Clientless Webvpn with Citrix traffic filtering

Similar Questions

• VPN gateway with the traffic filtering

  I work in his laboratory on a configuration on a small scale in which client PC establishes an IPSEC VPN with Cisco 1921 router, I have two questions in this regard.

  (1) for wireless PC clients, uses an IPSEC VPN Client the best option or should I prefer other options. wireless clients also use Radius Server for authentication.

  (2) I want to make sure no other traffic can reach or pass the interface of local network other than the VPN Client traffic, I need to set up on the router to make sure that no other traffic cannot pass other than traffic APV.

  First: The real IPsec VPN client is the AnyConnect. The VPN-config for AnyConnect (especially for IPsec) gateway on the router IOS is much more difficult, so it's on the SAA. If you still have the possibility of changing the front doors, then go for a SAA. It is also much cheaper from a perspective of license given that no license of AnyConnect Essentials for the router. The Cisco VPN Client to the traditional address is EOL and should not begin a new deployment on this basis.

  Your questions:

  (1) all VPN - users should be authenticated in some way. Send the request to a central directory authentication is a best practice and usually done with RADIUS. In addition to authentication, you can also perform an authorization to control what rights Gets a VPN user.

  (2) If you only want to allow IPsec traffic, you must configure an access list, a permit for UDP/500, UDP/4500 and IP/50 of your router IP. With this config, all other traffic will be dropped.

• vSphere Distributed Switch 5.5 traffic filtering and tagging

  Someone had a chance to create a script to update the traffic filtering and marking of area of a group of ports on a vSphere 5.5 Distributed Switch? The settings are only exposed in the web client for Onyx is not an option.

  I need to create a rule with the values below.

  Traffic Filterig and marking:

  Set State enabled

  New rule of network traffic

  Name: name of the traffic rule

  Action: Tag

  CoS value: tag value Update CoS: 4

  Qualifiers of traffic:

  Traffic management: evacuation

  New qualifying traffic system: vMotion

  This is as much as I can get.

  $VDSPortGroup = get-VDSwitch Test - dvSwitch | Get-VDPortGroup Test-PG

  $Spec = new-Object VMware.Vim.DVPortgroupConfigSpec

  $Spec.configVersion = $VDSPortGroup.ExtensionData.Config.ConfigVersion

  $Spec.defaultPortConfig = new-Object VMware.Vim.VMwareDVSPortSetting

  $Spec.defaultPortConfig.FilterPolicy = new-Object VMware.Vim.DvsFilterPolicy

  Sorry, it took a little longer than expected.

  Try like this

  $dvSwName = "dvSw1".

  $dvPgNames = "dvPg1".

  $dvSw = get-VDSwitch-name $dvSwName

  # Activate LBT

  foreach ($pg in (Get-View-Id $dvSw.ExtensionData.Portgroup |)) Where {$dvPgNames - contains $_.} {Name}))

  $spec = new-Object VMware.Vim.DVPortgroupConfigSpec

  $spec. ConfigVersion = $pg. Config.ConfigVersion

  $spec. DefaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting

  $spec. DefaultPortConfig.FilterPolicy = New-Object VMware.Vim.DvsFilterPolicy

  $filter = new-Object VMware.Vim.DvsTrafficFilterConfig

  $filter. Nom_agent = "dvfilter-credits-vmware.

  $ruleSet = new-Object VMware.Vim.DvsTrafficRuleset

  $ruleSet.Enabled = $true

  $rule = new-Object VMware.Vim.DvsTrafficRule

  $rule. Description = "name of traffic rule".

  $rule. Direction = "outgoingPackets."

  $action = new-Object VMware.Vim.DvsUpdateTagNetworkRuleAction

  $action. QosTag = 4

  $rule. Action += $action

  $ruleSet.Rules += $rule

  $filter. TrafficRuleSet += $ruleSet

  $spec. DefaultPortConfig.FilterPolicy.FilterConfig += $filter

  $pg. ReconfigureDVPortgroup ($spec)

  }

• ASA: S2S Tunnel stops with higher traffic

  Hello

  I have no idea where I have to start solving our problem:

  Site A: ASA 5520/9.2 (4) 5 ~ 20 IPsec tunnels

  Site b: ASA 5505/9.2 (4) 5

  When I do a SSH (or HTTP or any other TCP) session from Site A to any Linux on Site B server, I can connect, but when I do something as a "dmesg" or long "ls - al", the session hooked after 10 to 20 lines. Also HTTP sessions (as a site to set up a printer), smaller Web sites are okay (but slow), more big sites stops with a browser timeout.

