ZBF commands to open OpenVPN port in on Cisco 1812
Hello,
I am running an OpenVPN server on an internal private network on port 1194/UDP and would like to open this port for the internet on a Cisco 1812 router (this router uses Zone based firewall). For that purpose I have added the following configuration using the IOS CLI:
ip nat inside source static udp 10.0.0.5 1194 interface FastEthernet0 1194
ip port-map user-openvpn port udp 1194 description OpenVPN
access-list 103 permit udp any host 10.0.0.5 eq 1194
class-map type inspect match-all sdm-nat-openvpn-1
match access-group 103
policy-map type inspect sdm-pol-NATOutsideToInside-1
! other class types here for SSH & HTTP
class type inspect sdm-nat-openvpn-1
inspect
class class-default
drop log
Unfortunately the OpenVPN port is not accessible from the outside (internet). Does anyone know what I did wrong here? or maybe did I forget a configuration parameter?
Thanks for your help.
Best,
John
John,
The answer is, Nothing. You did not do anything wrong. Can you put logs on the Router to verify that maybe something else is being dropped?
Login via Telnet/SSH and do in config mode:
IP inspect log drop-pkt
Do term mon
Then try to initialize the VPN session and check what you get.
Mike Rojas.
Similar Messages
-
Command to open Messager Server 3600
Hi Experts,
I want to open a Messager Server Port 3600
Could anyone provide me the command to open this port at command line, My OS is Windows
Thanks
Murtuzahi,
Just like Markus said your SAP server will listen to port 3600.
To make sure that your port (3600) on SAP server is open, you can type :
TE:LNET <IP ADDRESS OF YOUR SAP SERVER> 3600
If you get blank screen then you are connected.
ardhian
http://ardhian.kioslinux.com
http://sapbasis.wordpress.com -
Apple TV Do I need to open a port on my router
Do I need to open a port on my cisco router for my ipad to mirror on the tv.
I have internet access on the Apple TV and ipad I just can't mirrorPorts used listed here:
http://support.apple.com/kb/HT2463
(If it doesn't load 1st time refresh the page). -
Tecra M1 - Modem doesn't work (can't open a port)
I have a problem: After reinstalling WinXP and drivers on my Tecra M1, modem doesn't function. It even can't diagnose itself - there always comes a warning: "Can't open a port (COM). It may be used by another device or application". I installed the latest Toshiba drivers for the modem, but nothing changes. How can I fix it? Looking forward for your advices!
Best regards.Hi
Did you install the drivers in the right order? Not? So do it!
Did you install any additional devices or software which could has a bad influence on the modem?
Check the modem status in the device manger. Can you see any yellow exclamation marks?
Try to start the modem test within the Operating system.
Check the Modem function under
Start -> Control Panel -> Phone and Modem Options -> Modems Tab -> Properties -> Diagnostics
by pressing the "Query Modem" button.
If the Modem Information window contain a list of AT commands (including ATI2, ATI3, ATI4 etc.), then the modem is correctly installed. The ATI5 command ends in with the number for the selected Regional settings (for example Germany = 06).
To change the Regional Setting please use the Toshiba Internal Modem Region Select Utility. -
This is problably a stupid question but how do I open a prot on a cisco 1811? I have a cisco 1811 and a computer that has VNC installed on it. I want to be able to access that computer from out side the network using the external ip address and port 5950. People outside the network will be able to open vnc viewer and type in *external ip address*:5950 and it will be directed to the computer with a static internal ip address of 10.11.101.10. What commands do I use to do this?
Thanks,That didn't work. Here is the new running config:
Building configuration...
