Wlp10/wls10: Remote access to Portal Customization

Similar Messages

• Is there a way of remote accessing 'Games and More' on a mobile?

  I am new to the forum, please excuse me if I am in the wrong space!
  Is there a way of remotely accessing/executing Java applications that are residing in the 'Games and More.' folder on a mobile device?
  e.g. Java application is downloaded into 'Games and More' and there is a requirement to execute the program from an ODP (On-Device-Portal). The ODP is external to the 'Games and More' folder but within the same mobile device.
  Many thanks
  Ian

  IVM wrote:
  Is there a way of remotely accessing/executing Java applications that are residing in the 'Games and More.' folder on a mobile device? No.
  db

• Accessing multiple portals at the same time?

  Is it possible to access multiple portals at the same time?
  For example, what I want to achieve is different properties (layout,
  portlets, look & feel) for different groups of users accessing the same
  portal. The Associated Groups part on the Portal admin page is not
  fulfilling our requirements. So we decided to have different portals for
  different groups of users, all working through one portal, and accessing
  their custom portals. Is this achievable?
  What we are thinking is: put the common functionality in the repository
  portal directory, and the custom portlets/jsps in the group-specific portal
  directories. This way we can customize portal behavior for different groups
  of users. Is this achievable?
  Thanks.
  Amit

  You have to user respective DRILL commands present in WAD to configure the drill operations on multiple characteristics...

• Remote access and network services problem

  I have a Mac Pro with two IP configs:
  Ethernet 1: 69.##.##.## /255.255.255.248 [hidden for public forum security]
  Ethernet 2: 10.0.0.20/255.255.255.0
  My primary needs:
  Able to remotely access the Mac via Remote Desktop using the public IP. Local LAN connectivity using 10.##.##.##.
  Setup:
  I have a 10 public IP address from my ISP and using one of the 10 now. Everything pings OK.
  Question:
  How can I customize the network service so that I can select the Ethernet 1 or Ethernet 2 port to use? So far it forces me select Ethernet 1 for all of the services selected. I'd like to use FTP & Web Server & Remote Access on the Ethernet 2 (public). The rest is LAN. I notice that Appletalk is only allowable on a single IP.
  Quick experiment with the Internet sharing using Ethernet 2 (public) to Ethernet 1 failed to provide the desired forwarding result.
  Mac Pro   Mac OS X (10.4.9)  

  I think you need to go further into the settings and define FTP etc. to the specific Ethernet. There are also settings Automatic and where you define your connection. I have a 3 inch book that I will look at to see if they address it. I to plan to do something similar, but haven't got there yet.
  Michael

• Ise 1.2, cannot access guest portal

  I upgraded from 1.1.4 patch 3 to 1.2 but cannot access guest portal anymore nor with FQDN:8443 nor with IP:8443
  any idea?