  This only happens on one site, all other sites work very well (which have the same config, same OS ASA).

  Just to test, I opened the ssh port to the external IP address on the external interface and it works very well, as well as with the traffic through the tunnel going something wrong.

  Any idea, where do I start debugging?

  Gruss ivo

  PS: How is stupid cloudflare, they check this text and do not allow to write the ls command linux less al, but ls space space space less al works!

  You can twist on the SAA mss using this doc and empty the outside df bit as well. Follow the steps described in the section "VPN encryption error."

  Crypto ipsec df - bit clear-df outdoors

  Let us know how it rates.

  Kind regards
  Dinesh Moudgil

  PS Please rate helpful messages.

• Traffic filtering and tagging

  Any body has used traffic filtering and marking for traffic filtering, such as the declining traffic, creating port includes restrictions by vm, or the creation of DMZ as sets of rules, etc.?

  Thank you

  Sam

  Well, you don't need NSX, this is a core feature of the distributed vSwitch available since vSphere 5.5, it allows you to create a layer 2 and layer rules firewall of 3/4 on distributed distributed groups of ports or ports.

  I used it to isolate the virtual machines on the DMZ network similar to what would achieve a PVLAN configuration and I would say that it works pretty good, at least on a small scale.

  Check out these links:

  http://blogs.VMware.com/vSphere/2014/03/vSphere-distributed-switch-traffic-filtering.html

  https://pubs.VMware.com/vSphere-60/topic/com.VMware.vSphere.networking.doc/GUID-67CA4C18-4F18-4E23-A5C7-BC33112D4433.html

• ASA WebVPN with SSO on OWA 2010 Exchange

  Hello, I was using WebVPN (clientless) with SSO on Exchange OWA 2003 and it worked very well with these UNIQUE POST authentication settings:

  URL: / * Style Definitions * / table. MsoNormalTable {mso-style-name : « Tabla normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-fareast-font-family : « Times New Roman » ; mso-fareast-theme-font : minor-fareast ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;} https:// /exchweb/bin/auth/owaauth.dll

  destination https:///exchange/
  Flags 0

  user domain\\user name / * Style Definitions * / table. MsoNormalTable {mso-style-name : « Tabla normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-fareast-font-family : « Times New Roman » ; mso-fareast-theme-font : minor-fareast ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;} CSCO_WEBVPN_USERNAME

  password / * Style Definitions * / table. MsoNormalTable {mso-style-name : « Tabla normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-fareast-font-family : « Times New Roman » ; mso-fareast-theme-font : minor-fareast ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;} CSCO_WEBVPN_PASSWORD

  / * Style definitions * / table. MsoNormalTable {mso-style-name : « Tabla normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-fareast-font-family : « Times New Roman » ; mso-fareast-theme-font : minor-fareast ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;} SubmitCreds Log + we

  forcedownlevel 0

  trust 0

  Now, I'm trying to do the same thing with OWA 2010 and it doesn't work. I always get an error on the user credentials

  For Exchange 2010, I use these settings:

  URL: https:///owa/auth.owa

  https:///owa/ destination
  Flags 0

  username DOMAIN\CSCO_WEBVPN_USERNAME

  password CSCO_WEBVPN_PASSWORD

  SubmitCreds Log + we

  forcedownlevel 0

  trust 0

  Anyone know how to fix?
  Someone at - it work?

  Any help?

  Thank you

  In this configuration, I had to change to HTTP (associated client). It also works well on HTTPS.

  Download this tool http://www.fiddler2.com/fiddler2/.