Current configuration : 12519 bytes
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname *Host Name*
boot-start-marker
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging message-counter syslog
logging buffered 51200
logging console critical
enable secret 5 $1$3R6c$adcoV0cvM5hTzxOoPBByc0
aaa new-model
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa session-id common
clock timezone PCTime -7
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
crypto pki trustpoint TP-self-signed-1097866965
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1097866965
revocation-check none
rsakeypair TP-self-signed-1097866965
crypto pki certificate chain TP-self-signed-1097866965
certificate self-signed 01
30820256 308201BF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303937 38363639 3635301E 170D3131 30393039 31383130
32355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30393738
36363936 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B1C3 0B9F3231 E9911C7A 7A84E566 F4530769 16830F32 4A61F775 12CDDB5C
23227963 5A53E5C5 2C0E8945 640DB32C ACD17F1A 2C52EC96 7C274099 5D4BBD26
6E7C4DA9 32C5162B 0A54D437 64B719B9 36904DDA 7B23FC3C E7763F5E BF651874
1870462E FA0ABE9C 37918D53 2B5B13A7 4FADFC9E 1D8B0B64 141733A7 8DC61C03
80E90203 010001A3 7E307C30 0F060355 1D130101 FF040530 030101FF 30290603
551D1104 22302082 1E426F77 5F49736C 616E6453 43414441 2E796F75 72646F6D
61696E2E 636F6D30 1F060355 1D230418 30168014 0AEF8942 249D4EF1 A18B1BA6
389822CB 16CB4922 301D0603 551D0E04 1604140A EF894224 9D4EF1A1 8B1BA638
9822CB16 CB492230 0D06092A 864886F7 0D010104 05000381 81008DC2 DFF3604C
93BE4175 7078AC30 7391F8AF 4A15E116 C53D523E 12F6B5F4 15CA5635 C12576F7
0D5D1A2A F330F781 459F3418 7E82FFBD 2679E17C CDF07A4F A257B599 E7CCC9C6
38617B96 F2E66F0D 6BFBC000 524B377B 969D51BD 48A9BF8F 8C0220D4 BB249435
08688D18 794CAFB3 1F74F2F9 4E0C0245 AEA8E55A 2AE758A0 36CC
quit
dot11 syslog
no ip source-route
ip dhcp excluded-address 10.11.101.1 10.11.101.99
ip dhcp pool ccp-pool1
import all
network 10.11.101.0 255.255.255.0
default-router 10.11.101.1
ip cef
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
ip inspect log drop-pkt
no ipv6 cef
multilink bundle-name authenticated
username *UserName* privilege 15 secret 5 $1$1O79$nIJGrBD9hCpDqheT3mDsC1
username VPNuser secret 5 $1$nPz8$Cni5jyIWv9zlKAU3B5no9.
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key *Key* address *External VPN IP Address*
crypto isakmp client configuration group VPN_Users
key *Key*
pool *VPN_pool*
acl 102
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to*External VPN IP Address*
set peer *External VPN IP Address*
set transform-set ESP-3DES-SHA
match address 103
archive
log config
hidekeys
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-any SDM_BOOTPC
match access-group name SDM_BOOTPC
class-map type inspect match-all sdm-cls-VPNOutsideToInside-1
match access-group 105
class-map type inspect match-any SDM_DHCP_CLIENT_PT
match class-map SDM_BOOTPC
class-map type inspect match-all CCP_SSLVPN
match access-group name CCP_IP
class-map type inspect match-any SDM_AH
match access-group name SDM_AH
class-map type inspect match-any SDM_WEBVPN
match access-group name SDM_WEBVPN
class-map type inspect match-all SDM_WEBVPN_TRAFFIC
match class-map SDM_WEBVPN
match access-group 101
class-map type inspect match-any sdm-cls-bootps
match protocol bootps
class-map type inspect match-any SDM_ESP
match access-group name SDM_ESP
class-map type inspect match-any SDM_VPN_TRAFFIC
match protocol isakmp
match protocol ipsec-msft
match class-map SDM_AH
match class-map SDM_ESP
class-map type inspect match-all SDM_VPN_PT
match access-group 104
match class-map SDM_VPN_TRAFFIC
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol h323
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp extended
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
class-map type inspect match-all VNC_CLASS
match access-group name VNC
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-all ccp-protocol-http
match protocol http
policy-map type inspect ccp-permit-icmpreply
class type inspect sdm-cls-bootps
pass
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect VNC_POLICY
class type inspect VNC_CLASS
inspect
policy-map type inspect ccp-sslvpn-pol
class type inspect CCP_SSLVPN
pass
class type inspect sdm-cls-VPNOutsideToInside-1
inspect
class class-default
drop
policy-map type inspect sdm-pol-VPNOutsideToInside-1
class type inspect sdm-cls-VPNOutsideToInside-1
inspect
class class-default
drop
