cannot ping in dmz subnet from inside the subnet

Hey guys

can someone pls take a look at this config in my 515 and tell me why I can't ping from host 10.2.1.20 (connected inside interface) to host (connected to the dmx interface) 10.3.1.20...

Thanks ;)

6.3 (3) version PIX

interface ethernet0 car

interface ethernet1 100full

stop 100full interface ethernet2

interface ethernet3 100full

stop 100full interface ethernet4

interface ethernet5 100full

ethernet0 nameif outside security0

nameif ethernet1 inside the security100

ethernet2 intf2 security2 nameif

nameif ethernet3 intf3 interieure4

nameif ethernet4 intf4 securite6

nameif dmz security50 ethernet5

enable password xxxx

passwd xxxx

hostname MYHOSTNAME

domain MYDOMAINNAME.local

fixup protocol dns-length maximum 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol 2000 skinny

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69

names of

inside_access_in ip access list allow a whole

pager lines 24

Outside 1500 MTU

Within 1500 MTU

intf2 MTU 1500

intf3 MTU 1500

intf4 MTU 1500

MTU 1500 dmz

IP address outside 61.29.xxx.xxx 255.255.255.248

IP address inside 10.2.1.11 255.255.255.0

No intf2 ip address

No intf3 ip address

No intf4 ip address

10.3.1.11 dmz IP address 255.255.255.0

alarm action IP verification of information

alarm action attack IP audit

no failover

failover timeout 0:00:00

failover poll 15

No IP failover outdoors

No IP failover inside

no failover ip address intf2

no failover ip address intf3

no failover ip address intf4

no failover ip address dmz

history of PDM activate

ARP timeout 14400

Global interface 10 (external)

NAT (inside) 10 0.0.0.0 0.0.0.0 0 0

NAT (dmz) 10 10.3.1.0 255.255.255.0 0 0

static (inside, dmz) 10.2.1.0 10.2.1.0 netmask 255.255.255.0 0 0

inside_access_in access to the interface inside group

Route outside 0.0.0.0 0.0.0.0 61.29.xxx.xxx 1

Timeout xlate 03:00

Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225

H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00

Timeout, uauth 0:05:00 absolute

GANYMEDE + Protocol Ganymede + AAA-server

RADIUS Protocol RADIUS AAA server

AAA-server local LOCAL Protocol

Enable http server

http 10.2.1.0 255.255.255.0 inside

No snmp server location

No snmp Server contact

SNMP-Server Community public

SNMP-Server enable traps

enable floodguard

Telnet timeout 5

SSH timeout 5

Console timeout 0

Terminal width 80

Thanks again

Rob

ICMP is not a stateful Protocol, so you must explicitly allow ICMP traffic on the DMZ interface. Try adding the following:

access-list dmz_access_in allow icmp a whole

Access-group dmz_access_in in dmz interface

I hope this helps.

Scott

Tags: Cisco Security

Similar Questions

  • Is it supposed to be a rattle from inside the phone?

    Got a Defy a few weeks ago. Love it until yesterday when I suddenly cant' hear someone on a phone call and only the speaker/headphone works (like make a few posts down). Back to T-mobile tomorrow.

    However, my phone has a deaf/rattle sound from inside the phone when you shake it, and you can feel something moving inside. I thought it was something to do with sensors/accelerometers in the phone or something, but now the internal speaker is broken I wonder if it is supposed to do this or if she actually always a hardware problem.

    Phone of someone else than the same noise/do the same thing? Is it supposed to do this or not?

    -Daniel

    There should not be a rattle... but there is!

    I have the same problem. It is caused by the battery move when you shake the phone, it doesn't have a tight fit. I used a piece of foam under the battery very thin to stop this rattle noise. Not impressed!

    You will see on these forums that some users have had problems with defective headphones... so far I did not have this.

    Hope that such Defys won't suffer from bad workmanship I really like the phone.

    Check your battery by shaking the phone with the cover off... let me know how you go.

  • How to speed up film clip from inside the container file?

    I created a Flash file (which I will call 'film 1') in which a clip was inserted. When I play the whole record, the clip rotates too slowly for my taste, but I noticed that if I go in the original movie clip file (I'll call "movie 2") to slow down and save it, back to the movie 1 and update the clip are impossible due to a motion tween that is bad (no idea about the solution which).

    Is it possible to speed up the clip from inside the 1 movie? A kind of script tool or simple? I am a newbie to Flash and maybe there's an easy solution for it. Otherwise I set Movie 2, export it and re-import them inside the 1 film until I am satisfied with the result.

