Problem with ACL in 11g
Hi guys,.
I'm trying t do the following procedure
Start
(DBMS_NETWORK_ACL_ADMIN). CREATE_ACL
ACL = > "sample.xml".
, description = > "access HTTP."
, main = > 'PUBLIC '.
, is_grant = > TRUE
, privilege = > 'connect '.
, start_date = > NULL
, End_date = > NULL
);
commit;
end;
But after this block, there is no entry in the following table
SELECT * FROM DBA_NETWORK_ACLS;
Any help guys?
I'm on 11g
Or I can put it that way too, once entered into DBA_NETWORK_ACLS, DBA_NETWORK_ACL_PRIVILEGES take into account?
I think that you must assign to a network using DBMS_NETWORK_ACL_ADMIN. ASSIGN_ACL.
Tags: Database
Similar Questions
-
Problems with ACL in config IPSec ASA-5504
I'm putting a tunnel IPSec between two ASA - 5540 s. There is a PC (SunMed_PC) behind the ASA-5540-B and a laptop (laptop-GHC) behind the ASA-5540-A. If the card encryption allows all IP, through the outside_cryptomap ACL, then the tunnel rises a FTP session is established.
But, when I restrict the following FTP, error message traffic is generated:
... Group = 164.72.1.147, IP = 164.72.1.147, IPSec tunnel rejecting: no entry for crypto for proxy card proxy remote 164.72.1.155/255.255.255.255/6/0 local 164.72.1.135/255.255.255.255/6/21 on the interface to the outside
Here's the configs giving only the relevant controls. I added the ACL 100 and "access-group 100 in the interface inside", but the error has not changed.
No idea what I'm missing?
CRO-ASA5540-A
names of
164.72.1.135 GHC_Laptop description name to test the VPN
164.72.1.155 SunMed_pc description name to test the VPN
!
interface GigabitEthernet0/0
nameif inside
security-level 100
IP 164.72.1.129 255.255.255.240
!
!
interface GigabitEthernet0/3
nameif outside
security-level 0
IP 164.72.1.145 255.255.255.248
!
passive FTP mode
DM_INLINE_TCP_1 tcp service object-group
port-object eq ftp
port-object eq ftp - data
access-list extended permits outside_cryptomap tcp ftp eq host GHC_Laptop host SunMed_pc object-group DM_INLINE_TCP_1
access-list 100 scope ip allow a whole
ASDM image disk0: / asdm - 603.bin
Access-group 100 in the interface inside
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
card crypto outside_map0 1 match address outside_cryptomap
outside_map0 card crypto 1jeu peer 164.72.1.147
outside_map0 card crypto 1jeu transform-set ESP-3DES-SHA
outside_map0 card crypto 1jeu nat-t-disable
outside_map0 interface card crypto outside
crypto ISAKMP allow outside
crypto ISAKMP policy 5
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Group Policy Lan-2-Lan_only internal
attributes of Lan-2-Lan_only-group policy
VPN-filter no
Protocol-tunnel-VPN IPSec
tunnel-group 164.72.1.147 type ipsec-l2l
tunnel-group 164.72.1.147 General-attributes
Group Policy - by default-Lan-2-Lan_only
IPSec-attributes tunnel-group 164.72.1.147
pre-shared-key *.
!
: end
----------------------------------------------------------------------------------------------------------
ROC-ASA5540-B # sh run
ASA Version 8.0 (3)
!
names of
name 164.72.1.135 GHC_laptop
name 164.72.1.155 SunMed_PC
!
interface GigabitEthernet0/0
nameif inside
security-level 100
IP 164.72.1.153 255.255.255.248
!
interface GigabitEthernet0/3
nameif outside
security-level 0
IP 164.72.1.147 255.255.255.248
!
