Cannot get the PPTP server

Hello

Im having a problem with getting PPTP access on a windows 2008 behind a cisco 877 SRI, I have forwarded port 1723 and open the firewall to allow access to this server. I also welcomed access accord, but even if I connect an external source timeout saying that the gre is not allowed.

Current configuration: 9271 bytes
!
! Last configuration change at 15:14:23 London Saturday, August 8, 2009 by sa_mprit
!
version 15.0
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
no password encryption service
!
DSL-RT01 hostname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
recording console critical
!
No aaa new-model
!
!
!
clock timezone London 0
London summer time clock day March 30, 2003 01:00 October 26, 2003 02:00
!
Crypto pki trustpoint TP-self-signed-1816409427
enrollment selfsigned
name of the object cn = IOS - Self - signed - certificate - 1816409427
revocation checking no
rsakeypair TP-self-signed-1816409427
!
!
TP-self-signed-1816409427 crypto pki certificate chain
certificate self-signed 01
3082024E 308201B 7 A0030201 02020101 300 D 0609 2A 864886 F70D0101 04050030
2 060355 04031326 494F532D 53656 C 66 2 AND 536967 6E65642D 43657274 31312F30
69666963 31383136 34303934 6174652D 3237301E 170 3039 30373238 31333332
35325A 17 0D 323030 31303130 30303030 305A 3031 06035504 03132649 312F302D
4F532D53 5369676E 656C662D 43 65727469 66696361 74652 31 38313634 65642D
30393432 3730819F 300 D 0609 2A 864886 01050003, 818, 0030, 81890281 F70D0101
6933 D 627 D982F02B A85BF10E 591869 3 715278DF 1412C7A8 E42F3DE4 8100E1C7
58F2D9EB 43A32AB5 D43B48C5 4735E024 5D229CB3 36375B9A 3DC5E55D 55C69AD4
877CFEF8 C54B34AD 5D73B7CC 6D2EB63F 7BA81664 4B59D619 48CB69BD 93142805
2C4CCE00 D49E663D 54F36FA7 4D4592A8 545E592A 36D509F6 E1F8CE02 944B 3433
010001A 3 76307430 1 130101 FF040530 030101FF 30210603 0F060355 AD4B0203
551D 1104 1A 301882 525430 2 312E7061 72656E74 612E636F 2E756B30 1644534C
1 230418 30168014 462B7C7E E7EE730E 95F7CAEF CE974136 805E2F70 1F060355
301D 0603 551D0E04 16041446 2B7C7EE7 EE730E95 F7CAEFCE 5E2F7030 97413680
010104 05000381 81003CEA 10D5184C F50B35B0 19DA715D 0D 864886F7 0D06092A
22874030 27 09141D 51BA0489 3FFFBE8B 0C0EDCE6 3ABEE3CF AAF83862 C178C55B
BCF01226 5E32444C 7A21611F 08C75C70 F02E1C12 5A36EC54 C1FE5B39 F61787EF
FF1CC867 B3224BDE ECCA809F DBA889FB 3C812B28 6ABEE177 074D9ABE 03E46590
851B7A08 AC62034E 35A895C8 E3181FEB 8108
quit smoking
dot11 syslog
IP source-route
!
!
!
!
IP cef
no ip bootp Server
IP domain name parenta.co.uk
Server name xxx.xxx.xxx.xxx IP

Server name xxx.xxx.xxx.xxx IP

user-Protocol IP port-map - 1 tcp 3389 port
No ipv6 cef
!
Authenticated MultiLink bundle-name Panel
!
!
!
username privilege 15 password 0 xxxx xxx

