cannot ping in dmz subnet from inside the subnet
Hey guys
can someone pls take a look at this config in my 515 and tell me why I can't ping from host 10.2.1.20 (connected inside interface) to host (connected to the dmx interface) 10.3.1.20...
Thanks ;)
6.3 (3) version PIX
interface ethernet0 car
interface ethernet1 100full
stop 100full interface ethernet2
interface ethernet3 100full
stop 100full interface ethernet4
interface ethernet5 100full
ethernet0 nameif outside security0
nameif ethernet1 inside the security100
ethernet2 intf2 security2 nameif
nameif ethernet3 intf3 interieure4
nameif ethernet4 intf4 securite6
nameif dmz security50 ethernet5
enable password xxxx
passwd xxxx
hostname MYHOSTNAME
domain MYDOMAINNAME.local
fixup protocol dns-length maximum 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol 2000 skinny
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names of
inside_access_in ip access list allow a whole
pager lines 24
Outside 1500 MTU
Within 1500 MTU
intf2 MTU 1500
intf3 MTU 1500
intf4 MTU 1500
MTU 1500 dmz
IP address outside 61.29.xxx.xxx 255.255.255.248
IP address inside 10.2.1.11 255.255.255.0
No intf2 ip address
No intf3 ip address
No intf4 ip address
10.3.1.11 dmz IP address 255.255.255.0
alarm action IP verification of information
alarm action attack IP audit
no failover
failover timeout 0:00:00
failover poll 15
No IP failover outdoors
No IP failover inside
no failover ip address intf2
no failover ip address intf3
no failover ip address intf4
no failover ip address dmz
history of PDM activate
ARP timeout 14400
Global interface 10 (external)
NAT (inside) 10 0.0.0.0 0.0.0.0 0 0
NAT (dmz) 10 10.3.1.0 255.255.255.0 0 0
static (inside, dmz) 10.2.1.0 10.2.1.0 netmask 255.255.255.0 0 0
inside_access_in access to the interface inside group
Route outside 0.0.0.0 0.0.0.0 61.29.xxx.xxx 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225
H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00
Timeout, uauth 0:05:00 absolute
GANYMEDE + Protocol Ganymede + AAA-server
RADIUS Protocol RADIUS AAA server
AAA-server local LOCAL Protocol
Enable http server
http 10.2.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
SNMP-Server Community public
SNMP-Server enable traps
enable floodguard
Telnet timeout 5
SSH timeout 5
Console timeout 0
Terminal width 80
Thanks again
Rob
ICMP is not a stateful Protocol, so you must explicitly allow ICMP traffic on the DMZ interface. Try adding the following:
access-list dmz_access_in allow icmp a whole
Access-group dmz_access_in in dmz interface
I hope this helps.
Scott
Tags: Cisco Security
Similar Questions
-
Is it supposed to be a rattle from inside the phone?
Got a Defy a few weeks ago. Love it until yesterday when I suddenly cant' hear someone on a phone call and only the speaker/headphone works (like make a few posts down). Back to T-mobile tomorrow.
However, my phone has a deaf/rattle sound from inside the phone when you shake it, and you can feel something moving inside. I thought it was something to do with sensors/accelerometers in the phone or something, but now the internal speaker is broken I wonder if it is supposed to do this or if she actually always a hardware problem.
Phone of someone else than the same noise/do the same thing? Is it supposed to do this or not?
-Daniel
There should not be a rattle... but there is!
I have the same problem. It is caused by the battery move when you shake the phone, it doesn't have a tight fit. I used a piece of foam under the battery very thin to stop this rattle noise. Not impressed!
You will see on these forums that some users have had problems with defective headphones... so far I did not have this.
Hope that such Defys won't suffer from bad workmanship I really like the phone.
Check your battery by shaking the phone with the cover off... let me know how you go.
-
How to speed up film clip from inside the container file?
I created a Flash file (which I will call 'film 1') in which a clip was inserted. When I play the whole record, the clip rotates too slowly for my taste, but I noticed that if I go in the original movie clip file (I'll call "movie 2") to slow down and save it, back to the movie 1 and update the clip are impossible due to a motion tween that is bad (no idea about the solution which).
