
  ip address x.x.x.x 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  pppoe client vpdn group pppoex
  ip address pppoe setroute
  interface Ethernet0/0
  switchport access vlan 2
  speed 100
  duplex full
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  banner exec [BLAH MANAGED DEVICE] - IF YOU ARE UNAUTHORIZED TO USE THIS DEVICE, LEAVE NOW!!!
  banner login If you are Unauthorized to use this device, leave now. Prosecution will follow if you are found to access this device without being Authorized.
  banner asdm [BLAH MANAGED DEVICE] - IF YOU ARE UNAUTHORIZED TO USE THIS DEVICE, LEAVE NOW!!!
  ftp mode passive
  clock timezone WFT 12
  dns domain-lookup inside
  dns domain-lookup outside
  dns server-group DefaultDNS
  name-server Google-DNS
  name-server Telecom-Alien-Pri
  name-server Telecom-Terminator-Sec
  name-server TelstraClearPri
  name-server TelstraClearSec
  object-group service RDP tcp
  description RDP
  port-object eq 3389
  object-group network BLAH-US
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  object-group network x.x.x.x
  network-object x.x.x.x 255.255.255.0
  network-object  x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  object-group service Management_Access_Secure
  description Management Access - SECURE
  service-object tcp eq https
  service-object tcp eq ssh
  service-object tcp eq 4434
  object-group service FileTransfer tcp
  description Allow File Transfer
  port-object eq ftp
  port-object eq ssh
  object-group service WebAccess tcp
  description Allow Web Access
  port-object eq www
  port-object eq https
  object-group protocol TCPUDP
  protocol-object udp
  protocol-object tcp
  object-group service AD_Access udp
  description Allow Active Directory AD ports - UDP Only
  port-object eq 389
  port-object eq 445
  port-object eq netbios-ns
  port-object eq 636
  port-object eq netbios-dgm
  port-object eq domain
  port-object eq kerberos
  object-group network DM_INLINE_NETWORK_2
  group-object x.x.x.x
  group-object x.x.x.x
  object-group network DM_INLINE_NETWORK_3
  group-object x.x.x.x
  group-object x.x.x.x
  object-group network BLAH_DNS
  description External DNS Servers
  network-object host Telecom-Alien-Pri
  network-object host Telecom-Terminator-Sec
  network-object host TelstraClearSec
  network-object host TelstraClearPri
  network-object host Google-DNS
  object-group service AD_Access_TCP tcp
  description Active Directory TCP protocols
  port-object eq 445
  port-object eq ldap
  port-object eq ldaps
  port-object eq netbios-ssn
  port-object eq domain
  port-object eq kerberos
  port-object eq 88
  object-group network DM_INLINE_NETWORK_4
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  object-group network DM_INLINE_NETWORK_5
  network-object x.x.x.x 255.255.255.0
  network-object x.x.x.x 255.255.255.0
  object-group network DM_INLINE_NETWORK_6
  group-object x.x.x.x
  group-object x.x.x.x
  object-group network DM_INLINE_NETWORK_1
  group-object x.x.x.x
  group-object x.x.x.x
  access-list inside_access_in remark Allow Internal ICMP from BLAH
  access-list inside_access_in extended permit icmp Sentinel_Network 255.255.255.0 object-group DM_INLINE_NETWORK_2
  access-list inside_access_in remark Allow Internal ICMP to BLAH
  access-list inside_access_in extended permit icmp object-group DM_INLINE_NETWORK_3 BLAH 255.255.255.0
  access-list inside_access_in remark External DNS
  access-list inside_access_in extended permit object-group TCPUDP BLAH 255.255.255.0 object-group BLAH_DNS eq domain
  access-list inside_access_in remark Allows Web Access
  access-list inside_access_in extended permit tcp BLAH 255.255.255.0 any object-group WebAccess
  access-list inside_access_in remark Allow Remote Desktop Connections to the Internet
  access-list inside_access_in extended permit tcp BLAH 255.255.255.0 any object-group RDP
  access-list inside_access_in remark Allow File Transfer Internet
  access-list inside_access_in extended permit tcp BLAH 255.255.255.0 any object-group FileTransfer
  access-list inside_access_in remark ldap, 445, 137, 636, dns, kerberos
  access-list inside_access_in extended permit udp BLAH 255.255.255.0 object-group DM_INLINE_NETWORK_4 object-group AD_Access
  access-list inside_access_in remark ldap, 445, 137, 636, dns, kerberos
  access-list inside_access_in extended permit tcp BLAH 255.255.255.0 object-group DM_INLINE_NETWORK_5 object-group AD_Access_TCP
  access-list inside_access_in extended permit ip any any
  access-list outside_cryptomap_65535.1 extended permit ip BLAH 255.255.255.0 object-group DM_INLINE_NETWORK_6
  access-list nonat extended permit ip BLAH 255.255.255.0 object-group BLAH-US
  access-list nonat extended permit ip BLAH 255.255.255.0 object-group BLAH-USA
  access-list nonat extended permit ip BLAH 255.255.255.0 x.x.x.x 255.255.255.0
  access-list tekvpn extended permit ip BLAH 255.255.255.0 object-group BLAH-US
  access-list tekvpn extended permit ip BLAH 255.255.255.0 object-group BLAH-USA
  access-list tekvpn extended permit ip BLAH 255.255.255.0 x.x.x.x 255.255.255.0
  access-list inbound extended permit icmp any any
  access-list inside_nat0_outbound extended permit ip BLAH 255.255.255.0 10.1.118.192 255.255.255.224
  access-list inside_nat0_outbound extended permit ip BLAH 255.255.255.0 object-group DM_INLINE_NETWORK_1
  access-list outside_1_cryptomap extended permit ip BLAH 255.255.255.0 object-group DM_INLINE_NETWORK_1
  access-list outside_access_in extended permit icmp any any
  pager lines 24
  logging enable
  logging monitor informational
  logging buffered notifications
  logging trap informational
  logging asdm informational
  logging class auth monitor informational trap informational asdm informational
  mtu inside 1500
  mtu outside 1492
  ip local pool ipsec_pool x.x.x.x-x.x.x.x mask 255.255.255.0
  ip local pool Remote-Access-DHCP x.x.x.x-x.x.x.x mask 255.255.255.0
  ip verify reverse-path interface outside
  icmp unreachable rate-limit 1 burst-size 1
  asdm history enable
  arp timeout 14400
  nat-control
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 1 BLAH 255.255.255.0
  access-group inside_access_in in interface inside
  access-group outside_access_in in interface outside
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  nac-policy DfltGrpPolicy-nac-framework-create nac-framework
  reval-period 36000
  sq-period 300
  aaa authentication http console LOCAL
  aaa authentication serial console LOCAL
  aaa authentication ssh console LOCAL
  aaa authentication enable console LOCAL