    TIA
    Kind regards
    MOSH

    the code below the dotted line adds two new method movieclips, playF() and stopF(). the first allows you to play the m frame movieclip to frame images per second fps n (forwards or backwards).

    (for the control of accuracy (then), I have another code autocorrecteur to maintain a precise tempo.)

    for use on mc1:

  • WRT54GL cannot transmit from inside the LAN port?

    Hello

    I have a Server servers running several (HTTP, SVN, FTP,...) inside my network.

    I used to have a SMC router in the past, and of course I had to use port forwarding.

    This is why I realized that when we "talk" to the server, I can 'talk' to the router that will forward requests to the right compurer, based on the NAT table. If, for example, that if I move the SVN server, I don't have to change the path to the repository, change the NAT entry is OK in this case.

    If this is not understandable, here 's another report.

    However, I discovered that even if my new WRT54GL seems to be much more advanced, it cannot do this. Requests made to the router from within the local network are not transferred to the right place.

    Is there a way to accomplish what we need, or at least a road map? It's sad that the SMC products otherwise is not very reliable can do...

    Kind regards

    Matej

    Well, I have it solved.

    I tried to convey the SVN, HTTP, FTP, and SSH.

    However, it was not working when the server IP assigned by DHCP.

    When I set up (the server within the LAN) to use the static IP address, not only that port forwarding began to make sense, but I have seen web pages by typing my public IP address in the browser on a computer inside the LAN.

    What surprised me, is that it only worked when the server had assigned auto private IP address. I know that these addresses change so it would not very long work, but it did not work even before that t has changed...

  • DMZ web server-> inside the database server

    Suppose that a network topology looks like this:

    A PIX with 3 interfaces:

    interface (private public static IP 10.10.10.1)

    interface (public static IP of 69.110.38.35)

    interface (static IP private address of the 30.30.30.1)

    --------------------------------------------

    The internal network has a {server} with the IP address of 10.10.10.2.

    The DMZ has a {web server} with the IP address of 30.30.30.2.

    I will welcome external guests (outside) access to the web server (30.30.30.2) via port 80.

    This web server access turn the database server (10.10.10.2).

    Assume that all other commands are issued. Then, I'll create an access list that allows server WWW DMZ to communicate with inside the database server.

    access-list dmz-to-inside permit tcp host 30.30.30.2 host 10.10.10.2 eq 1521

    Should I publish the following, too:

    (1) access-list dmz permit tcp host 30.30.30.2 no matter what 80 eq

    (2) access-group in interface dmz dmz

    (3) static (inside the dmz) 10.10.10.0 10.10.10.0 netmask 255.255.255.0

    xlate clear 4)

    If so, what each of them do?

    Thank you for helping.

    Scott

    1. Yes, the static statement "10.10.10.0 static (inside, dmz) 10.10.10.0 netmask 255.255.255.0" will disable NAT. Although it is not necessary to disable nat, however, it saves money and simple to manage. the reason for this is the traffic between the dmz and inside is private, there is therefore not necessary to apply the public ip address.

    2 pix receives the package intended to 30.30.30.2 10.10.10.2. PIX examines the static statement and based on the static above statement, pix will not nat package (i.e. pix will leave the soruce address be) and send it to 30.30.30.2 via the interface of the demilitarized zone.

    for example

    original package - source 10.10.10.2, destination 30.30.30.2

    After pix - source 10.10.10.2, destination 30.30.30.2

    3. the "Clear xlate" command must be issued whenever the nat/global or static has been added/deleted/modified. This command is to force the pix to clear the existing ip translation.

    for example, before you add the command "static 1.1.1.1 (indoor, outdoor) 192.168.1.100 netmask 255.255.255.255", the pix may already have an ip 192.168.1.100 translation (it might come from the nat/global). now, after you apply the static command, the pix will keep the existing translation for a certain period time. 'clear xlate' is needed to erase the old translation and so to activate the new static statement.

  • Move data directly from inside the loop

    Is it possible to move data directly from inside a loop outside the structure of matter in real time? I would like a chart of the data in a structure of matter in real time outside the structure of the case. Ideally, it would include information of the real deal and then the waiting period as a '0' for false case. Attached is a version simplified VI I'm working. I tried the local variables, but they only read the first item for loop puts each cycle T/F. One idea is welcome including a complete change in the structure of the VI.

    Thank you!