Is it possible to speed up the clip from inside the 1 movie? A kind of script tool or simple? I am a newbie to Flash and maybe there's an easy solution for it. Otherwise I set Movie 2, export it and re-import them inside the 1 film until I am satisfied with the result.
TIA
Kind regards
MOSHthe code below the dotted line adds two new method movieclips, playF() and stopF(). the first allows you to play the m frame movieclip to frame images per second fps n (forwards or backwards).
(for the control of accuracy (then), I have another code autocorrecteur to maintain a precise tempo.)
for use on mc1:
-
WRT54GL cannot transmit from inside the LAN port?
Hello
I have a Server servers running several (HTTP, SVN, FTP,...) inside my network.
I used to have a SMC router in the past, and of course I had to use port forwarding.
This is why I realized that when we "talk" to the server, I can 'talk' to the router that will forward requests to the right compurer, based on the NAT table. If, for example, that if I move the SVN server, I don't have to change the path to the repository, change the NAT entry is OK in this case.
If this is not understandable, here 's another report.
However, I discovered that even if my new WRT54GL seems to be much more advanced, it cannot do this. Requests made to the router from within the local network are not transferred to the right place.
Is there a way to accomplish what we need, or at least a road map? It's sad that the SMC products otherwise is not very reliable can do...
Kind regards
Matej
Well, I have it solved.
I tried to convey the SVN, HTTP, FTP, and SSH.
However, it was not working when the server IP assigned by DHCP.
When I set up (the server within the LAN) to use the static IP address, not only that port forwarding began to make sense, but I have seen web pages by typing my public IP address in the browser on a computer inside the LAN.
What surprised me, is that it only worked when the server had assigned auto private IP address. I know that these addresses change so it would not very long work, but it did not work even before that t has changed...
-
DMZ web server->; inside the database server
Suppose that a network topology looks like this:
A PIX with 3 interfaces:
interface (private public static IP 10.10.10.1) interface (public static IP of 69.110.38.35) interface (static IP private address of the 30.30.30.1) --------------------------------------------
The internal network has a {server} with the IP address of 10.10.10.2.
The DMZ has a {web server} with the IP address of 30.30.30.2.
I will welcome external guests (outside) access to the web server (30.30.30.2) via port 80.
This web server access turn the database server (10.10.10.2).
Assume that all other commands are issued. Then, I'll create an access list that allows server WWW DMZ to communicate with inside the database server.
access-list dmz-to-inside permit tcp host 30.30.30.2 host 10.10.10.2 eq 1521
Should I publish the following, too:
(1) access-list dmz permit tcp host 30.30.30.2 no matter what 80 eq
(2) access-group in interface dmz dmz
(3) static (inside the dmz) 10.10.10.0 10.10.10.0 netmask 255.255.255.0
xlate clear 4)
If so, what each of them do?
Thank you for helping.
Scott
1. Yes, the static statement "10.10.10.0 static (inside, dmz) 10.10.10.0 netmask 255.255.255.0" will disable NAT. Although it is not necessary to disable nat, however, it saves money and simple to manage. the reason for this is the traffic between the dmz and inside is private, there is therefore not necessary to apply the public ip address.
2 pix receives the package intended to 30.30.30.2 10.10.10.2. PIX examines the static statement and based on the static above statement, pix will not nat package (i.e. pix will leave the soruce address be) and send it to 30.30.30.2 via the interface of the demilitarized zone.
for example
original package - source 10.10.10.2, destination 30.30.30.2
After pix - source 10.10.10.2, destination 30.30.30.2
3. the "Clear xlate" command must be issued whenever the nat/global or static has been added/deleted/modified. This command is to force the pix to clear the existing ip translation.
for example, before you add the command "static 1.1.1.1 (indoor, outdoor) 192.168.1.100 netmask 255.255.255.255", the pix may already have an ip 192.168.1.100 translation (it might come from the nat/global). now, after you apply the static command, the pix will keep the existing translation for a certain period time. 'clear xlate' is needed to erase the old translation and so to activate the new static statement.
-
Move data directly from inside the loop
Is it possible to move data directly from inside a loop outside the structure of matter in real time? I would like a chart of the data in a structure of matter in real time outside the structure of the case. Ideally, it would include information of the real deal and then the waiting period as a '0' for false case. Attached is a version simplified VI I'm working. I tried the local variables, but they only read the first item for loop puts each cycle T/F. One idea is welcome including a complete change in the structure of the VI.