  aaa authorization command LOCAL
  aaa authorization exec authentication-server
  http server enable RANDOM PORT
  http 0.0.0.0 0.0.0.0 outside
  http x.x.x.x x.x.x.x inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  sysopt connection tcpmss 1428
  sysopt connection tcpmss minimum 48
  auth-prompt prompt You are now authenticated. All actions are monitored! if you are Unauthorized, Leave now!!!
  auth-prompt accept Accepted
  auth-prompt reject Denied
  service resetoutside
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set TRANS_ESP_3DES_MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set TRANS_ESP_3DES_MD5 mode transport
  crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map outside_dyn_map 1 set transform-set TRANS_ESP_3DES_SHA TRANS_ESP_3DES_MD5
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set peer x.x.x.x
  crypto map outside_map 1 set transform-set ESP-3DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 1
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 2
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  client-update enable
  telnet timeout 5
  ssh x.x.x.x 255.255.255.0 inside
  ssh 0.0.0.0 0.0.0.0 outside
  ssh timeout 5
  ssh version 2
  console timeout 0
  management-access inside
  vpdn group pppoex request dialout pppoe
  vpdn group pppoex localname **************
  vpdn group pppoex ppp authentication pap
  vpdn username ************** password PPPOE PASSPHRASE HERE
  dhcpd auto_config outside
  dhcpd address x.x.x.x/x inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics port
  threat-detection statistics protocol
  threat-detection statistics access-list
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  ntp server x.x.x.x source outside prefer
  tftp-server outside x.x.x.x /HOSTNAME
  webvpn
  group-policy DfltGrpPolicy attributes
  banner value Testing ONE TWO THREE
  vpn-idle-timeout 300
  vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
  ipsec-udp enable
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value outside_cryptomap_65535.1
  user-authentication enable
  nem enable
  address-pools value Remote-Access-DHCP
  webvpn
    svc keepalive none
    svc dpd-interval client none
  USER CREDENTIALS HERE
  vpn-tunnel-protocol l2tp-ipsec
  tunnel-group DefaultL2LGroup ipsec-attributes
  pre-shared-key SITETOSITE PSK
  peer-id-validate nocheck
  tunnel-group DefaultRAGroup general-attributes
  authorization-server-group LOCAL
  tunnel-group DefaultRAGroup ipsec-attributes
  pre-shared-key CLIENTTOSITE PSK
  peer-id-validate nocheck
  isakmp keepalive disable
  tunnel-group DefaultRAGroup ppp-attributes
  authentication pap
  no authentication chap
  no authentication ms-chap-v1
  authentication ms-chap-v2
  authentication eap-proxy
  tunnel-group x.x.x.x type ipsec-l2l
  tunnel-group x.x.x.x ipsec-attributes
  pre-shared-key *
  tunnel-group-map default-group DefaultL2LGroup
  class-map inspect_default
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
  privilege cmd level 3 mode exec command perfmon
  privilege cmd level 3 mode exec command ping
  privilege cmd level 3 mode exec command who
  privilege cmd level 3 mode exec command logging
  privilege cmd level 3 mode exec command failover
  privilege show level 5 mode exec command import
  privilege show level 5 mode exec command running-config
  privilege show level 3 mode exec command reload
  privilege show level 3 mode exec command mode
  privilege show level 3 mode exec command firewall
  privilege show level 3 mode exec command asp
  privilege show level 3 mode exec command cpu
  privilege show level 3 mode exec command interface
  privilege show level 3 mode exec command clock
  privilege show level 3 mode exec command dns-hosts
  privilege show level 3 mode exec command access-list
  privilege show level 3 mode exec command logging
  privilege show level 3 mode exec command vlan
  privilege show level 3 mode exec command ip
  privilege show level 3 mode exec command ipv6
  privilege show level 3 mode exec command failover
  privilege show level 3 mode exec command asdm
  privilege show level 3 mode exec command arp
  privilege show level 3 mode exec command route
  privilege show level 3 mode exec command ospf
  privilege show level 3 mode exec command aaa-server
  privilege show level 3 mode exec command aaa
  privilege show level 3 mode exec command eigrp
  privilege show level 3 mode exec command crypto
  privilege show level 3 mode exec command vpn-sessiondb
  privilege show level 3 mode exec command ssh
  privilege show level 3 mode exec command dhcpd
  privilege show level 3 mode exec command vpnclient
  privilege show level 3 mode exec command vpn
  privilege show level 3 mode exec command blocks
  privilege show level 3 mode exec command wccp
  privilege show level 3 mode exec command dynamic-filter
  privilege show level 3 mode exec command webvpn
  privilege show level 3 mode exec command module
  privilege show level 3 mode exec command uauth
  privilege show level 3 mode exec command compression
  privilege show level 3 mode configure command interface
  privilege show level 3 mode configure command clock
  privilege show level 3 mode configure command access-list
  privilege show level 3 mode configure command logging
  privilege show level 3 mode configure command ip
  privilege show level 3 mode configure command failover
  privilege show level 5 mode configure command asdm
  privilege show level 3 mode configure command arp
  privilege show level 3 mode configure command route
  privilege show level 3 mode configure command aaa-server
  privilege show level 3 mode configure command aaa
  privilege show level 3 mode configure command crypto
  privilege show level 3 mode configure command ssh
  privilege show level 3 mode configure command dhcpd
  privilege show level 5 mode configure command privilege
  privilege clear level 3 mode exec command dns-hosts
  privilege clear level 3 mode exec command logging
  privilege clear level 3 mode exec command arp
  privilege clear level 3 mode exec command aaa-server
  privilege clear level 3 mode exec command crypto
  privilege clear level 3 mode exec command dynamic-filter
  privilege cmd level 3 mode configure command failover
  privilege clear level 3 mode configure command logging
  privilege clear level 3 mode configure command arp
  privilege clear level 3 mode configure command crypto
  privilege clear level 3 mode configure command aaa-server
  prompt hostname context
  Cryptochecksum:894474af5fe446eeff5bd9e7f629fc4f
  : end

