Debugging printer Packet newspapers

Similar Questions

• HP Officejet Pro 8620: Auto prints Fax newspapers - when no Fax has been sent

  Several times now, my printer prints sheet Fax connects during the night.  I have not hooked to a phone line, or use the fax machine.  It prints 40 to 50 pages of newspapers only fax sheet at a time using usually upward all the paper in the tray.  It happens always in the night.  Is there some features need me to disable this option?  Any help is appreciated.

  Hi @antiquesbyadkin,

  I see by your post that the printer automatically prints a log of faxes. I would like to help you today. If this helps you to find a solution, please click on the button "" accept as Solution"" down below this message. If you want to say thanks for my effort to help, click on the 'Thumbs Up' to give me a Kudos.

  I checked the manual, for this model I don't see anyway to change the fax log. You must manually select the menu to print it. I also checked our laboratory model and could not find the settings to disable this feature.

  I want to erase on the log of faxes, which should already be empty because the printer is not used for faxing.

  1. in the Control Panel printer displays, touch and drag your finger across the screen, then
  Select Configuration.
  2. press on the configuration of the fax and then tap Tools Fax.
  3. press on the clear fax log.

  If you are setup for ePrint, it may be a sender who sends faxes over newspaper. To know for sure, I would say to set up the account to only allow that shippers. Go to hpconnected.com, click on devices, next to your name of the printer, select settings, then select admitted only shippers. (you can add senders individually) Test this out for a few days to see if it was the cause of this.

  I would say for updating the firmware of the printer, to see if that can help you if the problem persists. OJP8620_R1502A.zip

  Please let me know the results. Good day! Thank you.

• IP on SAA packets debugging

  I used the "debug ip packet detail list # ' for years on the routers. Is there a similar command on the SAA?

  Thank you

  Allyn

  Watch the capture on the ASA command. It's pretty neat, and I believe you will find what you are looking for in this command. It captures the packets flowing through the ASA. It allows you to use access lists to control what it will capture.

  HTH

  Rick

• debugging/troubleshooting IPSec one-way traffic tunnel

  I'll put up a business network IPSec consists of a UC520 at the head end (Headquarters) and several routers Linksys WRV remotes nodes/network.  I see that ISAKMP and IPSec SA on both ends and I ping the IP of the remote networks UC520 internal.  However, I can not ping any other IP on the network of the company.

  I see of "cry ips to show his" packages are décapsulés (remote business) but none are encapsulated (remote business).  I can also see (from a traceroute) how remote business packages are sent to the default gateway of the UC520 to the Internet instead of being placed in the tunnel.  This jives with what I see with ' sho ips cry her. "

  I made sure to create an ACL for the NAT for corporate remote subnets are not translated, but I don't know what else to check.  I tried to do a "debug IP packet detail xxx' with a corresponding company in remote traffic but the debug and ACL get no success.

  Any other ideas?

  Thank you
  Diego

  Well, looks like that your exemption of Nat does not work. Check 'show ip nat trans' confirm this when sending traffic.

  Can you maybe post your config NAT (together)?

• debugging packages with ASA 7.2 worm (2)

  Hello

  Previously with the version 6.3 of the PIX you can debug the packets in real time. That is to say with the command of debug package.

  Looking through the ASA 7.2 (2) order that the command of debug package no longer exists. If the order of packet - trace exists, is not in real time.

  Does anyone know how you debug packages with version 7.2 (2).

  Thank you

  Brett

  Create an ACL identify traffic that you want to debug. Create a capture specifying the ACL and the interface enters the circulation.

  Example:

  capture from the list of allowed access host ip x.x.x.x y.y.y.y

  capture mycapture access interface to capture inside list

  See capture mycapture detail dump

• Problems with NAT? Can't access internet from inside the network?

  I was intrigued with this problem for a few days now. I'm stuck on what could be the issue. The problem is that I can ping my router, G0/0 and G0/1, to the internet. However, since the switch and my PC, I can not ping Internet. I'm sure that everything is configured correctly, but here is my setup for the switch and the router:

  Router 1:

  version 15.1 no service button horodateurs service debug datetime msec Log service timestamps datetime msec encryption password service ! hostname LAN_Router_1 ! boot-start-marker boot-end-marker ! ! enable secret 5 *. ! No aaa new-model ! no location network-clock-participate 3 ! dot11 syslog no ip source route ! IP cef ! ! ! ! domain IP MyTestLab.com 8.8.8.8 IP name-server IP-server names 8.8.4.4 No ipv6 cef ! Authenticated MultiLink bundle-name Panel ! ! ! ! ! voice-card 0 ! ! ! ! ! ! ! Crypto pki token removal timeout default 0 ! ! ! ! license udi pid CISCO3845-MB sn FOC105013BA username * secret privilege 15 5 *. ! redundancy ! ! property intellectual ssh time 60 property intellectual ssh authentication-2 retries property intellectual ssh event logging property intellectual ssh version 2 ! ! ! ! ! ! ! ! interface Loopback0 192.168.254.1 IP 255.255.255.255 ! interface GigabitEthernet0/0 DHCP IP address penetration of the IP stream stream IP output NAT outside IP IP virtual-reassembly in automatic duplex automatic speed media type rj45 ! interface GigabitEthernet0/1 the IP 192.168.0.1 255.255.255.248 penetration of the IP stream stream IP output IP nat inside IP virtual-reassembly in GLBP 100 ip 192.168.0.4 priority GLBP 100 115 GLBP 100 preempt automatic duplex automatic speed media type rj45 ! ospf Router 5 router ID - 192.168.254.1 network 192.168.0.1 0.0.0.0 area 1 192.168.254.1 network 0.0.0.0 area 0 ! IP forward-Protocol ND no ip address of the http server no ip http secure server ! ! IP nat inside source list 10 interface GigabitEthernet0/0 overload IP route 0.0.0.0 0.0.0.0 dhcp ! access-list 10 permit 192.168.94.32 0.0.0.15 connect access-list 10 permit 192.168.17.0 connect 0.0.0.7 access-list 10 permit 192.168.52.0 connect 0.0.0.7

  
  access-list 10 permit 192.168.0.0 0.0.0.7 connect
  access-list 10 deny any newspaper
  !
  !
  !
  !
  !
  !
  control plan
  !
  !
  !
  !

  profile MGCP default
  !
  !
  !
  !
  !
  connection of the banner ^ C
  W A R N I N G

  THIS IS A PRIVATE COMPUTER SYSTEM.