Thank you!
-
Since the reinstallation of Windows 7 I have Wifi access even if my laptop and tablet of my wife can become if the router is OK. Also, it restarts or freeze without reason. Sometimes I hear a metallic noise inside the Tower, but not always. My friend suggests a hardware problem, but has no suggestions on how to solve it.
Original title: Windows
Since the reinstallation of Windows 7 I have Wifi access even if my laptop and tablet of my wife can become if the router is OK. Also, it restarts or freeze without reason. Sometimes I hear a metallic noise inside the Tower, but not always. My friend suggests a hardware problem, but has no suggestions on how to solve it.
Hello
After a reinstall of the operating system, you must reinstall the latest drivers from your computer manufacturer's website:
Go to the website to make your computer > Driver and Software Support Section > search your computer or hardware model number > then your operating system > locate the correct drivers > download and install.
________________________________________
And you do not tell us why you did a reinstall and if there reboot/freeze before you did this reinstall.
FYI: Desktop computers normally are Wi - fi unless you install additional hardware for this.
________________________________________
Noise inside a desktop computer can be caused by fan/s or harddrives about to fail.
Go to the website of your computer manufacturer > search your computer specifications > know brand of hard drive > access the Hard Drive manufacturer's Web site > find and download hard drive Diagnostic software and make a record of start of it on the computer that you use to get here, following their instructions > test your hard drive...
See you soon.
-
Cannot ping a virtual machine, except on the host computer.
I have a host of SuSE, built on a chassis of IBM. It has a link for the failover interface. It has an IP of 10.10.138.196. SM 255.255.255.128. DG 10.10.138.129. I can ping this machine without problem. On that note, I have a virtual machine of SuSE. It has the same mask and gateway with an IP address of 10.10.138.197. It can ping the host (196) and the host can it ping. However, he cannot ping to the gateway by defaut.129. He receives a message Impossible to its own virtual interface. I have installation bridged networking early with no luck.
I tried to change the DG on the guest a.196. I have installation routes by default, and specific directions to 10.10.138.129 on the host and the guest without success. I talked to a few colleagues and they are not of course either. I need this available, so it can be used for a variety of applications.
You will not see a virtual NETWORK adapter for bridged interface, only for NAT and the host-only networking. There will be a device/dev/vmnet0, but that is not actually used to fill itself.
Your problem is that your bridged interface is bound to the wrong card on the host: it must be related to "bond0" not "eth0". You will need to re - run /usr/bin/vmware-config.pl to address which forces all running VMs to be stopped.
---
If you have found this device or any other answer useful please consider the use of buttons useful or Correct to award points.
-
read the version from inside the app
I am creating a control of update for my application. I'm using eclipse and setting the version by going to the blackberry project properties and changing the version there. Anyway for me to access this info from in the program, or is there a better way for me to set the version of project of in the program in order to access and do not have to change it in several places?
Thank you!
Here is a code that I use in my screen 'About', which I think is what you want.
ApplicationDescriptor ad = ApplicationDescriptor.currentApplicationDescriptor(); int moduleHandle = ad.getModuleHandle(); SimpleDateFormat sdFormat = new SimpleDateFormat("EEE, dd MMM yyyy"); String buildDateString = CodeModuleManager.getModuleVersion(moduleHandle) + "-" + sdFormat.formatLocal(CodeModuleManager.getModuleTimestamp(moduleHandle)); add(new RichTextField(_resources.getString(UI_ABOUT_BUILD) + " " + ad.getVersion() + ", " + buildDateString, Field.READONLY));
-
Does not work from inside the DMZ after configuring the ACL.
Hello
According to the concept of ASA, trafuc of the Interior (100 s) DMZ (50 Sec) is allowed by default. When I try to write an acl (host to host block) on the Interface inside, no other traffic runs to and from the Interface on the inside.
Everything is blocked. Previously no ACL has been mapped to the inside Interface.
Kindly help me to solve this problem and also provide the document concerning the behavior of the firewall before and after configuring the ACL.
Poster of the acl that you entered. Remember, there is an explicit deny a whole at the end of the acl. So if you want only to prevent access to a dmz machine, then it must be written correctly. Leave what you want enable dmz, deny the rest of the demilitarized zone, and then leave all the rest.