  Hi all, this post can be officially closed. The issue had nothing to do with the ASA but required a firmware upgrade on the WAN router which boosted the throughput on the external interface on the ASA to 10Mbps and the inside throughput naturally corrected itself to what was expected.
  Thanks to everybody who looked at this issue.
  Andrew

• User not able to Change Password in Webaccess

  We are running GroupWise 7.0.3 HP3. We have one user who is not able to change her password in Webaccess. Whenever she tries, she get the following error message in Webaccess
  Ldap Password Change Failed. Contact your system administrator.
  When I look at the POA screen on the server, I see the following error message.
  LDAP Error: 53.
  Her account is not disabled, expired or locked. I get the same error message when the account has an unlimited number of network aconnections.
  If I change the password in ConsoleOne and log into the account, I get prompted change my password because it has expired.
  Thanks

  n,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Install WebAccess 8 on Windows Server 2008 R2

  I am running the installation of the GroupWise WebAccess 8.0.2 Agent and Application on a Windows 2008 R2 Server. The domain is on a local drive, running IIS7, and installing to the Default Web Site in IIS. It appears that the installation completes successfully, but there is not WebAccess site on the IIS site.
  After a couple of attempts, I noticed that toward th end of the installation, a command prompt flashes briefly displaying the following:
  Configuring Tomcat to work with IIS. Please wait...
  'C:\Windows\system32\servermanagercmd.exe' is not recognized as an internal or external command, operable program or batch file.
  I have confirmed that this executable is in that location, and I can manually run it.
  Any thoughts on this would be greatly appreciated!
  Jos

  I have this SAME issue right now....if anyone has an answer, or if you obtained one Jose since last August, I'd appreciate hearing what the answer was....thanks......
  Pete Fanning
  Network Administrator
  Milwaukee Area Technical College
  >>> jromero<[email protected]> 8/31/2011 4:36 PM >>>
  I am running the installation of the GroupWise WebAccess 8.0.2 Agent and
  Application on a Windows 2008 R2 Server. The domain is on a local drive,
  running IIS7, and installing to the Default Web Site in IIS. It appears
  that the installation completes successfully, but there is not WebAccess
  site on the IIS site.
  After a couple of attempts, I noticed that toward th end of the
  installation, a command prompt flashes briefly displaying the
  following:
  Configuring Tomcat to work with IIS. Please wait...
  'C:\Windows\system32\servermanagercmd.exe' is not recognized as an
  internal or external command, operable program or batch file.
  I have confirmed that this executable is in that location, and I can
  manually run it.
  Any thoughts on this would be greatly appreciated!
  José
  jromero
  jromero's Profile: http://forums.novell.com/member.php?userid=46177
  View this thread: http://forums.novell.com/showthread.php?t=444010

• Issue with SPA525g registation and FXO port call calls are not disconnecting properly