username privilege 15 password 0 xxxx xxx
!
!
!
type of class-card inspect entire game TSRDP
corresponds to the user-Protocol - 1
type of class-card inspect sdm-cls-sdm-pol-NATOutsideToInside-1-2 correspondence
corresponds to the TSRDP class-map
match the name of group-access TSRDP
type of class-card inspect sdm-nat-user-protocol--1-1 correspondence
game group-access 101
corresponds to the user-Protocol - 1
type of class-card inspect CRDPM match-all
corresponds to the user-Protocol - 1
type of class-card inspect sdm-cls-sdm-pol-NATOutsideToInside-1-1 correspondence
corresponds to the CRDPM class-map
Access-group name CRDPM
type of class-card inspect all sdm-cls-insp-traffic game
match Protocol cuseeme
dns protocol game
ftp protocol game
h323 Protocol game
https protocol game
match icmp Protocol
match the imap Protocol
pop3 Protocol game
netshow Protocol game
Protocol shell game
match Protocol realmedia
match rtsp Protocol
smtp Protocol game
sql-net Protocol game
streamworks Protocol game
tftp Protocol game
vdolive Protocol game
tcp protocol match
udp Protocol game
inspect the class-map match sdm-insp-traffic type
corresponds to the class-map sdm-cls-insp-traffic
type of class-card inspect entire game SDM_GRE
match the name of group-access SDM_GRE
type of class-card inspect entire game VPN
corresponds to the SDM_GRE class-map
match Protocol pptp
type of class-card inspect correspondence sdm-nat-pptp-1
game group-access 104
corresponds to the VPN class-map
type of class-card inspect all SDM-voice-enabled game
h323 Protocol game
Skinny Protocol game
sip protocol game
type of class-card inspect all sdm-service-sdm-pol-NATOutsideToInside-1 game
match Protocol pptp
match Protocol isakmp
type of class-card inspect all match sdm-cls-icmp-access
match icmp Protocol
tcp protocol match
udp Protocol game
type of class-card inspect correspondence sdm-icmp-access
corresponds to the class-map sdm-cls-icmp-access
type of class-card inspect correspondence sdm-invalid-src
game group-access 100
type of class-card inspect correspondence sdm-Protocol-http
http protocol game
type of class-card inspect correspondence sdm-nat-https-1
game group-access 102
https protocol game
type of class-card inspect correspondence sdm-nat-ftp-1
game group-access 103
ftp protocol game
!
!
type of policy-card inspect sdm-permits-icmpreply
class type inspect sdm-icmp-access
inspect
class class by default
Pass
type of policy-card inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class type inspect sdm-nat-https-1
inspect
class type inspect sdm-nat-ftp-1
inspect
class type inspect sdm-nat-pptp-1
inspect
class type inspect sdm-cls-sdm-pol-NATOutsideToInside-1-1
inspect
class type inspect sdm-cls-sdm-pol-NATOutsideToInside-1-2
inspect
class class by default
Drop newspaper
type of policy-map inspect sdm - inspect
class type inspect sdm-invalid-src
Drop newspaper
class type inspect sdm-insp-traffic
inspect
class type inspect sdm-Protocol-http
inspect
class type inspect SDM-voice-enabled
inspect
class class by default
Pass
type of policy-card inspect sdm-enabled
class class by default
drop
!
security of the area outside the area
safety zone-to-zone
safety zone-pair sdm-zp-self-out source destination outside zone auto
type of service-strategy inspect sdm-permits-icmpreply
sdm-zp-NATOutsideToInside-1 zone-pair security source outside the area of destination in the area
type of service-strategy inspect sdm-pol-NATOutsideToInside-1
source of sdm-zp-out-auto security area outside zone destination auto pair
type of service-strategy inspect sdm-enabled
safety zone-pair sdm-zp-in-out source in the area of destination outside the area
type of service-strategy inspect sdm - inspect
!
!
!
!
!
!
!
Null0 interface
no ip unreachable
!
ATM0 interface
no ip address
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
No atm ilmi-keepalive
!
!
point-to-point interface ATM0.1
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
PVC 0/38
aal5mux encapsulation ppp Dialer
Dialer pool-member 1
!
!
interface FastEthernet0
!
!
interface FastEthernet1
!
!
interface FastEthernet2
!
!
interface FastEthernet3
!
!
interface Vlan1
Description $FW_INSIDE$
IP 192.168.0.100 255.255.255.0
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
IP nat inside
IP virtual-reassembly
Security members in the box area
!
!
interface Dialer0
Description $FW_OUTSIDE$
xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx IP address
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
NAT outside IP
IP virtual-reassembly
outside the area of security of Member's area
encapsulation ppp
Dialer pool 1
Dialer-Group 1
PPP authentication chap callin pap
PPP chap hostname xxx