  • Since the reinstallation of Windows 7 I have same Wifi access so my laptop and I heard a small noise from inside the Tower

    Since the reinstallation of Windows 7 I have Wifi access even if my laptop and tablet of my wife can become if the router is OK. Also, it restarts or freeze without reason. Sometimes I hear a metallic noise inside the Tower, but not always. My friend suggests a hardware problem, but has no suggestions on how to solve it.

    Original title: Windows

    Since the reinstallation of Windows 7 I have Wifi access even if my laptop and tablet of my wife can become if the router is OK. Also, it restarts or freeze without reason. Sometimes I hear a metallic noise inside the Tower, but not always. My friend suggests a hardware problem, but has no suggestions on how to solve it.

    Hello

    After a reinstall of the operating system, you must reinstall the latest drivers from your computer manufacturer's website:

    Go to the website to make your computer > Driver and Software Support Section > search your computer or hardware model number > then your operating system > locate the correct drivers > download and install.

    ________________________________________

    And you do not tell us why you did a reinstall and if there reboot/freeze before you did this reinstall.

    FYI: Desktop computers normally are Wi - fi unless you install additional hardware for this.

    ________________________________________

    Noise inside a desktop computer can be caused by fan/s or harddrives about to fail.

    Go to the website of your computer manufacturer > search your computer specifications > know brand of hard drive > access the Hard Drive manufacturer's Web site > find and download hard drive Diagnostic software and make a record of start of it on the computer that you use to get here, following their instructions > test your hard drive...

    See you soon.

  • Cannot ping a virtual machine, except on the host computer.

    I have a host of SuSE, built on a chassis of IBM. It has a link for the failover interface. It has an IP of 10.10.138.196. SM 255.255.255.128. DG 10.10.138.129. I can ping this machine without problem. On that note, I have a virtual machine of SuSE. It has the same mask and gateway with an IP address of 10.10.138.197. It can ping the host (196) and the host can it ping. However, he cannot ping to the gateway by defaut.129. He receives a message Impossible to its own virtual interface. I have installation bridged networking early with no luck.

    I tried to change the DG on the guest a.196. I have installation routes by default, and specific directions to 10.10.138.129 on the host and the guest without success. I talked to a few colleagues and they are not of course either. I need this available, so it can be used for a variety of applications.

    You will not see a virtual NETWORK adapter for bridged interface, only for NAT and the host-only networking. There will be a device/dev/vmnet0, but that is not actually used to fill itself.

    Your problem is that your bridged interface is bound to the wrong card on the host: it must be related to "bond0" not "eth0". You will need to re - run /usr/bin/vmware-config.pl to address which forces all running VMs to be stopped.

    ---

    If you have found this device or any other answer useful please consider the use of buttons useful or Correct to award points.

  • read the version from inside the app

    I am creating a control of update for my application. I'm using eclipse and setting the version by going to the blackberry project properties and changing the version there.  Anyway for me to access this info from in the program, or is there a better way for me to set the version of project of in the program in order to access and do not have to change it in several places?

    Thank you!

    Here is a code that I use in my screen 'About', which I think is what you want.

            ApplicationDescriptor ad = ApplicationDescriptor.currentApplicationDescriptor();
            int moduleHandle = ad.getModuleHandle();
            SimpleDateFormat sdFormat = new SimpleDateFormat("EEE, dd MMM yyyy");
            String buildDateString = CodeModuleManager.getModuleVersion(moduleHandle) + "-" +
                                     sdFormat.formatLocal(CodeModuleManager.getModuleTimestamp(moduleHandle));
            add(new RichTextField(_resources.getString(UI_ABOUT_BUILD) +
                                  " " + ad.getVersion() +
                                  ", " + buildDateString, Field.READONLY));
    
  • Does not work from inside the DMZ after configuring the ACL.

    Hello

    According to the concept of ASA, trafuc of the Interior (100 s) DMZ (50 Sec) is allowed by default. When I try to write an acl (host to host block) on the Interface inside, no other traffic runs to and from the Interface on the inside.

    Everything is blocked. Previously no ACL has been mapped to the inside Interface.

    Kindly help me to solve this problem and also provide the document concerning the behavior of the firewall before and after configuring the ACL.

    Poster of the acl that you entered. Remember, there is an explicit deny a whole at the end of the acl. So if you want only to prevent access to a dmz machine, then it must be written correctly. Leave what you want enable dmz, deny the rest of the demilitarized zone, and then leave all the rest.

  • Problems with NAT? Can't access internet from inside the network?