  Hi,
  I  have a UC540 and updated it to the latest IOS version with the latest  firmware to my phones and i am having registration problems with SPA525g  IP Phones. I updated the firmware of the phones as well and create  manual tftp bindings with but still it is not registering. I run a  couple of debugs (debug tftp events and debug ephone registration) I can  see from the logs and in the phone that it is taking the proper VLAN  and being discovered via CDP and being pointed to the TFTP server and  still wont register. I can see that it is also taking its own .cnf file  properly then the output sccp token regected invalid devices error is  shown I have a SPA502G and it is working fine. Also there is a previous  issue that all the voice port are shown as engage or offhook even the  calls are disconnected thus make the main PSTN number busy am based in  UAE and our service provider is etisalat I have check with them about  the proper disconnection values but still it the same. That's why I have  arrived in the conclusion to just update everything including the IOS  and the phones firmware. I have put my config in this post, I am also  trying to take the CCNA Voice exam on the 2nd week of april and I think  that if i don't know how fix this issue for our customer then I would  probably fail that exam. any suggestion and help is greatly appreciated  cisco experts.
  ! Last configuration change at 13:36:42 ZP4 Thu Sep 13 2012 by Nick
  ! NVRAM config last updated at 13:45:41 ZP4 Thu Sep 13 2012 by Nick
  version 15.1
  parser config cache interface
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  service internal
  service compress-config
  service sequence-numbers
  hostname UC540
  boot-start-marker
  boot system flash:uc500-advipservicesk9-mz.151-2.T4
  boot-end-marker
  logging buffered 64000
  enable secret 5 $1$3CIf$.rXyHeJQrwd97X/f2dS0M1
  no aaa new-model
  clock timezone ZP4 4 0
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-3558175224
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-3558175224
  revocation-check none
  crypto pki certificate chain TP-self-signed-3558175224
  certificate self-signed 01 nvram:IOS-Self-Sig#3.cer
  dot11 syslog
  dot11 ssid cisco-data
  vlan 1
  authentication open
  dot11 ssid cisco-voice
  vlan 100
  authentication open
  ip source-route
  ip cef
  ip dhcp relay information trust-all
  ip dhcp excluded-address 10.1.3.1 10.1.3.10
  ip dhcp pool phone
     network 10.1.3.0 255.255.255.0
     default-router 10.1.3.1
     option 150 ip 10.1.3.1
  ip name-server 213.42.20.20
  ip name-server 195.229.241.222
  ip inspect WAAS flush-timeout 10
  ip inspect name SDM_LOW cuseeme
  ip inspect name SDM_LOW dns
  ip inspect name SDM_LOW ftp
  ip inspect name SDM_LOW h323
  ip inspect name SDM_LOW https
  ip inspect name SDM_LOW icmp
  ip inspect name SDM_LOW imap
  ip inspect name SDM_LOW pop3
  ip inspect name SDM_LOW netshow
  ip inspect name SDM_LOW rcmd
  ip inspect name SDM_LOW realaudio
  ip inspect name SDM_LOW rtsp
  ip inspect name SDM_LOW esmtp
  ip inspect name SDM_LOW sqlnet
  ip inspect name SDM_LOW streamworks
  ip inspect name SDM_LOW tftp
  ip inspect name SDM_LOW tcp router-traffic
  ip inspect name SDM_LOW udp router-traffic
  ip inspect name SDM_LOW vdolive
  no ipv6 cef
  multilink bundle-name authenticated
  stcapp ccm-group 1
  stcapp
  stcapp supplementary-services
  port 0/0/0
    fallback-dn 301
  port 0/0/1
    fallback-dn 302
  port 0/0/2
    fallback-dn 303
  port 0/0/3
    fallback-dn 304
  trunk group ALL_FXO
  max-retry 5
  voice-class cause-code 1
  hunt-scheme longest-idle
  translation-profile outgoing PROFILE_ALL_FXO
  trunk group ALL_FX0
  voice call send-alert
  voice rtp send-recv
  voice service voip
  allow-connections h323 to h323
  allow-connections h323 to sip
  allow-connections sip to h323
  allow-connections sip to sip
  supplementary-service h450.12
  sip
    no update-callerid
  voice class codec 1
  codec preference 1 g711alaw
  codec preference 2 g711ulaw
  voice class dualtone-detect-params 1
  freq-max-deviation 50
  freq-max-power 0
  freq-min-power 13
  freq-power-twist 4
  cadence-variation 6
  voice class custom-cptone UAE-CUSTOM
  dualtone disconnect
    frequency 406
    cadence 398 344 237 527 400
  voice class custom-cptone CCAjointone
  dualtone conference
    frequency 600 900
    cadence 300 150 300 100 300 50
  voice class custom-cptone CCAleavetone
  dualtone conference
    frequency 400 800
    cadence 400 50 200 50 200 50
  voice class cause-code 1
  no-circuit
  voice register global
  voice hunt-group 1 parallel
  list 301,302,303
  timeout 24
  pilot 511
  voice translation-rule 4
  rule 15 // //
  voice translation-rule 1000
  rule 1 /.*/ //
  voice translation-rule 1111
  voice translation-rule 1112
  rule 1 /^9/ //
  rule 3 /^0/ //
  voice translation-rule 2222
  voice translation-rule 3265
  rule 1 /\(^..........$\)/ /9\1/
  rule 2 /\(^.........$\)/ /9\1/
  rule 15 /\(^ABCD$\)/ /ABCD\1/
  voice translation-profile CALLER_ID_TRANSLATION_PROFILE
  translate calling 1111
  voice translation-profile CallBlocking
  translate called 2222
  voice translation-profile INCOMING_CallerID_PROFILE
  translate calling 3265
  voice translation-profile OUTGOING_TRANSLATION_PROFILE
  translate called 1112
  voice translation-profile PROFILE_ALL_FXO
  translate calling 4
  voice translation-profile nondialable
  translate called 1000
  voice-card 0
  dspfarm
  dsp services dspfarm
  license udi pid UC540W-FXO-K9 sn FHK143074G6
  archive
  log config
    logging enable
    logging size 600
    hidekeys
  username cisco privilege 15 secret 5 $1$vjNa$OFKLhupqR8al6x2b8Xmcj/
  username adminac privilege 15 secret 5 $1$NDC.$PtD0y4YGIj5SqI1gghxWE1
  username Nick privilege 15 secret 5 $1$iAmL$tsg7Jf2TEND1NN.h8z2dy/
  ip tftp source-interface Loopback0
  bridge irb
  interface Loopback0
  description $FW_INSIDE$
  ip address 10.1.10.2 255.255.255.252
  ip access-group 101 in
  ip nat inside
  ip virtual-reassembly in
  interface FastEthernet0/0
  description $FW_OUTSIDE$
  ip address 192.168.101.2 255.255.255.252
  ip nat outside
  ip virtual-reassembly in
  duplex auto
  speed auto
  interface Integrated-Service-Engine0/0
  description cue is initialized with default IMAP group
  ip unnumbered Loopback0
  ip nat inside
  ip virtual-reassembly in
  service-module ip address 10.1.10.1 255.255.255.252