PPP chap password 0 PARENTA1
PPP pap sent-name of user password xxx xxx 0
!
!
IP forward-Protocol ND
IP http server
local IP http authentication
IP http secure server
!
!
IP nat pool WORKSTATION xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx netmask 255.255.255.248
IP nat pool PARENTANAT xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx netmask 255.255.255.248
WORKSTATION IP nat inside source list 1 pool overload
IP nat inside source static tcp 192.168.0.8 3389 3389 extensible xxx.xxx.xxx.xxx
IP nat inside source static tcp 192.168.0.4 3389 3389 extensible xxx.xxx.xxx.xxx
IP nat inside source static tcp 192.168.0.77 21 21 expandable xxx.xxx.xxx.xxx
IP nat inside source static tcp 192.168.0.77 expandable 443 443 xxx.xxx.xxx.xxx
IP nat inside source static tcp 192.168.0.4 1723 1723 extensible xxx.xxx.xxx.xxx
IP nat inside source static tcp 192.168.0.3 3389 3389 extensible xxx.xxx.xxx.xxx
IP route 0.0.0.0 0.0.0.0 Dialer0
!
CRDPM extended IP access list
Note = 128 SDM_ACL category
IP enable any host 192.168.0.4
SDM_GRE extended IP access list
Note the category CCP_ACL = 0
allow a gre
TSRDP extended IP access list
Note = 128 SDM_ACL category
IP enable any host 192.168.0.8
!
recording of debug trap
Note access-list 1 INSIDE_IF = Vlan1
Remark SDM_ACL category of access list 1 = 2
access-list 1 permit 192.168.0.0 0.0.0.255
Access-list 100 = 128 SDM_ACL category note
access-list 100 permit ip 255.255.255.255 host everything
access-list 100 permit ip 127.0.0.0 0.255.255.255 everything
access-list 100 permit ip 81.142.74.120 0.0.0.7 everything
access-list 100 permit any one
Remark SDM_ACL category of access list 101 = 0
IP access-list 101 permit any host 192.168.0.3
Note access-list 102 SDM_ACL category = 0
IP access-list 102 permit any host 192.168.0.77
Note access-list 103 SDM_ACL category = 0
IP access-list 103 allow any host 192.168.0.77
Note 104 CCP_ACL category = 0 access-list
IP access-list 104 allow any host 192.168.0.4
104 permit any one access-list
Dialer-list 1 ip protocol allow
not run cdp

!
!
!
!
!
control plan
!
!
connection of the banner ^ CThis is a managed router if you are not the administrator of this router please close now ^ C
!
Line con 0
no activation of the modem
line to 0
line vty 0 4
privilege level 15
local connection
transport input telnet ssh
!
max-task-time 5000 Planner
end

Any help would be great

Thank you very much

Hi Alex,

In the configuration, I see you have inspected the GRE traffic on the network. ZBF cannot be inspected no - IP traffic must be defined 'pass' to that action while keeping the action "inspect" for pptp traffic. Once you do this, you will also need to 'pass' traffic WILL return to the area to the area.

If this still doesn't resolve your problem, turn on the audit trail using "ip inspect the audit trail" and check the logs to see what traffic ZBF drops and acts accordingly.

Tanveer Dewan

[email protected] / * /.

Tags: Cisco Security

Similar Questions

  • WRT54GL cannot get the PPPoE server IP address

    Try to get the WRT54GL installation and cannot operate.  I get "unable to get an IP address from the server. PPPoE. I followed the troubleshooting tips and repowered everything.  I've even set up the network using static IP address and it worked for a few days that their death. I hope that it died when the IP address has changed.  I've seen a few suggestions to make the connection, it done it via Control Panel > network connections > bridged connections? Help, please!

    I think I finally have this thing resolved!  Set up as DHCP and then another post I went to the router, and click configuration on the sub-tab page clone mac address, enabled and clicked done, saved settings and it worked! I really hope that it continues to work! Now, if someone could explain to me how it does the job, I'd appreciate it.

  • I'm in the Mexico and can browse the web but cannot get the roadrunner site to open the webmail server to allow access to e-mail.

    I'm in the Mexico and can browse the web but cannot get the roadrunner site to open the webmail server to allow access to e-mail. I worked around it through another proxy server, but navigation is a pain. does anyone know a solution to this problem? Roadrunner denies that it doesn't clog and so did the modem service here which is telmex?

    [moved]

    I had the same problem 2 weeks while in the Mexico.  I contacted the support TWC and the person to whom I spoke said he had to unlock something.  When he did, all my mail came in Outlook in the spam folder.  It was OK because I got my mail.