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class class-default
drop
policy-map type inspect ccp-permit
class type inspect SDM_VPN_PT
pass
class type inspect SDM_WEBVPN_TRAFFIC
inspect
class type inspect SDM_DHCP_CLIENT_PT
pass
class class-default
drop
policy-map type inspect VNC-POLICY
class type inspect VNC_CLASS
inspect
zone security out-zone
zone security in-zone
zone security sslvpn-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security zp-out-zone-sslvpn-zone source out-zone destination sslvpn-zone
service-policy type inspect ccp-sslvpn-pol
zone-pair security zp-sslvpn-zone-out-zone source sslvpn-zone destination out-zone
service-policy type inspect ccp-sslvpn-pol
zone-pair security zp-in-zone-sslvpn-zone source in-zone destination sslvpn-zone
service-policy type inspect ccp-sslvpn-pol
zone-pair security zp-sslvpn-zone-in-zone source sslvpn-zone destination in-zone
service-policy type inspect ccp-sslvpn-pol
zone-pair security sdm-zp-VPNOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-VPNOutsideToInside-1
interface FastEthernet0
description $ES_WAN$$FW_OUTSIDE$
ip address dhcp client-id FastEthernet0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
zone-member security out-zone
duplex auto
speed auto
crypto map SDM_CMAP_1
interface FastEthernet1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
interface FastEthernet5
interface FastEthernet6
interface FastEthernet7
interface FastEthernet8
interface FastEthernet9
interface Virtual-Template1
ip unnumbered FastEthernet0
zone-member security sslvpn-zone
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$ES_LAN$$FW_INSIDE$
ip address 10.11.101.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
zone-member security in-zone
ip tcp adjust-mss 1452
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation slip
ip local pool *VPN_pool* 10.11.101.50 10.11.101.99
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source static tcp 10.11.101.10 5950 interface FastEthernet0 5950
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0 overload
ip access-list extended CCP_IP
remark CCP_ACL Category=128
permit ip any any
ip access-list extended SDM_AH
remark CCP_ACL Category=1
permit ahp any any
ip access-list extended SDM_BOOTPC
remark CCP_ACL Category=0
permit udp any any eq bootpc
ip access-list extended SDM_ESP
remark CCP_ACL Category=1
permit esp any any
ip access-list extended SDM_WEBVPN
remark CCP_ACL Category=1
permit tcp any any eq 443
ip access-list extended VNC
permit tcp any host 10.11.101.10 eq 5950
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.11.101.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 remark CCP_ACL Category=128
access-list 101 permit ip any host 70.65.185.156
access-list 102 remark CCP_ACL Category=4
access-list 102 permit ip 10.11.101.0 0.0.0.255 any
access-list 103 remark CCP_ACL Category=4
access-list 103 remark IPSec Rule
access-list 103 permit ip 10.11.101.0 0.0.0.255 10.11.100.0 0.0.0.255
access-list 104 remark CCP_ACL Category=128
access-list 104 permit ip host *External VPN IP Address* any
access-list 105 remark CCP_ACL Category=0
access-list 105 permit ip 10.11.100.0 0.0.0.255 10.11.101.0 0.0.0.255
access-list 106 remark CCP_ACL Category=2
access-list 106 remark IPSec Rule
access-list 106 deny ip 10.11.101.0 0.0.0.255 10.11.100.0 0.0.0.255
access-list 106 permit ip 10.11.101.0 0.0.0.255 any
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 106
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username privilege 15 secret 0
Replace and with the username and password you want to
use.
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
line con 0
transport output telnet
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
transport output telnet
line vty 0 4
transport input telnet ssh
line vty 5 15
transport input telnet ssh
scheduler interval 500
webvpn gateway gateway_1
ip address *External IP Address*port 443
http-redirect port 80
ssl trustpoint TP-self-signed-1097866965
inservice
webvpn install svc flash:/webvpn/sslclient-win-1.1.4.179-anyconnect.pkg sequence 1
webvpn install svc flash:/webvpn/sslclient-win-1.1.4.179.pkg sequence 2
webvpn context *VPN_pool*
secondary-color white
title-color #CCCC66
text-color black
ssl authenticate verify all
policy group policy_1
functions svc-enabled
svc address-pool "*VPN_pool*"
svc keep-client-installed
virtual-template 1
default-group-policy policy_1
aaa authentication list ciscocp_vpn_xauth_ml_1
gateway gateway_1
inservice
end -
Opening specific ports for video
Hi!