  service-module ip default-gateway 10.1.10.2
  interface FastEthernet0/1/0
  switchport voice vlan 100
  macro description cisco-phone
  spanning-tree portfast
  interface FastEthernet0/1/1
  switchport voice vlan 100
  macro description cisco-phone
  spanning-tree portfast
  interface FastEthernet0/1/2
  switchport voice vlan 100
  macro description cisco-phone
  spanning-tree portfast
  interface FastEthernet0/1/3
  switchport voice vlan 100
  macro description cisco-phone
  spanning-tree portfast
  interface FastEthernet0/1/4
  switchport voice vlan 100
  macro description cisco-phone
  spanning-tree portfast
  interface FastEthernet0/1/5
  switchport voice vlan 100
  macro description cisco-phone
  spanning-tree portfast
  interface FastEthernet0/1/6
  switchport voice vlan 100
  macro description cisco-phone
  spanning-tree portfast
  interface FastEthernet0/1/7
  switchport access vlan 20
  spanning-tree portfast
  interface FastEthernet0/1/8
  switchport access vlan 100
  macro description cisco-switch
  interface Dot11Radio0/5/0
  no ip address
  shutdown
  ssid cisco-data
  ssid cisco-voice
  speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
  station-role root
  interface Dot11Radio0/5/0.1
  encapsulation dot1Q 1 native
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 spanning-disabled
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  interface Dot11Radio0/5/0.100
  encapsulation dot1Q 100
  bridge-group 100
  bridge-group 100 subscriber-loop-control
  bridge-group 100 spanning-disabled
  bridge-group 100 block-unknown-source
  no bridge-group 100 source-learning
  no bridge-group 100 unicast-flooding
  interface Vlan1
  no ip address
  bridge-group 1
  bridge-group 1 spanning-disabled
  interface Vlan20
  ip address 10.10.10.1 255.255.255.0
  interface Vlan100
  no ip address
  bridge-group 100
  bridge-group 100 spanning-disabled
  interface BVI1
  description $FW_INSIDE$
  no ip address
  ip nat inside
  ip virtual-reassembly in
  shutdown
  interface BVI100
  description $FW_INSIDE$
  ip address 10.1.3.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly in
  ip forward-protocol nd
  ip http server
  ip http authentication local
  ip http secure-server
  ip http path flash:/gui
  ip dns server
  ip nat inside source list 1 interface FastEthernet0/0 overload
  ip route 0.0.0.0 0.0.0.0 192.168.101.1
  ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0
  logging esm config
  access-list 1 remark SDM_ACL Category=2
  access-list 1 permit 192.168.10.0 0.0.0.255
  access-list 1 permit 10.1.3.0 0.0.0.255
  access-list 1 permit 10.1.10.0 0.0.0.3
  access-list 100 remark auto generated by SDM firewall configuration
  access-list 100 remark SDM_ACL Category=1
  access-list 100 deny   ip 192.168.10.0 0.0.0.255 any
  access-list 100 deny   ip host 255.255.255.255 any
  access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 100 permit ip any any
  access-list 101 remark auto generated by SDM firewall configuration##NO_ACES_8##
  access-list 101 remark SDM_ACL Category=1
  access-list 101 permit tcp 10.1.3.0 0.0.0.255 eq 2000 any
  access-list 101 permit udp 10.1.3.0 0.0.0.255 eq 2000 any
  access-list 101 deny   ip 10.1.3.0 0.0.0.255 any
  access-list 101 deny   ip 192.168.10.0 0.0.0.255 any
  access-list 101 deny   ip 192.168.101.0 0.0.0.3 any
  access-list 101 deny   ip host 255.255.255.255 any
  access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 101 permit ip any any
  access-list 102 remark auto generated by SDM firewall configuration##NO_ACES_6##
  access-list 102 remark SDM_ACL Category=1
  access-list 102 deny   ip 10.1.10.0 0.0.0.3 any
  access-list 102 deny   ip 10.1.3.0 0.0.0.255 any
  access-list 102 deny   ip 192.168.101.0 0.0.0.3 any
  access-list 102 deny   ip host 255.255.255.255 any
  access-list 102 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 102 permit ip any any
  access-list 102 permit ip 192.168.101.0 0.0.0.3 any
  access-list 103 remark auto generated by SDM firewall configuration##NO_ACES_8##
  access-list 103 remark SDM_ACL Category=1
  access-list 103 permit tcp 10.1.10.0 0.0.0.3 any eq 2000
  access-list 103 permit udp 10.1.10.0 0.0.0.3 any eq 2000
  access-list 103 deny   ip 10.1.10.0 0.0.0.3 any
  access-list 103 deny   ip 192.168.10.0 0.0.0.255 any
  access-list 103 deny   ip 192.168.101.0 0.0.0.3 any
  access-list 103 deny   ip host 255.255.255.255 any
  access-list 103 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 103 permit ip any any
  access-list 105 permit ip any any
  snmp-server community public RO
  tftp-server flash:/phones/521_524/cp524g-8-1-17.bin alias cp524g-8-1-17.bin
  tftp-server flash:/phones/5x5/spa5x5-7-1-3c.bin alias spa5x5-7-1-3c.bin
  tftp-server flash:/phones/525/spa525g-7-4-8.bin alias spa525g-7-4-8.bin
  control-plane
  bridge 1 route ip
  bridge 100 route ip
  voice-port 0/0/0
  cptone GB
  station-id name Cordless
  station-id number 329
  caller-id enable
  voice-port 0/0/1
  cptone AE
  caller-id enable
  voice-port 0/0/2
  cptone AE
  caller-id enable
  voice-port 0/0/3
  cptone AE
  caller-id enable
  voice-port 0/1/0
  trunk-group ALL_FX0 64
  translation-profile incoming INCOMING_CallerID_PROFILE
  supervisory disconnect dualtone mid-call
  supervisory custom-cptone UAE-CUSTOM
  input gain 14
  cptone GB
  connection plar opx 511
  impedance 600c
  description Configured by CCA 4FXO-0/1/0-Custom-BG
  bearer-cap Speech
  caller-id enable
  voice-port 0/1/1
  trunk-group ALL_FX0 64
  translation-profile incoming INCOMING_CallerID_PROFILE
  supervisory disconnect dualtone mid-call
  supervisory custom-cptone UAE-CUSTOM
  input gain 14
  cptone GB
  connection plar opx 511
  impedance 600c
  description Configured by CCA 4 FXO-0/1/1-Custom-BG
  bearer-cap Speech
  caller-id enable
  voice-port 0/1/2
  trunk-group ALL_FX0 64
  translation-profile incoming INCOMING_CallerID_PROFILE
  supervisory disconnect dualtone mid-call
  supervisory custom-cptone UAE-CUSTOM
  supervisory dualtone-detect-params 1
  input gain 14
  cptone GB
  connection plar opx 511
  impedance 600c
  description Configured by CCA 4 FXO-0/1/2-Custom-BG
  bearer-cap Speech
  caller-id enable
  voice-port 0/1/3
  trunk-group ALL_FX0 64
  translation-profile incoming INCOMING_CallerID_PROFILE
  supervisory disconnect dualtone mid-call
  supervisory custom-cptone UAE-CUSTOM
  input gain 14
  cptone GB