    I moved to a different House and now have the same problem again.  I've contacted support TWC and not had much luck. The second level support person and I spent more than an hour, the call of the Mexico using Vontage.  He has not found anything by the previous call that guided him by setting this time.  He said that he would open a ticket and call me in the next 24 to 48 hours.

    Is it reminds and solves the problem, I'll post how it was corrected.

    Amigos audio!

  • Windows 2008 R2 as a guest cannot get the IP address of the server (VMware workstation 7.1.3 on Windows 7) professional

    Hi gurus,

    I installed VMware workstation 7.1.3 on my Windows 7 laptop professional x64bit and I can run my old VM (XP) without any problems in this regard. And I tried to install a new client (Windows 2008 R2 Standard x 64) on this subject, when I put the NETWORK card in the deck, he cannot get the IP address from my DHCP, always show me error "Windows has detected an IP address conflict...". ", I tried the IP static installation for her also, same result.

    I tried to install a new windows Server 2003 as a guest (also defined as a network bridge), it works very well, can get the IP address from my DHCP or can set a static IP address with no problems. Does anyone have a similar experience on this combination? Any solution to this issue?

    Best regards

    BUGBUG

    I recently managed to get bridge network work with a Windows Server 2003 R2 SP2 guest in VMW Workstation 7.1.4.385536 on a host Windows 7 SP1 Ultimate.

    VirtualBox 4.0.4.70112 is installed on the host and disabling the 'VMware Bridge Protocol' in the 'VirtualBox in Ethernet Adapter"on the host was necessary.

    Outpost Firewall Pro 7.1.0.3415.520.1247 is also installed on the host computer and I used some information from the link below to add some necessary firewall rules.

    http://www.agnitum.com/support/KB/article.php?id=1000061

  • Errro: Cannot save the Terminal Server when he tried to use the program Sony Vegas

    Original title: cannot save the Terminal Server.

    I'm having a problem using my program "Sony Vegas". It worked OK. But now gives me an error. "Cannot save the Terminal Server. I don't know if this a problem of Windows, or Sony Vegas. Please tell us how to solve this problem. Thank you.

    Hi barnstable,.

    Try these steps and check the result.
    Step 1: Check if the Terminal Services service is disabled
    a. Click Start, click Run.
    b. type services.msc, and then click ok.
    c. in the list of services, double-click Terminal Server Services.
    d. change the startup type to automatic and start the service.
    e. click ok to apply the changes.
    f. check if the problem persists.

    Step 2: If the problem persists, uninstall and reinstall the program Sony Vegas
    see How to change or remove a program in Windows XP .
    b. Once you have deleted the program, restart the computer.
    c. reinstall the program.

    For additional support, get in touch with Sony support team.

    Visit our Microsoft answers feedback Forum and let us know what you think.

  • I replaced a HP with an Epson Stylus all-in-one printer and cannot get the printer to print more than one page when printing from the computer.

    Original title: new printer

    I replaced a HP with an Epson Stylus all-in-one printer and cannot get the printer to print more than one page when printing from the computer.  The printer works fine when printing from a laptop or ipad!

    Start by going here--> http://www.epson.com/cgi-bin/Store/support/supDetail.jsp?UseCookie=yes&oid=232591&prodoid=63099059&infoType=Downloads&platform=nodetect

    If the web page has not correctly detected your operating system, select it by using the drop-down list.  Rather than using the "Combo package" recommended but huge, expand the "Drivers" section and download driver printer v2.32 to a location that you will remember later.

    • Click on the ORB start and go into devices and printers.
    • Select (click) the icon of your Epson printer.
    • Once you have selected the printer, a button labeled "Print server properties" will appear in the toolbar.  Click on this button.
    • Click the "Drivers" tab on the print server properties dialog box.
    • Select the Epson printer in the list of installed printer drivers, and then click 'remove '.
    • In the context menu, select "Remove driver and driver package" and click OK
    • Click Yes, and then delete
    • Once the removal process is complete, restart the computer (probably not really necessary, but can't hurt)
    • Install the driver and the software using the file that you downloaded earlier

    At this point, your printer should work fine.  However, if you want the ability to print by emailing a file to your printer, you may need to install both 'Remote Printer Driver v1.65' in the category 'Pilot' and "v1.30 utility Configuration of printer Epson Connect" in the "Utilities" category

  • Cannot start the vCenter Server Service

    Cannot start the vCenter Server Service. To get this message to control the attached screenshot

    2013-09 - 03T 21: 34:18.800 + 05:30 [info 03612 'utilvpxdVdb'] [VpxdVdb::SetDBType] connect to DSN: VMware vCenter with username

    2013-09 - 03T 21: 34:18.800 + 05:30 [03612 error 'utilvpxdVdb'] [VpxdVdb::SetDBType]: database error: ODBC error: (IM002) - data [Microsoft] [ODBC Driver Manager] source name not found and no default driver specified

    2013-09 - 03T 21: 34:18.800 + 05:30 [03612 "Default" error] error obtaining configuration information from the database

    This looks like a problem in the registry for the part of the database or a correctly configured system DSN.

