WRVS4400N breaks VPN session during https connection to a LAN host

Hello,
here comes the incident description:
WRVS4400N breaks established VPN session if I am trying to connect to any LAN host via HTTPS.
Did anyone experience similar issue?
What a workaround could be?
Many thanks in advance, appreciate your time.
Solved!
Go to Solution.

These products are being handled by the Cisco Small Business Support Community. (URL: https://supportforums.cisco.com/community/netpro/small-business )

Similar Messages

  • VPN session established but cannot access trusted LAN segment on the ASA

    Just a roundup of my Cisco ASA configuration...
    1) Configure remote access IPSec VPN
    2) Group Policies - vpntesting
    3) AES256 SHA DH group 5
    4) Configure local user vpntesting
    5) Configure dhcp pool - 10.27.165.2 to 10.27.165.128 mask /24
    6) open access on outside interface
    7) IKE group - vpntesting
    A) Did I miss anything?
    B) For example, there is a LAN segment - 10.27.40.x/24  on the trusted leg of the Cisco ASA but I can't access it. Do I need to  create access lists to allow my VPN session to access the trust LANs?
    C) Any good guide for configuring remote access VPN using ASDM?

    I have couple of issues with my EasyVPN server and Cisco VPN Client on Win7.
    1: Sometimes, clients are connected, connection shows established but no traffic or pings can be made to corp network. I might have to do with NAT settings to except VPN traffic from being NATed.
    2: VPN Clients don't pick the same IP address from local address pool even though I specified "RECYLE" option.
    I would apprecaite if you look at my configuration and advise any mis-config or anything that needs to be corrected.
    Thank you so much.
    Configuration:
    TQI-WN-RT2911#sh run
    Building configuration...
    Current configuration : 7420 bytes
    ! Last configuration change at 14:49:13 UTC Fri Oct 12 2012 by admin
    ! NVRAM config last updated at 14:49:14 UTC Fri Oct 12 2012 by admin
    ! NVRAM config last updated at 14:49:14 UTC Fri Oct 12 2012 by admin
    version 15.1
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname TQI-WN-RT2911
    boot-start-marker
    boot-end-marker
    logging buffered 51200 warnings
    aaa new-model
    aaa authentication login default local
    aaa authorization exec default local
    aaa authorization network default local
    aaa session-id common
    no ipv6 cef
    ip source-route
    ip cef
    ip dhcp remember
    ip domain name telquestintl.com
    multilink bundle-name authenticated
    crypto pki token default removal timeout 0
    crypto pki trustpoint TP-self-signed-2562258950
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-2562258950
    revocation-check none
    rsakeypair TP-self-signed-2562258950
    crypto pki certificate chain TP-self-signed-2562258950
    certificate self-signed 01
                quit
    license udi pid CISCO2911/K9 sn ##############
    redundancy
    track 1 ip sla 1 reachability
    delay down 10 up 20
    crypto isakmp policy 1
    encr 3des
    authentication pre-share
    group 2
    crypto isakmp key ############## address 173.161.255.###
    255.255.255.240
    crypto isakmp client configuration group EASY_VPN
    key ##############
    dns 10.10.0.241 10.0.0.241
    domain domain.com
    pool EZVPN-POOL
    acl VPN+ENVYPTED_TRAFFIC
    save-password
    max-users 50
    max-logins 10
    netmask 255.255.255.0
    crypto isakmp profile EASY_VPN_IKE_PROFILE1
       match identity group EASY_VPN
       client authentication list default
       isakmp authorization list default
       client configuration address respond
       virtual-template 1
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec profile EASY_VPN_IPSec_PROFILE1
    set security-association idle-time 86400
    set transform-set ESP-3DES-SHA
    set isakmp-profile EASY_VPN_IKE_PROFILE1
    crypto map VPN_TUNNEL 10 ipsec-isakmp
    description ***TUNNEL-TO-FAIRFIELD***
    set peer 173.161.255.241
    set transform-set ESP-3DES-SHA
    match address 105
    interface Loopback1
    ip address 10.10.30.1 255.255.255.0
    interface Tunnel1
    ip address 172.16.0.2 255.255.255.0
    ip mtu 1420
    tunnel source GigabitEthernet0/0
    tunnel destination 173.161.255.241
    tunnel path-mtu-discovery
    interface Embedded-Service-Engine0/0
    no ip address
    shutdown
    interface GigabitEthernet0/0
    description Optonline  WAN secondary
    ip address 108.58.179.### 255.255.255.248 secondary
    ip address 108.58.179.### 255.255.255.248
    ip nat outside
    ip virtual-reassembly in
    duplex auto
    speed auto
    crypto map VPN_TUNNEL
    interface GigabitEthernet0/1
    description T1 WAN Link
    ip address 64.7.17.### 255.255.255.240
    ip nat outside
    ip virtual-reassembly in
    duplex auto
    speed auto
    interface GigabitEthernet0/2
    description LAN
    ip address 10.10.0.1 255.255.255.0 secondary
    ip address 10.10.0.3 255.255.255.0
    ip nat inside
    ip virtual-reassembly in
    duplex auto
    speed auto
    interface Virtual-Template1 type tunnel
    ip unnumbered Loopback1
    tunnel mode ipsec ipv4
    tunnel protection ipsec profile EASY_VPN_IPSec_PROFILE1
    router eigrp 1
    network 10.10.0.0 0.0.0.255
    network 10.10.30.0 0.0.0.255
    network 172.16.0.0 0.0.0.255
    router odr
    router bgp 100
    bgp log-neighbor-changes
    ip local pool EZVPN-POOL 10.10.30.51 10.10.30.199 recycle delay
    65535
    ip forward-protocol nd
    ip http server
    ip http access-class 23
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source route-map OPTIMUM-ISP interface
    GigabitEthernet0/0 overload
    ip nat inside source route-map T1-ISP interface GigabitEthernet0/1
    overload
    ip nat inside source static tcp 10.10.0.243 25 108.58.179.### 25
    extendable
    ip nat inside source static tcp 10.10.0.243 80 108.58.179.### 80
    extendable
    ip nat inside source static tcp 10.10.0.243 443 108.58.179.### 443
    extendable
    ip nat inside source static tcp 10.10.0.220 3389 108.58.179.### 3389
    extendable
    ip nat inside source static tcp 10.10.0.17 12000 108.58.179.###
    12000 extendable
    ip nat inside source static tcp 10.10.0.16 80 108.58.179.### 80
    extendable
    ip nat inside source static tcp 10.10.0.16 443 108.58.179.### 443
    extendable
    ip nat inside source static tcp 10.10.0.16 3389 108.58.179.### 3389
    extendable
    ip route 0.0.0.0 0.0.0.0 108.58.179.### track 1
    ip route 0.0.0.0 0.0.0.0 64.7.17.97 ##
    ip access-list extended VPN+ENVYPTED_TRAFFIC
    permit ip 10.10.0.0 0.0.0.255 any
    permit ip 10.0.0.0 0.0.0.255 any
    permit ip 10.10.30.0 0.0.0.255 any
    ip sla 1
    icmp-echo 108.58.179.### source-interface GigabitEthernet0/0
    threshold 100
    timeout 200
    frequency 3
    ip sla schedule 1 life forever start-time now
    access-list 1 permit 10.10.0.0 0.0.0.255
    access-list 2 permit 10.10.0.0 0.0.0.255
    access-list 100 permit ip 10.10.0.0 0.0.0.255 any
    access-list 105 remark ***GRE-TRAFFIC TO FAIRFIELD***
    access-list 105 permit gre host 108.58.179.### host 173.161.255.###
    route-map T1-ISP permit 10
    match ip address 100
    match interface GigabitEthernet0/1
    route-map OPTIMUM-ISP permit 10
    match ip address 100
    match interface GigabitEthernet0/0
    control-plane
    line con 0
    line aux 0
    line 2
    no activation-character
    no exec
    transport preferred none
    transport input all
    transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
    stopbits 1
    line vty 0 4
    privilege level 15
    transport input telnet ssh
    line vty 5 15
    privilege level 15
    transport input telnet ssh
    scheduler allocate 20000 1000
    end
    TQI-WN-RT2911#