  I had attached the steps to configure the guest portal and hope will address the problem.
  Configuring the Guest Portal
  Adding a New Guest Portal You must configure settings for the Guest portal before allowing guests to use it to access the network. Some settings apply globally to all Guest portals and other require you to set them for each portal individually.
  You can add a new Guest portal or edit an existing one.
  Step 1Choose Administration > Web Portal Management > Settings > Guest > Multi-Portal Configurations.
  Step 2Click Add.
  Step 3Update the fields on each of these tabs:
  •General—enter a portal name and description and choose a portal type.
  •Operations—enable the customizations for the specific portal
  •Customization—choose a language template for displaying the Guest portal with localized content
  •File Uploads—displays only if you have chosen a portal type requiring you to upload custom HTML files.
  •File Mapping— identify and choose the HTML files uploaded for the particular guest pages. Displays only if you have chosen a portal type requiring you to upload custom HTML files.
  •Authentication—indicate how users should be authenticated during guest login.
  Step 4Click Submit.
  Specifying Ports and Ethernet Interfaces for End-User Portals
  You can specify the port used for each web portal allowing you to use different ports for the end-user portals: Sponsor, Guest (and Client Provisioning), My Devices, and Blacklist portals. The Client Provisioning portal uses ports 8905 and 8909 for posture assessments and remediation, which you cannot change. Otherwise, it uses the same ports assigned to the Guest portal.
  You can also partition portal traffic to specific Gigabit Ethernet interfaces. For example, you might not want the Admin portal (which always uses GigabitEthernet 0) available on the same network as guest users or employee devices.
  Step 1Choose Administration > Web Portal Management > Settings > General > Ports.
  Step 2Enter the port value in the HTTPS Port field for each portal. By default, the Sponsor, Guest, My Devices portals use 8443, and the Blacklist portal uses port 8444.
  Step 3Check the Gigabit Ethernet interfaces you want to enable for each portal.
  Step 4Click Save.
  If you have changed the port settings, all nodes (Administration, Policy Services, and Monitoring) restart automatically, which may take several hours to complete.
  Tips for Assigning Ports and Ethernet Interfaces
  •All port assignments must be between 8000-8999. This port range restriction is new in Cisco ISE 1.2. If you upgraded with port values outside this range, they are honored until you make any change to this page. If you make any change to this page, you must update the port setting to comply with this restriction.
  •You must assign the Blacklist portal to use a different port than the other end-user portals.
  •Any portals assigned to the same HTTPS port also use the same Ethernet interfaces. For example, if you assign both the Sponsor and My Devices portals to port 8443, and you disable GigabitEthernet 0 on the Sponsor portal, that interface is also automatically disabled for the My Devices portal.
  •You must configure the Ethernet interfaces using IP addresses on different subnets. Refer to these guidelines to help you decide how best to assign ports and Ethernet interfaces to the end-user portals:
  Specifying the Fully Qualified Domain Name for Sponsor and My Devices Portals
  You can set the Sponsor and My Devices portals to use an easy-to-remember fully-qualified domain names (FQDN), such as: mydevices.companyname.com or sponsor.companyname.com. Alternatively, Cisco ISE also supports wildcard certificates to address certificate name mismatch issues. You must configure DNS to resolve to at least one policy services node. If you have more than one policy services node that will provide portal services, you should configure high availability for the portal. For example, you could use a load balancer or DNS round-robin services.
  Before You Begin
  Step 1Choose Administration > Web Portal Management > Settings > General > Ports.
  Step 2Scroll to the Portal FQDNs section, and check the appropriate setting:
  •Default Sponsor Portal FQDN
  •Default My Devices Portal FQDN
  Step 3Enter a fully qualified domain name.
  Step 4Click Save, and all nodes (Administration, Policy Services, and Monitoring) restart automatically, which may take several hours to complete.
  Step 5Configure the network DNS server so that it resolves the FQDN to the Sponsor or My Devices portal nodes. You must also update DNS to ensure the FQDN of the new URL resolves to a valid policy service node IP address. Additionally, to avoid certificate warning messages due to name mismatches, you should also include the FQDN of the customized URL in the subject alternative name (SAN) attribute of the local server certificate of the Cisco ISE policy service node.

• ACCESS with PORTAL

  Hi All,
  Can we integrate an ACCESS application with Oracle Portal? If so, can any one guide me through the process?
  Thanks
  Raj

  From web.xml ..
  <servlet-mapping>
  <servlet-name>AppManagerServlet</servlet-name>
  <url-pattern>/appmanager/*</url-pattern>
  </servlet-mapping>
  Cheers
  Dennis
  Karthi wrote:
  Sorry Chris,
  I don't get you.
  What do you mean "any thing" also ?
  How do we manage the appmanager URL mapping in web.xml ?
  Please explain in bit detail
  Thanks,
  Karthi.
  "Chris Jolley" <[email protected]> wrote in message
  news:4086f3f3$[email protected]..
  you can use either one in production. .portal files are not just fordevelopment
  the only difference is your end users or admins cant customize them
  as far as the long urls, are you worries aboutwebappname/appmanager/portalpath/desktopath
  being too long?
  Some things that might help
  -you can make your webapp name anything you like
  -appmanager can be anything also just change your web.xml
  -portal path can be anything also,
  -desktop path you can get rid of by specifying a URI for the portal thatjust
  forwards you to
  a default desktop.
  "Karthi" <[email protected]> wrote:
  Hi all,
  As of docs, I came to know that the portal can be access by .portal file
  during the development.
  And using appmanager in producation . Is my understanding right?
  If so, what is the recommended way to manage the long urls?
  I mean to ask how efficiently we can use the PathTrim directive of apache
  to
  achive this.
  Or is there a better way.
  Thanks,
  Karthi