  This computer system, including all related equipment, network devices
  (specifically including Internet access), are provided only for
  authorized used.

  All computer systems may be monitored for all lawful, including purpose
  to ensure that their use is authorized, for management of the system, to
  facilitate protection against unauthorized access, and to verify security
  survival and operational security procedures.

  Monitoring includes active attacks by authorized personnel and their
  entities to test or verify the security of the system. During the surveillance,.
  information may be examined, recorded, copied and used for authorized
  purposes.

  All information, including personal information, placed on or sent over
  This system may be monitored. Uses of this system, authorized or
  unauthorized, constitutes consent to monitoring of this system.

  Unauthorized use may subject you to criminal prosecution. Evidence of
  any unauthorized use collected during monitoring may be used for
  administrative, criminal or other adverse action. Use of this system
  constitutes a consent to monitoring for these purposes.
  ^ C
  !
  Line con 0
  Synchronous recording
  local connection
  line to 0
  line vty 0
  local connection
  entry ssh transport
  output transport ssh
  line vty 1 4
  opening of session
  transport of entry all
  !
  Scheduler allocate 20000 1000
  NTP 198.60.73.8 Server
  NTP 13.85.70.43 Server
  SaveRunConfig event manager applet
  cron cron-event timer entry ' 0 0 * * ".
  command action 1.0 cli 'enable '.
  cli 2.0 action command "RAM".

  Router 2:

  version 15.1 horodateurs service debug datetime msec Log service timestamps datetime msec encryption password service ! hostname LAN_Router_2 ! boot-start-marker boot-end-marker ! ! ! card order type necessary for slot 1 Monitor logging warnings enable secret 5 *. ! No aaa new-model ! clock timezone CST - 5 0 ! dot11 syslog IP source-route ! IP cef ! ! ! ! domain IP MyTestLab.com 8.8.8.8 IP name-server IP-server names 8.8.4.4 No ipv6 cef ! Authenticated MultiLink bundle-name Panel ! ! ! ! type of parameter-card inspect global Select a dropped packet newspapers ! voice-card 0 ! ! ! ! !

  
  !
  !
  Crypto pki token removal timeout default 0
  !
  !
  !
  !
  license udi pid CISCO3845-MB sn FOC1411592J
  username * secret 5 *.

  !
  redundancy
  !
  !
  property intellectual ssh time 60
  property intellectual ssh authentication-2 retries
  property intellectual ssh event logging
  property intellectual ssh version 2
  !
  !
  !
  !
  !
  !
  !
  !
  interface Loopback0
  192.168.254.2 the IP 255.255.255.255
  !
  interface GigabitEthernet0/0
  DHCP IP address
  penetration of the IP stream
  stream IP output
  NAT outside IP
  IP virtual-reassembly in
  automatic duplex
  automatic speed
  media type rj45
  !
  interface GigabitEthernet0/1
  IP 192.168.0.2 255.255.255.248
  penetration of the IP stream
  stream IP output
  IP nat inside
  IP virtual-reassembly in
  GLBP 100 ip 192.168.0.4
  priority GLBP 100 110
  automatic duplex
  automatic speed
  media type rj45
  !
  ospf Router 5
  router ID - 192.168.254.2
  network 192.168.0.2 0.0.0.0 area 1
  0.0.0.0 network 192.168.254.2 area 0
  !
  Default IP gateway 192.168.0.1
  IP forward-Protocol ND
  no ip address of the http server
  no ip http secure server
  !
  !
  IP nat inside source list 10 interface GigabitEthernet0/0 overload
  IP route 0.0.0.0 0.0.0.0 dhcp
  !
  SSH extended IP access list
  permit tcp host 192.168.52.2 any eq 22 log
  permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
  permit tcp host 192.168.17.18 any eq 22 log
  any eq 22 host tcp 192.168.0.1 newspaper permit
  permit tcp host 192.168.0.2 any eq 22 log
  permit tcp host 192.168.0.3 any eq 22 log
  permit tcp host 192.168.0.5 any eq 22 log
  denyip a session
  !
  access-list 10 permit 192.168.94.32 0.0.0.15 connect
  access-list 10 permit 192.168.17.0 connect 0.0.0.7
  access-list 10 permit 192.168.52.0 connect 0.0.0.7
  access-list 10 permit 192.168.0.0 0.0.0.7 connect
  access-list 10 deny any newspaper
  !
  !
  !
  !
  !
  !
  control plan
  !
  !
  !
  !
  profile MGCP default
  !
  !
  !
  !
  !
  connection of the banner ^ C
  W A R N I N G

  THIS IS A PRIVATE COMPUTER SYSTEM.

  This computer system, including all related equipment, network devices
  (specifically including Internet access), are provided only for
  authorized used.

  All computer systems may be monitored for all lawful, including purpose
  to ensure that their use is authorized, for management of the system, to
  facilitate protection against unauthorized access, and to verify security
  survival and operational security procedures.

  Monitoring includes active attacks by authorized personnel and their
  entities to test or verify the security of the system. During the surveillance,.
  information may be examined, recorded, copied and used for authorized
  purposes.

  All information, including personal information, placed on or sent over
  This system may be monitored. Uses of this system, authorized or
  unauthorized, constitutes consent to monitoring of this system.

