I need VPN gateway to gateway with NAT for several subnets, RV082
I have a pair of RV082 routers and I would like to configure a gateway to gateway VPN tunnel, as described in a book, "How to configure a VPN tunnel that routes all traffic to the remote gateway," (name of file Small_business_router_tunnel_Branch_to_Main.doc). I followed this recipe book and found that my while the main office has internet connectivity, the branch subnet is not an internet connection.
Routing behaves as advertised, where all traffic goes to the seat. However, the 192.168.1.0 subnet in the branch receives no internet connectivity. I read in other posts that the main router will provide only NAT for the local subnet, not the Management Office subnet. Is it possible to configure the RV082 router to provide NAT for all subnets?
If this is not the case, what product Cisco will provide connectivity VPN Tunnel as well as the NAT for all subnets? The RV082 can be used as part of the final solution or are my RV082s a wasted expense?
Here is the configuration that I had put in place, (real IP and IKE keys are false).
Bridge to bridge
Remote Head Office
Add a new Tunnel
No de tunnel 1 2
Name of the tunnel:, n1 n1-2122012_n2-1282012-2122012_n2-1282012
Interface: WAN1 WAN1
Enable : yes yes
--------------------------------------------------------------------------------
Configuration of local groups
Type of local security gateway: IP only IP only
IP address: 10.10.10.123 10.10.10.50
Local security group type: subnet subnet
IP address: 192.168.1.0 0.0.0.0
Subnet mask: 255.255.255.0 0.0.0.0
--------------------------------------------------------------------------------
Configuration of the remote control groups
Remote security gateway type: IP only IP only
IP address: 65.182.226.50 67.22.242.123
Security remote control unit Type: subnet subnet
IP address: 0.0.0.0 192.168.1.0
Subnet mask: 0.0.0.0 255.255.255.0
--------------------------------------------------------------------------------
IPSec configuration
Input mode: IKE with preshared key IKE with preshared key
Group of the phase 1 of DH: Group 5 - 1536 bit group 5 - 1536 bit
Encryption of the phase 1: of THE
The phase 1 authentication: MD5 MD5
Step 1 time in HIS life: 2800 2800 seconds
Perfect Forward Secrecy: Yes Yes
Group of the phase 2 DH: Group 5 - 1536 bit group 5 - 1536 bit
Encryption of the phase 2: of THE
Phase 2 of authentication: MD5 MD5
Time of the phase 2 of HIS life: 3600 seconds 3600 seconds
Preshared key: MyKey MYKey
Minimum complexity of pre-shared key: Enable Yes Enable
--------------------------------------------------------------------------------
If you are running 4.x firmware on your RV082, you must add an additional Allow access rule for the Branch Office subnet (considered one of the multiple subnets in the main office) may have access to the internet. Note the firmware version has more details about it.
http://www.Cisco.com/en/us/docs/routers/CSBR/rv0xx/release/rv0xx_rn_v4-1-1-01.PDF
Tags: Cisco Support
Similar Questions
-
Cisco Asa vpn site-to-site with nat
Hi all
I need help
I want to make a site from the site with nat vpn
Site A = 10.0.0.0/24
Site B = 10.1.252.0/24I want when site A to site B, either by ip 172.26.0.0/24
Here is my configuration
inside_nat_outbound to access ip 10.0.0.0 scope list allow 255.255.255.0 10.1.252.0 255.255.255.0
tunnel-group x.x.x.x type ipsec-l2l
tunnel-group ipsec-attributes x.x.x.x
pre-shared-key!ISAKMP retry threshold 10 keepalive 2
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
card crypto outside_map 2 match address inside_nat_outboundcard crypto outside_map 2 pfs set group5
card crypto outside_map 2 peers set x.x.x.xcard crypto outside_map 2 game of transformation-ESP-AES-256-SHA
NAT (inside) 10 inside_nat_outbound
Global 172.26.0.1 - 172.26.0.254 10 (outside)
but do not work.
Can you help me?
Concerning
Frédéric
You must ensure that there is no NAT 0 ACL statement because it will take precedence over the static NAT.
You don't need:
Global 172.26.0.1 - 172.26.0.254 10 (outside)
NAT (inside) 10 access-list nattoyr
Because it will be replaced by the static NAT.
In a Word is enough:
nattoyr to access ip 10.0.0.0 scope list allow 255.255.255.0 10.1.252.0 255.255.255.0
access extensive list ip 172.26.0.0 vpntoyr allow 255.255.255.0 10.1.252.0 255.255.255.0
public static 172.26.0.0 (inside, outside) - nattoyr access list
card crypto outside_map 2 match address vpntoyr
card crypto outside_map 2 pfs set group5
card crypto outside_map 2 defined peer "public ip".
card crypto outside_map 2 game of transformation-ESP-AES-256-SHA
outside_map interface card crypto outside
tunnel-group "public ip" type ipsec-l2l
tunnel-group "public ip" ipsec-attributes
pre-shared key *.
-Make sure that it not there no NAT ACL 0 including the above statements and check if NAT happening (sh xlate) and the
traffic is being encryption (sh cry ips its)
Federico.