  connection plar opx 511
  impedance 600c
  description Configured by CCA 4 FXO-0/1/3-Custom-BG
  bearer-cap Speech
  caller-id enable
  voice-port 0/4/0
  auto-cut-through
  signal immediate
  input gain auto-control -15
  description Music On Hold Port
  sccp local Loopback0
  sccp ccm 10.1.3.1 identifier 1 version 4.0
  sccp
  sccp ccm group 1
  associate ccm 1 priority 1
  associate profile 1 register confprof1
  dspfarm profile 1 conference 
  description DO NOT MODIFY, active CCA conference profile - CCA2.0 codec729
  codec g711ulaw
  codec g711alaw
  codec g729ar8
  codec g729abr8
  codec g729r8
  codec g729br8
  maximum sessions 2
  associate application SCCP
  dial-peer cor custom
  name internal
  name local
  name local-plus
  name international
  name national
  name national-plus
  name emergency
  name toll-free
  dial-peer cor list call-internal
  member internal
  dial-peer cor list call-local
  member local
  dial-peer cor list call-local-plus
  member local-plus
  dial-peer cor list call-national
  member national
  dial-peer cor list call-national-plus
  member national-plus
  dial-peer cor list call-international
  member international
  dial-peer cor list call-emergency
  member emergency
  dial-peer cor list call-toll-free
  member toll-free
  dial-peer cor list user-internal
  member internal
  member emergency
  dial-peer cor list user-local
  member internal
  member local
  member emergency
  member toll-free
  dial-peer cor list user-local-plus
  member internal
  member local
  member local-plus
  member emergency
  member toll-free
  dial-peer cor list user-national
  member internal
  member local
  member local-plus
  member national
  member emergency
  member toll-free
  dial-peer cor list user-national-plus
  member internal
  member local
  member local-plus
  member national
  member national-plus
  member emergency
  member toll-free
  dial-peer cor list user-international
  member internal
  member local
  member local-plus
  member international
  member national
  member national-plus
  member emergency
  member toll-free
  dial-peer voice 1 pots
  port 0/0/0
  no sip-register
  dial-peer voice 2 pots
  port 0/0/1
  no sip-register
  dial-peer voice 3 pots
  port 0/0/2
  no sip-register
  dial-peer voice 4 pots
  port 0/0/3
  no sip-register
  dial-peer voice 5 pots
  description ** MOH Port **
  destination-pattern ABC
  port 0/4/0
  no sip-register
  dial-peer voice 50 pots
  description ** incoming dial peer **
  incoming called-number ^AAAA$
  port 0/1/0
  dial-peer voice 51 pots
  description ** incoming dial peer **
  incoming called-number ^AAAA$
  port 0/1/1
  dial-peer voice 52 pots
  description ** incoming dial peer **
  incoming called-number ^AAAA$
  port 0/1/2
  dial-peer voice 53 pots
  description ** incoming dial peer **
  incoming called-number ^AAAA$
  port 0/1/3
  dial-peer voice 54 pots
  description ** FXO pots dial-peer **
  destination-pattern A0
  port 0/1/0
  no sip-register
  dial-peer voice 55 pots
  description ** FXO pots dial-peer **
  destination-pattern A1
  port 0/1/1
  no sip-register
  dial-peer voice 56 pots
  description ** FXO pots dial-peer **
  destination-pattern A2
  port 0/1/2
  no sip-register
  dial-peer voice 2000 voip
  description ** cue voicemail pilot number **
  destination-pattern 388
  b2bua
  session protocol sipv2
  session target ipv4:10.1.10.1
  voice-class sip outbound-proxy ipv4:10.1.10.1 
  dtmf-relay rtp-nte
  codec g711ulaw
  no vad
  dial-peer voice 6 pots
  description "catch all dial peer for BRI/PRI"
  translation-profile incoming nondialable
  incoming called-number .%
  direct-inward-dial
  dial-peer voice 57 pots
  description ** FXO pots dial-peer **
  destination-pattern A3
  port 0/1/3
  no sip-register
  dial-peer voice 69 pots
  destination-pattern 329
  port 0/0/0
  dial-peer voice 300 pots
  trunkgroup ALL_FX0
  description Local Numbers
  destination-pattern 9T
  forward-digits 9
  dial-peer voice 301 voip
  destination-pattern 2..
  session target ipv4:192.168.201.2
  dial-peer voice 303 pots
  trunkgroup ALL_FXO
  trunkgroup ALL_FX0
  description **InternationalCall**
  destination-pattern 88T
  dial-peer voice 304 pots
  trunkgroup ALL_FX0
  description *EM1*
  destination-pattern 9[1-9]T
  forward-digits 3
  dial-peer voice 302 pots
  trunkgroup ALL_FX0
  description **Mobiles**
  destination-pattern 9.[0-9].[0-9]......
  dial-peer voice 305 pots
  trunkgroup ALL_FX0
  description **800-**
  destination-pattern 9[0-9][0-9][0-9]T
  no dial-peer outbound status-check pots
  telephony-service
  sdspfarm conference mute-on 111 mute-off 222
  sdspfarm units 5
  sdspfarm tag 1 confprof1
  conference hardware
  video
  fxo hook-flash
  max-ephones 40
  max-dn 300
  ip source-address 10.1.3.1 port 2000
  max-redirect 20
  auto assign 1 to 1 type bri
  calling-number initiator
  service phone videoCapability 1
  service phone webAccess 0
  service dnis overlay
  service dnis dir-lookup
  timeouts interdigit 5
  system message American Center
  url services http://10.1.10.1/voiceview/common/login.do
  url authentication http://10.1.10.2/CCMCIP/authenticate.asp 
  load 521G-524G cp524g-8-1-17
  load 525G spa525g-7-4-8
  load 501G spa5x5-7-1-3c
  load 502G spa5x5-7-1-3c
  load 504G spa5x5-7-1-3c
  load 508G spa5x5-7-1-3c
  load 509G spa5x5-7-1-3c
  time-zone 35
  date-format dd-mm-yy
  voicemail 388
  max-conferences 8 gain -6
  call-forward pattern .T
  call-forward system redirecting-expanded
  hunt-group logout HLog
  moh MOH2.wav
  multicast moh 239.10.16.16 port 2000
  web admin system name cisco secret 5 $1$iDgA$MKNi2RWfsO0KjuC82kgLJ1
  dn-webedit
  time-webedit
  transfer-system full-consult dss
  transfer-pattern 9.T
  transfer-pattern .T
  secondary-dialtone 9
  fac standard
  create cnf-files version-stamp 7960 Aug 29 2012 12:00:04
  line con 0
  privilege level 15
  logging synchronous
  no modem enable
  line aux 0
  line 2
  no activation-character
  no exec
  transport preferred none
  transport input all
  line vty 0 4
  exec-timeout 0 0
  logging synchronous
  login local
  transport input all
  line vty 5 100
  login local
  transport input all
  ntp master
  end
  Some of the output are not shown becaus it is to long I have attach the  whole config for reference and any advice on how could I optimize and  resolve my issues is greatly appreciated. Thanks