  URL: http://internal-mail-server-ip/owa/auth/owaauth.dll

  post parameter:

  destination: http://internal-mail-server-ip/owa/

  flags: 0

  forcedownlevel: 0

  Trust: 0

  username: CSCO_WEBVPN_USERNAME

  password: CSCO_WEBVPN_PASSWORD

  isUtf8: 1

  http://internal-mail-server-ip/owa/auth/owaauth.dll]] >

  http://internal-mail-server-IP/OWA/
  destination

  0
  flags

  0
  forcedownlevel

  0
  Trust

  CSCO_WEBVPN_USERNAME
  username

  CSCO_WEBVPN_PASSWORD
  password

  1
  isUtf8

  Welcome,

  Norbert

  Hope this helps... Please note so useful

• With Citrix Viewer PIV card woes

  I wonder if someone got their PIV smart cards to work reliably for remote access to the computer account business their Department of Veterans using the Citrix Viewer.

  I have:

  MacBook Pro running OS X El Capitan 10.11.3

  SCM SCR3500 smart card reader

  PKard software of smart card 'middleware '.

  Citrix 12.0.0 Viewer

  Safari 9.0.3

  After several hours of tech support calls that I was finally able to open a remote session with my card PIV and pine, but when the Citrix time out-it Viewer window wonder my PIN three times then crashes.  I get a "Safari cannot find the server...". "message.  If I open apps I can continue working, but if I close them, I can't usually reopen in one.  I tried closing the window closing Safari and restart Safari and even by restarting the computer and generally still cannot reconnect.  If I wait a few hours or all night, I might be able to connect.

  Someone at - it had a similar problem and found a fix?

  Dan

  Before posting my thread, I did a search and found your up to what later for some reason any.  I think we treat both the same crazy problem and I was wondering if you have found something to use with your Mac of a PIV card system?

  That's what I just posted now:

  No employee of Gov using the 'PIV card' readers?

  I was told there is ZERO chance of a PIV on any Mac card, but it is impossible (can?) lol.

  Ive read there are others using "CAC cards" via Mac, but why no PIV use? And why is there not a software to allow the reader to car Gov be approved for the purpose of the use of our Badges to connect?  Do you use also pass mobile OTP Token to connect via CAG?  UGH!

• HPDM and "Device ID" problem with Citrix virtual card

  In our image, there is the Citrix "virtual" adaptor, and this seems becausing a "Device ID" conflcit with some computers.

  I'm sitting here, watching the HPDM to change host name and the IP address of the line of the device so that the device ID is remaining the same. Didn't understand why my tasks were failing or passes to two computers at the same time until I realized that it takes device ID of the first found on the system Mac address.

  Is there anyway that I can get HPDM or HPDMAgent to choose the Mac of a different adapter to give his "Device ID"? It seems that HPDM is not able to send a single task to a single device, given that a host name and IP, but it also shuts down and send it to any other device that has the same "device id" (mac address).

  Then, when I run "ipconfig/all", the virtual map of Citrix (citrix vpn client) shows first, before the Local connection area Realtek, that's why I'm assuming HPDM straightens the Mac of Citrix first address which is duplicate with other systems which also have installed Citrix virtual card.

  We have a fix for this kind of question.

  The new design is to filter all of the virtual card, DM will pick up the mac address of the physical NIC as device ID.

  The fix will include 4.6 SP1 which aims in mid-May.

• WRT160Nv3 problem with blocking traffic through Access Restrictions

  Hello.

  I want something very simple. Block Youtube. I go in "Access Restrictions", choose a name for the policy 1, turn it on, choose the pc in the list of pc, but then...

  If a click Deny, all other options will be disabled (grayed out, do not click or write on them).

  Therefore, I can't put the URL I want (youtube).

  I tried to write the url with "allow" and then change to 'decline', but it crashes ALL the traffic.

  Not good.

  So, how can I make a new policy just to block this URL?

  Is it normal that when I click and choose "Refuse" all is disabled afterwards?

  Thanks in advance.