-
Problems with NAT? Can't access internet from inside the network?
I was intrigued with this problem for a few days now. I'm stuck on what could be the issue. The problem is that I can ping my router, G0/0 and G0/1, to the internet. However, since the switch and my PC, I can not ping Internet. I'm sure that everything is configured correctly, but here is my setup for the switch and the router:
Router 1:
version 15.1
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname LAN_Router_1
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 *.
!
No aaa new-model
!
no location network-clock-participate 3
!
dot11 syslog
no ip source route
!
IP cef
!
!
!
!
domain IP MyTestLab.com
8.8.8.8 IP name-server
IP-server names 8.8.4.4
No ipv6 cef
!
Authenticated MultiLink bundle-name Panel
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
Crypto pki token removal timeout default 0
!
!
!
!
license udi pid CISCO3845-MB sn FOC105013BA
username * secret privilege 15 5 *.
!
redundancy
!
!
property intellectual ssh time 60
property intellectual ssh authentication-2 retries
property intellectual ssh event logging
property intellectual ssh version 2
!
!
!
!
!
!
!
!
interface Loopback0
192.168.254.1 IP 255.255.255.255
!
interface GigabitEthernet0/0
DHCP IP address
penetration of the IP stream
stream IP output
NAT outside IP
IP virtual-reassembly in
automatic duplex
automatic speed
media type rj45
!
interface GigabitEthernet0/1
the IP 192.168.0.1 255.255.255.248
penetration of the IP stream
stream IP output
IP nat inside
IP virtual-reassembly in
GLBP 100 ip 192.168.0.4
priority GLBP 100 115
GLBP 100 preempt
automatic duplex
automatic speed
media type rj45
!
ospf Router 5
router ID - 192.168.254.1
network 192.168.0.1 0.0.0.0 area 1
192.168.254.1 network 0.0.0.0 area 0
!
IP forward-Protocol ND
no ip address of the http server
no ip http secure server
!
!
IP nat inside source list 10 interface GigabitEthernet0/0 overload
IP route 0.0.0.0 0.0.0.0 dhcp
!
access-list 10 permit 192.168.94.32 0.0.0.15 connect
access-list 10 permit 192.168.17.0 connect 0.0.0.7
access-list 10 permit 192.168.52.0 connect 0.0.0.7
access-list 10 permit 192.168.0.0 0.0.0.7 connect
access-list 10 deny any newspaper
!
!
!
!
!
!
control plan
!
!
!
!profile MGCP default
!
!
!
!
!
connection of the banner ^ C
W A R N I N GTHIS IS A PRIVATE COMPUTER SYSTEM.
This computer system, including all related equipment, network devices
(specifically including Internet access), are provided only for
authorized used.All computer systems may be monitored for all lawful, including purpose
to ensure that their use is authorized, for management of the system, to
facilitate protection against unauthorized access, and to verify security
survival and operational security procedures.Monitoring includes active attacks by authorized personnel and their
entities to test or verify the security of the system. During the surveillance,.
information may be examined, recorded, copied and used for authorized
purposes.All information, including personal information, placed on or sent over
This system may be monitored. Uses of this system, authorized or
unauthorized, constitutes consent to monitoring of this system.Unauthorized use may subject you to criminal prosecution. Evidence of
any unauthorized use collected during monitoring may be used for
administrative, criminal or other adverse action. Use of this system
constitutes a consent to monitoring for these purposes.
^ C
!
Line con 0
Synchronous recording
local connection
line to 0
line vty 0
local connection
entry ssh transport
output transport ssh
line vty 1 4
opening of session
transport of entry all
!
Scheduler allocate 20000 1000
NTP 198.60.73.8 Server
NTP 13.85.70.43 Server
SaveRunConfig event manager applet
cron cron-event timer entry ' 0 0 * * ".
command action 1.0 cli 'enable '.
cli 2.0 action command "RAM".Router 2:
version 15.1
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname LAN_Router_2
!
boot-start-marker
boot-end-marker
!
!
! card order type necessary for slot 1
Monitor logging warnings
enable secret 5 *.
!
No aaa new-model
!
clock timezone CST - 5 0
!
dot11 syslog
IP source-route
!