-
Hello! I have a VPN network star topology, I need configuration for our customers to access. I have 3 points of endpoint in this example: VPN, Pix 515e and Linksys RV042 hub. The hub is the site of our parent company, the Pix 515e is our data center and the RV042 is at the customer's site. What I currently have is a VPN connection between our Pix 515e and the hub, and another between our Pix 515e and the RV042 VPN. What I need is for the server on the client (RV042) site to talk to the hub network via our Pix 515e. I also need to be coordinated traffic so it looks like it's from the same subnet on our Pix 515e to the hub.
Hub (MEAN): 10.1.6.x
PIX 515e (HUB): 172.16.3.x
RV042 (SPOKEN): 192.168.71.x
PIX 515e (HUB):
Outside - 12.34.56.78
Interior - 172.16.1.1
Hub (TALK):
Outside - 87.65.43.21
Interior - 10.1.6.1
RV042 (SPOKEN):
Outside - 150.150.150.150
Interior - 192.168.71.1
The hub allows all traffic to my Pix 515e on subnet 172.16.3.x and vice versa. The RV042 allows all traffic from 172.16.3.x to talk to 192.168.71.x and vice versa. I need to get 192.168.71.5 on RV042 network 10.1.6.x the network hub through the Pix 515e and make it look like its 172.16.3.71 entry. So I need NAT traffic in the tunnel to another tunnel. Attached config running under the direction of privacy. Any help is greatly appreciated.
On PIX you need a static policy statement,
NAT list allowed access host ip 192.168.71.5 10.1.6.0 255.255.255.0
public static 172.16.3.71 (external, outside) 192.168.71.5 nat access list
And modify the ACL of appropriately crypto to include natted address.
-
How to enable notification of change of value with DSC for several variables
Hello
I would like to request a notification with DSC for two shared variables value saved for change events. In the example attached, it is no problem to do it for only a variable. But I have no idea how to do to achieve for that variable.
Any ideas?
Matthias
Hi Matthias,
You can implement it as you can see in the attached example.
Best regards
Mencef -
VPN gateway with the traffic filtering
I work in his laboratory on a configuration on a small scale in which client PC establishes an IPSEC VPN with Cisco 1921 router, I have two questions in this regard.
(1) for wireless PC clients, uses an IPSEC VPN Client the best option or should I prefer other options. wireless clients also use Radius Server for authentication.
(2) I want to make sure no other traffic can reach or pass the interface of local network other than the VPN Client traffic, I need to set up on the router to make sure that no other traffic cannot pass other than traffic APV.
First: The real IPsec VPN client is the AnyConnect. The VPN-config for AnyConnect (especially for IPsec) gateway on the router IOS is much more difficult, so it's on the SAA. If you still have the possibility of changing the front doors, then go for a SAA. It is also much cheaper from a perspective of license given that no license of AnyConnect Essentials for the router. The Cisco VPN Client to the traditional address is EOL and should not begin a new deployment on this basis.
Your questions:
(1) all VPN - users should be authenticated in some way. Send the request to a central directory authentication is a best practice and usually done with RADIUS. In addition to authentication, you can also perform an authorization to control what rights Gets a VPN user.
(2) If you only want to allow IPsec traffic, you must configure an access list, a permit for UDP/500, UDP/4500 and IP/50 of your router IP. With this config, all other traffic will be dropped.
-
Cisco ASA VPN Site to Site WITH NAT inside
Hello!
I have 2 ASA 5505 related to IPSEC Tunnel VPN Site to Site.
A 192.168.1.0/24 'remotely' inside the network and a local "192.168.200.0/24' inside the network (you can see the diagram)
The local host have 192.168.200.254 as default gateway.
I can't add static route to all army and I can't add static route to 192.168.200.254.
NAT the VPN entering as 192.168.200.1 or a 192.168.200.x free to connect my host correcly?
If my host sends packet to exit to the default gateway.
Thank you for your support
Best regards
Marco
The configuration must be applied on the SAA with the 192.168.200.0 subnet it is inside, there must be something like this:
permit 192.168.1.0 ip access list VPN_NAT 255.255.255.0 192.168.200.0 255.255.255.0
NAT (outside) X VPN_NAT outside access list
Global (inside) X Y.Y.Y.Y (where the Y.Y.Y.Y) is the ip address
If you have other traffic on the vpn through the tunnel that requires no nat, then you must add external nat exemption rules since these lines above obliges all traffic through the asa to have a nat statement.
See if it works for you, else post your config nat here.
-
VPN site to Site with NAT (PIX 7.2)
Hi all
I hope for more help with config PIX. TBH I would classify myself as a newb on PIX, only dabbling in it every 6 months or so...
I have to configure a VPN site-to site between our UK and US Office, to replace our frame relay link. I have configured multiple VPN site to site on the before PIX, so am reasonably okay with the appearance of the config of who. What is a new concept for me is the needs of NAT'ing between the IPSEC tunnel.
The U.S. Agency requires us to NAT source addresses (i.e. 192.168.1.0) usable on their side address (i.e. 143.102.89.0). The tunnel must then be set to encrypt traffic between 143.102.89.0/24 and 172.24.0.0/14.