I want to open some ports for one specific host on the inside network. I want the host to be able to call out to any host on the internet. What is the easiest way to do this?
I have many public IP adresses so the inside host can easily be Natted with one of the public adresses.
/Lajja1234Easiest way,
Do a one to one translation and open the right ports on the Outside ACL..
Just like 5 commands and that will do it -
Cannot open local port whatever
Hi,
I've just downloaded AVTransmit2.java and AVReceive2.java from this website's JMF tutorial and am having a little trouble getting both classes to communicate.
I have two Command Prompt windows open and I'm trying something like
java AVTransmit2 file:C:\Whatever.au ipaddress(my machine's IP) 4000
java AVReceive2 ipaddress(my machine's IP)/4000
Whatever process I run first, the second process then tells me that it cannot open local port 4000, even though this is the port that both processes are meant to communicate on. Should I be using two different machines to communicate?
Sorry to bug everybody with this problem, it's probably been posted before but some advice would be appreciated.
ThanksErr, well, if they are both acting as servers, that's right. If you are running them on the same machine, then the first one takes port 4000 and the second one can't use it. I would think they would take 2 sets of IP and port, one for it's server port, one for it to connect to the other side...
however, I wouldn't think that the transmitter app would be using a server port. You should be starting the receiver first.
Or something else is using that port. Another receiver you started but didn't start, maybe? Some other app? It shouldn't matter what port you use. Try something else (4001, 4002, etc). -
We are auditing open TCP ports on our network equipment and discovered a number of open TCP ports on our 9216i. Is there any way to tell what the open ports are used for and shut them down if unnecessary? The show tcp command is not available. show tech did not reveal anything.
There is the standard set of ports that are open for mgmt by ssh, telnet, and SNMP v2 or v3. Additionally, there is port 80 open so you can point web browser to it and get the FM code. The list is as follows.
Common to all applications
* SSH 22 (TCP)
* TELNET 23 (TCP)
* HTTP 80 (TCP)
* SYSLOG 514 (UDP)
Fabric Manager Server and Performance Manager
* SNMP_TRAP 2162 (UDP)
* SNMP picks a random free local port (UDP) - (can be changed in server.properties)
* Java RMI 9099, 9199 to 9299 (TCP)
Fabric Manager Client
* Java RMI 9099, 9199 to 9299 (TCP)
* SNMP picks a random free local port. (UDP) or 9189 (TCP) if SNMP proxy is enabled (can be changed in server.properties)
Device Manager
* SNMP_TRAP 1163 to 1170 (UDP) (picks one available in this range)
* SNMP picks a random free local port (UDP) or 9189 (TCP) if SNMP Proxy is enabled (can be changed in server.properties)
You can shut off telnet in lieu of ssh in the configuration. Also, it is possible to use access-lists on the mgmt ports to limit IP addresses/ports/etc. Also, don't forget that the IPS ports will be listening for FCIP and ISCSI if enabled. -
How can i open ftp port(s)?
Hi,,
I have attached to my AE a Internet HD - WdMyCloud.
I've tried connect to my MyCloud outside my network without success (from a imac - ftp and afp)
What am I doing wrong? When I'm on the same network I do connect through ftp , but when I'm away home I can't .
Here's a print screen of my Airport Extreme configuration . Someone could help me please?
https://www.dropbox.com/s/a48jexr3dlokod7/Screen%20Shot.jpg?dl=0Port 5900 is for VNC (screen sharing), the WD will not support VNC. Leave that port alone.
What you want to to is complex to setup securely…
Enable ssh on the WD.
Fix the WD's IP local address on the router so that it is always the same (this makes port forwarding stable).
On your router open a port to use ssh…
Port 22 is 'privileged' & is often scanned by bots just like port 21, choosing another port will reduce that exposure to an extent (a determined hacker will still know ssh is running on this port).
Pick port 23895 or something else high (over 1024) that is the external port to use to 'dial in'. The router needs to direct to the internal port 22 on the WDMyCloud.