IP cef
!
!
!
!
domain IP MyTestLab.com
8.8.8.8 IP name-server
IP-server names 8.8.4.4
No ipv6 cef
!
Authenticated MultiLink bundle-name Panel
!
!
!
!
type of parameter-card inspect global
Select a dropped packet newspapers
!
voice-card 0
!
!
!
!
!
!
!
Crypto pki token removal timeout default 0
!
!
!
!
license udi pid CISCO3845-MB sn FOC1411592J
username * secret 5 *.!
redundancy
!
!
property intellectual ssh time 60
property intellectual ssh authentication-2 retries
property intellectual ssh event logging
property intellectual ssh version 2
!
!
!
!
!
!
!
!
interface Loopback0
192.168.254.2 the IP 255.255.255.255
!
interface GigabitEthernet0/0
DHCP IP address
penetration of the IP stream
stream IP output
NAT outside IP
IP virtual-reassembly in
automatic duplex
automatic speed
media type rj45
!
interface GigabitEthernet0/1
IP 192.168.0.2 255.255.255.248
penetration of the IP stream
stream IP output
IP nat inside
IP virtual-reassembly in
GLBP 100 ip 192.168.0.4
priority GLBP 100 110
automatic duplex
automatic speed
media type rj45
!
ospf Router 5
router ID - 192.168.254.2
network 192.168.0.2 0.0.0.0 area 1
0.0.0.0 network 192.168.254.2 area 0
!
Default IP gateway 192.168.0.1
IP forward-Protocol ND
no ip address of the http server
no ip http secure server
!
!
IP nat inside source list 10 interface GigabitEthernet0/0 overload
IP route 0.0.0.0 0.0.0.0 dhcp
!
SSH extended IP access list
permit tcp host 192.168.52.2 any eq 22 log
permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
permit tcp host 192.168.17.18 any eq 22 log
any eq 22 host tcp 192.168.0.1 newspaper permit
permit tcp host 192.168.0.2 any eq 22 log
permit tcp host 192.168.0.3 any eq 22 log
permit tcp host 192.168.0.5 any eq 22 log
denyip a session
!
access-list 10 permit 192.168.94.32 0.0.0.15 connect
access-list 10 permit 192.168.17.0 connect 0.0.0.7
access-list 10 permit 192.168.52.0 connect 0.0.0.7
access-list 10 permit 192.168.0.0 0.0.0.7 connect
access-list 10 deny any newspaper
!
!
!
!
!
!
control plan
!
!
!
!
profile MGCP default
!
!
!
!
!
connection of the banner ^ C
W A R N I N GTHIS IS A PRIVATE COMPUTER SYSTEM.
This computer system, including all related equipment, network devices
(specifically including Internet access), are provided only for
authorized used.All computer systems may be monitored for all lawful, including purpose
to ensure that their use is authorized, for management of the system, to
facilitate protection against unauthorized access, and to verify security
survival and operational security procedures.Monitoring includes active attacks by authorized personnel and their
entities to test or verify the security of the system. During the surveillance,.
information may be examined, recorded, copied and used for authorized
purposes.All information, including personal information, placed on or sent over
This system may be monitored. Uses of this system, authorized or
unauthorized, constitutes consent to monitoring of this system.Unauthorized use may subject you to criminal prosecution. Evidence of
any unauthorized use collected during monitoring may be used for
administrative, criminal or other adverse action. Use of this system
constitutes a consent to monitoring for these purposes.
^ C
!
Line con 0
session-timeout 360
exec-timeout 360 0
7 password *.
Synchronous recording
local connection
line to 0
opening of session
line vty 0 4
SSH access class in
Synchronous recording
local connection
entry ssh transport
output transport ssh
!
Scheduler allocate 20000 1000
NTP 198.60.73.8 Server
NTP 13.85.70.43 Server
SaveRunConfig event manager applet
cron cron-event timer entry ' 0 0 * * ".
command action 1.0 cli 'enable '.
cli 2.0 action command "RAM".Switch:
version 12.2
no service button
tcp KeepAlive-component snap-in service
a tcp-KeepAlive-quick service
horodateurs service debug uptime
Log service timestamps uptime
encryption password service
!
hostname LAN_Switch
!
boot-start-marker
boot-end-marker
!