  • Restricting Management to HTTPS Connections on the WRVS4400N

    Where in the web management console is the toggle to restrict management sessions to HTTPS on the WRVS4400N?
    I have found this option on the WRT54G under Mangement 'Server Access' but I can not locate the setting on the WRVS4400N. I assume it must be present as it seems quite silly to drop that security setting an a more complex device with an IDS etc. built in.

    HTTPS is enabled in that location and Remote Management is Disabled because I do not want anyone to be able to manage the unit remotely.
    I want to forbid ANY management (including local) though HTTP. This is a network security requirement.

  • Internet sessions, VPN session, and connections dropping frequently

    I'm in an apartment. This problem started about a week ago. All of my browser sessions, vpn session, and connections such as AIM or netflix drop frequently. I often have to click links twice to get a page to load. I have to reload videos a lot to get them to continue to stream. I am constantly signing in and out of AOL IM.
    I believe the problem has to do with several MoCs (coax connections) listed on my router page, and these MoCs have names of other people on them. Until I noticed them a week ago, I had only seen one MoC belonging to me listed on the router connection page.
    Thus, I think that something got crossed up of misconfigured in the ONT for my apartment complex. The gateway light on my router stays green as all of these problems happen.
    Pinging google.com, I get
    --- google.com ping statistics ---76 packets transmitted, 55 packets received, 27.6% packet lossround-trip min/avg/max/stddev = 31.282/39.339/48.217/3.548 ms
    Anyone seen this before and know how to get verizon to fix this?
    I have had nothing but problems with FIOS since getting it, and I have wasted a lot of time with their "customer support."

    I am sorry to hear about your connection problems. I have sent you a private message so we can get your information and look more deep into your connection.
    Anthony_VZ
    **If someones post has helped you, please acknowledge their assistance by clicking the red thumbs up button to give them Kudos. If you are the original poster and any response gave you your answer, please mark the post that had the answer as the solution**
    Notice: Content posted by Verizon employees is meant to be informational and does not supersede or change the Verizon Forums User Guidelines or Terms or Service, or your Customer Agreement Terms and Conditions or plan

  • Time Capsule Occassionally Reboots During Cisco VPN Sessions

    I have a Time Capsule and an AirPort Extreme Base Station in a Wireless Distribution System (WDS) configuration at my home. The Time Capsule is connected to the DSL Modem. The devices work without issue the vast majority of the time.
    However, I have noticed that occassionally, and seemingly randomly, my Time Capsule will reboot whenever I have a Windows desktop client Cisco VPN session established through the device and back to my workplace's remote access VPN concentrators. It occurs often enough for me to correlate it with the VPN sessions, but not often enough that I can create the steps to reproduce the failure. However, ancedotally, I would say that it occurs about once for every 2 hours or so of actual VPN useage (not that I'm saying it's time or duration based, but rather to give some scale to the occurance). It is very annoying as I have to wait for the Time Capsule to reboot, for my wireless connectivity to re-establish, and thereafter to re-establish the VPN session and any further office connectivity (ie, exchange, filesshares, sharepoint, etc.).
    I was curious if anyone else has experienced this problem, as I didn't readily find any other comments on the discussions forums. I'm not at home at the moment, so I can't confirm exact revisions, but this problem occurred both with the prior firmware as well as the most recent firmware which was just upgraded on the device in the past few weeks (I was hoping the new firmware might have resolved the issue, but it apparently did not).

    two suggestions:
    1) make sure the firmware is current
    2) can you disable WDS temporarily to see if it's WDS related?