I added the following config and hoping to test it at the U.S. office happens online today.
If I Ping from 192.168.1.0 to 172.24.x.x source and run a SH NAT inside, the NAT translation seems good.
is the intellectual property inside 192.168.1.0 255.255.255.0 outside 172.24.0.0 255.252.0.0
static translation at 143.102.89.0
translate_hits = 4, untranslate_hits = 0Could someone please go through the following lines of config and comment if there is no error?
Thank you very much
Kevin
/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-margin : 0 cm ; mso-para-marge-bottom : .0001pt ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-fareast-font-family : « Times New Roman » ; mso-fareast-theme-font : minor-fareast ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ; mso-bidi-font-family : « Times New Roman » ; mso-bidi-theme-font : minor-bidi ;}
IP 143.102.89.0 allow Access-list ipsec - dallas extended 255.255.255.0 172.24.0.0 255.252.0.0
policy-nat-dallas-list of allowed extensive access ip 192.168.1.0 255.255.255.0 172.24.0.0 255.252.0.0
public static 143.102.89.0 (inside, outside) - list of access policy-nat-dallas
Crypto ipsec transform-set esp-3des esp-md5-hmac 3desmd5set
card crypto map dyn 40 correspondence address ipsec - dallas
set dyn-map 40 crypto map peer 143.101.6.141
card crypto dyn-map 40 transform-set 3desmd5set
dyn-map interface card crypto outside
crypto isakmp identity address
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
3des encryption
md5 hash
Group 2
life 86400
tunnel-group 143.101.6.141 type ipsec-l2l
IPSec-attributes tunnel-group 143.101.6.141
pre-shared-key *.
You can configure NAT/Global pair for the rest of the users.
For example:
You can use the initially configured ACL:
policy-nat-dallas-list of allowed extensive access ip 192.168.1.0 255.255.255.0 172.24.0.0 255.252.0.0
NAT (inside) 1 access list policy-nat-dallasGlobal 1 143.102.89.x (outside)
The static statement that you configured previously will take precedence over the above. So the printer gets statically using a NAT to 143.102.89.10, and the rest can do another ip address 143.102.89.x PATed.
Please note that for PAT, traffic can only be initiated from 192.168.1.0/24 LAN to 172.24.0.0/14, not the other way around.
Hope that helps.
-
Validation of the IOS VPN peer identity IP with NAT - T
I just lost a lot of time to understand this behavior of the IOS. My conclusion reached: If you work with the good old peer identity address validation in profiles ISAKMP and the peer you are talking about is located behind a NAT, you must use the private IP address of the peer in the command "adapter address of the identity". I thought that NAT - T takes care of the translation in all sections of required configuration, but here especially, seems not so much. The interesting thing is that for all other orders, you must use the public IP address.
See the following example (showing only the relevant articles with statements by peer inside):
door-key crypto OUR_KEYRING
key pre-shared key address 1.2.3.4
Crypto isakmp PROFILE_NAME profile
VRF TEST
key ring OUR_KEYRING
function identity address 192.168.99.5 255.255.255.255
OUR_MAP 6 ipsec-isakmp crypto map
defined peer 1.2.3.4
the value of PROFILE_NAME isakmp-profile
Does anyone know if this is normal or if it is a bug? It would be useful and consistent if NAT - T changed the identity of the peer address during the phase 1 negotiation, then we would not deal with peer private addressing within site to site VPN configs. I also think of IP scenarios that overlap that may occur when you work with dealing with private peer.
See the release of relevant debugging in the attachment, after documenting a failed connection attempt (using the public, NATted IP of the peer in the command 'fit the address of identity') and once a following connection attempt (using the IP private, internal counterpart).
My router is a C2951 with IOS 15.3 (2) T2. The counterpart is an ASA (version & unknown config so far, but I'm sure that the other engineer did not indicate what it is using a private address in its config, despite my session from behind a NAT router, too).
Thank you & best regards
Toni
Toni,
Problem with identity is that it is an encrypted package (in Exchange MM) so cannot be changed in transit, so that a host may not know reliably it is the external IP address (it can make assumptions, but he doesn't know how long it is valid for).
Also if you "NAT 'd" identity you can't the difference between two devices behind same NAT/PAT on end of answering machine.
There are some implmentations IKE allowing IKE to identity type and value to specify manually. IOS not among them.
Yes decouple us identity and peer of the intellectual property, it adds flexability with a few corner cases which may arrise.
Yet another reason why NAT is evil?
M.
-
local host to access the vpn site to site with nat static configured
I have two 881 routers with vpn site to site between them. I have a static nat on the router for a Web server that is accessible from the internet. I can't access the Web server through the vpn. All other traffic is fine its VPN. I think that there is a problem with the NAT. Here are the relevant configuration lines.