  • Cannot get the password or re-establish the link. What should I do?

    Cannot get the password or re-establish the link. What should I do? Reset email is never sent. This master password"... How do you define? I'm locked out of Thunderbird. Help

    Maybe he's trying reset Pasword Thunderbird Master as I'm doing? I copy the code and paset in the console tools\error and press Evaluate. I wonder if I want to reset the Master PW and I say yes, then I get a saying that the Master PW has been reset. Maybe he's looking for an e-mail to tell him that the IPL has been rest to? But the problem is, nothing happens when the password has been reset, msg is sent. TB continues to request the password. I have not changed my PW and when I enter the good PW, TB does not recognize. And reset the PW Master does nothing but generate Pop up messages. It's very frustrating. The information in the help files are not accurate, or the code provided does not work although it generates messages indicating that the IPL has been reset.

  • Apple TV 4th generation-cannot get the Facetime in fashion landscape on my Samung TV

    Apple TV 4th gen TV OS 9.1

    When I do Facetime since my phone / Ipad and started airplay on my Samsung TV I cannot get the Facetime in landscape mode or mode full screen when I Flip horizontally Facetime.

    Only it shows vertical - left and right of the screen I see black spots. Is this a bug in the software?

    If you do not enable airplay after that you started to facetime and it runs in landscape mode?

  • Cannot get the file to be imported.

    I tried the method of JoseIbarra - I did as suggested but cannot get the file to be imported in the services file. He never asked me if I wanted to add the information in the registry, so it is still on the office. Don't know what to do from here.

    Please stick to the initial conversation.

    Is this you speak of course (*first conversation*):
    http://answers.Microsoft.com/en-us/Windows/Forum/windows_xp-system/how-do-i-get-print-spooler-back-into-my-Windows-XP/ed014329-1bd3-458d-9C93-bbb306fc731f

    You also made this one:
    http://answers.Microsoft.com/en-us/Windows/Forum/windows_xp-system/print-spooler/c4610093-a96f-4476-B263-eecf5b8fc339

    (but please do not reply to this one...)

    And this one:
    http://answers.Microsoft.com/en-us/Windows/Forum/windows_xp-system/continuation-of-print-spooler-problem/0e885d7b-3e64-42ee-A248-9d9f2a8e26c5

    (Even once - keep the * first conversation * going.)  Written on it.  Show how this conversation continues spreading around.)

    BTW - my suggestion has not changed.  I still think that you get just around issues that still exist, probably, by fixing the little things you need at a given time.

    Backup important files/folders (for you) (including documents, photos, music, Favorites, Internet favorites, files installable application, serial numbers, product keys, spreadsheets, you saved to the desktop email, etc.) and wipe the disc completely - I'd even a zero writing on the disc (formatting) before installing the operating system from the original installation media.  Then install your applications and restore your files.

    As to what they were asked to do... Always seems that you saved the file as a *. TXT file and not a *. REG or there is much more wrong with your machine (see my suggestion above.)

    Visit this web page to look at the photo on the left (a first) to see the screenshot of the possible is the desktop icons and let us know if it looks like the left or right of each photo version (answer here or in the longer conversation.)  * Ignore the first part of the file name - as you might have named something else than "addspooler."

    To check if you saved incorrectly or if there is something wrong with your system (or two) - right click on the file you saved and choose 'Properties' from the menu you get.  Under the 'Général' tab, she said, "file Type: registration entries (.reg)" and "opens with: Registry Editor" or something similar?  Visit this web page to look at the picture on the right (second) to see the screenshot of the possible look at the windows of the property and let us know if it looks like the left or right of each photo version (answer here or in the longer conversation.)  * Ignore the first part of the file name - as you might have named something else than "addspooler."