  • Webdynpro ABAP/Portal. Plugin HTTP connection issue on WaitingEventQueue.js

    Hello,
    We are experiencing a strange Portal Behavior with our Webdynpros. Our portal contains several iViews including some Webdynpro (ABAP) and some reporting transaction calls that use SAPgui for HTML.
    When portal is called for the first time and a user logs in, two connections of type RFC can be seen for that user in SM04 in our ERP system. All iViews work as expected. For example, calling the Time Management webdynpro closes one of the RFC connections and starts a new Pluguin HTTP connection. We can go back and forth between the welcome page and this Webdynpro with no issues.
    If we then select one of the reporting transaction codes, the portal launches the SAPGUI for HTML. Report retrieves and shows data, and then we close using the "Exit" button provided by the sapgui for HTML
    Next we try again to launch any webdynpro (abap), but SM04 shows that the new Plugin HTTP session gets stuck and spinning mid way, and will stay there. Refreshing the Portal screen with F8, navigating back and forth, logging off and on again has no effect. The webdynpros will not launch again. Only webdynpros are affected, any of the reporting transactions can be called successfully over and over.
    We have figured that deleting Temporary Internet files (we are using IE 7), and in particular by just deleting the WaitingEventQueue.js?XXXXXXXXXXX file, the system will break away from the spin loop and show the webdynpro again, but eventually it will get stuck again, and asking the users to delete their Temporary Internet Files every 5 minutes is not a workable solution
    I have reviewed the contents of this javascript file at different points during the test, and the contents do not change, so deleting the file and the recreate process must be resetting somehow the queue and allowing for a new correct communication.
    Is there a way to properly reset this event queue (for example from ABAP, when the webdynpros are reloaded) in order to avoid the spin loop?
    Thanks for any help!
    Andres

    Well, we got the issue resolved, so here is what we did, in case anybody is interested:
    Tested again our portal with multiple versions of Internet Explorer, in particular IE8 and IE6, the Webdynpro behavior was normal (no timeouts or locks). It even worked when we installed IE7 in a brand new machine and tried our portal.
    So we started suspecting if maybe the particular IE7 that we install internally (with specific settings and policies) may be the culprit. We took a desktop that was producing the timeouts and used the following options in IE7:
    Tools->Internet Options->Advanced(tab)-Reset Internet Explorer settings
    and, voila! the next time we ran there, the portal did not create any timeouts.
    We even asked our desktop support team to uninstall and reinstall IE7 in the same machine after we did the reset, and even after the re-install that the timeout problems did not re-appear.
    One of the things that the "reset" option does is delete the Add-ons used by IE.
    So as a last test, we took a machine that was presenting the problem and went to the Internet Options to disable all the add-ons (in the Programs Tab). The error disappeared.
    And even after enabling back all the add-ons, the error would not return.
    Conclusion:
    Without being able to pinpoint the specific add-on (or combination) that causes the problem, we suspect that some of them conflicted, causing IE7 to behave abnormally. Disabling them all, restarting Internet Explorer, and enabling them again, makes the WaitingEventQueue.js work as it should