IP nat inside source overload map route SDM_RMAP_1 interface FastEthernet4
IP nat inside source static 192.168.150.2 bonnefin map route SDM_RMAP_1allowed SDM_RMAP_1 1 route map
corresponds to the IP 100access-list 100 deny ip 192.168.150.0 0.0.0.255 192.168.123.0 0.0.0.255
access-list 100 permit ip 192.168.150.0 0.0.0.255 anyYou should be able to access the web server with its IP private (192.168.150.2) through the VPN connection.
If you just add the VPN and the road map, try to clear the existing translation and see if you can access it via its private of the Remote LAN VPN ip address.
-
Hello Experts
We intend to set up a VPN site-to site between two sites, sites, Site & A B such as shown in the attached diagram.
The LAN on SIte A is 10.8.1.0/24 who are planning to NAT on the ASA5505 to 192.168.42.0/24 because this is the range that is allowed on the firewall on the remote end (Site B ASA 5520)
What type of configuration requires we on the firewall of the Site regarding the interesting traffic.
Natted IPs will be the interesting traffic?
Is there another thing we have in other mind while configuring the ASA for the scenarios.
Help would be appreciated.
ACL "crypto-NAT" of my example will be the NAT traffic that source of 10.8.1.0/24 for 10.3.0.0/24 to match 192.168.42.0/24.
For example:
10.8.1.1 will be coordinated to 192.168.42.1 when traffic is destined to the 10.3.0.0/24 subnet.
10.8.1.2 will be coordinated to 192.168.42.2 when traffic is destined to the 10.3.0.0/24 subnet.
etc etc.
If you have another remote subnet, you are right, you just add the extra line to the crypto-NAT and crypto-ACL. So, you will have the following lines:
IP 10.8.1.0 allow Access-list crypto-NAT 255.255.255.0 10.3.0.0 255.255.255.0
10.8.1.0 IP Access-list crypto-NAT 255.255.255.0 allow 10.5.0.0 255.255.0.0
Crypto ip 192.168.42.0 access list ACL allow 255.255.255.0 10.3.0.0 255.255.255.0
Crypto ip 192.168.42.0 access list ACL allow 255.255.255.0 10.5.0.0 255.255.0.0
-
VPN site to Site with NAT and Port forwarding on a 871
Hello
Could someone please look at the config 871 router attached and tell me where I'm wrong!
VPNs all work, work, BUT anyone trying to connect to a port that is sent through the VPN port forwarding fails.
In the config attached Port 3389 (RDP) is sent to an internal server, if you connect to the external interface Internet connection is made and it works well, but if someone tries to connect to the IP address internal to that same server through VPN, it does not.
We've added commands to stop working on the lines VPN NAT, but these do not seem to work.
What Miss me?
Thank you in advance and I will adjudicate all useful responses.
It is a common problem. Yes you added controls to prevent NAT to work above the tunnel, but your static nat port to port 3389 takes precedence over the generic nat command, and there not all orders top to prevent it is nat would be above the tunnel.
I wrote an example configuration for this some time, see here for more details:
http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_configuration_example09186a0080094634.shtml
If all goes well, he explains everything. Note that it is for a general order static host, not a static port that you have, but the concept is exactly the same. Just add a statement roadmap on the end of your static command of the port, and this route map - will reference an ACL that denies are used when going up above the tunnel.
-
Using the account with pivot for several columns
create table TEST_CASETBL (ID, NUM, TYPE, CREATED_BY, CREATED_DT) that choose
1, 1-1, CO, ABC, sysdate-10 of all the DOUBLE select union
2, 1-1, EO, ABC, sysdate-10 of all the DOUBLE select union
3, 1-2, CO, ABC, sysdate-10 of all the DOUBLE select union
4, 1-2, UPD, ABC, sysdate-10 of all the DOUBLE select union
5, 1-3, CO, XYZ, sysdate-10 of all the DOUBLE select union
6, 1-3, EO, XYZ, sysdate-10 of all the DOUBLE select union
7, 1-4, CO, XYZ, sysdate-10 of all the DOUBLE select union
8, 1-4, NT, XYZ, sysdate-10 of all the DOUBLE select union
9, 1-5, EO, XYZ, sysdate-10 of all the DOUBLE select union
10, 1-5, NT, XYZ, 10 sysdate from DUAL;
I want to calculate number of NUM, County of different values in the 'TYPE' column based on the CREATED_BY column
Expected result:
CREATED_BY Count (NUM) Count (CO) Count (EO) Count (s) Count (UPD)
ABC 2(which means 1-1,1-2) 2 1 0 1
XYZ 3(which means 1-3,1-4,1-5) 2 2 2 0
Please provide your suggestions to solve the SQL query form
Thank you
Hello
Melissacharlier-Oracle wrote:
create table TEST_CASETBL (ID, NUM, TYPE, CREATED_BY, CREATED_DT) that choose
1, 1-1, CO, ABC, sysdate-10 of all the DOUBLE select union
2, 1-1, EO, ABC, sysdate-10 of all the DOUBLE select union
3, 1-2, CO, ABC, sysdate-10 of all the DOUBLE select union
4, 1-2, UPD, ABC, sysdate-10 of all the DOUBLE select union
5, 1-3, CO, XYZ, sysdate-10 of all the DOUBLE select union
6, 1-3, EO, XYZ, sysdate-10 of all the DOUBLE select union
7, 1-4, CO, XYZ, sysdate-10 of all the DOUBLE select union
8, 1-4, NT, XYZ, sysdate-10 of all the DOUBLE select union
9, 1-5, EO, XYZ, sysdate-10 of all the DOUBLE select union
10, 1-5, NT, XYZ, 10 sysdate from DUAL;
I want to calculate number of NUM, County of different values in the 'TYPE' column based on the CREATED_BY column
Expected result:
CREATED_BY Count (NUM) Count (CO) Count (EO) Count (s) Count (UPD)
ABC 2(which means 1-1,1-2) 2 1 0 1
XYZ 3(which means 1-3,1-4,1-5) 2 2 2 0
Please provide your suggestions to solve the SQL query form
Thank you
This CREATE TABLE statement works when try you it? Do you need single quotes around string literals?
