Lower to upper - must I NAT?
Hi all
My PIX book States for traffic to pass a lower to a higher level of security level of security (e.g. out I / f-> in i / f) then two conditions must be met:
(i) a static translation must exist for the destination.
(II) an appropriate ACL/Conduit must be in place.
Point ii) is fine, but what if I have no requirement for NAT?
What I do NAT?
I have implemented a config "no nat?
Can I just ignore NAT altogether?
Thanks in advance.
If you run PIX 7.0, then the 'no nat-control' disables the need for NAT (which should now be the default).
If you are running an earlier version, you need to configure NAT/static statements:
There are two options, one using nat 0/static the other just with nat 0 and the sheep setting...
Visit this link for more information:
How to configure the PIX firewall to pass traffic without NAT
http://www.ciscotaccc.com/security/showcase?case=K72878196
Tags: Cisco Security
Similar Questions
-
ASA 5505 as internet gateway (must reverse NAT)
Hi all the Cisco guru
I have this diet:
Office-> Cisco 877-> Internet-> ASA 5505-> remote network
Office network: 192.168.10.0/24
Cisco 877 IP internal: 192.168.10.200
Cisco 877 external IP: a.a.a.a
ASA 5505 external IP: b.b.b.b
ASA 5505 internal IP: 192.168.1.3 and 192.168.17.3
Remote network: 192.168.17.0/24 and 192.168.1.0/24
VPN tunnel is OK and more. I have the Office Access to the remote network and the remote network access to the bureau by the tunnel.
But when I try to access the network remotely (there are 2 VLANS: management and OLD-private) to the internet, ASA answer me:
305013 *. * NAT rules asymetrique.64.9 matched 53 for flows forward and backward; Connection for udp src OLD-Private:192.168.17.138/59949 dst WAN:*.*.64.9/53 refused due to path failure reverse that of NAT
Ping of OLD-private interface to google result:
110003 192.168.17.2 0 66.102.7.104 0 routing cannot locate the next hop for icmp NP identity Ifc:192.168.17.2/0 to OLD-Private:66.102.7.104/0
Result of traceroute
How can I fix reverse NAT and make ASA as internet gateway?
There is my full config
!
ASA Version 8.2 (2)
!
hostname ASA2
domain default.domain.invalid
activate the encrypted password password
encrypted passwd password
names of
!
interface Vlan1
Description INTERNET
1234.5678.0002 Mac address
nameif WAN
security-level 100
IP address b.b.b.b 255.255.248.0
OSPF cost 10
!
interface Vlan2
OLD-PRIVATE description
1234.5678.0202 Mac address
nameif OLD-private
security-level 0
IP 192.168.17.3 255.255.255.0
OSPF cost 10
!
interface Vlan6
Description MANAGEMENT
1234.5678.0206 Mac address
nameif management
security-level 0
192.168.1.3 IP address 255.255.255.0
OSPF cost 10
!
interface Ethernet0/0
!
interface Ethernet0/1
Shutdown
!
interface Ethernet0/2
Shutdown
!
interface Ethernet0/3
Shutdown
!
interface Ethernet0/4
Shutdown
!
interface Ethernet0/5
Shutdown
!
interface Ethernet0/6
switchport trunk allowed vlan 2.6
switchport mode trunk
!
interface Ethernet0/7
Shutdown
!
connection of the banner * W A R N I N G *.
banner connect unauthorized access prohibited. All access is
connection banner monitored, and intruders will be prosecuted
connection banner to the extent of the law.
Banner motd * W A R N I N G *.
Banner motd unauthorised access prohibited. All access is
Banner motd monitored and trespassers will be prosecuted
Banner motd to the extent of the law.