  • HTTPs connection from SAP WebAS

    Hello,
    I have to establish a connection from SAP WebAS to an iSaSiLk server via HTTPS.
    The iSaSiLk authentication is based on client certificates.
    I've created a SSL client PSE, generated the Certificate Request, imported the certificate response and the chain of certificates associated  with no errors. When testing the connection we're getting the following error message:
    SAP icm log:
    [Thr 1087400256] ->> SapSSLSessionInit(&sssl_hdl=0x2aaaba679980, role=1 (CLIENT), auth_type=3 (USE_CLIENT_CERT))
    [Thr 1087400256] <<- SapSSLSessionInit()==SAP_O_K
    [Thr 1087400256]      in: args = "role=1 (CLIENT), auth_type=3 (USE_CLIENT_CERT)"
    [Thr 1087400256]     out: sssl_hdl = 0x1a3310c0
    [Thr 1087400256] ->> SapSSLSetNiHdl(sssl_hdl=0x1a3310c0, ni_hdl=22)
    [Thr 1087400256] NiIBlockMode: set blockmode for hdl 22 TRUE
    [Thr 1087400256] <<- SapSSLSetNiHdl(sssl_hdl=0x1a3310c0, ni_hdl=22)==SAP_O_K
    [Thr 1087400256] ->> SapSSLSetSessionCredential(sssl_hdl=0x1a3310c0, &cred_name=0x1a49e4e0)
    [Thr 1087400256]   SapISSLComposeFilename(): Filename = "/usr/sap/XID/DVEBMGS00/sec/SAPSSLSPHTID.pse"
    [Thr 1087400256] <<- SapSSLSetSessionCredential(sssl_hdl=0x1a3310c0)==SAP_O_K
    [Thr 1087400256]      in: cred_name = "/usr/sap/XID/DVEBMGS00/sec/SAPSSLSPHTID.pse"
    [Thr 1087400256] ->> SapSSLSetTargetHostname(sssl_hdl=0x1a3310c0, &hostname=0x1a4a09e0)
    [Thr 1087400256] <<- SapSSLSetTargetHostname(sssl_hdl=0x1a3310c0)==SAP_O_K
    [Thr 1087400256]      in: hostname = "<remoteServer_to_be_accessed>"
    [Thr 1087400256] ->> SapSSLSessionStart(sssl_hdl=0x1a3310c0)
    [Thr 1087400256]   SapISSLUseSessionCache(): Creating NEW session (0 cached)
    [Thr 1087400256] Tue Jan 13 10:10:22 2009
    *[Thr 1087400256] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL*
    [Thr 1087400256]    session uses PSE file "/usr/sap/XID/DVEBMGS00/sec/SAPSSLSPHTID.pse"
    [Thr 1087400256] SecudeSSL_SessionStart: SSL_connect() failed
      secude_error 536871693 (0x2000030d) = "none of the PSEs registered with hSsl can suffice the negotiated SSL cipher suite"
    [Thr 1087400256] >>            Begin of Secude-SSL Errorstack            >>
    [Thr 1087400256] ERROR in ssl3_get_certificate_request: (536871693/0x2000030d) none of the PSEs registered with hSsl can suffice
    [Thr 1087400256] <<            End of Secude-SSL Errorstack
    [Thr 1087400256]   SSL_get_state() returned 0x00002150 "SSLv3 read server certificate request A"
    [Thr 1087400256]   No certificate request received from Server
    [Thr 1087400256] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x1a3310c0)==SSSLERR_SSL_CONNECT
    [Thr 1087400256] ->> SapSSLErrorName(rc=-57)
    [Thr 1087400256] <<- SapSSLErrorName()==SSSLERR_SSL_CONNECT
    [Thr 1087400256] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT [icxxconn_mt
    On the iSaSiLk server we're getting:
    ssl_debug(2): Starting handshake (iSaSiLk 3.06)...
    ssl_debug(2): Received v3 client_hello handshake message.
    ssl_debug(2): Client requested SSL version 3.0, selecting version 3.0.
    ssl_debug(2): Creating new session 11:5F:04:C9:0D:32:15:B9...
    ssl_debug(2): CipherSuites supported by the client:
    ssl_debug(2): SSL_RSA_WITH_RC4_128_SHA
    ssl_debug(2): SSL_RSA_WITH_RC4_128_MD5
    ssl_debug(2): SSL_RSA_WITH_3DES_EDE_CBC_SHA
    ssl_debug(2): SSL_RSA_WITH_DES_CBC_SHA
    ssl_debug(2): SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
    ssl_debug(2): SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
    ssl_debug(2): SSL_RSA_EXPORT_WITH_RC4_40_MD5
    ssl_debug(2): CompressionMethods supported by the client:
    ssl_debug(2): NULL
    ssl_debug(2): Sending server_hello handshake message.
    ssl_debug(2): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_SHA
    ssl_debug(2): Selecting CompressionMethod: NULL
    ssl_debug(2): Sending certificate handshake message with server certificate...
    ssl_debug(2): Sending certificate_request handshake message...
    ssl_debug(2): Sending server_hello_done handshake message...
    ssl_debug(2): IOException while handshaking: Connection closed by remote host.
    ssl_debug(2): Sending alert: Alert Fatal: handshake failure
    ssl_debug(2): Shutting down SSL layer...
    ssl_debug(2): Closing transport...
    From the iSaSiLk everything seems to be OK, but on the SAP WebAS the error "none of the PSEs registered with hSsl can suffice the negotiated SSL cipher suite" is really unclear, since the cipher chosen by the iSaSiLk is one of the ciphers sent by SAP WebAS...
    Can anyone give me any suggestion?

    Hello Olivier,
    Thanks for your answer.
    I've implemented note 800240 which facilitates the PSE analysis by implementing the report ZSSF_TEST_PSE. With this report I'm able to check all the PSE content, which are:
    Filename            SAPSSLSPHTID.pse
    PIN                 <no>
    Signature           X
    Encryption          X
    Profile Parameter
    DIR_INSTANCE                   /usr/sap/XID/DVEBMGS00                       /usr/sap/XID/D00
    sec/dsakeylengthdefault                                                     1024
    sec/libsapsecu                 /usr/sap/XID/SYS/exe/run/libsapcrypto.so
    sec/rsakeylengthdefault                                                     1024
    ssf/name                       SAPSECULIB
    ssf/ssf_md_alg                                                              SHA1
    ssf/ssf_symencr_alg                                                         DES-CBC
    ssf/ssfapi_lib                 /usr/sap/XID/SYS/exe/run/libsapcrypto.so
    ssf2/name
    ssf2/ssf_md_alg                                                             SHA1
    ssf2/ssf_symencr_alg                                                        DES-CBC
    ssf2/ssfapi_lib
    ssf3/name
    ssf3/ssf_md_alg                                                             SHA1
    ssf3/ssf_symencr_alg                                                        DES-CBC
    ssf3/ssfapi_lib
    Environment variables
    USER                xidadm
    SECUDIR             /usr/sap/XID/DVEBMGS00/sec
    PSE
    Validity            18.12.2008 19:47:04   18.12.2009 19:47:04
    Algorithm           RSA (OID 1.2.840.113549.1.1.1)
    Test signature
    Signature OK
    Verification OK
    Test encryption
    Encryption OK
    Decryption OK
    As you can see, the cipher algorithm used is RSA. Any suggestion... ?
    An iSaSiLk server "is a Java programming language implementation of the SSLv2 (client-side), SSLv3, TLS 1.0 and TLS 1.1 protocols. It supports all defined cipher suites (except for Fortezza), including all AES and PSK cipher suites. iSaSiLk implements all standard TLS extensions, comes with an easy to use API and operates on top of the IAIK-JCE Javau2122 Cryptography Extension. iSaSiLk is highly configurable and will work with any alternative JCE implementation supported by a proper provider for supplying the required cryptographic algorithms".
    Once again thanks for your answer.