You may want something like:
WITH data_to_pivot AS
(
SELECT created_by, type
COUNT (DISTINCT num) over (PARTITION BY created_by) AS count_num
OF test_casetbl
)
SELECT *.
OF data_to_pivot
PIVOT (COUNT (*)
TO indicate the ("CO" AS count_co
'EO' AS count_eo
'NT' AS count_nt
'UPD' AS count_upd
)
)
ORDER BY created_by
;
-
XML editor integration with OFA for several display objects
Dear all,
I have a problem in the integration of XML with the OAF Page.
I'm generating the xml using the XMLNode class tags. And I was succeed for object a point of view. But now I am faced with the question with two display objects (which is not dependent on each other).
Are there any entries you its urgent.
Thanks in advance,
Kind regards
Anil Kumar
Dear all,
I found the solution for this... Please find the Code.
The controller code:
If (pageContext.getParameter ("generateRpt")! = null)
{
String po_number = (String) pageContext.getTransactionValue ("PO_NUM");
System.out.println ("The PO number s i-" + po_number);
Serializable params [] = {fromDate, to this day, docNo, pendingType, reqNo, po_number}; //
Class paramType [] =
{String.class, String.class, String.class, String.class,
String.Class, String.Class}; //
DataObject sessionDictionary = pageContext.getNamedDataObject("_SessionParameters");
HttpServletResponse response = (HttpServletResponse) sessionDictionary.selectValue (null,
"HttpServletResponse");
Try
{
System.out.println ("Inisde generate button step 2");
ServletOutputStream os = response.getOutputStream ();
If (ReportFormat1! = null &!) ReportFormat1.equals(""))
{
If (ReportFormat1.equals ('PDF'))
{
System.out.println ("Inisde generate button step 3");
contentDisposition = "attachment; filename = quote Report.pdf";
response.setHeader ("Content-Disposition", contentDisposition);
response.setContentType("application/pdf");
BT = TemplateHelper.OUTPUT_TYPE_PDF;
}
If (ReportFormat1.equals ("XLS"))
{
System.out.println ("Inisde generate button step 4");
contentDisposition = "attachment; filename = quote Report.xls";
response.setHeader ("Content-Disposition", contentDisposition);
response.setContentType("application/vnd.ms-excel");
BT = TemplateHelper.OUTPUT_TYPE_EXCEL;
}
}
ByteArrayOutputStream OutputStream = new ByteArrayOutputStream();
Byte = bufutf'
'. getBytes(); '. getBytes();outputStream.write (bufutf);
XMLNode xmlNode [] = new XMLNode [10];
xmlNode = (XMLNode []) am.invokeMethod ("executeReportPO", params, paramType);
System.out.println ("IN CO");
xmlNode [1] .print (outputStream);
xmlNode [2] .print (outputStream);
Byte = bufutf1'
outputStream.write (bufutf1);
System.out.println ("Testying-" + outputStream.toString ());
ByteArrayInputStream InputStream = new ByteArrayInputStream (outputStream.toByteArray ());
ByteArrayOutputStream fileData = new ByteArrayOutputStream();
TemplateHelper.processTemplate (((OADBTransactionImpl) pageContext.getApplicationModule (webBean) .getOADBTransaction ()) .getAppsContext (),)
APP_NAME, TEMPLATE_CODE,
((OADBTransactionImpl) pageContext.getApplicationModule (webBean) .getOADBTransaction ()) .getUserLocale () .getLanguage ();
((OADBTransactionImpl) pageContext.getApplicationModule (webBean) .getOADBTransaction ()) .getUserLocale () .getCountry ();
inputStream, bt, null, fileData);
System.out.println ("inside the template code");
Byte [] b = fileData.toByteArray ();
response.setContentLength (b.length);
OS. Write (b, 0, b.length);
OS. Flush();
OS. Close();
System.out.println ("inside the model code1");
}
catch (System.Exception e)
{
throw new OAException (e.getMessage ());
}
}
GOT the Code:
public XMLNode [] executeReportPO (String fromDate, String to date,
String docNo, String pendingType,
String reqNo, String ponum)
{
System.out.println ("Generate Inisde AM step 1 button" + ponum);
ByteArrayOutputStream OutputStream = new ByteArrayOutputStream();
ItemPendingPoVOImpl vo = getItemPendingPoVO1();
Vo1 PoDetailVOImpl = getPoDetailVO1();
Try
{
vo.setWhereClauseParams (null);
vo.setWhereClauseParam (0, docNo);
vo.setWhereClauseParam (1, reqNo);
vo.setWhereClauseParam (2, fromDate);
vo.setWhereClauseParam (3 so far);
vo.setWhereClauseParam (4, pendingType);
vo.executeQuery ();
System.out.println ("Request"- + vo.getQuery ());
String whereconditionpo = "PONO ='" + ponum + "'";
VO1.setWhereClause (whereconditionpo);
VO1. ExecuteQuery();
System.out.println ("query 2--->" + vo1.getQuery ());
System.out.println ("Inisde generate button step 2 in AM");
} catch (System.Exception e)
{
throw new OAException (e.getMessage ());
}
s int = vo.getRowCount ();
System.out.println ("number of rows affected" + s);
XMLNode NodeList = new XMLNode [] [10];
Try
{
NodeList [1] = ((XMLNode) vo.writeXML (4, XMLInterface.XML_OPT_ALL_ROWS));
((XMLNode) vo.writeXML (4,)
XMLInterface.XML_OPT_ALL_ROWS)) .print (outputStream);
System.out.println (OutputStream.ToString ());
System.out.println ("Inisde generate button step 1");
NodeList [2] = ((XMLNode) vo1.writeXML (4, XMLInterface.XML_OPT_ALL_ROWS));
((XMLNode) vo1.writeXML (4,)
XMLInterface.XML_OPT_ALL_ROWS)) .print (outputStream);
System.out.println (OutputStream.ToString ());
return NodeList;
} catch (System.Exception e)
{
throw new OAException (e.getMessage ());
}
}
Kind regards
Anil Kumar Pasupala
-
With INSERT for FDM memory problem
All-
We have configured FDM to run a script of integration in our instance EBS at the import stage. It worked fine for awhile, then we started to run out of memory on the server FDM. At the suggestion of the Oracle, we stopped through a record set for add and update the values of strWorkTableName and instead, he began to use INSERT INTO. I admit, I never needed to use the INSERT INTO how to do, so I can miss something bery base.
Our integration script:
I can run the SQL less line insertion in my SQL Developer and it works fine. When I run the script in its entirety in the FDM, we get the following:Function SQLIntegration2(strLoc, lngCatKey, dblPerKey, strWorkTableName) '------------------------------------------------------------------ 'Oracle Hyperion FDM IMPORT Integration Script: ' 'Created By: karks 'Date Created: 2011-10-26 13:05:18 ' 'Purpose: ' '------------------------------------------------------------------ Dim strSQL 'SQL string Dim lngPartitionKey Dim strConn 'Connection string to the source data Set cnSS = CreateObject("ADODB.Connection") lngPartitionKey = RES.PlngLocKey strConn= "File Name=C:\Users\karksadm\Desktop\NewConnection.udl;" cnSS.open strConn strSQL = "Insert Into " & strWorkTableName & " (PartitionKey, CatKey, PeriodKey, DataView, Amount , Account, Entity, ICP, UD1, UD2, UD3, UD4) " strSQL = strSQL & "SELECT " & lngPartitionKey & ", " & lngCatKey & ", TO_DATE (TO_DATE ('30/12/1899','dd/mm/yyyy')+" & dblPerKey & "), 'YTD', EBS.YTD_BALANCE, EBS.ACCOUNT, EBS.SEGMENT1, EBS.SEGMENT5, EBS.SEGMENT4, EBS.SEGMENT5, '[None]', EBS.CURRENCY_CODE FROM " strSQL = strSQL & "(Select D.NAME, A.CODE_COMBINATION_ID, D.NAME LEDGER_NAME, A.ACTUAL_FLAG, C.PERIOD_YEAR, TO_CHAR (C.START_DATE, 'MON-YY') AS PERIOD, B.SEGMENT1, (B.SEGMENT2 || B.SEGMENT3) As ACCOUNT, B.SEGMENT4, B.SEGMENT5, A.CURRENCY_CODE, " strSQL = strSQL & "(SUM (A.BEGIN_BALANCE_DR) + SUM (A.PERIOD_NET_DR) - SUM (A.BEGIN_BALANCE_CR) - SUM (A.PERIOD_NET_CR)) As YTD_BALANCE " strSQL = strSQL & "FROM GL.GL_BALANCES A, GL.GL_CODE_COMBINATIONS B, GL.GL_PERIODS C, GL.GL_LEDGERS D " strSQL = strSQL & "WHERE 1 = 1 And A.LEDGER_ID = D.LEDGER_ID And A.PERIOD_NUM = C.PERIOD_NUM And C.PERIOD_YEAR = A.PERIOD_YEAR " strSQL = strSQL & "And A.CODE_COMBINATION_ID = B.CODE_COMBINATION_ID And B.SUMMARY_FLAG = 'N' AND C.PERIOD_SET_NAME = D.PERIOD_SET_NAME " strSQL = strSQL & "And (B.SEGMENT1 = 001 And A.CURRENCY_CODE = 'USD' And D.LEDGER_ID = 2022) " strSQL = strSQL & "And C.END_DATE = TO_DATE (TO_DATE ('30/12/1899','dd/mm/yyyy')+" & dblPerKey & ") " strSQL = strSQL & "And B.CHART_OF_ACCOUNTS_ID = D.CHART_OF_ACCOUNTS_ID And A.ACTUAL_FLAG = 'A' " strSQL = strSQL & "And ((A.BEGIN_BALANCE_DR) + (A.PERIOD_NET_DR) - ((A.BEGIN_BALANCE_CR) + (A.PERIOD_NET_CR))) <> 0 " strSQL = strSQL & "GROUP BY A.CODE_COMBINATION_ID, D.NAME, A.CURRENCY_CODE, TO_CHAR (C.START_DATE,'MON-YY'), C.PERIOD_YEAR, A.ACTUAL_FLAG, B.SEGMENT1, (B.SEGMENT2 || B.SEGMENT3), B.SEGMENT4, B.SEGMENT5 " strSQL = strSQL & "ORDER BY B.SEGMENT4) EBS" DW.DataManipulation.fExecuteDML(strSQL) 'Give success message RES.PlngActionType = 2 RES.PstrActionValue = "SQL Import successful!" 'Assign Return value SQLIntegration2 = True cnSS.close Set cnSS = Nothing End Function
* Start the journal entry for the Runtime Error FDM [2012-01-23 11:37:30] *.
-------------------------------------------------------------
ERROR:
Code...-2147217865
Description... ORA-00942: table or view does not exist
Insert Into tWibison72564424799 (PartitionKey, CatKey, PeriodKey, DataView, amount, account, entity, PKI, UD1, UD2, UD3, UD4) 772 SELECT, 28, TO_DATE (TO_DATE (' N December 30, 1899 ', not dd/mm/yyyy ') + 40724), YTD', EBS. YTD_BALANCE, EBS. ACCOUNT, EBS. SEGMENT1, EBS. SEGMENT5, EBS. SEGMENT4, EBS. SEGMENT5, N "[None]", EBS. Currency_code OF (Select D.NAME, A.CODE_COMBINATION_ID, LEDGER_NAME, A.ACTUAL_FLAG, C.PERIOD_YEAR, TO_CHAR D.NAME (C.START_DATE, no MON-YY') AS the PERIOD, B.SEGMENT1, (B.SEGMENT2 |)) B.SEGMENT3) as ACCOUNT, B.SEGMENT4, B.SEGMENT5, A.CURRENCY_CODE, (SUM (A.BEGIN_BALANCE_DR) + SUM (A.PERIOD_NET_DR) - SUM (A.BEGIN_BALANCE_CR) - SUM (A.PERIOD_NET_CR)) as GL.GL_BALANCES YTD_BALANCE, GL.GL_CODE_COMBINATIONS B, GL.GL_PERIODS C, GL.GL_LEDGERS D, WHERE 1 = 1 and A.LEDGER_ID = D.LEDGER_ID And A.PERIOD_NUM = C.PERIOD_NUM And C.PERIOD_YEAR = A.PERIOD_YEAR And A.CODE_COMBINATION_ ID = B.CODE_COMBINATION_ID and B.SUMMARY_FLAG = do no AND C.PERIOD_SET_NAME = D.PERIOD_SET_NAME and (B.SEGMENT1 = 001 and A.CURRENCY_CODE 'n' USD =' and D.LEDGER_ID = 2022) and C.END_DATE = TO_DATE (TO_DATE (' N December 30, 1899 ', not dd/mm/yyyy ') + 40724) and B.CHART_OF_ACCOUNTS_ID = D.CHART_OF_ACCOUNTS_ID and A.ACTUAL_FLAG = ' and ((A.BEGIN_BALANCE_DR) + (A.PERIOD_NET_DR) - ((A.BEGIN_BALANCE_CR) + (A.PERIOD_)) NET_ CR))) <>0 GROUP BY D.NAME, A.CURRENCY_CODE, A.CODE_COMBINATION_ID, TO_CHAR (C.START_DATE, no MON-YY'), C.PERIOD_YEAR, A.ACTUAL_FLAG, B.SEGMENT1, (B.SEGMENT2 |) B.SEGMENT3), B.SEGMENT4, B.SEGMENT5 ORDER BY B.SEGMENT4) EBS
Process... clsDataManipulation.fExecuteDML
The component... upsWDataWindowDM
Version.......................................... 1112
Thread........................................... 4424
IDENTIFICATION:
User............................................. ibisons
Name of the computer... HOU-HYSDEV02
App Name......................................... SWNFDMRC
Client App....................................... WebClient
CONNECTION:
Provider......................................... ORAOLEDB. ORACLE
Database server...