• Remote Access VPN Clients Cannot Access inside LAN

  I have been asked to set up remote access VPN on an ASA 5505 that I previously had no invlovement with.  I have set it up the VPN using the wizard, they way I normally do, but the clients have no access to anything in the inside subnet, not even the inside interface IP address of the ASA.  Thay can ping each other.  The remote access policy below that I am working on is labeled VPNPHONE, address pool 172.16.20.1-10.  I do not need split tunneling to be enabled.  The active WAN interface is the one labeled outside_cable.
  : Saved
  ASA Version 8.2(1)
  hostname ASA5505
  domain-name default.domain.invalid
  enable password eelnBRz68aYSzHyz encrypted
  passwd eelnBRz68aYSzHyz encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.100.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  pppoe client vpdn group dataDSL
  ip address 76.244.75.57 255.255.255.255 pppoe
  interface Vlan3
  nameif dmz
  security-level 50
  ip address 192.168.9.1 255.255.255.0
  interface Vlan10
  nameif outside_cable
  security-level 0
  ip address 50.84.96.178 255.255.255.240
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  switchport access vlan 10
  interface Ethernet0/2
  switchport access vlan 3
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  ftp mode passive
  clock timezone CST -6
  clock summer-time CDT recurring
  dns server-group DefaultDNS
  domain-name default.domain.invalid
  same-security-traffic permit intra-interface
  object-group service Netbios udp
  port-object eq 139
  port-object eq 445
  port-object eq netbios-ns
  object-group service Netbios_TCP tcp
  port-object eq 445
  port-object eq netbios-ssn
  object-group network DM_INLINE_NETWORK_1
  network-object host 192.168.100.177
  network-object host 192.168.100.249
  object-group service Web_Services tcp
  port-object eq ftp
  port-object eq ftp-data
  port-object eq www
  port-object eq https
  object-group network DM_INLINE_NETWORK_10
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_11
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_2
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_3
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_4
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_5
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_6
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_7
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_8
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network DM_INLINE_NETWORK_9
  network-object host 192.168.9.10
  network-object host 192.168.9.4
  object-group network VPN
  network-object 192.168.255.0 255.255.255.0
  access-list outside_access_in extended permit icmp any host 76.244.75.61
  access-list outside_access_in extended permit tcp any host 76.244.75.61 eq ftp
  access-list outside_access_in extended permit tcp any host 76.244.75.61 eq ftp-data
  access-list outside_access_in extended permit tcp any host 76.244.75.62 eq www
  access-list outside_access_in extended permit tcp any host 76.244.75.62 eq https
  access-list outside_access_in extended permit tcp any host 76.244.75.59 eq www
  access-list outside_access_in extended permit tcp any host 76.244.75.59 eq https
  access-list outside_access_in extended permit tcp any host 76.244.75.60 eq www
  access-list outside_access_in extended permit tcp any host 76.244.75.60 eq https
  access-list outside_access_in extended permit tcp any host 76.244.75.58 eq www
  access-list outside_access_in extended permit tcp any host 76.244.75.58 eq https
  access-list dmz_access_in remark Quickbooks
  access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_6 host 192.168.100.5 eq 56719
  access-list dmz_access_in remark Quickbooks range
  access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_7 host 192.168.100.5 range 55333 55337
  access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_8 host 192.168.100.5 eq 1434
  access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_9 host 192.168.100.5 eq 49398
  access-list dmz_access_in remark QB
  access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_10 host 192.168.100.5 eq 8019
  access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_2 host 192.168.100.5 eq 2638
  access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_11 host 192.168.100.5 object-group Netbios