  Unauthorized use may subject you to criminal prosecution. Evidence of
  any unauthorized use collected during monitoring may be used for
  administrative, criminal or other adverse action. Use of this system
  constitutes a consent to monitoring for these purposes.
  ^ C
  !
  Line con 0
  session-timeout 360
  exec-timeout 360 0
  7 password *.
  Synchronous recording
  local connection
  line to 0
  opening of session
  line vty 0 4
  SSH access class in
  Synchronous recording
  local connection
  entry ssh transport
  output transport ssh
  !
  Scheduler allocate 20000 1000
  NTP 198.60.73.8 Server
  NTP 13.85.70.43 Server
  SaveRunConfig event manager applet
  cron cron-event timer entry ' 0 0 * * ".
  command action 1.0 cli 'enable '.
  cli 2.0 action command "RAM".

  Switch:

  version 12.2 no service button tcp KeepAlive-component snap-in service a tcp-KeepAlive-quick service horodateurs service debug uptime Log service timestamps uptime encryption password service ! hostname LAN_Switch ! boot-start-marker boot-end-marker ! ! username * secret privilege 15 5 *. ! ! ! No aaa new-model clock timezone CST - 6 1 supply ws-c3750-24ts switch mtu 1500 routing system IP routing IP - domain name MyTestLab.com 8.8.8.8 IP name-server IP-server names 8.8.4.4 ! ! ! ! ! ! ! ! ! spanning tree mode rapid pvst spanning tree logging spanning tree extend id-system ! internal allocation policy of VLAN ascendant ! property intellectual ssh time 60 property intellectual ssh authentication-2 retries property intellectual ssh event logging property intellectual ssh version 2 ! ! interface Loopback0 192.168.254.5 the IP 255.255.255.255 ! interface FastEthernet1/0/1 switchport access vlan 17 switchport mode access spanning tree portfast spanning tree enable bpduguard ! interface FastEthernet1/0/2 switchport access vlan 10 switchport mode access spanning tree portfast spanning tree enable bpduguard ! interface FastEthernet1/0/3 switchport access vlan 666 switchport mode access Shutdown spanning tree portfast spanning tree enable bpduguard ! interface FastEthernet1/0/4 switchport access vlan 666 switchport mode access Shutdown spanning tree portfast spanning tree enable bpduguard

  
  !
  interface FastEthernet1/0/5
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/6
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/7
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/8
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/9
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/10
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/11
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/12
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/13
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/14
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/15
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/16
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/17
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/18
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/19
  Description # PC #.
  switchport access vlan 10
  switchport mode access
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/20
  Description # X_BOX #.
  switchport access vlan 666
  switchport mode access
  Shutdown
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/21
  switchport access vlan 94
  switchport mode access
  spanning tree portfast
  spanning tree enable bpduguard
  !
  interface FastEthernet1/0/22
  switchport access vlan 5
  switchport mode access
  !
  interface FastEthernet1/0/23
  switchport access vlan 5
  switchport mode access
  !
  interface FastEthernet1/0/24
  switchport access vlan 5
  switchport mode access
  !
  GigabitEthernet1/0/1 interface
  switchport access vlan 666
  Shutdown
  !
  interface GigabitEthernet1/0/2
  switchport access vlan 666
  Shutdown
  !
  interface Vlan1
  no ip address
  Shutdown
  !
  interface Vlan5
  IP 192.168.0.5 255.255.255.248
  !
  interface Vlan10
  address 192.168.10.2 255.255.255.0
  !
  interface Vlan17
  IP 192.168.17.17 255.255.255.248
  !
  interface Vlan52
  IP 192.168.52.1 255.255.255.248
  !
  interface Vlan94
  IP 192.168.94.33 255.255.255.240
  !
  ospf Router 5
  router ID - 192.168.254.5
  Log-adjacency-changes
  network 192.168.0.5 0.0.0.0 area 1
  network 192.168.10.2 0.0.0.0 area 2
  network 192.168.17.17 0.0.0.0 area 2
  network 192.168.52.1 0.0.0.0 area 2
  network 192.168.94.33 0.0.0.0 area 2
  0.0.0.0 network 192.168.254.5 area 0
  !
  IP classless
  IP route 0.0.0.0 0.0.0.0 192.168.0.4 permanent
  no ip address of the http server
  no ip http secure server
  !
  !
  SSH_IN extended IP access list
  permit tcp host 192.168.52.2 any eq 22 log
  permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
  permit tcp host 192.168.17.18 any eq 22 log
  any eq 22 host tcp 192.168.0.1 newspaper permit
  permit tcp host 192.168.0.2 any eq 22 log
  permit tcp host 192.168.0.3 any eq 22 log
  permit tcp host 192.168.0.5 any eq 22 log
  deny ip any any newspaper
  !
  !
  connection of the banner ^ C
  W A R N I N G
  THIS IS A PRIVATE COMPUTER SYSTEM.
  This computer system, including all related equipment, network devices
  (specifically including Internet access), are provided only for
  authorized used.
  All computer systems may be monitored for all lawful, including purpose
  to ensure that their use is authorized, for management of the system, to
  facilitate protection against unauthorized access, and to verify security
  survival and operational security procedures.
  Monitoring includes active attacks by authorized personnel and their
  entities to test or verify the security of the system. During the surveillance,.
  information may be examined, recorded, copied and used for authorized
  purposes.
  All information, including personal information, placed on or sent over
  This system may be monitored. Uses of this system, authorized or
  unauthorized, constitutes consent to monitoring of this system.
  Unauthorized use may subject you to criminal prosecution. Evidence of
  any unauthorized use collected during monitoring may be used for
  administrative, criminal or other adverse action. Use of this system
  constitutes a consent to monitoring for these purposes.
  ^ C
  !
  Line con 0
  session-timeout 60
  exec-timeout 60 0
  Synchronous recording
  local connection
  line vty 0
  access-class SSH_IN in
  local connection
  line vty 1 4
  access-class SSH_IN in
  opening of session
  line vty 5 15
  access-class SSH_IN in
  opening of session
  !
  NTP 198.60.73.8 Server
  Event Manager environment suspend_ports_config flash: / susp_ports.dat
  Event Manager environment suspend_ports_days 7
  Event Manager user Directorystrategie "flash: / policies /.
  Event manager session cli username "stw".
  political event manager sl_suspend_ports.tcl
  political event manager tm_suspend_ports.tcl
  SaveRunConfig event manager applet
  cron cron-event timer entry ' 0 0 * * ".
  command action 1.0 cli 'enable '.
  cli 2.0 action command "RAM".