  Kind regards

  Leo

  for the internet access policy DENY wants to restrict internet access for hours and days specified. This may block ALL internet traffic to the said Annex. Web site blocking of URLS, blocking by keyword and the applications would then NOT AVAILABLE as long as the computers would have access to internet at first if you have such a policy is disabled.

  for your case, you can try to turn on the restriction of access to the internet to ALLOW then specify youtube.com under website by URL blocking. This would have internet access all the time (if you have the DAILY deadline), computers or during certain days and hours but do NOT have access to youtube.

• VPN Site to Site ASA (only happens with interesting traffic)

  Is anyway to get an ASA to VPN site-to-site ASA addition interesting traffic?  I need to keep this tunnel independently of traffic is anyway to do this?

  Unfortunately, no such feature has been developed on the SAA. You need to deceive the ASA with a host located in the "interesting" part of the network to constantly generate interesting traffic. Here are a few suggestions:

  -Use the IP SLA on a Cisco device

  -Perform a host TCP ping

  -Setting up a host of the site has press site B as a NTP source ASA

  Thank you for evaluating useful messages!

• ASA L2L VPN UP with incoming traffic

  Hello

  I need help with this one, I have two identical VPN tunnel with two different customers who need access to one of our internal server, one of them (customer) works well, but the other (CustomerB) I can only see traffic from the remote peer (ok, RX but no TX). I put a sniffer on ports where the ASA and the server are connected and saw that traffic is to reach the server and traffic to reach the ASA of the server then nothing...

  See the result of sh crypto ipsec his below and part of the config for both clients

  ------------------

  address:

  local peer 100.100.100.178

  local network 10.10.10.0 / 24

  local server they need access to the 10.10.10.10

  Customer counterpart remote 200.200.200.200

  Customer remote network 172.16.200.0 / 20

  CustomerB peer remote 160.160.143.4

  CustomerB remote network 10.15.160.0 / 21

  ---------------------------

  Output of the command: "SH crypto ipsec its peer 160.160.143.4 det".

  address of the peers: 160.160.143.4
  Tag crypto map: outside_map, seq num: 3, local addr: 100.100.100.178

  outside_cryptomap list of allowed access host ip 10.10.10.10 10.15.160.0 255.255.248.0
  local ident (addr, mask, prot, port): (10.10.10.10/255.255.255.255/0/0)
  Remote ident (addr, mask, prot, port): (10.15.160.0/255.255.248.0/0/0)
  current_peer: 160.160.143.4

  #pkts program: encrypt 0, #pkts: 0, #pkts digest: 0
  #pkts decaps: 827, #pkts decrypt: 827, #pkts check: 827
  compressed #pkts: 0, unzipped #pkts: 0
  #pkts uncompressed: 0, comp #pkts failed: 0, #pkts Dang failed: 0
  success #frag before: 0, failures before #frag: 0, #fragments created: 0
  Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0
  #pkts not his (send): 0, invalid #pkts his (RRs): 0
  #pkts program failed (send): 0, #pkts decaps failed (RRs): 0
  #pkts invalid prot (RRs): 0, #pkts check failed: 0
  invalid identity #pkts (RRs): 0, #pkts invalid len (RRs): 0
  #pkts incorrect key (RRs): 0,
  #pkts invalid ip version (RRs): 0,
  replay reversal (send) #pkts: 0, #pkts replay reversal (RRs): 0
  #pkts replay failed (RRs): 0
  #pkts min frag mtu failed (send): bad frag offset 0, #pkts (RRs): 0
  #pkts internal err (send): 0, #pkts internal err (RRs): 0

  local crypto endpt. : 100.100.100.178, remote Start crypto. : 160.160.143.4

  Path mtu 1500, fresh ipsec generals 58, media, mtu 1500
  current outbound SPI: C2AC8AAE

  SAS of the esp on arrival:
  SPI: 0xD88DC8A9 (3633170601)
  transform: esp-3des esp-md5-hmac no compression
  running parameters = {L2L, Tunnel}
  slot: 0, id_conn: 5517312, crypto-card: outside_map
  calendar of his: service life remaining (KB/s) key: (4373959/20144)
  Size IV: 8 bytes
  support for replay detection: Y
  Anti-replay bitmap:
  0xFFFFFFFF to 0xFFFFFFFF
  outgoing esp sas:
  SPI: 0xC2AC8AAE (3266087598)
  transform: esp-3des esp-md5-hmac no compression
  running parameters = {L2L, Tunnel}
  slot: 0, id_conn: 5517312, crypto-card: outside_map
  calendar of his: service life remaining (KB/s) key: (4374000/20144)
  Size IV: 8 bytes
  support for replay detection: Y
  Anti-replay bitmap:
  0x00000000 0x00000001

  -The configuration framework

  ASA Version 8.2 (1)

  !