  • HTTPS connection from database

    Hi all,
    I have to implement https connection from a database with a Web server which requests a client certificate. I have the certificate in the wallet, but UTL_HTTP does not send it to the Web server.
    So, is there any way to connect to a Web server which requires a client certificate?

    Could you explain how transport protocol influences certificate exchange during SSL session?

  • Error during JCO connection

    Hi,
    I am currently running on EP6.0 sp2(J2ee engine 6.2).
      During Jco connection executing BAPI in the Bakened system i am getting the followinmg error.
    <b>com.sapportals.portal.prt.component.PortalComponentException 31 : >>
    > com.sapportals.portal.prt.component.PortalComponentException
    com.sapportals.portal.prt.component.PortalComponentException: Error in service call of Portal Component
    Component : Connect.Bapi_getlist
    Component class : pkg.Bapi_getlist
    User : 511972
    at com.sapportals.portal.prt.core.PortalRequestManager.handlePortalComponentException(PortalRequestManager.java:858)
    at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:310)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:138)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:190)
    at com.sapportals.portal.prt.component.PortalComponentResponse.include(PortalComponentResponse.java:209)
    at com.sapportals.portal.prt.pom.PortalNode.service(PortalNode.java:576)
    at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:300)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:138)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:190)
    at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:669)
    at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:208)
    at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:532)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:415)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    at com.inqmy.services.servlets_jsp.server.InvokerServlet.service(InvokerServlet.java:126)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    at com.inqmy.services.servlets_jsp.server.RunServlet.runSerlvet(RunServlet.java:149)
    at com.inqmy.services.servlets_jsp.server.ServletsAndJspImpl.startServlet(ServletsAndJspImpl.java:832)
    at com.inqmy.services.httpserver.server.RequestAnalizer.checkFilename(RequestAnalizer.java:666)
    at com.inqmy.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:313)
    at com.inqmy.services.httpserver.server.Response.handle(Response.java:173)
    at com.inqmy.services.httpserver.server.HttpServerFrame.request(HttpServerFrame.java:1288)
    at com.inqmy.core.service.context.container.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:36)
    at com.inqmy.core.cluster.impl5.ParserRunner.run(ParserRunner.java:55)
    at com.inqmy.core.thread.impl0.ActionObject.run(ActionObject.java:46)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.inqmy.core.thread.impl0.SingleThread.run(SingleThread.java:148)
    > Caused by: java.lang.NoClassDefFoundError
    at pkg.Bapi_getlist.doContent(Bapi_getlist.java:38)
    at com.sapportals.portal.prt.component.AbstractPortalComponent.serviceDeprecated(AbstractPortalComponent.java:209)
    at com.sapportals.portal.prt.component.AbstractPortalComponent.service(AbstractPortalComponent.java:114)
    at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:300)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:138)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:190)
    at com.sapportals.portal.prt.component.PortalComponentResponse.include(PortalComponentResponse.java:209)
    at com.sapportals.portal.prt.pom.PortalNode.service(PortalNode.java:576)
    at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:300)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:138)
    at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:190)
    at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:669)
    at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:208)
    at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:532)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:415)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    at com.inqmy.services.servlets_jsp.server.InvokerServlet.service(InvokerServlet.java:126)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    at com.inqmy.services.servlets_jsp.server.RunServlet.runSerlvet(RunServlet.java:149)
    at com.inqmy.services.servlets_jsp.server.ServletsAndJspImpl.startServlet(ServletsAndJspImpl.java:832)
    at com.inqmy.services.httpserver.server.RequestAnalizer.checkFilename(RequestAnalizer.java:666)
    at com.inqmy.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:313)
    at com.inqmy.services.httpserver.server.Response.handle(Response.java:173)
    at com.inqmy.services.httpserver.server.HttpServerFrame.request(HttpServerFrame.java:1288)
    at com.inqmy.core.service.context.container.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:36)
    at com.inqmy.core.cluster.impl5.ParserRunner.run(ParserRunner.java:55)
    at com.inqmy.core.thread.impl0.ActionObject.run(ActionObject.java:46)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.inqmy.core.thread.impl0.SingleThread.run(SingleThread.java:148)
    <</b>
    the same code when i am executing in the WAS 6.4 system
    its executing properly.
    why its throughing error in EP6.0 sp2(J2ee engine 6.2) Portal server.
    Regards

    Hello,
    Please see if note: 765461 is relevant for you.
    Best Regards,
    Ran

  • "Ignore Sessions During Shutdown" and "Graceful Shutdown Sequence"