boot system Disk0: / asa822 - k8.bin
passive FTP mode
DNS domain-lookup WAN
DNS server-group DefaultDNS
Server name dns.dns.dns.dns
domain default.domain.invalid
permit same-security-traffic intra-interface
object-group Protocol TCPUDP
object-protocol udp
object-tcp protocol
object-group service RDP - tcp
RDP description
EQ port 3389 object
Access extensive list ip 192.168.17.0 LAN_nat0_outbound allow 255.255.255.0 192.168.10.0 255.255.255.0
Standard access list LAN_IP allow 192.168.17.0 255.255.255.0
WAN_access_in list of allowed ip extended access all any debug log
WAN_access_in list extended access permitted ip OLD-private interface WAN newspaper inactive debugging interface
WAN_access_in list extended access permit tcp any object-group RDP any RDP log debugging object-group
MANAGEMENT_access_in list of allowed ip extended access all any debug log
access-list extended OLD-PRIVATE_access_in any allowed ip no matter what debug log
access-list OLD-PRIVATE_access_in extended permit ip 192.168.10.0 255.255.255.0 192.168.17.0 255.255.255.0 inactive debug log
OLD-PRIVATE_access_in allowed extended object-group TCPUDP host 192.168.10.7 access-list no matter how inactive debug log
access-list OLD-PRIVATE_access_in allowed extended icmp host 192.168.10.254 interface private OLD newspaper inactive debugging
access-list OLD-PRIVATE_access_in allowed extended icmp host 192.168.17.155 interface private OLD newspaper debugging
access-list 101 extended allow host tcp 192.168.10.7 any eq 3389 debug log
Access extensive list ip 192.168.17.0 WAN_1_cryptomap allow 255.255.255.0 192.168.10.0 255.255.255.0
WAN_1_cryptomap to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.10.0 255.255.255.0
WAN_cryptomap_2 to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.10.0 255.255.255.0
Capin list extended access permit ip host 192.18.17.155 192.168.10.7
Capin list extended access permit ip host 192.168.10.7 192.168.17.155
LAN_access_in list of allowed ip extended access all any debug log
Access extensive list ip 192.168.17.0 WAN_nat0_outbound allow 255.255.255.0 192.168.10.0 255.255.255.0
Access extensive list ip 192.168.17.0 WAN_2_cryptomap allow 255.255.255.0 192.168.10.0 255.255.255.0permit inside_nat0_outbound to access extended list ip 192.168.10.0 255.255.255.0 192.168.17.0 255.255.255.0
pager lines 24
Enable logging
recording of debug trap
logging of debug asdm
Debugging trace record
Debug class auth record trap
MTU 1500 WAN
MTU 1500 OLD-private
MTU 1500 management
mask 192.168.1.150 - 192.168.1.199 255.255.255.0 IP local pool VPN_Admin_IP
no failover
ICMP unreachable rate-limit 1 burst-size 1
ICMP permitted host a.a.a.a WAN
ICMP deny any WAN
ICMP permitted host 192.168.10.7 WAN
ICMP permitted host b.b.b.b WAN
ASDM image disk0: / asdm - 631.bin
don't allow no asdm history
ARP timeout 14400
Global (OLD-private) 1 interface
Global interface (management) 1
NAT (WAN) 1 0.0.0.0 0.0.0.0inside_nat0_outbound (WAN) NAT 0 access list
WAN_access_in access to the WAN interface group
Access-group interface private-OLD OLD-PRIVATE_access_in
Access-group MANAGEMENT_access_in in the management interface
Route WAN 0.0.0.0 0.0.0.0 b.b.b.185 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
the ssh LOCAL console AAA authentication
local AAA authentication attempts 10 max in case of failure
Enable http server
http 192.168.1.0 255.255.255.0 WAN
http 0.0.0.0 0.0.0.0 WAN
http b.b.b.b 255.255.255.255 WAN
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Service resetoutside
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
card crypto WAN_map 1 corresponds to the address WAN_1_cryptomap
card crypto WAN_map 1 set peer a.a.a.a
WAN_map 1 transform-set ESP-DES-SHA crypto card game
card crypto WAN_map WAN interface
ISAKMP crypto enable WAN
crypto ISAKMP policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 30
preshared authentication
the Encryption
sha hash
Group 1
life 86400
Telnet timeout 5
SSH a.a.a.a 255.255.255.255 WAN
SSH timeout 30
SSH version 2
Console timeout 0
dhcpd auto_config management
!a basic threat threat detection
host of statistical threat detection
Statistics-list of access threat detection
a statistical threat detection tcp-interception rate-interval 30 burst-400-rate average rate 200
NTP server 129.6.15.28 source WAN prefer
WebVPN
attributes of Group Policy DfltGrpPolicy
Protocol-tunnel-VPN IPSec l2tp ipsec svc webvpn
internal admin group strategy
group admin policy attributes
DNS.DNS.DNS.DNS value of DNS server
Protocol-tunnel-VPN IPSec
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list LAN_IP
privilege of encrypted password password username administrator 15
type tunnel-group admin remote access
tunnel-group admin general attributes
address pool VPN_Admin_IP
strategy-group-by default admin
tunnel-group a.a.a.a type ipsec-l2l
tunnel-group a.a.a.a general-attributes
strategy-group-by default admin
a.a.a.a group of tunnel ipsec-attributes
pre-shared-key *.