To test the connection use ssh in Terminal (do this from inside & outside the WD network)…
ssh -p 23895 username@external-IP-address
accept the 'ID' if they match (first time only, unless the IP changes)
enter password for username
This allows you to run commands or browse files via Terminal commands etc.
Type exit & hit return to leave the remote session.
You can also use apps like Panic's Transmit to mount the share points over ssh or sftp - frankly it's easiest to stop here - Transmit has a 'mount remote disk' feature that basically does the same as Connect to server in Finder. Use ssh or sftp as the settings & it will be secure.
Mounting remote in Finder
If you want to mount the disk via AFP in Finder you need to use 'ssh local port forwarding'. The principle is to forward a custom local port through the ssh connection to the AFP port on the WD.
This will setup the forward…
ssh -p 23895 username@external-IP-address -L 22548:localhost:548
Note -L is 'local forward' here it uses local port 22548 on localhost to connect to 548 on the remote end.
Then you can connect in Finder to localhost.
afp://username@localhost:22548
You are connecting to the local port 22548, which is actually a tunnel to the WD's port 548.
Some things to note.
You need to disconnect & kill the ssh connection when finished, otherwise the local forwarded port will remain in use, this prevents connections & makes it frustrating.
Your external IP address may change depending on your ISP & internet service type, whatsmyip.com will help you see changes but only from inside the network. dyndns.com or no-ip.org can help with this issue. Either the WD or the router should be made responsible for updating any dyndns records.
I haven't mentioned setting up ssh keys, there are many guides on the web. Once keys are setup you can disable password login via ssh on the WD, just be aware that if the keys do not work you get locked out of ssh - potentially catastrophic on these NAS's that have limited access. Transmit will use keys saved in your user account.
Local forwarding seems complex (it is) but once it works you can save the commands in two scripts, one to connect & mount the disk(s), another to disconnect & kill the ssh connections. It makes life easier. Transmit skips the need for these altogether.
I suspect that is very scary, sorry it is just complex to setup. Test locally is my advice (use the internal IP when inside), then move onto testing from outside. If you have an iPhone apps like Prompt or iSSH can allow you to test connections via cellular data which is outside the LAN.
I'll try to clarify if you have questions, but it's very difficult to troubleshoot via forums, so good luck -
802.1x - Issue with command: authentication open
The issue we are running into is that when we initially deployed 802.1x we had the command “authentication open” on all of our switch ports. We ran a CscoWorks job last week Thursday to remove that command from all of our ports. Since that time we have ran into a couple of weird issues where the device was powered up but the switch port would show notconnect when doing a show int status but the speed would show a-1000 and duplex would show a-full. There would be no mac address listed when doing a “show mac add int ‘interface’” and the device would be in the MAB running state. This is happening on devices that are supposed to be doing 802.1x and MAB authentication, if we put the command “authentication open” back onto the port it showed connected and mac address. Now we have over 1000 switches on the network with this command removed and so far have only ran into a couple of these odd ball problem ports so at this time it is not happening widespread but would like to take care of the issue or figure out why this happening before it does.
On the 2960's we are running 12.2(55)SE5, on the 6500's we are running 15.1(1)SY
We didn't use any kind of ACL because we start all of our switch ports into a black hole vlan. I have been watching sessions from Cisco Live 2012 and looks like Cisco is now recommending that you don't go closed mode unless absolutely necessary because it is hard to maintain and function. -
I am having trouble viewing iStore. It appears as if its a Flash issue, as several minutes after logging in to iStore I get a non-flash page of iStore in my iTunes window. I have re-installed everything and tried opening all ports in router, and used msconfig to bring up each service individually to see if there is an effect.Flash and iTunes have been re-installed ...any ideas?
I agree. I don't rely on iCloud as a backup, that is what I have my portable hard drive for. Its 500 GB so I can hold my entire iTunes library several times over on it. I have all my movies on my hard drive, but somehow "The Mist" got deleted off of my hard drive, so I figured "Well, the option to redownload an already purchased movie is available through iCloud, I'll just do that!"
And permissions and download availability have nothing to do with it, the movie's still there, it still allows me to redownload it. The only problem is when I click download, I get that message.
And nobody else uses my computer, but I do have multiple accounts authorized on it. Even still though, I am attepmpting to download it through the account I purchased it under. :/ -
Open same port for multiple servers.