  access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_3 host 192.168.100.5 object-group Netbios_TCP
  access-list dmz_access_in extended deny ip host 192.168.9.4 host 192.168.100.5 inactive
  access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_4 any
  access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_5 any
  access-list dmz_access_in remark Printer
  access-list dmz_access_in extended permit ip 192.168.9.0 255.255.255.0 object-group DM_INLINE_NETWORK_1
  access-list dmz_access_in extended permit tcp 192.168.9.0 255.255.255.0 any object-group Web_Services
  access-list dmz_access_in extended permit udp 192.168.9.0 255.255.255.0 any eq domain
  access-list dmz_access_in extended permit icmp 192.168.9.0 255.255.255.0 192.168.255.0 255.255.255.0 echo-reply
  access-list dmz_access_in extended permit icmp 192.168.9.0 255.255.255.0 192.168.100.0 255.255.255.0 echo-reply log disable
  access-list dmz_access_in remark QB probably does not need any udp
  access-list dmz_access_in extended permit udp host 192.168.9.4 host 192.168.100.5 eq 55333 inactive
  access-list dmz_access_in remark QB included in other rule range
  access-list dmz_access_in extended permit tcp host 192.168.9.4 host 192.168.100.5 eq 55333 inactive
  access-list dmz_access_in remark May be required for Quickbooks
  access-list dmz_access_in extended permit icmp host 192.168.9.4 host 192.168.100.5
  access-list CAD_capture extended permit ip host 192.168.9.4 host 192.168.100.5
  access-list CAD_capture extended permit ip host 192.168.100.5 host 192.168.9.4
  access-list inside_nat0_outbound extended permit ip any 192.168.255.0 255.255.255.0
  access-list inside_nat0_outbound extended permit ip any 192.168.255.0 255.255.255.240
  access-list inside_nat0_outbound extended permit ip any 172.16.10.0 255.255.255.240
  access-list inside_nat0_outbound extended permit ip any 172.16.20.0 255.255.255.240
  access-list cad_supplies_RAVPN_splitTunnelAcl standard permit 192.168.100.0 255.255.255.0
  access-list cad_supplies_RAVPN_splitTunnelAcl standard permit 192.168.9.0 255.255.255.0
  access-list dmz_nat0_outbound extended permit ip any 192.168.255.0 255.255.255.0
  access-list outside_cable_access_in extended permit icmp any host 50.84.96.182
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.182 eq ftp
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.182 eq ftp-data
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.183 eq www
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.183 eq https
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.180 eq www
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.180 eq https
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.181 eq www
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.181 eq https
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.179 eq www
  access-list outside_cable_access_in extended permit tcp any host 50.84.96.179 eq https
  access-list Local_LAN_Access standard permit host 0.0.0.0
  access-list vpnusers_spitTunnelACL extended permit ip 192.168.100.0 255.255.255.0 any
  access-list nonat-in extended permit ip 192.168.100.0 255.255.255.0 172.16.20.0 255.255.255.0
  pager lines 24
  logging enable
  logging buffered informational
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  mtu dmz 1500 
  mtu outside_cable 1500
  ip local pool VPN_IP_range 192.168.255.1-192.168.255.10 mask 255.255.255.0
  ip local pool VPN_Phone 172.16.20.1-172.16.20.10 mask 255.255.255.0
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  nat-control
  global (outside) 10 interface
  global (outside_cable) 10 interface
  nat (inside) 0 access-list nonat-in
  nat (inside) 10 0.0.0.0 0.0.0.0
  nat (dmz) 0 access-list dmz_nat0_outbound
  nat (dmz) 10 0.0.0.0 0.0.0.0
  static (inside,outside) 76.244.75.62 192.168.100.25 netmask 255.255.255.255 dns
  static (dmz,outside) 76.244.75.61 192.168.9.123 netmask 255.255.255.255 dns
  static (dmz,outside) 76.244.75.59 192.168.9.124 netmask 255.255.255.255 dns
  static (dmz,outside) 76.244.75.58 192.168.9.4 netmask 255.255.255.255 dns
  static (inside,dmz) 192.168.100.0 192.168.100.0 netmask 255.255.255.0
  static (dmz,outside) 76.244.75.60 192.168.9.10 netmask 255.255.255.255 dns
  static (inside,outside_cable) 50.84.96.183 192.168.100.25 netmask 255.255.255.255 dns
  static (dmz,outside_cable) 50.84.96.182 192.168.9.123 netmask 255.255.255.255 dns