  Well, I totally forgot the keyword "log" and NAT:

  Cisco IOS NAT support ACLs with a keyword "log"?

  A. When you configure Cisco IOS NAT translation dynamic NAT, an ACL is used to identify the packages that can be translated. The current NAT architecture does not support the ACL with a keyword "log".

  http://www.Cisco.com/c/en/us/support/docs/IP/network-address-translation...

  If your problem is not the mask with joker, but the command "log"...

• Interface not to ping

  Hello community,

  I have a problem that I just don't understand - although I do not know there is a simple explanation.

  R3 can not ping itself on 172.28.38.11/16 and I do not understand why. I appreciate R2 has of an interface on Eth 1/2 with ip address 172.28.38.1/24, but its on a separate router and a different mask.

  Can someone please explain what I'm missing here.

  Please see newspapers

  See you soon

  I did lab for you and came up with the same result.

  R1 cannot ping interface connected locally because of the longest matching rule:

  R1(config-Router) sh ip #do road

  Code: C - connected, S - static, mobile R - RIP, M-, B - BGP

  D - EIGRP, OSPF, IA - external EIGRP, O - EX - OSPF inter zone

  N1 - type external OSPF NSSA 1, N2 - type external OSPF NSSA 2

  E1 - OSPF external type 1, E2 - external OSPF of type 2

  i - IS - Su - summary IS, L1 - IS - IS level 1, L2 - IS level - 2

  -IS inter area, * - candidate failure, U - static route by user

  o - ODR, P - periodic downloaded route static

  Gateway of last resort is not set

  172.13.0.0/24 is divided into subnets, subnets 1

  C 172.13.0.0 is directly connected, FastEthernet0/1

  10.0.0.0/8 is variably divided into subnets, 3 subnets, 2 masks

  10.12.0.0/24 [110/30] by 172.13.0.3, 01:42:38, FastEthernet0/1

  C 10.12.0.0/16 is directly connected, FastEthernet0/0

  10.23.0.0/24 [110/20] by 172.13.0.3, 01:42:48, FastEthernet0/1

  R1(config-Router) #do ping 10.12.0.1

  Type to abort escape sequence.

  Send 5, echoes ICMP 100 bytes to 10.12.0.1, wait time is 2 seconds:

  .....

  Success rate is 0% (0/5)

  Italic is the locally 10.12.0.0/16 subnet with R1 to 10.12.0.1/16. R2 has 10.12.0.2/24. When you ping 10.12.0.1, the router examines the routing table and the view that 10.12.0.0/24 is the most specific match and tries to send it to R2 Fa0/1.

  In addition, you use OSPF, masks of the neighbor must match. You will notice that the interface you are trying to ping is an adjacency with the neighbor on the other side. Thus, the route that must be connected is in fact being learned a different interface because of the mask do not match and no contiguity on this interface.

  On the R1 debug ip packet:

  * Mar 1 02:53:33.951: IP: tableid = 0, s = 172.13.0.1 (FastEthernet0/0), d = 10.12.0.1 (FastEthernet0/1), routed via RIB

  * Mar 1 02:53:33.951: IP: s = 172.13.0.1 (FastEthernet0/0), d = 10.12.0.1 (FastEthernet0/1), g = 172.13.0.3, len 100, forward

  * 02:53:33.955 Mar 1: type ICMP = 8, code = 0

  I have attached my topology for you to see. Here's my adjacencies:

  R1:

  Neighbor ID Pri State Dead Time Interface address

  172.13.0.3 1 FULL/DR 00:00:34 172.13.0.3 FastEthernet0/1

  R2:

  Neighbor ID Pri State Dead Time Interface address

  172.13.0.3 1 FULL/DR 00:00:32 10.23.0.3 FastEthernet0/1

  R3:

  Neighbor ID Pri State Dead Time Interface address

  10.23.0.2 1 FULL/BDR 10.23.0.2 FastEthernet0/1 00:00:33

  172.13.0.1 1 FULL/BDR 172.13.0.1 FastEthernet0/0 00:00:39

  So what I did was to create a static route for 10.12.0.1/32 pointing to fa0/1 (172.13.0.1) in R3. Then I created a static route on R2 to R3 10.12.0.1/32. I could do a ping at this time:

  R2 #trace 10.12.0.1

  Type to abort escape sequence.

  The route to 10.12.0.1

  1 10.23.0.3 48 ms 36 ms 24 ms

  2 172.13.0.1 84 MS * 52 msec

  R2 #.

  Before doing so, I couldn't do a ping of R2 at 10.12.0.1/32. The reason was once he hit R3, R3 was a road for 10.12.0.0/24 of R2 and referred it back to R2, creating a loop.

  Now I can ping R1, but why? R1 sends still to R3 but R3 says now R1 to get back to itself on 172.13.0.1:

  R1 #ping 10.12.0.1 rep 2

  Type to abort escape sequence.

  Send 2, echoes ICMP 100 bytes to 10.12.0.1, wait time is 2 seconds:

  !!

  Success rate is 100 per cent (2/2), round-trip min/avg/max = 28/48/68 ms

  R1 #.

  R3 #.

  * 03:08:14.523 Mar 1: ICMP: redirect sent to 172.13.0.1 for 10.12.0.1 dest, use gw 172.13.0.1

  R3 #.