I am sorry if this sounds rudimentary, but I wanted to make sure. I want to open up port 80 to more than one web server. I already have port 80 open on one public IP address and have another one ready to use for another server. My assumption is that I should just be able to create a policy using the additional IP address and use port 80 without any issues. Is that correct to assume? I would also like to know, how one would do this is they only had one public IP address. I believe these should be relatively easy questions for the experts here. Thanks.
If you have a netblock from which you can assign multiple IP addresses then, yes - just asign additional access-list entries and static NAT entries.
If you only had a single (or limited number all in use) public IP address then you would have to use some sort of PAT (port address translation). for instance:
server 0 is <outside address>:80
server 1 is <outside address>:81
server 2 is <outside address>:82
..etc. Your remote users would then have to specify the non-default port (80/81/82) when browsing to the site. -
How can I open the ports with the Airport Extreme?
I have an Airport Extreme Base Station connected to a cable modem and I want to open the ports for the two Playstation 3's I connected to the Airport Extreme via Cat 6 ethernet cable. The first Playstation 3 will be used to play Call of Duty Modern Warfare 2 and the other Playstation 3 will be used to watch streaming movie from Netflix. Does anyone know if this can be done?
It is documented on Page 54 of Apple's "Designing
AirPort Networks Using AirPort Utility Mac OS X v10.5 + Windows" (direct PDF download link).
The public port and private port would be set the same value. -
How do I port forward or open a port on the Airport time capsule to hook p a security system?
I have an airport time capsule and a security system. The installer doesn't know anything about using routers etc, especially on a mac. They say I have to port forward or open a port specifically of this device. I have very few skills when doing this IT type. Is this hard to do? Can I do it myself? He wants to get an IT guy out? $55 an hour, how long would it take? Thanks in advance for anyone who can help!
The method is here.
AirPort - Port Mapping Basics using AirPort Utility v6.x
If you need to get someone in, it depends.. The TC can be recalcitrant.. due to your setup of it following the apple guides.. and it depends on the security system and how simple that is.
There are multiple issues.. for example how do you find your IP address from the web when you have dynamic IP from your ISP.
Do you intend to setup dynamic DNS? Can the camera /dvr system handle Dynamic DNS?
I recommend you read very carefully the instructions for what has been installed.. because merely opening the port is only a small part of the issues involved in remote access to the security system. -
Wireless CCTV - need to open a port
Hi All;
I have a wireless monitoring system (CCTV) for my home that can be accessed remotely though my IPhone or IPad when I am away.
It works great while I am at home on my wireless network but I cannot get access when on a remote Wi-Fi.
Apple Store here says I need to open a port in my Time Capsule to allow access when I am outside my network.
Anyone have instructions or can step by step it for me?
Thanks in Advance.
MarkThanks for the reply William;
I actually contacted the manufacturer and they sent me a step by step instruction including, as you suggested the ports that the cameras use.
Once we get through this Christmas season ... will get it all set up.
Thanks again
Mark
Maybe you are looking for
-
Issue in using BIAccelerator with Business Objects WebIntelligence report
Hi, I am trying to improve performance of Webi Reports on BW queries (with huge data load) with BI Accelerator. When I run one BW query (with millions of records) in Bex 7, am getting data within no time when I used BIA. When I run Webi report on uni
-
Hi there, Can you pls help why this error is coming? code in post query (previous state it was working): GET_CAUSAL_FACTOR_DESCRIPTION; GET_SUPPLIER_NAME; SETTLEMENT_STATUS_AMOUNTS; New code in Post query: DECLARE cur_itm VARCHAR2(80); cur_block VARC
-
Hi. I can connect my 80G classic to the TV for videos and such, no problem. Sound and image perfect. But, I was hoping that I could view my music lists as Coverflow, or a menu, on the TV thru the component cables. I can only view the videos and films
-
Finding the number of Non-Blank Line in a File
Does anyone know the command or how to find the number of non-blank lines in a text file? I have the program already reading characters, words, and total lines. BufferedReader FileIn = new BufferedReader( new FileReader( selectedFile ) );
-
This is to all of you who have switched from Tiger to Leopard: Was it a good switch? Martin.