  static (dmz,outside_cable) 50.84.96.180 192.168.9.124 netmask 255.255.255.255 dns
  static (dmz,outside_cable) 50.84.96.179 192.168.9.4 netmask 255.255.255.255 dns
  static (dmz,outside_cable) 50.84.96.181 192.168.9.10 netmask 255.255.255.255 dns
  access-group outside_access_in in interface outside
  access-group dmz_access_in in interface dmz
  access-group outside_cable_access_in in interface outside_cable
  route outside_cable 0.0.0.0 0.0.0.0 50.84.96.177 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 192.168.1.0 255.255.255.0 inside
  http 192.168.100.0 255.255.255.0 inside
  http 204.107.173.0 255.255.255.0 outside
  http 204.107.173.0 255.255.255.0 outside_cable
  http 0.0.0.0 0.0.0.0 outside_cable
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_cable_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_cable_map interface outside_cable
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map inside_map interface inside
  crypto isakmp enable inside
  crypto isakmp enable outside
  crypto isakmp enable outside_cable
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 30
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  telnet 192.168.100.0 255.255.255.0 inside
  telnet timeout 5
  ssh 192.168.100.0 255.255.255.0 inside
  ssh 204.107.173.0 255.255.255.0 outside
  ssh 204.107.173.0 255.255.255.0 outside_cable
  ssh 0.0.0.0 0.0.0.0 outside_cable
  ssh timeout 15
  console timeout 0
  vpdn group dataDSL request dialout pppoe
  vpdn group dataDSL localname [email protected]
  vpdn group dataDSL ppp authentication pap
  vpdn username [email protected] password *********
  dhcpd address 192.168.100.30-192.168.100.99 inside
  dhcpd dns 192.168.100.5 68.94.156.1 interface inside
  threat-detection basic-threat
  threat-detection statistics port
  threat-detection statistics protocol
  threat-detection statistics access-list
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  webvpn
  group-policy DefaultRAGroup internal
  group-policy DefaultRAGroup attributes
  dns-server value 192.168.100.5
  vpn-tunnel-protocol IPSec l2tp-ipsec
  group-policy cad_supplies_RAVPN internal
  group-policy cad_supplies_RAVPN attributes
  vpn-tunnel-protocol IPSec
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value cad_supplies_RAVPN_splitTunnelAcl
  group-policy VPNPHONE internal
  group-policy VPNPHONE attributes
  dns-server value 192.168.100.5
  vpn-tunnel-protocol IPSec
  split-tunnel-policy excludespecified
  split-tunnel-network-list value Local_LAN_Access
  client-firewall none
  client-access-rule none
  username swinc password BlhBNWfh7XoeHcQC encrypted
  username swinc attributes
  vpn-group-policy cad_supplies_RAVPN
  username meredithp password L3lRjzwb7TnwOyZ1 encrypted
  username meredithp attributes
  vpn-group-policy cad_supplies_RAVPN
  service-type remote-access
  username ipphone1 password LOjpmeIOshVdCSOU encrypted privilege 0
  username ipphone1 attributes
  vpn-group-policy VPNPHONE
  username ipphone2 password LOjpmeIOshVdCSOU encrypted privilege 0
  username ipphone2 attributes
  vpn-group-policy VPNPHONE
  username ipphone3 password LOjpmeIOshVdCSOU encrypted privilege 0
  username ipphone3 attributes
  vpn-group-policy VPNPHONE
  username oethera password WKJxJq7L6wmktFNt encrypted
  username oethera attributes
  vpn-group-policy cad_supplies_RAVPN
  service-type remote-access
  username markh password nqH+bk6vj0fR83ai0SAxkg== nt-encrypted
  username markh attributes
  vpn-group-policy cad_supplies_RAVPN
  tunnel-group DefaultRAGroup general-attributes
  default-group-policy DefaultRAGroup
  tunnel-group DefaultRAGroup ipsec-attributes
  pre-shared-key *
  tunnel-group DefaultRAGroup ppp-attributes
  authentication ms-chap-v2
  tunnel-group cad_supplies_RAVPN type remote-access
  tunnel-group cad_supplies_RAVPN general-attributes
  address-pool VPN_IP_range
  default-group-policy cad_supplies_RAVPN
  tunnel-group cad_supplies_RAVPN ipsec-attributes
  pre-shared-key *
  tunnel-group VPNPHONE type remote-access
  tunnel-group VPNPHONE general-attributes
  address-pool VPN_Phone
  default-group-policy VPNPHONE
  tunnel-group VPNPHONE ipsec-attributes
  pre-shared-key *
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 1500
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:8b25ecc61861a2baa6d2556a3679cc7c
  : end