    Hi
    I have J2EE application consisting of WEB and EJB layers deployed on WL 8.1
    I start the Graceful Shutdown Sequence with Ignore Sessions During Shutdown option set. sessionDestroyed() method of registered HttpSessionListener is fired but at this moment JNDI tree is already empty, EJB module undeployed and the listener is not able to get to application's EJBs.
    In the documentation (http://e-docs.bea.com/wls/docs81/adminguide/overview_lifecycle.html#1045901) Ignore Sessions During Shutdown option is explained as follows:
    "If you enable this option WebLogic Server will drop all HTTP sessions immediately, rather than waiting for them to complete or timeout."
    What does "drop" mean here? Is this some exception to Graceful Shutdown Sequence and the following excerpt from the documentation? : "During a graceful shutdown, subsystems complete in-flight work and suspend themselves in a specific sequence and in a synchronized fashion, so that back-end subsystems like JDBC connection pools are available when front-end subsystems are suspending themselves."
    Regards

    Hi,
    You can use tcodes
    SMQR --> To register a queue
    SMQS --> To register a destination in Queue Schedular
    SMQ1 --> OutBound Queue Details
    SMQ2 --> Inbound Queue Details
    SXMB_ADMIN --> Manage Queue to register,deregister and activate the queue.
    Check the link for more details : http://help.sap.com/saphelp_nw04/helpdata/en/59/d9fa40ee14f26fe10000000a1550b0/frameset.htm
    For step details for server start/stop you can search on google for more details. And for an idea check the section Managing the SAP Start-Up Service via the SAP MMC Snap-In in the link https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/3e3fad90-0201-0010-2f91-c8907db40bfe
    Thanks!
    Edited by: sudhir tiwari on Nov 12, 2008 12:00 PM

  • Can AnyConnect VPN Session Surviving a Logoff ?

    I see that AnyConnect is a Service. We sometimes have issues with remotes losing their Windows passwords. When this happens, we have them log in locally, (with a non-domain account), then connect to the VPN, then logoff, (the Contivity VPN Session will stay established), then we reset their password, and they log in with their new password. Some VPNs use a feature called 'Logoff at Connect' to accomplish this. Any information would be greatly appreciated.

    To log off all AnyConnect Client and SSL VPN sessions, use the vpn-sessiondb logoff svc command in global configuration mode:
    vpn-sessiondb logoff svc. In response, the system asks you to confirm that you want to log off the VPN sessions. To confirm press Enter or type y. Entering any other key cancels the logging off.
    http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect22/administration/guide/22admin6.html#wp999635

  • Exclude browser session from VPN session

    Hi all,
    I use a software VPN sometimes to connect to a remote LAN. I use vpnc and it creates a software tunnel interface. All my traffic then goes through the remote LAN. is there a way to have part of my traffic not go through the VPN? I'd like to have a separate browser session which is excluded from the VPN. Is this possible?

    Actually, a SOCKS proxy would still abide by the IP routing rules. The browser session would only seem to originate from the proxy (from any web server's point of view), but the traffic would still go through the VPN first.
    s5s wrote:
    Hi all,
    I use a software VPN sometimes to connect to a remote LAN. I use vpnc and it creates a software tunnel interface. All my traffic then goes through the remote LAN. is there a way to have part of my traffic not go through the VPN? I'd like to have a separate browser session which is excluded from the VPN. Is this possible?
    Assuming that by "browser session" you mean HTTP and HTTPS traffic, you may be able to exclude traffic with the corresponding TCP ports as destination from the VPN route(s) by configuring your host's firewall. On the other hand, such a policy would apply to all web traffic, not just from within the browser.
    Just to be sure, wouldn't it be an option for you to only route traffic through the VPN that needs to reach the other LAN, instead of routing everything through there by default?

  • Connection refused when trying to getOutputStream from https connection

    Hi all !
    I want to make an https connection with a server to send/get the request/response
    What can be the cause of the following error in the following code testHttps.java?
    java.net.ConnectException: Connection refused: connect
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(Unknown Source)
    at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
    at java.net.PlainSocketImpl.connect(Unknown Source)
    at java.net.SocksSocketImpl.connect(Unknown Source)
    at java.net.Socket.connect(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
    at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(Unknown Source)
    at sun.net.NetworkClient.doConnect(Unknown Source)
    at sun.net.www.http.HttpClient.openServer(Unknown Source)
    at sun.net.www.http.HttpClient.openServer(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
    at Test.testHttps.main(testHttps.java:46)
    Exception in thread "main" java.net.ConnectException: Connection refused: connect
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(Unknown Source)
    at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
    at java.net.PlainSocketImpl.connect(Unknown Source)
    at java.net.SocksSocketImpl.connect(Unknown Source)
    at java.net.Socket.connect(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
    at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(Unknown Source)
    at sun.net.NetworkClient.doConnect(Unknown Source)
    at sun.net.www.http.HttpClient.openServer(Unknown Source)
    at sun.net.www.http.HttpClient.openServer(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
    at Test.testHttps.main(testHttps.java:51)
    testHttps.java
    package Test;
    import java.io.;
    import java.net.;
    import javax.net.ssl.*;
    public class testHttps {
    public static void main(String args[]) throws Exception {
    //System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
    // Create a trust manager that does not validate certificate chains
    TrustManager[] trustAllCerts = new TrustManager[]{
    new X509TrustManager() {
    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
    return null;
    public void checkClientTrusted(
    java.security.cert.X509Certificate[] certs, String authType) {
    public void checkServerTrusted(
    java.security.cert.X509Certificate[] certs, String authType) {
    // Install the all-trusting trust manager
    try {
    SSLContext sc = SSLContext.getInstance("SSL");
    sc.init(null, trustAllCerts, new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    } catch (Exception e) {
    System.out.println("Error" e);
    // Now you can access an https URL without having the certificate in the truststore
    try {
    URL url = new URL("https://..............");-->//address of the server given here
    URLConnection conn = url.openConnection();
    HttpsURLConnection urlConn = (HttpsURLConnection) conn;
    urlConn.setDoOutput(true);
    OutputStreamWriter wr = null;
    try{
    wr = new OutputStreamWriter(conn.getOutputStream());
    catch(Exception e){
    e.printStackTrace();
    BufferedReader in = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
    String str;
    while( (str=in.readLine()) != null) {
    System.out.println(str);
    } catch (MalformedURLException e) {
    System.out.println("Error in SLL Connetion" +e);
    HostnameVerifier hv = new HostnameVerifier()
    public boolean verify(String urlHostName, SSLSession session)
    System.out.println("Warning: URL Host: " urlHostName " vs. "
    session.getPeerHost());
    return true;
    want to ignore certificate validation.
    plese help me..
    hi brucechapman, as you suggested me, i posted in Core API- networking forum, now please gimme a solution
    Thanks in advance.