  So, it is definitely the longest matching rule. You can try this to fix yours although I certainly wouldn't do it in production because their no reason really. Put a static route on the host that would be your next hop for the longest subnet (whatever the host is called f0/1). You can put a static on this host for 172.28.38.1/32 pointing to his next jump back to this router. Once you do this, R3 will send a package and it will get returned with a response. It is only a thing of laboratory

  

  HTH,
  John

  Please note all useful messages *.

• IPSEC VPN tunnel on issue of Zonebased Firewall

  Help, please!

  I'm trying to configure a router lab ISR1921 to build the VPN tunnel with vmware vshield edge. The configuration of the 1921 is pasted below. There is not a lot of adjustment on the side of vshield really and I'm sure both sides are adapting to phase 1 & 2.

  The question I have: the tunnel can be built correctly and I also see from show crypto ipsec release encap and decap counters. However the devices on each side can communicate. That said, I can ping from 1921 to the IP of the internal interface of the vshield with IP source specified. But just no communication part and other...

  I did debugs and only "error" messages are:

  01:58:03.193 20 February: ISAKMP: (1001): error suppression node 1656104565 FALSE reason 'informational (in) State d1.

  ...

  01:58:03.193 20 February: ISAKMP: (1001): purge the node-1657220080

  I hope that I did a stupid thing to configure error, but I spent too much time on it. It is supposed to be a really simple installation... Please help!

  !

  version 15.4

  horodateurs service debug datetime msec

  Log service timestamps datetime msec

  no password encryption service

  !

  Lab-1900 host name

  !

  boot-start-marker

  boot system flash: c1900-universalk9-mz. Spa. 154 - 1.T1.bin

  boot system flash: c1900-universalk9-mz. Spa. 151 - 4.M7.bin

  boot system flash: c1900-universalk9-mz. Spa. 150 - 1.M4.bin

  boot-end-marker

  !

  AAA new-model

  !

  AAA authentication login default local

  authorization AAA console

  AAA authorization exec default local

  !

  AAA - the id of the joint session

  clock timezone AST - 4 0

  clock to summer time recurring ADT 3 Sun Mar 2 Sun Nov 02:00 02:00

  !

  DHCP excluded-address IP 192.168.100.1 192.168.100.40

  !

  dhcp DHCPPOOL IP pool

  import all

  network 192.168.100.0 255.255.255.0

  LAB domain name

  DNS 8.8.8.8 Server 4.2.2.2

  default router 192.168.100.1

  4 rental

  !

  Laboratory of IP domain name

  8.8.8.8 IP name-server

  IP-server names 4.2.2.2

  inspect the IP log drop-pkt

  IP cef

  No ipv6 cef

  !

  type of parameter-card inspect global

  Select a dropped packet newspapers

  Max-incomplete 18000 low

  20000 high Max-incomplete

  Authenticated MultiLink bundle-name Panel

  !

  redundancy

  !

  property intellectual ssh version 2

  !

  type of class-card inspect entire game ESP_CMAP

  match the name of group-access ESP_ACL

  type of class-card inspect the correspondence SDM_GRE_CMAP

  match the name of group-access GRE_ACL

  type of class-card inspect entire game PAC-cls-icmp-access

  match icmp Protocol

  tcp protocol match

  udp Protocol game

  type of class-card inspect correspondence sdm-cls-VPNOutsideToInside-13

  game group-access 154

  class-card type check ALLOW-VPN-TRAFFIC-OUT match-all

  match the ALLOW-VPN-TRAFFIC-OUT access group name

  type of class-card inspect entire game PAC-cls-insp-traffic

  match Protocol pptp

  dns protocol game

  ftp protocol game

  https protocol game

  match icmp Protocol

  match the imap Protocol

  pop3 Protocol game

  netshow Protocol game

  Protocol shell game

  match Protocol realmedia

  match rtsp Protocol

  smtp Protocol game

  sql-net Protocol game

  streamworks Protocol game

  tftp Protocol game

  vdolive Protocol game

  tcp protocol match

  udp Protocol game

  http protocol game

  type of class-card inspect entire game AH_CMAP

  match the name of group-access AH_ACL

  inspect the class-map match ALLOW VPN TRAFFIC type

  match the ALLOW-VPN-TRAFFIC-OUT access group name

  type of class-card inspect correspondence ccp-invalid-src

  game group-access 126

  type of class-card inspect entire game PAC-insp-traffic

  corresponds to the class-map PAC-cls-insp-traffic

  type of class-card inspect entire game SDM_VPN_TRAFFIC

  match Protocol isakmp

  match Protocol ipsec-msft

  corresponds to the AH_CMAP class-map

  corresponds to the ESP_CMAP class-map

  type of class-card inspect correspondence ccp-icmp-access

  corresponds to the class-ccp-cls-icmp-access card

  type of class-card inspect the correspondence SDM_VPN_PT

  game group-access 137

  corresponds to the SDM_VPN_TRAFFIC class-map

  !

  type of policy-card inspect self-out-pmap

  class type inspect PCB-icmp-access

  inspect

  class class by default

  Pass

  policy-card type check out-self-pmap

  class type inspect SDM_VPN_PT

  Pass

  class class by default

  Drop newspaper

  policy-card type check out-pmap

  class type inspect PCB-invalid-src

  Drop newspaper

  class type inspect ALLOW VPN TRAFFIC OUT

  inspect

  class type inspect PCB-insp-traffic

  inspect

  class class by default

  Drop newspaper

  policy-card type check out in pmap

  class type inspect sdm-cls-VPNOutsideToInside-13

  inspect

  class class by default

  Drop newspaper

  !

  security of the area outside the area

  safety zone-to-zone

  safety zone-pair zp-self-out source destination outside zone auto

  type of service-strategy inspect self-out-pmap

  safety zone-pair zp-out-to source out-area destination in the area

  type of service-strategy check out in pmap

  safety zone-pair zp-in-out source in the area of destination outside the area

  type of service-strategy inspect outside-pmap

  source of zp-out-auto security area outside zone destination auto pair

  type of service-strategy check out-self-pmap

  !

  crypto ISAKMP policy 1

  BA 3des

  preshared authentication

  Group 2

  ISAKMP crypto key iL9rY483fF address 172.24.92.103

  !

  Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac

  tunnel mode

  !

  IPSEC_MAP 1 ipsec-isakmp crypto map

  Tunnel Sandbox2 description

  defined by peer 172.24.92.103

  Set security-association second life 28800

  game of transformation-ESP-3DES-SHA

  PFS group2 Set

  match address 150

  !

  the Embedded-Service-Engine0/0 interface

  no ip address

  Shutdown

  !

  interface GigabitEthernet0/0

  WAN description

  IP 172.24.92.18 255.255.255.0

  NAT outside IP

  No virtual-reassembly in ip

  outside the area of security of Member's area

  automatic duplex

  automatic speed

  No mop enabled

  card crypto IPSEC_MAP

  Crypto ipsec df - bit clear

  !

  interface GigabitEthernet0/1

  LAN description

  IP 192.168.100.1 address 255.255.255.0

  IP nat inside

  IP virtual-reassembly in

  Security members in the box area

  automatic duplex

  automatic speed

  !

  IP forward-Protocol ND

  !

  IP http server

  access-class 2 IP http

  local IP http authentication

  IP http secure server

  !

  IP nat inside source map route RMAP_4_PAT interface GigabitEthernet0/0 overload

  IP route 0.0.0.0 0.0.0.0 172.24.92.254

  !

  AH_ACL extended IP access list

  allow a whole ahp

  ALLOW-VPN-TRAFFIC-OUT extended IP access list

  IP 192.168.100.0 allow 0.0.0.255 192.168.1.0 0.0.0.255

  ESP_ACL extended IP access list

  allow an esp

  TELNET_ACL extended IP access list

  permit tcp any any eq telnet

  !

  allowed RMAP_4_PAT 1 route map

  corresponds to the IP 108

  !

  1snmp2use RO SNMP-server community

  access-list 108 deny ip 192.168.100.0 0.0.0.255 192.168.1.0 0.0.0.255

  access-list 108 allow ip 192.168.100.0 0.0.0.255 any

  access-list 126 allow the ip 255.255.255.255 host everything

  access-list 126 allow ip 127.0.0.0 0.255.255.255 everything

  access-list 137 allow ip 172.24.92.0 0.0.0.255 any

  access-list 150 permit ip 192.168.100.0 0.0.0.255 192.168.1.0 0.0.0.255

  access-list 154 allow ip 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255

  !

  control plan

  !

  Line con 0

  exec-timeout 0 0

  Synchronous recording

  line to 0

  line 2

  no activation-character

  No exec

  preferred no transport

  transport output pad rlogin lapb - your MOP v120 udptn ssh telnet

  StopBits 1

  line vty 0 4

  access-class TELNET_ACL in

  exec-timeout 0 0

  Synchronous recording

  transport of entry all

  line vty 5 15

  access-class TELNET_ACL in

  exec-timeout 0 0

  Synchronous recording

  transport of entry all

  !

  Scheduler allocate 20000 1000

  0.ca.pool.ntp.org server NTP prefer

  1.ca.pool.ntp.org NTP server

  !

  end

  NAT looks fine.

  Please create an ACL with bidirecctional ACEs and add it as a group of access to the interface of penetration:

  IP access-list extended 180

  IP 192.168.100.0 allow 0.0.0.255 192.168.1.0 0.0.0.255 connect

  ip permit 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255 connect

  allow an ip

  interface GigabitEthernet0/1

  IP access-group 180 to

  IP access-group out 180

  Generer generate traffic, then run the command display 180 access lists .

  Also, if possible activate debug ip icmp at the same time.

  Share the results.

  Thank you

• AO532h e-recovery - backup file not found

  AO532h (Win 7) e-recovery successful (better than ever). One works a program to find the backup files "before recovery?

  This file was new in... C:/backup/public/.../log/channel.ini:

  [PATH OF LOG]
  C:\Users\Public\OEM\Acer VCM\Log
  [UDP ONLY]
  OFF
  [LOG LEVEL]
  DEBUGGING
  [UDP PACKET LOWERBOUND]
  1
  [NORMAL THREAD WAIT TIMES]
  1000
  [EVALUATION PRIOR TO VIDEO VERSION]
  3
  [UDP RECV DISCONNECT DRY]
  30
  [UDP SENDING DISCONNECT DRY]
  20
  [KEEP ALIVE INTERVAL]
  500
  [UDP SYN QUEUE TIME]
  20000
  [PACKAGE SYN]
  50
  [TCP RELAY THRESHOLD]
  1000
  [DYNAMICS OF BANDWIDTH INCOMING INTERVAL]
  20
  [DYNAMICS OF BANDWIDTH OUTGOING INTERVAL]
  50
  [2ND INVITATION TIMEOUT]
  2

  Boots fine. Reconstruction still Windows. May have lost the e-recovery of the backup.  Thanks for the reply. I'll get back to you.

• PPPoE works do not on a bridge-CSR1000V

  Hello fans of Cisco.

  I have a problem with a validation on a CSR1000V config in my lab.

  I have implemented a full PPPoE configuration server forward (bba, vpdn, virtual model...) with a bba group named PPP with L2TP.

  When I turn the server on my local interface, my customer (an old 1841 with a client pppoe-pool-numbering code) in the same local network to connect without a problem:

   interface GigabitEthernet1 no ip address pppoe enable group PPP

  But when I pass my PPPoE server to a bridge domain, it seems that the process server to no longer receive the packets 'PADI ':

   bridge-domain 12 ! interface GigabitEthernet1 no ip address service instance 1 ethernet encapsulation untagged bridge-domain 12 ! interface BDI12 no ip address pppoe enable group PPP

  When the client sends packets PADI, the number of entries in the article IG1 increments but the number of entries in BDI12 don't. And 'debug pppoe packets' does not display any package on the side of the CSR.