    I was intrigued with this problem for a few days now. I'm stuck on what could be the issue. The problem is that I can ping my router, G0/0 and G0/1, to the internet. However, since the switch and my PC, I can not ping Internet. I'm sure that everything is configured correctly, but here is my setup for the switch and the router:

    Router 1:

    version 15.1
    no service button
    horodateurs service debug datetime msec
    Log service timestamps datetime msec
    encryption password service
    !
    hostname LAN_Router_1
    !
    boot-start-marker
    boot-end-marker
    !
    !
    enable secret 5 *.
    !
    No aaa new-model
    !
    no location network-clock-participate 3
    !
    dot11 syslog
    no ip source route
    !
    IP cef
    !
    !
    !
    !
    domain IP MyTestLab.com
    8.8.8.8 IP name-server
    IP-server names 8.8.4.4
    No ipv6 cef
    !
    Authenticated MultiLink bundle-name Panel
    !
    !
    !
    !
    !
    voice-card 0
    !
    !
    !
    !
    !
    !
    !
    Crypto pki token removal timeout default 0
    !
    !
    !
    !
    license udi pid CISCO3845-MB sn FOC105013BA
    username * secret privilege 15 5 *.
    !
    redundancy
    !
    !
    property intellectual ssh time 60
    property intellectual ssh authentication-2 retries
    property intellectual ssh event logging
    property intellectual ssh version 2
    !
    !
    !
    !
    !
    !
    !
    !
    interface Loopback0
    192.168.254.1 IP 255.255.255.255
    !
    interface GigabitEthernet0/0
    DHCP IP address
    penetration of the IP stream
    stream IP output
    NAT outside IP
    IP virtual-reassembly in
    automatic duplex
    automatic speed
    media type rj45
    !
    interface GigabitEthernet0/1
    the IP 192.168.0.1 255.255.255.248
    penetration of the IP stream
    stream IP output
    IP nat inside
    IP virtual-reassembly in
    GLBP 100 ip 192.168.0.4
    priority GLBP 100 115
    GLBP 100 preempt
    automatic duplex
    automatic speed
    media type rj45
    !
    ospf Router 5
    router ID - 192.168.254.1
    network 192.168.0.1 0.0.0.0 area 1
    192.168.254.1 network 0.0.0.0 area 0
    !
    IP forward-Protocol ND
    no ip address of the http server
    no ip http secure server
    !
    !
    IP nat inside source list 10 interface GigabitEthernet0/0 overload
    IP route 0.0.0.0 0.0.0.0 dhcp
    !
    access-list 10 permit 192.168.94.32 0.0.0.15 connect
    access-list 10 permit 192.168.17.0 connect 0.0.0.7
    access-list 10 permit 192.168.52.0 connect 0.0.0.7


    access-list 10 permit 192.168.0.0 0.0.0.7 connect
    access-list 10 deny any newspaper
    !
    !
    !
    !
    !
    !
    control plan
    !
    !
    !
    !

    profile MGCP default
    !
    !
    !
    !
    !
    connection of the banner ^ C
    W A R N I N G

    THIS IS A PRIVATE COMPUTER SYSTEM.

    This computer system, including all related equipment, network devices
    (specifically including Internet access), are provided only for
    authorized used.

    All computer systems may be monitored for all lawful, including purpose
    to ensure that their use is authorized, for management of the system, to
    facilitate protection against unauthorized access, and to verify security
    survival and operational security procedures.

    Monitoring includes active attacks by authorized personnel and their
    entities to test or verify the security of the system. During the surveillance,.
    information may be examined, recorded, copied and used for authorized
    purposes.

    All information, including personal information, placed on or sent over
    This system may be monitored. Uses of this system, authorized or
    unauthorized, constitutes consent to monitoring of this system.

    Unauthorized use may subject you to criminal prosecution. Evidence of
    any unauthorized use collected during monitoring may be used for
    administrative, criminal or other adverse action. Use of this system
    constitutes a consent to monitoring for these purposes.
    ^ C
    !
    Line con 0
    Synchronous recording
    local connection
    line to 0
    line vty 0
    local connection
    entry ssh transport
    output transport ssh
    line vty 1 4
    opening of session
    transport of entry all
    !
    Scheduler allocate 20000 1000
    NTP 198.60.73.8 Server
    NTP 13.85.70.43 Server
    SaveRunConfig event manager applet
    cron cron-event timer entry ' 0 0 * * ".
    command action 1.0 cli 'enable '.
    cli 2.0 action command "RAM".