Name of the database... FDMDEV
Trust connect... Fake
Connect status... Open connection
GLOBALS:
Location......................................... EBSINTEGRATION
Location ID... 772
Location Seg... 25
Category......................................... EBS2
ID of the category... 28
Period... - June - 2011
Period ID........................................ 30/06/2011
POV Local........................................ Fake
Language......................................... 1033
User Level....................................... 1
All Partitions... True
Is Auditor....................................... Fake
* Start the journal entry for the Runtime Error FDM [2012-01-23 11:37:31] *.
-------------------------------------------------------------
ERROR:
Code...-2147217865
Description... Data access error.
Online: 33
Process... clsImpProcessMgr.fExecuteImpScript
The component... upsWObjectsDM
Version.......................................... 1112
Thread........................................... 4424
IDENTIFICATION:
User............................................. ibisons
Name of the computer... HOU-HYSDEV02
App Name......................................... SWNFDMRC
Client App....................................... WebClient
CONNECTION:
Provider......................................... ORAOLEDB. ORACLE
Database server...
Name of the database... FDMDEV
Trust connect... Fake
Connect status... Open connection
GLOBALS:
Location......................................... EBSINTEGRATION
Location ID... 772
Location Seg... 25
Category......................................... EBS2
ID of the category... 28
Period... - June - 2011
Period ID........................................ 30/06/2011
POV Local........................................ Fake
Language......................................... 1033
User Level....................................... 1
All Partitions... True
Is Auditor....................................... Fake
* Start the journal entry for the Runtime Error FDM [2012-01-23 11:37:31] *.
-------------------------------------------------------------
ERROR:
Code...-2147217865
Description... Data access error.
Online: 33
Process... clsImpProcessMgr.fLoadAndProcessFile
The component... upsWObjectsDM
Version.......................................... 1112
Thread........................................... 4424
IDENTIFICATION:
User............................................. ibisons
Name of the computer... HOU-HYSDEV02
App Name......................................... SWNFDMRC
Client App....................................... WebClient
CONNECTION:
Provider......................................... ORAOLEDB. ORACLE
Database server...
Name of the database... FDMDEV
Trust connect... Fake
Connect status... Open connection
GLOBALS:
Location......................................... EBSINTEGRATION
Location ID... 772
Location Seg... 25
Category......................................... EBS2
ID of the category... 28
Period... - June - 2011
Period ID........................................ 30/06/2011
POV Local........................................ Fake
Language......................................... 1033
User Level....................................... 1
All Partitions... True
Is Auditor....................................... Fake
I really think that the problem is that I am not tell the script where to find the Oracle tables to. I left the code wherever we use the UDL to call for the opening of the Recordset, but since we do away with the Recordset how let FDM knows where to find the Oracle tables?
Thanks in advance - I've been struggling with this for several days.
Thank you,
SarahDid you build a database for the GL data link? These paintings GL.GL_BALANCES A, GL.GL_CODE_COMBINATIONS B, GL.GL_PERIODS C, GL.GL_LEDGERS D are not part of the FDM and I do not see how treat you your education cnSS.open strConn sSQL binder.
-
vCloud 5.1, edge Gateway and NAT
I have a setup of vCloud 5.1 with VDC to separate organization for each customers, an external network with public IP addresses. Edge Bridge enables us to connect the VDC organization to the outside world. When you create the bridge aboard it allocates one of the public IP address to it. If you want to give the vApps/VM behind this edge gateway access to the internet, you need to add a sub assigned the public IP address pool IP address. Then you can create a rule from NAT for this network, and then these VAPP can access the internet.
It seems a waste to my public IP addresses that I need at least 2 IPs public by customer.
If you try to use Add address IP public primary which is allocated for the edge gateway create the rule Source NAT, it is said that ' external IP address should belong to the range of IP addresses allocated under '
But if use vShield Manager, you can change the bridge on board and can create an of Source NAT rule with the IP wil and VAPP primary public access internet.
Has anyone encountered this problem?
Is this a limitation with vCloud 5.1?
Is there any problem set up perimeter firewall via Manager rather than the interface vCloud vShield?
Gateway that primary external IP can be added to the pool of suballocation. There is no need for the two survey periods
Maybe you are looking for
-
MS highway crashes on Tecra A9
Hello I installed MS 2007 highway on my A9 (loaded with XP Pro). AR starts fine, but when I start to scan a card, the program stops with the message 'need to close' usual. Is this a problem with the graphics card? Other software of the card, as the s
-
Windows XP won't reinstall, stops at 29%
I am trying to reinstall windows xp family on my toshiba laptop first problem I have is that he leave the formatting to 29% If I restart all and use the quick format is going very well, but he gets up to 34 min. left it flashes to a black screen and
-
why I took out of msn messenger explore 1nternet I have windows xp and the service pack 3
can you help me I have internet explore and I had msn messenger and her took me out of msn messenger can you help me to get back to
-
My sansa clip has a foreign language on the menu screen
How can I change menu screen to English? all the songs are written in English, but the menu is in Chinese or something I do not understand.
-
How to remove thumbdrive driver and prevent them from be installed?
Hi all, currently I put a lab for students. One of the requirements for this configuration gave me is to disable the use of USB key or external hard drive. Whenever a key - USB plug first into the USB, a driver will be install (like USB, Samsung, Tos