  I already tried to set an IP address on BDI12, and I can ping it without problem in my test client, so the connectivity seems ok.

  For more information, I need to move my PPPoE server to a BDI interface, because the final idea is to receive requests from partners NNI on pseudowires remote, not on-site:

   l2 vfi ppp-test manual vpn id 12 bridge-domain 12 neighbor 1.1.1.2 1234 encapsulation mpls

  This part is ready (ping works with static IP) but the same problem with PPPoE packets.

  Anyone has an idea why the PPPoE does not work on the BDI interface?

  Thanks for your help!

  Best regards

  Guillaume

  Guillaume,

  I'm sorry to disappoint you, but it seems that the combination of Ethernet and PPPoE service instances is not supported. Documentation for ASR - 1 K that goes the same principially IOS - XE stated explicitly:

  http://www.Cisco.com/c/en/us/TD/docs/routers/asr1000/configuration/guide/chassis/asrswcfg/BDI.html#pgfId-1054861

  Unfortunately, I do not have enough experience with these features to provide a work around - aside, of course, dedicating an additional port on the unit perform the aggregation of bridge-area and have a PPPoE server to access connected to this additional port.

  Best regards
  Peter

• snmpwalk output END_OF_MIB_VIEW_EXCEPTION

  I've got this output strange when I start a snmpwalk on a Catalyst switch. Since the Linux console, I thot, the following output:

  [email protected] / * /-1555: ~ $ snmpwalk - v 2 c - c public

  ISO.3.6.1.2.1.2.1 = no variables left in this MIB view (it is beyond the end of the MIB tree)

  On the switch at the same time with the debug snmp packet on:

  44w3d: SNMP: packet received via UDP to 192.168.88.2 on Vlan3022

  44w3d: SNMP: Get-next request, reqid 429376307, errstat 0, erridx 0

  ifNumber = TYPE/VALUE NULL

  44w3d: SNMP: response, reqid 429376307, errstat 0, erridx 0

  ifNumber = END_OF_MIB_VIEW_EXCEPTION

  44w3d: SNMP: package sent via UDP to 192.168.88.2

  I sniffed the snmp packets, I sent to the switch and it turns out that I send a get-next with the 1.3.6.1.2.1 OID query that is... pretty standard I guess, as I use the same command for other devices, and it works. Yet once sniffing snmp traffic reveals the program of snmpwalk uses the original OID even to begin to "walk" the node.

  Am I missing something?

  The switch in question is Catalyst WS - 2960G - 24TC - L with image c2960-lanbasek9 - mz.122 - 52.SE.

  Hi Boyan,

  Host Server SNMP command > is used just to report or to break the traps to the host us.

  Thank you-

  Alya

  [Note the useful post]

  Ratings encourage contributors *.

• Outgoing Caller ID question using CUCM 8.6, MGCP gateway & PRI lines

  Hello

  We have two ranges DID with our provider: 02825911XX & 02829212XX

  02825911XX maps extension 11XX

  02829212XX 12XX expansion cards.

  We have 2 E1 lines 60 channels.

  Current configuration:

  CUCM <----MGCP---->Gateway (8.6.2) (2921) <======2 e1="====">carrier / Teleco.

  Question:

  When calling 11XX we get correct caller id 02825911XX.

  But when the 12XX we receive caller ID 02825911XX instead of 02829212XX.

  for example: when calling 1206 far end caller id watch 0282591106 instead of 0282921206.

  No problem in incoming calls on the two beaches.

  The external mask are configured correctly in the domain name.

  The debug ISDN q931 shows the correct caller until the gateway ID:

  ISDN Se0/0/0:15 Q931: TX-> INSTALLATION pd = callref 8 = 0x016A
  Complete package
  Carrying capacity I = 0x8090A3
  Standard = CCITT
  Ability to transfer = speech
  Circuit transfer mode
  Transfer rate = 64 kbit/s
  The channel ID I have = 0xA98396
  Exclusive, Channel 22
  Display i = 'test '.
  Calling party number i = 0 x 0081, '0282921206'
  Plan: Unknown Type: unknown
  Called number i = 0 x 80, '82353587'
  Plan: Unknown Type: unknown

  Fixing ccapi inout & ISDN q931 debug. & Gateway config.

  Hello Gyanendra,

  I checked the configuration debug and gateway.

  These debugging come from gateway. The catwalk shows TX - Setup. Once we have sent installation information to the telephone company, I don't think that we can change the ID calls information. This means that we send correct calling Telco part number information (0282921206).

  May be that Telco is changing the number on their own party? Have you checked with Telco yet? If not, ask them what is the number of parties calling they get. You can do a live test and track same call with the telephone company engineer.

  The details of trace log:

  00:49:25.410 Sep 10: ISDN Se0/0/0:15 Q931: TX-> INSTALLATION pd = callref 8 = 0x016A
  Complete package
  Carrying capacity I = 0x8090A3
  Standard = CCITT
  Ability to transfer = speech
  Circuit transfer mode
  Transfer rate = 64 kbit/s
  The channel ID I have = 0xA98396
  Exclusive, Channel 22
  Display = 'Ludvík Aunedi' i
  Calling party number i = 0 x 0081, '0282921206'
  Plan: Unknown Type: unknown
  Called number i = 0 x 80, '82353587'
  Plan: Unknown Type: unknown
  00:49:26.222 Sep 10: ISDN Se0/0/0:15 Q931: RX<- call_proc="" pd="8"  callref="0x816A ">
  The channel ID I have = 0xA98396
  Exclusive, Channel 22
  00:49:26.222 Sep 10: ISDN Se0/0/0:15 Q931: RX<- alerting="" pd="8"  callref="0x816A">
  Sep 10 00:49:26.258: / / 6444, 9E3008C18C96, CCAPI, ccCallModifyExtended:
  Numerator = 0x2B305B60, Params = 0x2B304D78, Id = 6444 Call
  Sep 10 00:49:26.258: / / 6445, 9E3008C18C96, CCAPI, ccCallModify:
  Numerator = 0x18E30, Params = 0x2B304F80, Id = 6445 Call
  Sep 10 00:49:26.258: / / 6444, 9E3008C18C96, CCAPI, cc_api_call_modify_done:
  Result = 0, = 0x2AF52C6C, Id = 6444 Call Interface
  Sep 10 00:49:26.262: / / 6445, 9E3008C18C96, CCAPI, cc_api_call_modify_done:
  Result = 0, = 0x2AD55F80, Id = 6445 Call Interface
  Sep 10 00:49:29.406: / / 6444, 9E3008C18C96, CCAPI, cc_handle_inter_digit_timer:
  Generate inter-chiffre timeout CC_EV_CALL_DIGIT_END event
  00:49:35.262 Sep 10: ISDN Se0/0/0:15 Q931: RX<- connect="" pd="8"  callref="0x816A">
  00:49:35.266 Sep 10: ISDN Se0/0/0:15 Q931: TX-> the CONNECT_ACK pd = callref 8 = 0x016A
   