    hi brucechapman,
    ran the NetTest program, got the following exception:
    trigger seeding of SecureRandom
    done seeding SecureRandom
    Exception in thread "main" java.net.ConnectException: Connection refused: connect
         at java.net.PlainSocketImpl.socketConnect(Native Method)
         at java.net.PlainSocketImpl.doConnect(Unknown Source)
         at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
         at java.net.PlainSocketImpl.connect(Unknown Source)
         at java.net.SocksSocketImpl.connect(Unknown Source)
         at java.net.Socket.connect(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
         at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(Unknown Source)
         at sun.net.NetworkClient.doConnect(Unknown Source)
         at sun.net.www.http.HttpClient.openServer(Unknown Source)
         at sun.net.www.http.HttpClient.openServer(Unknown Source)
         at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
         at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
         at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
         at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
         at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
         at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
         at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
         at java.net.URL.openStream(Unknown Source)
         at Test.NetTest.main(NetTest.java:40)
    NetTest.java:40 -- InputStream is = url.openStream(); at this ling throwing exception.
    For the following program, i have added the argument -Djavax.net.ssl.trustStore=cacerts
    i have exported the certificate from IE and added to the keystore.
    import java.io.BufferedReader;
    import java.io.IOException;
    import java.io.InputStreamReader;
    import java.io.OutputStreamWriter;
    import java.security.Security;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.SSLSocketFactory;
    public class Communicator {
    public static void main(String[] args) {
    try {
    int port = 34443;
         String strReq = "xml content ";
    Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
    SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket socket = (SSLSocket) factory.createSocket("jyoti-win2k8-32", port);
    //Writer out = new OutputStreamWriter(socket.getOutputStream());
    //out.write("GET http://" + "hostname" + "/ HTTP 1.1\r\n");
    // out.write("\r\n");
    //out.write(strReq);
    //out.flush();
    OutputStreamWriter wr = null;
    try{
         wr = new OutputStreamWriter(socket.getOutputStream());
         catch(Exception e){
              e.printStackTrace();
         System.out.println("got output stream");
         try{
         wr.write(strReq);
         //System.out.println("response code : "+conn.getResponseCode());
         System.out.println("written");
         wr.flush();
         catch(IOException e){
              e.printStackTrace();
    InputStreamReader is = new InputStreamReader(socket.getInputStream(),"UTF8") ;
         BufferedReader rd = new BufferedReader(is);
         String line;int count=0;
         System.out.println("rd "+rd);
         while ((line = rd.readLine()) != null) {
              System.out.println("line "+line );
              System.out.println(count++);
              // Process line...
         System.out.println(count);
    rd.close();
    BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
    int c;
    while ((c = in.read()) != -1) {
    System.out.write(c);
    //out.close();
    in.close();
    socket.close();
    } catch(IOException ex) {
    ex.printStackTrace();
    Exception :
    javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
         at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(Unknown Source)
         at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
         at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
         at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
         at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
         at sun.nio.cs.StreamEncoder.flush(Unknown Source)
         at java.io.OutputStreamWriter.flush(Unknown Source)
         at Test.Communicator.main(Communicator.java:55)
    Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
         at sun.security.validator.PKIXValidator.<init>(Unknown Source)
         at sun.security.validator.Validator.getInstance(Unknown Source)
         at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.getValidator(Unknown Source)
         at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
         at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
         at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
         at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
         at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
         at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
         ... 7 more
    Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
         at java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)
         at java.security.cert.PKIXParameters.<init>(Unknown Source)
         at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)
         ... 19 more
    java.net.SocketException: Socket is closed
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.getInputStream(Unknown Source)
         at Test.Communicator.main(Communicator.java:66)
    please help me and provide me suggestion/solution. how to get rid off this trustanchor paramater exception
    what is it actualy?
    Thanks in advance.