  Nicolo - First off this stuff gets crazy sometimes.  No worries about the exam.  Sometimes when FXO ports go crazy it is due to battery reversal.  If you go to the FXO port settings try turning battery reversal on and or off... depending on its current setting.  See if that helps. 
  As for the 525s not registering..  These are inside the network correct?  Are you connecting one directly to the UC500 with a Cat5E or Cat6 patch cable and the same thing happens?  Does the MAC address on the phone match a MAC address under the EPHONE settings? 
  If you telnet into the UC500 can you execute a "dir" command at the CLI prompt and "CD" (change directory) into the phones folder and then the spa525g folder?  Do files exist in there? 
  Also I only see an IP address under BVI100?  This is the voice side of things what happened to the IP address under BVI1 (Data VLAN).  Can you give us some information about the internal network?  Cna you PING this phone system from the network?  What IP address does it have?

• Help - Can't get WebAccess to work

  Hi,
  One of my GroupWise servers crashed Sunday night. It had a domain,
  GWIA, WebAccess, and GWAVA on it. I built a new server with Netware
  6.5 sp8 (default instal). Reinstalled the MTA, GWIA, and GWAVA with no
  problems. WebAccess said it intalled successfully and its modules load
  fine but when I browse to http://10.25.1.10/gw/webass I get a message
  back saying "Problem Loading Page".
  At first glance, I thought it to be an Apache problem. But if I go to
  here: http://10.25.1.10:7211/ I get a web page. Also GWAVA's web pages
  also work on the same server.
  When I look at the Apace "Startup.err" log I see
  SYS:\\APACHE2\\APACHE2.NLM: could not open document config file
  SYS:/apache2/conf/httpd.conf.
  When I look at the error_log I see: "[Sun Jan 16 23:26:49 2011]
  [notice] Apache/2.0.63 (NETWARE) mod_jk/1.2.23 configured -- resuming
  normal operations
  [Sun Jan 16 23:42:11 2011] [notice] caught SIGTERM, shutting down
  Any one know how to resolve this?

  Richard Haynal <[email protected]> wrote:
  Resolved via Novell support.
  Just incase this happens to anyone else, the issue was Apache2 Web
  server was not installed. I did the "Default" install for my Netware
  server and it did load the Apchae2 Admin server so there was an
  "Apache2" directory. That was not the Apache2 WebAccess needs. I
  needed to go back and load Apache2 Webserver from the server console
  and then did a re-install of WebAccess.
  All works now.
  >Hi,
  >
  >One of my GroupWise servers crashed Sunday night. It had a domain,
  >GWIA, WebAccess, and GWAVA on it. I built a new server with Netware
  >6.5 sp8 (default instal). Reinstalled the MTA, GWIA, and GWAVA with no
  >problems. WebAccess said it intalled successfully and its modules load
  >fine but when I browse to http://10.25.1.10/gw/webass I get a message
  >back saying "Problem Loading Page".
  >
  >At first glance, I thought it to be an Apache problem. But if I go to
  >here: http://10.25.1.10:7211/ I get a web page. Also GWAVA's web pages
  >also work on the same server.
  >
  >When I look at the Apace "Startup.err" log I see
  >SYS:\\APACHE2\\APACHE2.NLM: could not open document config file
  >SYS:/apache2/conf/httpd.conf.
  >
  >When I look at the error_log I see: "[Sun Jan 16 23:26:49 2011]
  >[notice] Apache/2.0.63 (NETWARE) mod_jk/1.2.23 configured -- resuming
  >normal operations
  >[Sun Jan 16 23:42:11 2011] [notice] caught SIGTERM, shutting down
  >".
  >
  >Any one know how to resolve this?

• Restricting access to the Admin WebConsole of WebAccess 2012

  Hi,
  With the new WebAccess 2012 web application, the console is now a WebConsole that can be accessed by the URL http://<server>/gw/webacc?action=Admin.Open
  I search the KB, the documentation and now this forum, looking for a way to restrict access to my precious WebAccess Console. No luck! (Only one thread ask for a similar solution restrict admin tool based on ip with no solution provided so far)
  Humm So we are only 2 guys in the Groupwise community concern with security in those days? No engineer at Novell ask himself if exposing an Admin console to the Whole Internet is a good idea?
  Furthermore, login (successes and failures) to the Webconsole are not written to log files. So I cannot even monitor if my WebConsole is under a brute force attack!
  Here some technical information to consider:
  1) I have Groupwise 2012 SP2 running under Windows 2008 R2
  2) Since the Admin Webconsole is hosted under the same web site as WebAccess, I cannot restrict access to the URL http://<server>/gw/webacc?action=Admin.Open without blocking at the same time access to WebAccess using firewall or IIS rule.
  3) I do not want to use IPS to restrict access to this URL
  Truly

  Francois, Just FYI the "green dots" are only accumulated by forum users taking the time to rate Laura's answers. She has no control over them and they speak for themselves. I've asked Knowledge partners to put the bit about rating in their signatures, it wasn't Laura's idea. Just FYI Laura also has the highest feedback scores out of all her peers in the program which also says something about her interactions here in the forums. As was pointed out, Laura is not a Novell employee, just another Novell user trying her best to stay on top of the issues and taking time out of her busy day to try to help other forum users. Nobody is going to be right 100% of the time. Please refrain from petty personal attacks in the future.
  I suggest you take the time to read the forum Terms of Service: https://forums.novell.com/faq.php?faq=novfor#faq_rules where it states clearly:
  Offensive Messages: Messages personally attacking, calling names, or otherwise harassing or being condescending to another forum member or any ethnic or religious group will be deleted. Offensive and/or vulgar language is not appropriate for Novell sponsored forums.
  Your message was offensive, personally attacking, condescending and was deleted as per the forum terms and conditions. I wouldn't be surprised if the volunteers around here were a bit slower to respond to any issue you may post here in the future.