  Also, can you do another test call and join:
  Debug mgcp packet with debug ISDN q931 and CCAPI inout
   
   
  Kind regards
  Amarjeet
   

• System 32 WinInet.dll error

  It was working fine using the following calls of the LIB in Wininet.dll. The FTPPUT call has worked a dozen times, then stop working and gives me an ERROR - 32 NOW.  Not sure why this happened... I did restart the computer... The error is created in line with the FtpPutFile came back FALSE and it's work and in fact gtransferred the file to the ser er before as shown using filezilla to check the transferred file ok. Someone at - it habve ideas?

  lHandle = InternetOpen (sAgent, lAccessType, sProxyName, sProxyBypass, lFlags)
  Debug.Print "returned InternetOpen ="& lHandle. "
  If lHandle = 0 Then
  Debug.Print Err.LastDllError
  Search.Text = "could not open the local connection =" & Err.LastDllError & ""& Err.Description.
  End If
  lTest1 = InternetConnect (lHandle, report, iPort, sNomUtilisateur, sPassword, INTERNET_SERVICE_FTP, INTERNET_FLAG_PASSIVE, 0 &)
  Debug.Print "returned InternetConnect ="& lTest1. "
     
  If lTest1 <> 0 Then
  sDocumentServer = "/ Database/MarineWeb.mdb '.
  lReturn = FtpPutFile (lTest1, sDocument, sDocumentServer, FTP_TRANSFER_TYPE_UNKNOWN, 0)
  If lReturn = 0 Then
  Accessories.Text = "Unable to transfer database DLL error" - & Err.LastDllError & "" & Err.Source
  Desc.Text = "Unable to tranfer local database error" - & Err.Number & "" & Err.Source
  Debug.Print "Unable to Transfer Database" - & Err.LastDllError & "" & Err.Source
  On the other
  Search.Text = 'database successfully transferred'
  End If
  On the other
  Search.Text = "Unable to connect to the FTP server" & Err.LastDllError & "" & Err.Source
  End If
  InternetCloseHandle lTest1
  InternetCloseHandle hOpen

  Hi Jeff,

  He appears as a corruption of the dll. Run the System File Checker tool and check if this solves the problem.

  To do this, please visit this link:

  How to use the System File Checker tool to fix the system files missing or corrupted on Windows Vista or Windows 7

  http://support.Microsoft.com/kb/929833

  I hope this helps!

• traceroute pix 7.0 problems

  Hiya,

  I've updated to v7.0 (1) pix and after that, I had this problem can't traceroute out of my WAN connection. The pix connects to the internet and when I do a ping from inside outside external ip addresses, it works, but traceroute will be inaccessible after the jump of pix. Traceroute to the border immediately after the pix router. Check the logs indicated that time ICMP exceeded packet newspapers:

  % 4 PIX-400015: time ID: 2005 exceeded ICMP from xxx to yyy off

  I have already explicitly allow access-list out_in line 12 extended permit icmp any xxx 255.255.255.224 exceeded time

  to allow packets time exceeded icmp to come in, but nothing helped. Any suggestions? Inspect the icmp is on as well

  Directly from Cisco TAC:

  To allow traceroute

  through PIX code 7.0, we must add "inspect icmp error" in PIX configuration. Please

  to implement following commands in configuration - PIX mode

  --> Policy-map global_policy

  --> class inspection_default

  --> inspect icmp error

  --> write mem

  I hope this works for you too!

• Can't swith to a specific open application

  I have a problem of long duration with Windows 7 (64-bit).  I have run many applications and keep open for a long time.  I have a dock/undock my laptop frequently to work.  Sometimes, some of my open applications refuse to maximize.  I can't go to them with the Alt + Tab, make right click + expand, Task Manager switch to, or similar methods.

  Since I dock/undock and use the external monitor, I ensured that the window does not open out of the screen.  There was a post describing the use of Alt + space + M to move windows by arrows.  Has not worked for me.  I switch back to a single screen (main screen), but the problem persists.

  The window of the application and its contents appear in 'preview' mode in the mini-fenetres when I'm at the top of the taskbar. But when I click it to maximize, Windows moves the focus to a different application window.

  I am sure that the application I want to spend to is not dead.  It shows 'How to' in the Task Manager and also I can see in the preview of the widget it is powered (in this case, I want to move to an instance of Matlab, where a script is running, and printing of newspapers on the window of the application).

  If anyone can suggest something to solve this problem without killing the application of concern or rebooting the system or by using the restoration of the system, or reinstallation of Windows, it would help me keep my faith in Microsoft Windows 7.

  Thank you very much
  Mehdi

  Hi mdanesh,

  Given that the problem is related to this specific program and we offer are listed in the steps you are trying to avoid the troubleshooting steps, you can check the Answers MATLAB communities.