  Hi,
  You have your "group-policy" set so that you have excluding some networks from being tunneled.
  In this access-list named Local_LAN_Access you specify "0.0.0.0"
  Doesnt this mean you are excluding all networks from being tunneled? In other words no traffic goes to your tunnel.
  This access-list should only contain your local LAN network from where you are connecting with the VPN Client. If you dont need to access anything on your local LAN while having the VPN on, you don't even need this setting on. You could just tunnel all traffic instead of excluding some networks.
  - Jouni

• How to restrict access to portal based on entitlements.

  Hi,
  I am working on weblogic 8.1 portal project. i want to restrict the user to access
  the portal based on the entitlements. However when user try to login he is seeing
  Weblogic Error 403 forbidden page. How to display custom error page, instead of
  weblogic default error page.
  How to programatically check whether user has access to portal or not based on
  entitlements.
  Please give me code.
  regards,
  -chada-

  Chada,
  The 403 is by design. If you want to place a page in front of one or more
  portal desktops and only show links to desktops the current user is entitled
  to, review the attachment.
  -Phil
  "Chada" <[email protected]> wrote in message
  news:3fcd6969$[email protected]..
  >
  Hi,
  I am working on weblogic 8.1 portal project. i want to restrict the userto access
  the portal based on the entitlements. However when user try to login he isseeing
  Weblogic Error 403 forbidden page. How to display custom error page,instead of
  weblogic default error page.
  How to programatically check whether user has access to portal or notbased on
  entitlements.
  Please give me code.
  regards,
  -chada-[login.zip]

• Can't access to Portal Admin Console.

  Hi all,
  I'm working with WLP 10.2. I've created the ear-file (using maven) and deployed it on server (with Unix-system). The current application works well.
  My current task is a creation portal in streaming mode. Unfortunately I can't access to Portal Admin console for resolving task. I always retrieve "Error 404 (Not found)".
  As I know the admin-tools.war is responsible for Portal Admin Console. I've checked admin-tools.war is running on server (with status "Active").
  I'm using the next path for running Portal Admin Console: {serverhost:port}/{context root of admin-tools}/portal.portal.
  Maybe, Should I set up(correct) application.xml or weblogic.xml?
  Please let me know if you have any ideas.
  Thanks,
  Yuriy

  I think your URL is wrong, try with the following...
  http://{server:port}/{name_your_ear}Admin/portal.portal
  name_your_ear= The name of your Enterprise Application.
  For example,
  http://localhost:7001/DemosEarAdmin/portal.portal
  I hope this helps

• Internet Access to Portal located in DMZ

  I've seen questions on the forum regarding gaing Internet access to the Oracle Portal located in the DMZ. This answer does not resolve the issue of having multple DADs to access your portal like abc.com and xyz.com. For that see note:162044.1 on metalink. http://metalink.oracle.com.
  If you registered a domain name e.g. abc.com and have the portal up and running in the DMZ. Your local network should be accessing the portal just fine. Your computer name for example is portal. The URL translates into http://portal.abc.com. You opened the ports in the DMZ to allow access and wonder why you get partial portal pages, no login, etc. It's becase users can't resolve the DNS entry for portal.abc.com. Call your ISP and get an "A Record" entry. After a few hours and propogation of the A Record, users on the Internet can successfuly access your site. This A Record should be free.
  Good luck
  Kellan

  Hi,
    You've to open the ITS for internet for accessing things from Portal too. As I've told you in previous post, the request goes directly to ITS server   (http://itsserver.com/scripts..) and not as  (http://myportal.com/scripts..). The idea of having it via Portal will be to mask the URL of ITS , which will not be visible (except for time you click on iview which will display in status bar). In any case, you can directly acces ITS as what you've told, however you give the proxy.
  Regards,
  Siva
  P.S: Award points if you find this useful.