  • cannot get the keyboard to select windows xp when I have only four seconds to select is stuck on windows xp professional and cannot get the keyboard to use arrows to select

    cannot get the keyboard works when reebooting said cd I need driver sata when reebooting he gives four seconds to schrol up to windows xp but the line is highlighted on a windows xp profesional bellows and can't seem to choose windows xp on its own keyboard wont respond but lights from F1 or f2 f3 until f12 choose please help

    A few old machines will not recognize a USB keyboard/mouse until after Windows starts.  Look at the back of your computer and see if you have a PS/2 (round) connector for a keyboard and a mouse.  If you do, then you will need to use a keyboard with a round PS/2 connector or a USB-to-PS/2 adapter and plug the PS/2 connector on the back of your computer so that it recognizes the keyboard until Windows starts on your keyboard.

    The SATA driver applies to your hard drive.  A CD of start-up/installation of Windows XP does not recognize a SATA hard drive.  If you install Windows, you will need to hit F6 at the right time and insert a floppy with the SATA driver on this subject.

    HTH,
    JW

  • Opening photos I get the error "Server execution failed" so it displays the link to the windows photo gallery is broken

    I lost the ability to click on a pphoto in the photo file and opened it. I get the error "Server execution failed" it seems that the link to the windows photo gallery is broken. If I choose the open arrow and click the Windows Photo Gallery, and then the picture will open. How to restore the link so I can click on the picture and may he open it?

    original title: opening photos

    Looks like you have a lot more problems of system
    implies that this can be resolved in this forum.

  • RV325, firmware v1.3.1.10, how to disable the PPTP server

    Hello community,

    I have a problem with our RV325. After a reset the PPTP server is enabled by default. Any attempt to save the form in the "PPTP server" settings causes an error as shown in the attached screenshot. I think it's a security issue. Does anyone have an idea how to disable? Pourrait restoration from a manually edited saved startup configuration work?

    EDIT: I managed to block attempts to connect PPTP with the firewall by refusing port 1723, but I still prefer to stop the PPTP server somehow.

    Hello

    I hope you do well, I want to let you know that there are some problems with this version, so it is improved. So I advise you to wait for updated firmware.

    Kind regards

  • RV220W works only with the PPTP server on one VLAN only

    Hello

    I have a RV220W (firmware 1.0.3.5) but I can't seem to work with the PPTP server on one VLAN only.

    My default VLAN is in 192.168.1.1/24.

    I created a VLAN ID 10 in 192.168.50.1/24 inter - vlan routing: disabled and device management: disabled.

    (Menu network > LAN > belonging to a VLAN and multiple VIRTUAL local network subnets).

    Then I configured a PPTP server on the IP 192.168.50.200 to 192.168.50.210 range.

    Finally, I created my user.

    (Menu VPN > IPSEC > VPN users).

    The PPTP tunnel is at work, but on all of my local network and not only the VLAN ID 10.

    Any idea? ...

    This seems to be a limitation of the firmware 1.0.3.5. Firmware 1.0.4.x will support the rules on access inter - VLAN, which I hope, can be used to restrict traffic VLAN by default your VLAN ID 10.

  • ERROR: Cannot get the size of the logical block for spfile

    Ran across the following error in the log of alerts for a the 2 node RAC database:

    ERROR: Cannot get the size of the logical block for spfile "+ XXXXXX_SYSTEM/XXXXXX/spfileXXXXXX.ora".

    Looked in MOS and found nothing.  Has anyone go through this before?  If so, what is the cause?

    Just received a resolution of Support from Oracle.  They said that this is a benign error and can be ignored.  Here is their answer to my SR:

    ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    OK, after reviewing all that there seems to be no problem to fix. All configurations are correct. We believe that these errors are benign and can be ignored.

    COMMENTS

    ===============

    -L' ASM instance is online.

    -The Diskgroup: + XXXXXX_SYSTEM is mounted and has the physical and logical of 512 bytes sector size.

    -No error message in the alerts ASM journal.

    In light of the facts above, the message "ERROR: could not get the size of the logical block for spfile" seems benign and can be ignored.

    However, to avoid these messages, as a workaround, you can try creating the spfile pfile '+ XXXXXX_SYSTEM/XXXXXX/spfileXXXXXX.ora' and then try to create spfile diskgroup + XXXXXX_SYSTEM using this file pfile.

    ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Maybe you are looking for