!
username * secret privilege 15 5 *.
!
!
!
No aaa new-model
clock timezone CST - 6
1 supply ws-c3750-24ts switch
mtu 1500 routing system
IP routing
IP - domain name MyTestLab.com
8.8.8.8 IP name-server
IP-server names 8.8.4.4
!
!
!
!
!
!
!
!
!
spanning tree mode rapid pvst
spanning tree logging
spanning tree extend id-system
!
internal allocation policy of VLAN ascendant
!
property intellectual ssh time 60
property intellectual ssh authentication-2 retries
property intellectual ssh event logging
property intellectual ssh version 2
!
!
interface Loopback0
192.168.254.5 the IP 255.255.255.255
!
interface FastEthernet1/0/1
switchport access vlan 17
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/2
switchport access vlan 10
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/3
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/4
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/5
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/6
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/7
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/8
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/9
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/10
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/11
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/12
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/13
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/14
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/15
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/16
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/17
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/18
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/19
Description # PC #.
switchport access vlan 10
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/20
Description # X_BOX #.
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/21
switchport access vlan 94
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/22
switchport access vlan 5
switchport mode access
!
interface FastEthernet1/0/23
switchport access vlan 5
switchport mode access
!
interface FastEthernet1/0/24
switchport access vlan 5
switchport mode access
!
GigabitEthernet1/0/1 interface
switchport access vlan 666
Shutdown
!
interface GigabitEthernet1/0/2
switchport access vlan 666
Shutdown
!
interface Vlan1
no ip address
Shutdown
!
interface Vlan5
IP 192.168.0.5 255.255.255.248
!
interface Vlan10
address 192.168.10.2 255.255.255.0
!
interface Vlan17
IP 192.168.17.17 255.255.255.248
!
interface Vlan52
IP 192.168.52.1 255.255.255.248
!
interface Vlan94
IP 192.168.94.33 255.255.255.240
!
ospf Router 5
router ID - 192.168.254.5
Log-adjacency-changes
network 192.168.0.5 0.0.0.0 area 1
network 192.168.10.2 0.0.0.0 area 2
network 192.168.17.17 0.0.0.0 area 2
network 192.168.52.1 0.0.0.0 area 2
network 192.168.94.33 0.0.0.0 area 2
0.0.0.0 network 192.168.254.5 area 0
!
IP classless
IP route 0.0.0.0 0.0.0.0 192.168.0.4 permanent
no ip address of the http server
no ip http secure server
!
!
SSH_IN extended IP access list
permit tcp host 192.168.52.2 any eq 22 log
permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
permit tcp host 192.168.17.18 any eq 22 log
any eq 22 host tcp 192.168.0.1 newspaper permit
permit tcp host 192.168.0.2 any eq 22 log
permit tcp host 192.168.0.3 any eq 22 log
permit tcp host 192.168.0.5 any eq 22 log
deny ip any any newspaper
!
!
connection of the banner ^ C
W A R N I N G
THIS IS A PRIVATE COMPUTER SYSTEM.
This computer system, including all related equipment, network devices
(specifically including Internet access), are provided only for
authorized used.
All computer systems may be monitored for all lawful, including purpose
to ensure that their use is authorized, for management of the system, to
facilitate protection against unauthorized access, and to verify security
survival and operational security procedures.
Monitoring includes active attacks by authorized personnel and their
entities to test or verify the security of the system. During the surveillance,.
information may be examined, recorded, copied and used for authorized
purposes.
All information, including personal information, placed on or sent over
This system may be monitored. Uses of this system, authorized or
unauthorized, constitutes consent to monitoring of this system.
Unauthorized use may subject you to criminal prosecution. Evidence of
any unauthorized use collected during monitoring may be used for
administrative, criminal or other adverse action. Use of this system
constitutes a consent to monitoring for these purposes.
^ C
!
Line con 0
session-timeout 60
exec-timeout 60 0
Synchronous recording
local connection
line vty 0
access-class SSH_IN in
local connection
line vty 1 4
access-class SSH_IN in
opening of session
line vty 5 15
access-class SSH_IN in
opening of session
!
NTP 198.60.73.8 Server
Event Manager environment suspend_ports_config flash: / susp_ports.dat
Event Manager environment suspend_ports_days 7
Event Manager user Directorystrategie "flash: / policies /.