• How to access Sap portal login user in ejb web service

  Hi,
  I wnt to access SAP Portal login user in my ejb application which resides on the same server.
  I am using following code
  try {
       IUser user =null;                         IWDClientUser wdUser = WDClientUser.getCurrentUser();
                                user = wdUser.getSAPUser();
                           } catch (WDUMException e) {
                                // TODO Auto-generated catch block
                                e.printStackTrace();
  Some additional jar files are required for this?
  The same code works fine with webDynpro but not with ejb.
  Thanks in advance     
  Best regards,
  Nilesh

  Thanks for reply.
  I have already added com.sap.security.api in my EJB module project classpath. How to add the same in EJB application Project (application-j2ee-engine.xml)?
  Best regards,
  Nilesh

• How to access a Portal User Info from a J2EE application?

  Hi,
  I have deployed a j2ee application in portal and its running fine.
  from that application i need to assign some roles to some users.i have the user id.
  so my doubt is can i access the portal user info from this j2ee application?i have some servlets in the j2ee application....can i get the portal user info from this servlet?
  plz help me
  regards,
  Visweswar

  Hi,
  Please check out this to get the portal user information from Java -
  WdClientUser class/Interface to aciehve this.
  Please check out these links on the same -
  WDClientUser.getClientUser IUser
  help needed
  Regards
  Lekha

• How to set up my elderly parent with Mac so that I can use remote access to help her?

  I want to set my elderly mother up with a new Mac mini so that I can use remote access to show her how use email, browse the internet, share photos.  (She lives in KY, I live in OR)
  She has had an iPhone and an iPad for about 6 months and she can barely use them without becoming frustrated.   I want to be able to see her screen with her and show her how to do things.
  My plan is to set her up with a Mac mini and I'll use my MacBookAir to remote into her system.  I'm buying the mini to configure and then I'll mail it to her.
  My question is whether to try to use Back to My Mac or Teamviewer for remote access
  I have broadband with comcast and she has broadband with Access Cable.  Each have their company modem/routers--neither of us have Airport Express.
  I have my own iCloud account and she has her own.   If I use Back to My Mac, it seems that I would need to set up a separate account on my Mac that would sync to her iCloud account.
  Teamviewer seems easier because I don't have to use a separate account.   Any advice?   Anything that I'm not thinking about?

  As Linc says, you can establish a Screen Sharing session via iMessage and Facetime.  The advantage of these 2 approaches is that once your Mom gets used to using them, she will be more comfortable using them to communicate with you.  I've talked to my Mom via iChat (aka iMessage) more since she learned to use them, then in all the years before that (including when I was a child ).  And just being able to see your Mom via Facetime can be useful when you want to gage how she is doing.
  However, if you are any distance from your Mom, they you want backup methods incase something goes wrong.
  So beside iMessage/Facetime, the next best would be Back-to-My-Mac via iCloud, however, you will want to establish her Mac as using your account so that you have the right to take control remotely.
  An alternative that does not mix up your iCloud acounts would be to use TeamViewer.com (which has an unattended mode so you can do off-hour maintenance when your Mom is not around; or check up on her to find out if she is dating - Turns out if I had been paying attention, I would not have been blind-sided by my Mom getting Married again last Summer - she is in her 80's! ).
  LogMeIn.com, as dwb says, can be used the same was as TeamViewer.com
  Both LogMeIn.com and TeamViewer.com are very good at making it easy to get through the home router and if you are having any problems connecting using other Methods, TeamViewer.com or LogMeIn.com will most likely not have any issues.
  Back-to-My-Mac allows screen sharing and file sharing so you can transfer files as well as control the screen.
  Screen Sharing via Messages allows cooperative file transfer. That is to say, you can try pushing a file to your Mom, but she has to accept each transfer.
  TeamViewer.com has an unattended file transfer mode.
  LogMeIn.com requires the paid version to transfer files.  However, there are other ways to transfer files, such as downloading them from the original source on your Mom's system while using screen sharing, using Dropbox (or similar), emailing them, etc...
  Of course if you are really network savvy, you can roll your own via ssh tunnels, port forwarding routers, getting dynamic DNS names, transferring files via scp, or tunneling AFP file sharing, tunneling your screen sharing sessions.  Lots of fun and excitement playing with terminal commands

• Remote Access Question...

  Is there a remote access app with which I can open media on a computer or laptop in the apps that support said media or files on my iPad, email these files as a link, email compatable sizes as an attachment, save compatable types to camera roll, Print, view, play, listen to, and read?