NOCHECK Peer-id-validate
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!Thank you for your time and help
Why you use this NAT type?
Access extensive list ip 192.168.17.0 WAN_nat0_outbound allow 255.255.255.0 any
NAT (OLD-private) 0-list of access WAN_nat0_outboundYou are basically saying the ASA not NAT traffic. This private IP address range is not routed on the Internet. This traffic is destined to be sent over the Internet? If so, that LAC should then not be there.
If you want NAT traffic to one IP public outside the ASA, you must remove this line and let the NAT and GLOBAL work:
NAT (OLD-private) 1 0.0.0.0 0.0.0.0
Global (WAN) 1 interface
-
Graph waveform control - limit lower and upper limit Autoscale
The graph is a waveform their a way to define the lower limit of the graph Y to zero and then have it autoscale the Y maximum limit as a percentage of the maximum value of the graph (150% for example)?
Direction of examples or read about a starting point would be great!
Thank you
Joe
Ireland
Turn off autoscale and put the max with a property node based on the max of the data table.
-
Edit data in a column in the lower to upper case
Hi guys, I was wondering if yous could help out me. I currently have a table in a database with a lot of data on it and one of the columns (column varchar2 and in the interest of this question lets assume the table is called my_table and my_column column) it contains data such as 'a3456', 'b8312', 'fg231' etc what I need to do is to convert all lowercase uppercase letters so that "a3456" now reads from "A3456" and "fg231" now read "FG231" and I was wondering what would be the best way to convert just all these lowercase letters to uppercase.
Any help would be greatly appreciated.
Thank you for taking the time to read this.update my_table set my_column = upper(my_column);
-
Hello
Could someone help me with the below script SQL code.
TABLE A:
Column1
8
11
13
17
19
TABLE B:
Column 1 column 2
5 5.2
10 6.2
15 7.2
20 8.2
Result:
column 1 column 2 (Interpolation)
8 5.2+(6.2-5.2)*(8-5)/(10-5)
11 6.2+(7.2-6.2)*(11-10)/(15-10)
13 6.2+(7.2-6.2)*(13-10)/(15-10)
17 7.2+(8.2-7.2)*(17-15)/(20-15)
19 7.2+(8.2-7.2)*(19-15)/(20-15)
Thank you
Hello
So, each value in the new colonne_1 is like a table separated; in other words, lines with colonne_1 = 360 have no effect on the results for lines that colonne_1 = 216 and vice versa. Is this fair?
In this case, add PARTITION BY colonne_1 to all analytical clauses and include colonne_1 in the join condition in the main query, like this:
WITH got_slope AS
(
SELECT column_1, column_2, column_3
Advance (column_2) OVER ( PARTITION BY colonne_1
ORDER BY column_2) AS next_2
(The LEAD (column_3) OVER ( PARTITION BY colonne_1
ORDER BY column_2)
-column_3
) / ((Column_2) ahead OF ( PARTITION BY colonne_1 )
ORDER BY column_2
)
-column_2
) AS slope
OF table_b
)
SELECT a.column_1
a.column_2
, b.column_3 + ((a.column_2-b.column_2))
* slope
) AS column_3_interpolation
FROM table_a a
JOIN got_slope b ON a.column_1 = b.column_1
AND a.column_2 > = b.column_2
AND a.column_2< > >
ORDER BY a.column_1 DESC
a.column_2
;
The rest of the query, it's just that I've posted before (except for the new column names).
-
I need nat, so I do not use nat, but it doesn't, but even I use the nat (inside) 0 0, I can just ping the other end, the other end can not ping back, finally, the "nat (inside) 0 access-list acl - in ' solve this problem.
My question is:
What is the "no nat" and "nat (inside) 0 0 0" really means?
Thank you
by defult the pix must do nat in order to get high to low level of security access. This is a problem if you use the public ip address in your inside interface (for example) that do not need (nat) and here comes the command nat 0...
-
FVS336GV2 Nat or routing?
I'm trying to secure our home network a little more until it gets 'tested '.
I understand NAT, and routing. What I do not understand how the FVS336GV2 can do without NAT routing or if that's what he does.
On my network - Mode WAN Configuration, I can choose "use NAT or classic routing between WAN & LAN interfaces?"