  • ASA 5505 site-to-site VPN tunnel and client VPN sessions

    Hello all
    I have several years of general networking experience, but I have not yet had to set up an ASA from the ground up, so please bear with me.
    I have a client who needs to establish a VPN tunnel from his satellite office (Site A) to his corporate office (Site Z).  His satellite office will have a single PC sitting behind the ASA.  In addition, he needs to be able to VPN from his home (Site H) to Site A to access his PC.
    The first question I have is about the ASA 5505 and the various licensing options.  I want to ensure that an ASA5505-BUN-K9 will be able to establish the site-to-site tunnel as well as allow him to use either the IPsec or SSL VPN client to connect from Site H to Site A.  Would someone please confirm or deny that for me?
    Secondly, I would like to verify that no special routing or configuration would need to take place in order to allow traffic not destined for Site Z (i.e., general web browsing or other traffic to any resource that is not part of the Site Z network) to go out his outside interface without specifically traversing the VPN tunnel (split tunneling?)
    Finally, if the client were to establish a VPN session from Site H to Site A, would that allow for him to connect directly into resources at Site Z without any special firewall security rules?  Since the VPN session would come in on the outside interface, and the tunnel back to Site Z goes out on the same interface, would this constitute a split horizon scenario that would call for a more complex config, or will the ASA handle that automatically without issue?
    I don't yet have the equipment in-hand, so I can't provide any sample configs for you to look over, but I will certainly do so once I've got it.
    Thanks in advance for any assistance provided!

    First question:
    Yes, 5505 will be able to establish site-to-site tunnel, and he can use IPSec vpn client, and SSL VPN (it comes with 2 default SSL VPN license).
    Second question:
    Yes, you are right. No special routing is required. All you need to configure is site-to-site VPN between Site A and Site Z LAN, and the internet traffic will be routed via Site A internet. Assuming you have all the NAT statement configured for that.
    Last question:
    This needs to be configured, it wouldn't automatically allow access to Site Z when he VPNs in to Site A.
    Here is what needs to be configured:
    1) Split tunnel ACL for VPN Client should include both Site Z and Site A LAN subnets.
    2) On site A configures: same-security-traffic permit intra-interface
    3) Crypto ACL for the site-to-site tunnel between Site Z and Site A needs to include the VPN Client pool subnet as follows:
    On Site Z:
    access-list permit ip
    On Site A:
    access-list permit ip
    4) NAT exemption on site Z needs to include vpn client pool subnet as well.
    Hope that helps.
    Message was edited by: Jennifer Halim

  • Server closing the http connection

    We are trying to load test our app which takes an xml message thru
              http request. The request to our app is redirected from CSS (Cisco
              content services switch) load balancer. Our app is running in a
              clustered environment with 2 servers.
              When we tried to post 100 simultaneous messages (in turn 100 http
              requests) originating from the same java client program running on
              only one machine, we get an excception "Connection reset by peer:
              JVM_recv
              Socket write error".
              All these 100 requests are simultaneous and like that we ran the tests
              4 consecutive times without any delay.
              When we ran the tests thru the weblogic proxy server (the one that
              uses HttpClusterServlet) we did not face any connection issues like
              this.
              I'm wondering if this is a load-balancer problem or a weblogic
              problem.
              

    We're doing all the url connections thru our java program which
              creates 100 simultaneous threads which in turn becomes 100
              simultaneous posts. Someone is also suggesting that there is a time
              limit that CSS has before it received the content frame from the
              client once it opens the http connection. I'm not sure if that is
              true.
              "Vyas" <[email protected]> wrote in message news:<[email protected]>...
              > Cisco load balancer sets its own cookie to redirect traffic to the same server, this
              > cookie somehow seems to interfere with weblogic session cookie.
              > We had problems because of this in a production environment with
              > users interfering with each other's session.
              >
              > So far neither weblogic nor cisco owned up to anything , however weblogic gave us
              > a patch admitting to some problems with parsing cookies when other cookies are involved.
              >
              > I am not sure if the problems are the same for you,
              > what do you mean 100 simultaneous requests ?
              > through browser ? through httpurlconnection ?
              >
              > [email protected] (marsaroid) wrote:
              > >We are trying to load test our app which takes an xml message thru
              > >http request. The request to our app is redirected from CSS (Cisco
              > >content services switch) load balancer. Our app is running in a
              > >clustered environment with 2 servers.
              > >
              > >When we tried to post 100 simultaneous messages (in turn 100 http
              > >requests) originating from the same java client program running on
              > >only one machine, we get an excception "Connection reset by peer:
              > >JVM_recv
              > >Socket write error".
              > >
              > >All these 100 requests are simultaneous and like that we ran the tests
              > >4 consecutive times without any delay.
              > >
              > >When we ran the tests thru the weblogic proxy server (the one that
              > >uses HttpClusterServlet) we did not face any connection issues like
              > >this.
              > >
              > >I'm wondering if this is a load-balancer problem or a weblogic
              > >problem.
              

Maybe you are looking for

  • Why is my Mac crashing?

    Hi all, In the last month my G4 has crashed 2 times I have reviewed the crash logs and all I can find in common was com.apple.iokit.IOAudioFamily(1.5.5b2)@0x5d6000. Bellow you will find the Crash Report which came up after rebooting and the Exited pr

  • Funny behaviour of JSpinner

    please help me solving this peculiar problem with jspinner . I got a jspinner , a text box and a button of my frame.i have written code to valdiate the value entered in text field. If an invalid value is entered an error dialog is show. and focus is

  • Creating a serialized java bean

    I want to store a hashcode in a serialized bean... This hashcode shld be accessible by other jsps, servlets. How is the .ser file created ?

  • Server test Harness

    Ive been asked to build a test harness. A simple start would be this. This will run on a machine and make multiple connections to a HTTP page and read the response given. The aim of this is to check the server load before it fails. Does anybody have

  • Why is Apple making us all live in 1999?

    I am a big fan of Apple. I would like to know, I'm looking at you here Mr Moderators & Mr Apple Software Designers, is Apple ever going to catch up with Windows in terms of allowing users to customise the backgrounds of their windows? Grey/Silver is