    Router 2:

    version 15.1
    horodateurs service debug datetime msec
    Log service timestamps datetime msec
    encryption password service
    !
    hostname LAN_Router_2
    !
    boot-start-marker
    boot-end-marker
    !
    !
    ! card order type necessary for slot 1
    Monitor logging warnings
    enable secret 5 *.
    !
    No aaa new-model
    !
    clock timezone CST - 5 0
    !
    dot11 syslog
    IP source-route
    !
    IP cef
    !
    !
    !
    !
    domain IP MyTestLab.com
    8.8.8.8 IP name-server
    IP-server names 8.8.4.4
    No ipv6 cef
    !
    Authenticated MultiLink bundle-name Panel
    !
    !
    !
    !
    type of parameter-card inspect global
    Select a dropped packet newspapers
    !
    voice-card 0
    !
    !
    !
    !
    !


    !
    !
    Crypto pki token removal timeout default 0
    !
    !
    !
    !
    license udi pid CISCO3845-MB sn FOC1411592J
    username * secret 5 *.

    !
    redundancy
    !
    !
    property intellectual ssh time 60
    property intellectual ssh authentication-2 retries
    property intellectual ssh event logging
    property intellectual ssh version 2
    !
    !
    !
    !
    !
    !
    !
    !
    interface Loopback0
    192.168.254.2 the IP 255.255.255.255
    !
    interface GigabitEthernet0/0
    DHCP IP address
    penetration of the IP stream
    stream IP output
    NAT outside IP
    IP virtual-reassembly in
    automatic duplex
    automatic speed
    media type rj45
    !
    interface GigabitEthernet0/1
    IP 192.168.0.2 255.255.255.248
    penetration of the IP stream
    stream IP output
    IP nat inside
    IP virtual-reassembly in
    GLBP 100 ip 192.168.0.4
    priority GLBP 100 110
    automatic duplex
    automatic speed
    media type rj45
    !
    ospf Router 5
    router ID - 192.168.254.2
    network 192.168.0.2 0.0.0.0 area 1
    0.0.0.0 network 192.168.254.2 area 0
    !
    Default IP gateway 192.168.0.1
    IP forward-Protocol ND
    no ip address of the http server
    no ip http secure server
    !
    !
    IP nat inside source list 10 interface GigabitEthernet0/0 overload
    IP route 0.0.0.0 0.0.0.0 dhcp
    !
    SSH extended IP access list
    permit tcp host 192.168.52.2 any eq 22 log
    permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
    permit tcp host 192.168.17.18 any eq 22 log
    any eq 22 host tcp 192.168.0.1 newspaper permit
    permit tcp host 192.168.0.2 any eq 22 log
    permit tcp host 192.168.0.3 any eq 22 log
    permit tcp host 192.168.0.5 any eq 22 log
    denyip a session
    !
    access-list 10 permit 192.168.94.32 0.0.0.15 connect
    access-list 10 permit 192.168.17.0 connect 0.0.0.7
    access-list 10 permit 192.168.52.0 connect 0.0.0.7
    access-list 10 permit 192.168.0.0 0.0.0.7 connect
    access-list 10 deny any newspaper
    !
    !
    !
    !
    !
    !
    control plan
    !
    !
    !
    !
    profile MGCP default
    !
    !
    !
    !
    !
    connection of the banner ^ C
    W A R N I N G

    THIS IS A PRIVATE COMPUTER SYSTEM.

    This computer system, including all related equipment, network devices
    (specifically including Internet access), are provided only for
    authorized used.

    All computer systems may be monitored for all lawful, including purpose
    to ensure that their use is authorized, for management of the system, to
    facilitate protection against unauthorized access, and to verify security
    survival and operational security procedures.

    Monitoring includes active attacks by authorized personnel and their
    entities to test or verify the security of the system. During the surveillance,.
    information may be examined, recorded, copied and used for authorized
    purposes.

    All information, including personal information, placed on or sent over
    This system may be monitored. Uses of this system, authorized or
    unauthorized, constitutes consent to monitoring of this system.

    Unauthorized use may subject you to criminal prosecution. Evidence of
    any unauthorized use collected during monitoring may be used for
    administrative, criminal or other adverse action. Use of this system
    constitutes a consent to monitoring for these purposes.
    ^ C
    !
    Line con 0
    session-timeout 360
    exec-timeout 360 0
    7 password *.
    Synchronous recording
    local connection
    line to 0
    opening of session
    line vty 0 4
    SSH access class in
    Synchronous recording
    local connection
    entry ssh transport
    output transport ssh
    !
    Scheduler allocate 20000 1000
    NTP 198.60.73.8 Server
    NTP 13.85.70.43 Server
    SaveRunConfig event manager applet
    cron cron-event timer entry ' 0 0 * * ".
    command action 1.0 cli 'enable '.
    cli 2.0 action command "RAM".