What "Classic routing" done differently and it's better than NAT?
I have Google had this, and found a lot of things on the hardware vs NAT and firewalls and software and more, but nothing as compared to NAT vs routing in the same device...
I'm not sure you understand NAT or why it is necessary.
Answer this question - do you need to share a single public ip address between several devices - or in the case of a double router WAN as the FVS336G, two public ip addresses?
If the answer is Yes, then the classic routing isn't an option, you MUST use NAT, and you are likely to see a comparison between the two - they consider mutually exclusive options, which do different things.
If you used the FVS336 as a router classic connected to the internet (and Yes, you can use this way), you need a public routable ip address for all devices on its LAN interface
-
Filter low pass analog (anti-aliasing filter) external to the NI USB 6251 housing
Hello everyone!
-I m trying to acquire an analog signal of tension (high frequency content) using a connected to an edge NI USB-6251 BNC-2110. I learned in this Labview Forum that NI USB-6251 has no analog low-pass filter programmable (or anti-aliasing filter), so that I can't help but jitter when scanning my signals. For my application, the cutoff frequency of the analog low-pass filter must be equal to 100 kHz or MORE (maximum of 500 kHz). A possible solution to solve my problem, would be to work with an external analog low-pass filter before you scan the voltage signal. Based on this I'd like to know:
(1) national Instruments develops analog external filters? I need a filter which also has one output, analog, so that I could send also the low-pass analog filter filtered signal to my NI USB-6251 box to scan correctly it!
(2) what model of external low pass filter would be compatible with the NI USB-6251 housing?
Any help would be much appreciated!
Best regards!
Hello
all high resolution of the M series (628 x) cards are equipped with a filter low pass which can be enabled or disabled programmatically. For the anti-aliasing filter feature, examine the boards of National Instruments DSA (dynamic signals Acquisition) acoustic and vibration measurement
currently the NOR 9221, 9225, 9227, 9229, 9233, 9234, 9235, 9236, 9239 and 9237 C Series modules feature anti-aliasing filters. These modules are intended for the high accuracy measures for which anti-aliasing filters are a necessity.Houssam Kassri
OR Germany
-
NAT VPN tunnel and still access Internet traffic
Hello
Thank you in advance for any help you can provide.
I have a server with the IP 192.168.1.9 that needs to access a subnet remote from 192.168.50.0/24, through the Internet. However, before the server can access the remote subnet, the server IP must be NAT'ed to 10.1.0.1 because the VPN gateway remote (which is not under my control) allows access to other customers who have the same subnet address that we do on our local network.
We have a 2801 Cisco (running c2801-advsecurityk9 - mz.124 - 15.T9.bin) set up to make the NAT. It is the only gateway on our network.
I have configured the Cisco 2801 with the following statements of NAT and the relevant access lists:
access-list 106 allow host ip 192.168.1.9 192.168.50.0 0.0.0.255
NAT extended IP access list
refuse the host ip 192.168.1.9 192.168.50.0 0.0.0.255
deny ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
ip permit 192.168.1.0 0.0.0.255 anyroute allowed ISP 10 map
corresponds to the IP NATIP nat EMDVPN 10.1.0.1 pool 10.1.0.1 netmask 255.255.255.0
IP nat inside source list 106 pool EMDVPN
IP nat inside source map route ISP interface FastEthernet0/1 overloadWhen the server (192.168.1.9) attempts to ping on the subnet of 192.168.50.0/24 devices, the VPN tunnel is established successfully. However, after that, the server is no longer able to access the Internet because the NAT translation for 192.168.1.9 has changed since the external IP address of the router (FastEthernet0/1) at 10.1.0.1.
The documentation I've seen on the site of Cisco says that this type of Setup allows only host subnet communication. Internet access is not possible. However, maybe I missed something, or one of you experts can help me. Is it possible to configure the NAT router traffic destined to the VPN tunnel and still access the Internet by using the dynamic NAT on FastEthernet0/1?
Once again, thank you for any help you can give.
Alex
Hello
Rather than use a pool for NAT
192.168.1.9 - 10.1.0.1 > 192.168.50.x
ACL 102 permit ip 192.168.1.9 host 192.168.50.0 0.0.0.255
RM-STATIC-NAT route map permit 10
corresponds to the IP 102IP nat inside source static 192.168.1.9 10.1.0.1 card expandable RM-STATIC-NAT route
ACL 101 deny host ip 192.168.1.9 192.168.50.0 0.0.0.255
ACL 101 by ip 192.168.1.0 0.0.0.255 any
overload of IP nat inside source list 101 interface FastEthernet0/1VPN access list will use the source as 10.1.0.1... *.