  172.16.200.0 customer name

  name 10.15.160.0 CustomerB

  !

  interface Ethernet0/0

  nameif outside

  security-level 0

  IP 100.100.100.178 255.255.255.240

  !

  interface Ethernet0/1

  nameif inside

  security-level 100

  10.10.10.0 IP address 255.255.255.0

  !

  outside_1_cryptomap list extended access allowed host ip 10.10.10.10 customer 255.255.240.0

  inside_nat0_outbound_1 list extended access allowed host ip 10.10.10.10 customer 255.255.240.0

  inside_nat0_outbound_1 list extended access allowed host ip 10.10.10.10 CustomerB 255.255.248.0

  outside_cryptomap list extended access allowed host ip 10.10.10.10 CustomerB 255.255.248.0

  NAT-control

  Overall 101 (external) interface

  NAT (inside) 0-list of access inside_nat0_outbound_1

  NAT (inside) 101 0.0.0.0 0.0.0.0

  Route outside 0.0.0.0 0.0.0.0 100.100.100.177

  Route inside 10.10.10.0 255.255.255.0 10.10.10.254 1

  Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac

  Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac

  Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac

  Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac

  Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac

  Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac

  Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac

  Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac

  Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac

  Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac

  life crypto ipsec security association seconds 28800

  Crypto ipsec kilobytes of life - safety 4608000 association

  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 pfs Group1 set

  Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5

  card crypto outside_map 1 match address outside_1_cryptomap

  card crypto outside_map 1 set pfs

  peer set card crypto outside_map 1 200.200.200.200

  card crypto outside_map 1 set of transformation-ESP-3DES-SHA

  card crypto outside_map 3 match address outside_cryptomap

  peer set card crypto outside_map 3 160.160.143.4

  card crypto outside_map 3 game of transformation-ESP-3DES-MD5

  outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP

  outside_map interface card crypto outside

  crypto ISAKMP allow outside

  crypto ISAKMP policy 10

  preshared authentication

  3des encryption

  md5 hash

  Group 2

  life 86400

  crypto ISAKMP policy 20

  preshared authentication

  3des encryption

  sha hash

  Group 2

  life 86400

  crypto ISAKMP ipsec-over-tcp port 10000

  attributes of Group Policy DfltGrpPolicy

  Protocol-tunnel-VPN IPSec svc

  internal customer group strategy

  Customer group policy attributes

  Protocol-tunnel-VPN IPSec svc

  internal CustomerB group strategy

  attributes of Group Policy CustomerB

  Protocol-tunnel-VPN IPSec

  tunnel-group 160.160.143.4 type ipsec-l2l

  tunnel-group 160.160.143.4 General-attributes

  Group Policy - by default-CustomerB

  IPSec-attributes tunnel-group 160.160.143.4

  pre-shared key xxx

  tunnel-group 200.200.200.200 type ipsec-l2l

  tunnel-group 200.200.200.200 General attributes

  Customer by default-group-policy

  IPSec-attributes tunnel-group 200.200.200.200

  pre-shared key yyy

  Thank you

  A.

  Hello

  It seems that the ASA is not Encrypting traffic to the second peer (However there is no problem of routing).

  I saw this 7.x code behaviors not on code 8.x

  However you can do a test?

  You can change the order of cryptographic cards?

  card crypto outside_map 1 match address outside_cryptomap

  peer set card crypto outside_map 1 160.160.143.4

  map outside_map 1 set of transformation-ESP-3DES-MD5 crypto

  card crypto outside_map 3 match address outside_1_cryptomap

  card crypto outside_map 3 set pfs

  peer set card crypto outside_map 3 200.200.200.200

  card crypto outside_map 3 game of transformation-ESP-3DES-SHA

  I just want to see if by setting the peer nonworking time to be the first, it works...