    Switch:

    version 12.2
    no service button
    tcp KeepAlive-component snap-in service
    a tcp-KeepAlive-quick service
    horodateurs service debug uptime
    Log service timestamps uptime
    encryption password service
    !
    hostname LAN_Switch
    !
    boot-start-marker
    boot-end-marker
    !
    !
    username * secret privilege 15 5 *.
    !
    !
    !
    No aaa new-model
    clock timezone CST - 6
    1 supply ws-c3750-24ts switch
    mtu 1500 routing system
    IP routing
    IP - domain name MyTestLab.com
    8.8.8.8 IP name-server
    IP-server names 8.8.4.4
    !
    !
    !
    !
    !
    !
    !
    !
    !
    spanning tree mode rapid pvst
    spanning tree logging
    spanning tree extend id-system
    !
    internal allocation policy of VLAN ascendant
    !
    property intellectual ssh time 60
    property intellectual ssh authentication-2 retries
    property intellectual ssh event logging
    property intellectual ssh version 2
    !
    !
    interface Loopback0
    192.168.254.5 the IP 255.255.255.255
    !
    interface FastEthernet1/0/1
    switchport access vlan 17
    switchport mode access
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/2
    switchport access vlan 10
    switchport mode access
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/3
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/4
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard

    !
    interface FastEthernet1/0/5
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/6
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/7
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/8
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/9
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/10
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/11
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/12
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/13
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/14
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/15
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/16
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/17
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/18
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/19
    Description # PC #.
    switchport access vlan 10
    switchport mode access
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/20
    Description # X_BOX #.
    switchport access vlan 666
    switchport mode access
    Shutdown
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/21
    switchport access vlan 94
    switchport mode access
    spanning tree portfast
    spanning tree enable bpduguard
    !
    interface FastEthernet1/0/22
    switchport access vlan 5
    switchport mode access
    !
    interface FastEthernet1/0/23
    switchport access vlan 5
    switchport mode access
    !
    interface FastEthernet1/0/24
    switchport access vlan 5
    switchport mode access
    !
    GigabitEthernet1/0/1 interface
    switchport access vlan 666
    Shutdown
    !
    interface GigabitEthernet1/0/2
    switchport access vlan 666
    Shutdown
    !
    interface Vlan1
    no ip address
    Shutdown
    !
    interface Vlan5
    IP 192.168.0.5 255.255.255.248
    !
    interface Vlan10
    address 192.168.10.2 255.255.255.0
    !
    interface Vlan17
    IP 192.168.17.17 255.255.255.248
    !
    interface Vlan52
    IP 192.168.52.1 255.255.255.248
    !
    interface Vlan94
    IP 192.168.94.33 255.255.255.240
    !
    ospf Router 5
    router ID - 192.168.254.5
    Log-adjacency-changes
    network 192.168.0.5 0.0.0.0 area 1
    network 192.168.10.2 0.0.0.0 area 2
    network 192.168.17.17 0.0.0.0 area 2
    network 192.168.52.1 0.0.0.0 area 2
    network 192.168.94.33 0.0.0.0 area 2
    0.0.0.0 network 192.168.254.5 area 0
    !
    IP classless
    IP route 0.0.0.0 0.0.0.0 192.168.0.4 permanent
    no ip address of the http server
    no ip http secure server
    !
    !
    SSH_IN extended IP access list
    permit tcp host 192.168.52.2 any eq 22 log
    permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
    permit tcp host 192.168.17.18 any eq 22 log
    any eq 22 host tcp 192.168.0.1 newspaper permit
    permit tcp host 192.168.0.2 any eq 22 log
    permit tcp host 192.168.0.3 any eq 22 log
    permit tcp host 192.168.0.5 any eq 22 log
    deny ip any any newspaper
    !
    !
    connection of the banner ^ C
    W A R N I N G
    THIS IS A PRIVATE COMPUTER SYSTEM.
    This computer system, including all related equipment, network devices
    (specifically including Internet access), are provided only for
    authorized used.
    All computer systems may be monitored for all lawful, including purpose
    to ensure that their use is authorized, for management of the system, to
    facilitate protection against unauthorized access, and to verify security
    survival and operational security procedures.
    Monitoring includes active attacks by authorized personnel and their
    entities to test or verify the security of the system. During the surveillance,.
    information may be examined, recorded, copied and used for authorized
    purposes.
    All information, including personal information, placed on or sent over
    This system may be monitored. Uses of this system, authorized or
    unauthorized, constitutes consent to monitoring of this system.
    Unauthorized use may subject you to criminal prosecution. Evidence of
    any unauthorized use collected during monitoring may be used for
    administrative, criminal or other adverse action. Use of this system
    constitutes a consent to monitoring for these purposes.
    ^ C
    !
    Line con 0
    session-timeout 60
    exec-timeout 60 0
    Synchronous recording
    local connection
    line vty 0
    access-class SSH_IN in
    local connection
    line vty 1 4
    access-class SSH_IN in
    opening of session
    line vty 5 15
    access-class SSH_IN in
    opening of session
    !
    NTP 198.60.73.8 Server
    Event Manager environment suspend_ports_config flash: / susp_ports.dat
    Event Manager environment suspend_ports_days 7
    Event Manager user Directorystrategie "flash: / policies /.
    Event manager session cli username "stw".
    political event manager sl_suspend_ports.tcl
    political event manager tm_suspend_ports.tcl
    SaveRunConfig event manager applet
    cron cron-event timer entry ' 0 0 * * ".
    command action 1.0 cli 'enable '.
    cli 2.0 action command "RAM".