• Messages are invisible in webaccess

  We've got a mailbox that looks just fine in the Windows client, but in
  webaccess, it appears to be empty.
  This began last week as a situation where only some messages were
  invisible. Messages in any folder that was free of mail dated 1/28/15
  (the date when it all started) could still be seen in webaccess. In
  fact, a couple of folders in the cabinet each had a message from that
  date, and all mail could be seen therein. But as time went on, all the
  mail became invisible to webaccess.
  Moving all the inbox mail from the "bad" date into a separate folder did
  not restore visibility to the inbox.
  All the analyze/fix GWChecks that I have run indicate no problems. I
  noted at one point that there were two entries for "All Users" in its
  proxy access list, so it got the /proxyfix option during one of those
  gwcheck passes, and that cleared up that little issue.
  This particular mailbox is a fairly important means of contact with our
  customers, so I have to be pretty careful with it. It's also important
  that it be usable via webaccess, so declaring "you have to use the
  client" isn't really an option.

  On 2/18/2015 11:55 AM, Andy Konecny wrote:
  > In article <Kq8Dw.4118$[email protected] m>, Mary
  > Wood wrote:
  >> The folders were in proper order, but I reshuffled them anyway at your
  >> suggestion just to see if anything would shake loose.
  >
  > The way to be really sure and fix this at the same time is a contents
  > check on the user with resfldr in the misc field.
  >
  > Perhaps a Reset Client Options would do the trick.
  >
  > Is this problem just the one user or does it effect many?
  >
  >
  >
  > Andy of
  > http://KonecnyConsulting.ca in Toronto
  > Knowledge Partner
  > http://forums.novell.com/member.php/75037-konecnya
  > If you find a post helpful and are logged in the Web interface, please
  > show your appreciation by clicking on the star below. Thanks!
  >
  Ha! I just discovered it seems to have fixed itself! Andy, I had done
  both of those repairs last week, to no immediate effect. However, some
  combination of deleting messages (in the ordinary course of business)
  and the scheduled maintenance routines seems to have done the trick. I
  certainly hope that's the last we see of this little nugget of trouble!

• Securing webaccess with ssl

  OK, I will admit right now I don't fully understand how
  webaccess and ssl works. In my current setup I used a
  self-signed key generated and stored in eDir. This key is
  used in httpd.conf like:
  SecureListen xxx.yyy.zzz.1:443 "SSL Certificate"
  I know have my freshly minted ssl cert (filename.crt) from
  my CA. GHow the heck do I use it. I have search the TIDs
  and Documentation with no luck, although I may not know
  exactly what to look for.
  Can someone either point me towards the correct docs or
  otherwise instruct on how to set this up???
  Much thanks, Chris.

  OK, figured this one out. What is confusing is that in the
  webaccess gateway there is an option to secure the gateway.
  To the unfamiliar this would be the spot to add the
  certificate. However, after doing more investigation I
  realized that the ssl connection to the user is handled by
  apache.
  Now the apache setup is fairly straight forward provided
  your CA issue you a certificate in pfx or p12 format. If
  they issue a PEM certificate, then you have some dancing to
  do. Luckily openssl helped here and I was able to convert
  the certificate to pfx.
  Chris
  >>> On 7/16/2009 at 11:55 AM, in message
  <4A5F15AB.CE15.0032.0@N0_$pam.vrapc.com>,
  Chris<cmosentine@N0_$pam.vrapc.com> wrote:
  > OK, I will admit right now I don't fully understand how
  > webaccess and ssl works. In my current setup I used a
  > self-signed key generated and stored in eDir. This key
  > is
  > used in httpd.conf like:
  >
  > SecureListen xxx.yyy.zzz.1:443 "SSL Certificate"
  >
  > I know have my freshly minted ssl cert (filename.crt)
  > from
  > my CA. GHow the heck do I use it. I have search the
  > TIDs
  > and Documentation with no luck, although I may not know
  > exactly what to look for.
  >
  > Can someone either point me towards the correct docs or
  > otherwise instruct on how to set this up???
  >
  > Much thanks, Chris.

• Unable to load the support DLL (webaccess setup)

  Hi,
  I'm installing GW8 SP2 HP3. So far I've installed the domain, PO and GWIA. They work just fine. Now I'm trying to install the WebAccess agent. When I run the setup I receive the following error message:
  Unable to load the support DLL:
  C:\Users\USERNAME\AppData\Local\Temp\2\{ad3aed10-0f09-11d3-93d8-0008c7392dd7}\WAZAGB32.DLL
  When I go to that temp location, the files are all there, including the above mentioned DLL. In my forum searches I found similar messages, but they were all caused by a missing Novell Client. I have the Novell Client 2 SP1 installed. I even installed the latest IR9 update to see if that helped.
  I installed the previous hotpatch just fine (GW8SP2HP2). When I try to run the old hotpatch webaccess installer, it fails with the same error. So obviously something changed between the time I installed the previous and this hotpatch on my system. I just can't figure out what.
  Does anyone have an idea as to what might be causing this error?
  I'm running on Windows Server 2008 R2 SP1

  iwan,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://forums.novell.com/

• Webaccess uses 100% cpu

  groupwise 7.02
  webaccess on separate box with linux apache tomcat 5
  Occassionally the webserver with webaccess is slow, 100 cpu % usage.
  After stopping/ starting everything is back to normal.
  We found at that opening certian mails in de webinterface will cause 100% cpu usage. The user is unable to open the mail and gets a 503 error. The user has to close and restart his browser to get it working again.
  Further investigation showed that this behaviour occurs when opening a mail which is composed with Word 2007. The mail is in html format and contains a lot of xmlns lines.
  The problem can easily be reproduced.
  Roland

  crb57,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Safari won't display Microsoft Outlook WebAccess pages correctly

  Hi,
  The scroll bars are all messed up when displaying MS outlook webaccess pages. It works fine in firefox, is there any solution to this.
  Also my companies SAP portal pages have the same issue.
  What gives with Safari....
  Mark.

  post a screenshotof it, upload it to an image hosting place such as photobucket or imageshack.us
  because i think i might know what your talking about and want to see if its the same issue i experience with various sites.
  safari itself is NOT up to standard and apple developers are aware of this, their color renderings, font display and website coding/rendering are a tad behind wiht the new current of browser standards.
  might also try the webkits available to see if that resolves the issue.