Let me know if it works.
Concerning
M
-
506th PIX, no NAT configuration?
I'm trying to set up a PIX firewall for devices on a valid IP subnet. It is a 506e, with only two interfaces.
I can't find an example of config and I was wondering if it's because this isn't a supported configuration.
Pointers?
Thank you
Daryl
Hello
What you want to achieve, it is possible and very easy to configure. There is no restriction in terms of having no public address on your inside interface. Although you don't want to do any translation that you still may need a static command.
The minimum config you need would not be nat 0, as some may think, and it works, but only if the PIX cannot be proxy-ARP for the IPS behind the PIX. If the PIX needs proxy-ARP for these addresses, you must configure this way:
public static 111.111.111.208 (inside, outside)
111.111.111.208 mask 255.255.255.240
If you use this command and remove the
NAT (inside) 0 command it works fine also. The main difference is that, with the static command in place, the PIX not proxy-ARP for the IPS behind your PIX and how nat 0 commands it doesn´t.
In case you don't need a proxy-ARP you could do with nat 0, but then you have nat 0 on both interfaces to your PIX, so you must:
NAT (inside) 0 & nat (outside) 0
Determine if you need proxy-ARP on your border router:
Is there a route (with the correct next hop) to your edgerouter pointing to 111.111.111.208/28 or your router think it a connected?
If your router it's a directly connected subnet for some reason (this reason could be that this router is not a classless ip router) then the router wants to send packets to the MAC address and he asks an ARP. In this case the PIX must proxy-ARP.
Make proxy-ARp is no problem at all for the PIX, cause if you use my first way of configuration, as described previously, then the PIX not proxy-ARP for all addresses in the static command.
Don t know if this solves your problem, but this could very well be the case.
Alternatively, you can edit your config here (don't forget to remove the passwords first then) and we can take a look inside.
Another thing has in my opinion earlier. It could also be the case that your edgerouter has an ARP table that still contains the mappings for the IP addresses which is now behind your firewall. In this case, you need a clear ARP on your border router.
I hope this helps.
Kind regards
Leo
-
Need help to configure VPN NAT traffic to ip address external pool ASA
Hello
I need to configure vpn NAT ip address traffic external pool ASA
For example.
Apart from the ip address is 1.1.1.10
VPN traffic must be nat to 1.1.1.11
If I try to configure policy nat or static nat ASA gives me error "global address of overlap with mask.
Please, help me to solve this problem.
Thank you best regards &,.
Ramanantsoa
Thank you, and since you are just 1 IP 1.1.1.11 Polo, the traffic can only be initiated from your site to the remote end.
Here is the configuration of NAT:
access list nat - vpn ip 192.168.1.0 allow 255.255.255.0 10.0.0.0 255.255.0.0
NAT (inside) 5 access list nat - vpn
Overall 5 1.1.1.11 (outside)
In addition, the ACL crypto for the tunnel from site to site should be as follows:
access-list allow 1.1.1.11 ip host 10.0.0.0 255.255.0.0
Hope that helps.
-
Why the 2d graphics score is much lower than the 3d
upper graphical desktop score is significantly lower than any other partition on the windows experience index. The index is just a waste of time or is there a reason for this 1 score to be much lower
upper graphical desktop score is significantly lower than any other partition on the windows experience index. The index is just a waste of time or is there a reason for this 1 score to be much lower
The score is less on your computer because your video (graphics) card was obviously designed for its 3D graphics was paramount while 2D was a secondary function. (You have a game system).
What specific video card do you have?
-
snap to objetcs, hang on to the lower layers
Hi, I use 2015.2 animate on win 7.
I edited my preferences Slam, turning all off the snap.
The only asset is the "snap to objects", the small magnet in the toolbar.
I need to keep it activated in order to attach the 2 lines when they are close. (with lines I mean lines created with the tool "line".)
I have a problem when I try to drag one of the corner of my line; It's "snap" at work on the layer below.
To avoid this, I have to disable temporary 'wink to the objects' and later allow him once again, but this in slow down my work flow.
Is there a way to say animate to ignore the lower or upper layer and snap things ONLY on the layer where I am?
I ' v even try to lock the layer below, but it does not change.
any help please?