    Well, I totally forgot the keyword "log" and NAT:

    Cisco IOS NAT support ACLs with a keyword "log"?

    A. When you configure Cisco IOS NAT translation dynamic NAT, an ACL is used to identify the packages that can be translated. The current NAT architecture does not support the ACL with a keyword "log".

    http://www.Cisco.com/c/en/us/support/docs/IP/network-address-translation...

    If your problem is not the mask with joker, but the command "log"...

  • How to load Microsoft Media Center TV from inside the Touchsmart request

    Hello

    I would like to be able to run Microsoft Windows Media Center of the Touchsmart software, however I don't seem to be able to add the Windows Media Center application to the list of "Targets" Touchsmart, in fact I thought that this would be already listed as target - but is not...

    In the case, I tried to add it manually in my target field but I get an error in pink bounce foolishly saying

    "The target entry is not valid. If please check spelling and re-enter the target. »

    Here's what I did and would expect it to work, but don't - mind if I get this you right from the start-> execute command or in a shortcut, the command works, it loads and runs the TV without going through the Media Center Start menu...

    In Touchsmart app,...

    1. click on customize

    2. click on add a tile...

    3. click on the type of program, and then click Next button

    4. in the type of field target in:

    C:\Windows\EHOME\EHSHELL. EXE /HOMEPAGE:VideoFullscreen.XML /PUSHSTARTPAGE:TRUE

    5. in name, enter "TV".

    6. choose an icon in the icon list

    7. click on OK

    (Here is where I get the mentioned error)

    Thanks in advance...

    Laptop HP ENVY 17-j005tx, HP ENVY 27 - k001a, HP ProLiant MicroServer Gen8 G2020T, HP MediaSmart EX495 Server tilt, HP MediaVault 2020, HP ENVY 120 AiO Printer

    In fact, I think I solved the problem!

    I created a link shortcut on my desktop with the command line and then instead to enter the command line for the target to step 4, I entered the link shortcut instead, for example I created the shortcut first and placed it on my desktop with the following command line:

    C:\Windows\EHOME\EHSHELL. EXE /HOMEPAGE:VideoFullscreen.XML /PUSHSTARTPAGE:TRUE

    I named the abbreviation "TV".

    In step 4, I entered the target manually as:

    C:\Users\Jim\Desktop\TV.lnk

    And then the rest of the steps, now I see the tile in Touchsmart and I am able to run the TV in Media Center live!

    But I still don't understand why Microsoft Media Center is not listed in the default target list...

    Cheers... (Yay for me lol)

  • Read VeriStand channel from inside the custom device that are not part of the custom device?

    Is it possible to read VeriStand channels from within a custom device VeriStand (RT Driver) that are not part of this custom device?

    For example, suppose I want to be able to configure a channel in my custom device to always be twice the value of a string of material that my user selects (I know, better/more simple ways to do this, but this is just a simple example ).  Can I do this from the device custom without programmatically create a mapping of the system? (I've done this before and it is messy and VERY prone to error of the user).