Event manager session cli username "stw".
political event manager sl_suspend_ports.tcl
political event manager tm_suspend_ports.tcl
SaveRunConfig event manager applet
cron cron-event timer entry ' 0 0 * * ".
command action 1.0 cli 'enable '.
cli 2.0 action command "RAM".Well, I totally forgot the keyword "log" and NAT:
Cisco IOS NAT support ACLs with a keyword "log"?
A. When you configure Cisco IOS NAT translation dynamic NAT, an ACL is used to identify the packages that can be translated. The current NAT architecture does not support the ACL with a keyword "log".
http://www.Cisco.com/c/en/us/support/docs/IP/network-address-translation...
If your problem is not the mask with joker, but the command "log"...
-
How to load Microsoft Media Center TV from inside the Touchsmart request
Hello
I would like to be able to run Microsoft Windows Media Center of the Touchsmart software, however I don't seem to be able to add the Windows Media Center application to the list of "Targets" Touchsmart, in fact I thought that this would be already listed as target - but is not...
In the case, I tried to add it manually in my target field but I get an error in pink bounce foolishly saying
"The target entry is not valid. If please check spelling and re-enter the target. »
Here's what I did and would expect it to work, but don't - mind if I get this you right from the start-> execute command or in a shortcut, the command works, it loads and runs the TV without going through the Media Center Start menu...
In Touchsmart app,...
1. click on customize
2. click on add a tile...
3. click on the type of program, and then click Next button
4. in the type of field target in:
C:\Windows\EHOME\EHSHELL. EXE /HOMEPAGE:VideoFullscreen.XML /PUSHSTARTPAGE:TRUE
5. in name, enter "TV".
6. choose an icon in the icon list
7. click on OK
(Here is where I get the mentioned error)
Thanks in advance...
Laptop HP ENVY 17-j005tx, HP ENVY 27 - k001a, HP ProLiant MicroServer Gen8 G2020T, HP MediaSmart EX495 Server tilt, HP MediaVault 2020, HP ENVY 120 AiO PrinterIn fact, I think I solved the problem!
I created a link shortcut on my desktop with the command line and then instead to enter the command line for the target to step 4, I entered the link shortcut instead, for example I created the shortcut first and placed it on my desktop with the following command line:
C:\Windows\EHOME\EHSHELL. EXE /HOMEPAGE:VideoFullscreen.XML /PUSHSTARTPAGE:TRUE
I named the abbreviation "TV".
In step 4, I entered the target manually as:
C:\Users\Jim\Desktop\TV.lnk
And then the rest of the steps, now I see the tile in Touchsmart and I am able to run the TV in Media Center live!
But I still don't understand why Microsoft Media Center is not listed in the default target list...
Cheers... (Yay for me lol)
-
Read VeriStand channel from inside the custom device that are not part of the custom device?
Is it possible to read VeriStand channels from within a custom device VeriStand (RT Driver) that are not part of this custom device?
For example, suppose I want to be able to configure a channel in my custom device to always be twice the value of a string of material that my user selects (I know, better/more simple ways to do this, but this is just a simple example ). Can I do this from the device custom without programmatically create a mapping of the system? (I've done this before and it is messy and VERY prone to error of the user).
Thank you!
good point
the channel ID (U64s) are not the same in the engine config of vs. Instead, you must set 'references to dependent item' in the config and then get these references in the engine.
See the source jarrod linked, which makes it
-
Cannot ping machine Windows 7 from XP machine - timeout
New Windows 7 Home Premium machine... in the group to work with XP Pro machines... I can connect to folders shared between and, any machine 7 & XP. Connections network and Internet are all very well; Win7 & XP. The Windows 7 machine I ping successfully all XP machines. I can't ping Win 7 machine name or IP address, of a XP machine on the network. Ping simply timesout.
I'm stumped... Network discovery is turned on.
I find it weird that I can't ping the 7 machine, but I can connect actions and see the machine on the network and with the NET VIEW command.
Any idea is appreciated.
In fact, I had the exact problem. But since I'm in an area I used one under domain profile and that worked. -- Control Panel > Windows Firewall > Advanced settings > inbound rules and enable file and printer (echo - ICMPv4-In request) sharing in the domain profile.