passive FTP mode
DM_INLINE_TCP_1 tcp service object-group
port-object eq ftp
port-object eq ftp - data
outside_cryptomap list extended access permit tcp host host SunMed_PC GHC_laptop object-group DM_INLINE_TCP_1
access-list 100 scope ip allow a whole
ASDM image disk0: / asdm - 603.bin
Access-group 100 in the interface inside
Route outside 164.72.1.128 255.255.255.240 GHC-Medical 1
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
card crypto outside_map0 1 match address outside_cryptomap
outside_map0 card crypto peer GHC-Medical 1jeu
outside_map0 card crypto 1jeu transform-set ESP-3DES-SHA
outside_map0 card crypto 1jeu nat-t-disable
outside_map0 interface card crypto outside
crypto ISAKMP allow outside
crypto ISAKMP policy 4
preshared authentication
3des encryption
sha hash
Group 2
life 86400
internal Lan-2-Lan group strategy
Lan Lan 2-strategy of group attributes
Protocol-tunnel-VPN IPSec
tunnel-group 164.72.1.145 type ipsec-l2l
tunnel-group 164.72.1.145 General-attributes
strategy-group-by default 2 Lan Lan
IPSec-attributes tunnel-group 164.72.1.145
pre-shared-key *.
: end
Your acl mapped on the card encryption is suspect on the first device:
access-list extended permits outside_cryptomap tcp ftp eq host GHC_Laptop host SunMed_pc object-group DM_INLINE_TCP_1
The source port should not be defined because it
is dynamic.
The second acl appears corrected:
outside_cryptomap list extended access permit tcp host host SunMed_PC GHC_laptop object-group DM_INLINE_TCP_1
-
Trying to allow all (via VPN) 96.0/23 & 25.0/24, but I get a strange result. Never seen this before - any ideas?
Router (config) #ip access-list ext 150
Router (config-ext-nacl) #permit ip all 155.155.96.0 255.255.254.0
Router (config-ext-nacl) #permit ip all 155.155.25.0 255.255.255.0But the output:
IP access-list 150 permit all 0.0.0.0 255.255.254.0
IP access-list 150 permit all 0.0.0.0 255.255.255.0Use the Joker mask instead of subnet for ACL on routers masks.
-
TO_CHAR fucntion problem with dates.
Hi all
I tested the following problem with 10g and 11g databases, and the problem is the same.
create table aa (a date); insert into aa values('23-Mar-2014'); commit;now the following query gives no results
select count(*) from aa where to_char(a,'dd-Mon-yyyy') >='23-MAR-2014' and to_char(a,'dd-Mon-yyyy') <='23-Apr-2014'; COUNT(*) ---------- 0
and the following query gives the results
select count(*) from aa where a>='23-Mar-2014' and a<='23-Apr-2014' COUNT(*) ---------- 1
Why?
We need the to_char working for our criteria of search dot net application.
kindly guide us.
Thank you
You're hurting. Why convert a date into a string of characters and try to compare it to another string? This is false.
Insert into aa values('23-Mar-2014');
should be
insert into aa values (to_date (March 23, 2014 ',' MON-DD-YYYY "");)
and your selection should be:
Select count (*) in aa
where a > = to_date (March 23, 2014 ',' MON-DD-YYYY') and to_date (April 23, 2014 ',' MON-DD-YYYY "")
-
Problem with the outdated statistics in 11g
Hello
I have problem with auto pick up stats. Object with stale stats increase.
SQL> select operation_name, status from dba_autotask_operation where client_name like '%stats%'; OPERATION_NAME STATUS ---------------------------------------------------------------- -------- auto optimizer stats job ENABLED
but
SQL> select count(*) from dba_autotask_job_history; COUNT(*) ---------- 0
Why database collects no statistics objects during the maintenance window?
Regards
BEGIN DBMS_AUTO_TASK_ADMIN.ENABLE( client_name => 'auto optimizer stats collection', operation => NULL, window_name => NULL); END; and show parameter STATISTICS_LEVEL
-
Hi all
I am facing problem with OEM 11 g. It was taken down automatically, however I am not able to find the specific reasons. From now on, it has been started.
But want to know the reasons for which he was descended. Please guide me how to solve.
Thank you2011-12-10 12:27:51, 106 EMAgent wire-4252630400 normal shutdown (00703)
Here's the clue. It is emagent normal shutdown. Check order OS history
As
$history | grep emctland check is only he planned to stop?