    Thank you!

    good point

    the channel ID (U64s) are not the same in the engine config of vs. Instead, you must set 'references to dependent item' in the config and then get these references in the engine.

    See the source jarrod linked, which makes it

  • Cannot ping machine Windows 7 from XP machine - timeout

    New Windows 7 Home Premium machine... in the group to work with XP Pro machines... I can connect to folders shared between and, any machine 7 & XP.  Connections network and Internet are all very well; Win7 & XP.  The Windows 7 machine I ping successfully all XP machines.  I can't ping Win 7 machine name or IP address, of a XP machine on the network.  Ping simply timesout.

    I'm stumped...   Network discovery is turned on.

    I find it weird that I can't ping the 7 machine, but I can connect actions and see the machine on the network and with the NET VIEW command.

    Any idea is appreciated.

    In fact, I had the exact problem.  But since I'm in an area I used one under domain profile and that worked.  -- Control Panel > Windows Firewall > Advanced settings > inbound rules and enable file and printer (echo - ICMPv4-In request) sharing in the domain profile.

    Gurulite if you are in an area, then it should work for you.

  • The execution of a stored procedure from inside the cursor for loop?

    I posted this in the SQL Developer forum, but I tried in SQLPlus and get the same error, so I think it's an encoding issue.
    I have a piece of code that I'm trying to write that will only be executed once. The goal: we have three tables relating to the pieces of information. Each table has a column that stores the number of site that belongs to the part. We want to copy the parts of a site to about 130 sites which don't have any info on parts. The number of site is stored in another table. So I created three stored procedures, one for each of the three tables that we, who take 2 inputs: a source and destination site. Procedure names are: ptfile_copy_fac, ptxref_copy_fac and ptvndrs_copy_fac.

    The problem I have is that I can run the procedures in a separate worksheet in SQL Developer, but when they are integrated in this cursor for loop, I get the following message from SQL Developer:

    ORA-06550: line 23, column 11:
    PLS-00103: encountered the symbol "PTFILE_COPY_FAC" during the expected in the following way:
    := . (@ %; immediate)
    The symbol ': = ' was replaced by 'PTFILE_COPY_FAC' continue.

    He repeated this for each of the three methods. I have attached the code I am trying to run below. He expects an assignment operator, but I have no idea why.

    If there is a better way to do this, by all means let me know. I'm a SQL Server guy, I'm not sure how to do what I do using PL\SQL.

    / * Declares the variables source_fac and dest_fac.
    The source_fac is the installation that we copy parts.
    The dest_fac is the installation we copy parts to.* /

    DECLARE
    source_fac facility.facility_num%type;
    INSTALLATION OF DEST_FAC. TYPE % FACILITY_NUM;

    / * Declare cursor to use loop for.
    Slider load number installation and the status of the installation.
    Is not installation of 1 or 2, since these will be
    the main source of facilities.*.

    CURSOR fac_cursor
    IS
    SELECT
    facility_num,
    div_state
    Of
    installation
    WHERE
    facility_num NOT IN (1,2);
    BEGIN
    FOR fac_row IN fac_cursor
    LOOP

    / * Test for the State of the installation. If a Canadian State, the source_fac value 2.
    Otherwise, the value source_fac 1.* installation.

    IF fac_row.div_state IN ("AB", "BC", "Mo", "NB", "NL", "NT", "NS", "NAKED", "WE", "PE",
    "QC", "SK", "YT")
    THEN
    source_fac: = 2;
    ON THE OTHER
    source_fac: = 1;
    END IF;

    / * Sets the installation of destination to the facility_num from the cursor * /.

    DEST_FAC: = FAC_ROW. FACILITY_NUM;

    / * Execute the three procedures, past of the source and dest AEC variable * /.

    run ptfile_copy_fac (source_fac, dest_fac);
    run ptxref_copy_fac (source_fac, dest_fac);
    run ptvndrs_copy_fac (source_fac, dest_fac);

    END LOOP;

    END;

    Published by: SunDevilKid on March 3, 2010 15:31
    Update the comments you make more sense of the code.

    EXECUTE is a SQLPlus command, change your code to

    dest_fac := fac_row.facility_num;
    ptfile_copy_fac(source_fac, dest_fac);
    ptxref_copy_fac(source_fac, dest_fac);
    ptvndrs_copy_fac(source_fac, dest_fac);
    END LOOP;
    

    Max
    http://oracleitalia.WordPress.com

Maybe you are looking for