Thank you
Luca
Hide/show according to the needs.
-
How to make transparent background by making lower thirds?
Hi all
I use AE CC 2014.2
I bought some third lower, am I able to make the changes I need, but when I export, the background is black. So when I import the .mov in first to use only the lower third, I must use the Ultra key to remove the black.
It worked fine until now, I am trying to add effects to the lower third in first using an adjustment layer. The effect of the adjustment layer I have insert restores all black background and I can't get rid of it. How can I remove in AE since the beginning?
Thank you!
Will be
You must export with a codec that supports an alpha channel, or you could just send the model to the first. If you have a lot of legends, you can use Live text where you can make changes directly in the first name, but using a model AFX.
-
CS5 running slow after 15 minutes of use. low yield
I have done research on this problem for a few months and tried to find a solution online. I have validated my fonts, erased my money of fonts, adjusted my performance settings, turned off openGL, I'm not under plugins except those from Adobe (optionally Multiplugin) as recommended in the doc of optimization. PS CS5 works in 64 bits, I started my iMac Core 32-bit and 64-bit kernel with no difference. I have no idea what I may be wrong cause PS CS5 to slow to a crawl.
I work with around 200 to 500 MB and 20-40 layers psd files. When I first open photoshop my efficiancy says his 95-100%, as soon as I started working for more than 15 minutes about it slows down and my efficiancy will increase to 55%. I also got an error about 50% of the time when I try to "horizontal flip of the canvas".
I find myself closing and reopening photoshop every 45 minutes, which is a huge waste of time.
Here is the info on my system:
iMac11, 1
Processor name: Intel Core i5
Processor speed: of 2.66 GHz
Number of processors: 1
Total number of Cores: 4
(By heart) L2 cache: 256 KB
L3 Cache: 8 MB
Memory: 8 GB
Processor speed of interconnection: 4.8 GT/sChipset model: ATI Radeon HD 4850
Type: GPU
Bus: PCIe
The PCIe track width: x 16
VRAM (Total): 512 MB
Seller: ATI (0 x 1002)The system version: Mac OS X 10.6.5 (10 H 574)
Kernel version: 10.5.0 Darwin
Boot volume: Macintosh HD
Boot Mode: Normal
The secure virtual memory: not enabled
64-bit kernel and Extensions: YesHere is the info on my installation of CS5:
Memory usage:
Available RAM: 7536 mb
Allow to use photoshop: 7000 92% (I changed the lower and upper without help)
History States: 10
Cache levels: 2
Tile cache size: 1 024 KB
OpenGL: On, Basic, vertical sync and Anti Alias unchecked. (I got this off the coast, but it did not help either)
I use my boot drive primary Mac as the drive of my work, I know that maybe it's not the best but what I prepare 1) this should not affect my performance 2) a firewire drive wouldn't be more fast 3) should not have caused to slow down over time.
I also use a Wacom Intuous 3 with the most recent software update.
Please let me know if would help more information, I can copy and paste my entire photoshop system information file. Let me know any additional information you may need.
Thank you!
Sharon
I work with Sharon. I think it's maybe because she has * all * the optional extension plug-ins installed.
I will work with her to remove them and restore preferences to get her back to a State of 'good '.
Maybe you are looking for
-
Satellite L855 makes a noise and hangs expecially in games
Hello. I just bought a SATELLITE L855 - 10 p (http://pt.computers.toshiba-europe.com/innovation/jsp/supportMyProduct.do?service=PT), with last Wednesday ATI graphics card, but my computer came with one problem (which I will try to explain, because al
-
Encrypted time machine will not go up
Last night I "removed" my hard drive (a drive of my book), for some reason any instead of my usual path. I wanted to start over and encrypt my backup disk. I really didn't do this way. Now my drive will not mount! I've tried everything! It shows that
-
Cant't start, error 0191 system security. Change of remote invalid asked
It appears after a BIOS update. I can go into the BIOS Setup, but Vista does not load. If anyone seen this before? What can do before Lenovo comes?
-
Black screen after getting the flashing message
I have a Pavilion dv6 3011so. During the execution of a program the computer gets a black screen with a message that says that the touchpad, keyboard will be no function during the flash process. Please do not feed the system until the flash compalet
-
Is it possible to recover files deleted from a CD? If so, how?
I have windows xp and tried to delete a file of teporary to be written, when all of the disk began to be erased! I now wonder if I can find the files that have been deleted to restore the drive to the way she was before.