Gurulite if you are in an area, then it should work for you.
-
The execution of a stored procedure from inside the cursor for loop?
I posted this in the SQL Developer forum, but I tried in SQLPlus and get the same error, so I think it's an encoding issue.
I have a piece of code that I'm trying to write that will only be executed once. The goal: we have three tables relating to the pieces of information. Each table has a column that stores the number of site that belongs to the part. We want to copy the parts of a site to about 130 sites which don't have any info on parts. The number of site is stored in another table. So I created three stored procedures, one for each of the three tables that we, who take 2 inputs: a source and destination site. Procedure names are: ptfile_copy_fac, ptxref_copy_fac and ptvndrs_copy_fac.
The problem I have is that I can run the procedures in a separate worksheet in SQL Developer, but when they are integrated in this cursor for loop, I get the following message from SQL Developer:
ORA-06550: line 23, column 11:
PLS-00103: encountered the symbol "PTFILE_COPY_FAC" during the expected in the following way:
:= . (@ %; immediate)
The symbol ': = ' was replaced by 'PTFILE_COPY_FAC' continue.
He repeated this for each of the three methods. I have attached the code I am trying to run below. He expects an assignment operator, but I have no idea why.
If there is a better way to do this, by all means let me know. I'm a SQL Server guy, I'm not sure how to do what I do using PL\SQL.
/ * Declares the variables source_fac and dest_fac.
The source_fac is the installation that we copy parts.
The dest_fac is the installation we copy parts to.* /
DECLARE
source_fac facility.facility_num%type;
INSTALLATION OF DEST_FAC. TYPE % FACILITY_NUM;
/ * Declare cursor to use loop for.
Slider load number installation and the status of the installation.
Is not installation of 1 or 2, since these will be
the main source of facilities.*.
CURSOR fac_cursor
IS
SELECT
facility_num,
div_state
Of
installation
WHERE
facility_num NOT IN (1,2);
BEGIN
FOR fac_row IN fac_cursor
LOOP
/ * Test for the State of the installation. If a Canadian State, the source_fac value 2.
Otherwise, the value source_fac 1.* installation.
IF fac_row.div_state IN ("AB", "BC", "Mo", "NB", "NL", "NT", "NS", "NAKED", "WE", "PE",
"QC", "SK", "YT")
THEN
source_fac: = 2;
ON THE OTHER
source_fac: = 1;
END IF;
/ * Sets the installation of destination to the facility_num from the cursor * /.
DEST_FAC: = FAC_ROW. FACILITY_NUM;
/ * Execute the three procedures, past of the source and dest AEC variable * /.
run ptfile_copy_fac (source_fac, dest_fac);
run ptxref_copy_fac (source_fac, dest_fac);
run ptvndrs_copy_fac (source_fac, dest_fac);
END LOOP;
END;
Published by: SunDevilKid on March 3, 2010 15:31
Update the comments you make more sense of the code.EXECUTE is a SQLPlus command, change your code to
dest_fac := fac_row.facility_num; ptfile_copy_fac(source_fac, dest_fac); ptxref_copy_fac(source_fac, dest_fac); ptvndrs_copy_fac(source_fac, dest_fac); END LOOP;
Max
http://oracleitalia.WordPress.com
Maybe you are looking for
-
Since I installed Firefox on my newly-fixed computer (has been completely annihilated, installed FF 06/05 / 15), fonts for several sites has been "BOLD", regardless of how I set my preferences. It comes to Facebook, Google and Gmail. If I say not to
-
Search finds messages, but how do I know if the message is located in the folder?
New to TB of Eudora. I love TB. Play with the search, both using the box in TB and Windows Search. Anyway, I get results - slightly different, but which are correct. But using both methods, when I found the message that interests me, I can't determin
-
Hi all On my keyboard the on-screen arrival 11 Pro the following key had appeared, but seems not to do anything. Does anyone know what shortcut is for, or the combo button forcing him? Thank you.
-
Support on the mirror of the screen and Windows 7 implementation
Can I enjoy with my Windows 7 mirror screen or not? What are the steps I need to follow?
-
I get 2 dll error messages run at startup. C:\Progra~3\7ber.dat. I'm going to the Start button to run msconfig & get the same message. Thank you.