  I know it should work the way you have it, I just want to see if this is the same behavior I've seen.

  Thank you.

  Federico.

• Lists numbered with dynamic content filtering

  I couldn't find this information anywhere, although I imagine that I'm probably not the first person to experience this problem...

  I have a few issues where the steps in the procedures are present numbered lists. I use the conditional tags build on some of the numbered steps to filter the when specific filters are applied in the output of Responsive HTML5. When I look at a topic in preview mode and apply filters, list numbers automatically renumber to avoid skipping numbers. However, when the output and then apply the filter, the lines disappear as expected, but numbered lists jump filtered numbers.

  For example:

  

  This filter as indicated in the overview:

  

  But in the generated output, the numbering is far:

  

  Is it possible to get this number right?

  Yes, just tested on my end with a multiple numbered list. And in this type of list, things go to pot!

  

  Seems that the solution is to avoid using this type of list. Pretty easy to accomplish. Select the first and the last bit of list and click the multilevel. then simply apply numbers.

  See you soon... Rick

• The issue of licenses for images on Web sites with high traffic.

  Hello

  I am new to Adobe Stock and interested to use it for projects that we are currently developing on an ongoing basis. Today we have signed up to CC too and you want to take advantage of 10 images per month with inclusive membership.

  One of the sites we develop may have a large amount of traffic to it. We would like to clarify the term "broadcasting", which is indicated in the license?

  • Create more than 500,000 copies of the image in the digital printing documents, software, or in broadcasting at least 500,000 viewers.

  The above apply to the views of the web page at all? Or is it limited to traditional broadcasting?

  If the "broadcasting" includes page views...

  N ' he likens to the 500,000 unique website visitors watching the page at the same time, or total unique visitors looking at the image over a certain period of time?

  OR

  N ' it is equivalent to 500,000 pages views, which could be generated by a much smaller audience of unique site visitors?

  I would appreciate it if this could be clarified.

  Thank you

  The term diffusion refers to total unique web page views by visitors.

  For more details, please contact customer service

• Reduction of image thumbnails with bilinear-bicubic/filtering in Flex?

  Hello!
  
  I'm developing a Flex based AIR Application, which must create thumbnails of large images. My Thumbnailer class does what I want, but the results are not so good. The problem is, that even with "smoothing" turned on, when the smoothing of bitmap drawing only up-scaling effects.
  
  The thumbnails look very jagged and crunchy. Photoshop uses bilinear or bicubic during the downward revision to an image, which is much better filtered. I searched on the web with google and I searched other Flex projects using thumbnails, but I couldn't find anything by producing miniature images better.
  
  Performance is not very important, because I save thumbnails of image files and use them. So the scale does not not to be real-time.
  
  Is there a way to create better images in Flex?

  OK, I had an idea to do this:

  Until the image is reduced, it is scrambled with the blur filter. The factor of scale to the bottom of the image is used as the blur x / y values (scale factor 1 /).

  The result almost looks be scaled down with Bilinear filtering in Photoshop.

  Flash/Flex photos have never looked so good guys :-)

  Here is the code (hopefully this helps someone some time :-)))

• WAP54g does not recognize the IP address of my laptop with active Mac filtering

  I have reset my factory default WAP54g v3.05 to allow access to the older computer to my network.

  Now, I reinstalled for better security using my new laptop: no SSID broadcast and WPA2-Personal encryption. However, when I activate the Mac filtering and allow my laptop more recent, the WAP54g does not recognize.

  Disable Mac filtering and my laptop is back on the network.

  Any suggestions to solve this problem would be appreciated.

  Make sure that the MAC address of the wireless network adapter in the MAC address filtering tab. To get the MAC address of the wireless network card. Click on start-> Go to run-> type-> CMD-> Hit Enter type ipconfig/all

  This will give a show you the MAC address for adapter ethernet and a wireless adapter. You must select one for the wireless network adapter.