  You can use email to send files to your iPad. But the best way to transfer photos, music, documents etc. is to use iTunes on your computer. See page 40 of the iPad User's Manual for information on syncing your iPad using iTunes. The manual is here
  http://support.apple.com/manuals/#ipad

• Remote access to Time Capsule won't work

  Over the past couple of months I've been doing lots of research and planning into replacing my Mac Pro and old MacBook Pro with a new Mac setup.  I was looking for efficiency, productivity and ultimate portability so the Macbook Pro Retina and Time Capsule grabbed my attention.
  I was interested in the MacBook Pro Retina for work (travel) and home leisure use.  Due to having so much music and video iTunes content, I was interested in purchasing a Time Capsule and a secondary external hard drive, placing all my iTunes content on the Time Capsule which I would then back up to the external hard drive when I was at home.  I would then setup Time Capsule to be accessible over the internet so that I could view my media content through iTunes wherever in the world I was (internet speeds permitting of course).  By doing this I could carry only my work files with me on the 512GB SSD Macbook Pro Retina, but could access the Time Capsule media files remotely, either via wi-fi or by tethering my iPhone 5.
  So I purchased a Time Capsule to test my theory.  I followed online guidance on how to achieve such a setup and using my 2008 MacBook Pro (which runs Snow Leopard) and a friends internet connection I got the system to work.  I was able to remotely contact Time Capsule and watch High Def video content via wireless internet and even tethered to my iPhone.  So I went and purchased a Macbook Pro Retina (running Mountain Lion) and set about setting up the system in the same way.  But this is where something's gone wrong.  I can't connect to the Time Capsule over the internet at all.
  The Air Port utility has been updated to version 6 which is lacking the ability to instruct the Time Capsule to "Allow access over WAN".  I thought I'd make sure it still connected via the internet using my old MacBook Pro, which had definitely worked perfectly just a couple weeks earlier, and that won't work either.  I can't find the option to "Allow access over WAN" within Airport Utility 5.6.1 either?  And the simple apple script application that I wrote (following an online guide) to open the remote connection to Time Capsule with the double left click on an icon has stopped working too.
  I don't pretend to be a network engineer and I'm no I.T. expert, though I usually manage to teach myself what I need to know to sort issues like this out, but this has gotten me really stumped!  I tried downloading an old version of Airport Utility to see if that had the "Allow access over WAN" feature (within the 'Disks' > 'File Sharing' area of Airport Utility) but my Mac OS won't allow the old versions to run.
  Perhaps the version of Airport Utility I used on my Macbook Pro a couple of weeks ago didn't have the "Allow access over WAN" check box either and I just didn't notice - which is likely unless Airport Utility updates itself in the background without any prompts etc.  I certainly didn't notice a software update for it any time over the past few days.  Either way, I don't understand how it could have been working a few days back and now it's suddenly not.
  I used this guides to gain remote access to Time Capsule successfully just a couple of weeks ago:
  http://www.youtube.com/watch?v=SIQ7SzA1cK4
  Can anyone shed any light on the issue and point me toward a fix please?  I'd appreciate the help.

  Thanks LaPastenague.  I'm not sure if I have a static IP but I can confirm it hasn't changed in the past month.
  I've pretty much come to the conclusion that what I want to do isn't really possible using Time Capsule.  Like I mentioned, I had remote access working a couple of weeks ago but it seems like apple have updated the firmware or airport software to remove something that was necessary to remotely connect in the same way.  And even if I did get it working I think it would still be so restrictive, requiring a fast wifi or mobile phone tethered connection to view my media files over the internet.
  I got connected via iCloud and B.T.M.M. but the connection was very slow and video wouldn't stream well at all (painful).  It seems that the speed constraints would make it very frustrating each time I simply wanted to look through my vast iTunes music collection or movie library.  Album covers won't appear either.
  Even if it were possible to connect via a static IP I just don't think that the WAN connection would be stable or fast enough to offer an efficint solution(?), so I'll probably have to by an external portable HD and use Time Capsule for Time Machine and Printer Sharing.
  I wish I could stream my iTunes movies and music successfully over the internet, but right now it just doesn't seem possible.