-
Problem with El Captain (5.1.7 server) and the management of permissions
Hello world
I have a big problem with our Mac Mini Server (El Captain) and the server program.
In recent weeks, the server didn't give the permissions of a folder.
for example:
Mr. X had permission to read and write to a folder.
Mr Y too.Mr. X has create a new folder one record something in it.
Mr Y had the permission to read or write to the folder create Mr. x. But he should have.
Or
Mr. X has save a file to a folder
When he opens it again it is write protected and cannot be replaced.
So you have to save under a different name in the same folder.
And every time he save/close the file.
Anyone know what could be the problem?
Thank you
Greetings from the Germany
Chris
My guess:
A few weeks ago someone messed with the permissions on your server and made a mistake. So, you got an inappropriate list ACL (Access Control), which is rampant in the file and must be removed or fixed.
C.
-
Problem with Tunnel VPN L2L between 2 ASA´s
Hi guys,.
I have some problems with my VPN Site to site tunnel between 2 ASA (5520/5505).
I watched a lot of videos on youtube, but I can't find out why the tunnel does not...
Both devices can ping eachothers WAN IP address (outside interfaces), but I don't see any traffic between the 2 sites. It seems that the tunnel is not open to everyone. When i PING from the local to the Remote LAN (which should be an interesting traffic for the tunnel...), the its IKEv1 remains empty...
Am I missing something? I can't understand it more why same phase 1 is not engaged.
You NAT won't. In your config file traffic is NATted initially and then does not match any more crypto ACL. You must move the rule dynamic NAT/PAT until the end of the table on two ASAs NAT:
no nat (INSIDE,OUTSIDE) source dynamic any interface nat (INSIDE,OUTSIDE) after-auto source dynamic any interface
-
Problem with "vpn sysopt connection permit.
Hi all
I would like to ask you for advice with "vpn sysopt connection permit". I have a problem with by-pass-access list (acl) in the INSIDE interface. As I understand it and I'm going to use this command, there is no need to especialy allow traffic in the access list for the INSIDE and I can control the filter-vpn traffic. But in my case it's quite the opposite, I want particularly to this INTERIOR acl traffi. When I allow this traffic inside acl L2L tunnel rises, hollow traffic flow vpn-fltr ane acl that everything is OK. But when I do not allow that this traffic is inside of the rule with Deny statement in acl INSIDE block traffic and tunnel goes ever upward. Part of the configuraciton which you can view below.
Please let me know if I'm wrong, or what I did wrong?
Thank you
Karel
PHA-FW01 # view worm | Worm Inc
Cisco Adaptive Security Appliance Software Version 4,0000 1
PHA-FW01 # display ru all sys
No timewait sysopt connection
Sysopt connection tcpmss 1380
Sysopt connection tcpmss minimum 0
Sysopt connection permit VPN
Sysopt connection VPN-reclassify
No sysopt preserve-vpn-stream connection
no RADIUS secret ignore sysopt
No inside sysopt noproxyarp
No EXT-VLAN20 sysopt noproxyarp
No EXT-WIFI-VLAN30 sysopt noproxyarp
No OUTSIDE sysopt noproxyarp
PHA-FW01 # display the id of the object-group ALGOTECH
object-group network ALGOTECH
object-network 10.10.22.0 255.255.255.0
host of the object-Network 172.16.15.11
PHA-FW01 # show running-config id of the object VLAN20
network of the VLAN20 object
subnet 10.1.2.0 255.255.255.0
L2L_to_ALGOTECH list extended access permitted ip object object-group VLAN20 ALGOTECH
extended access list ACL-ALGOTECH allow ip object-group object VLAN20 ALGOTECH
Note EXT-VLAN20 of access list =.
access list EXT-VLAN20 allowed extended ip object VLAN20 ALGOTECH #why object-group must be the rule here?
access list EXT-VLAN20 extended permitted udp object VLAN20 object-group OUT-DNS-SERVERS eq field
EXT-VLAN20 allowed extended VLAN20 object VPN-USERS ip access list
EXT-VLAN20 extended access list permit ip object VLAN20 OPENVPN-SASPO object-group
EXT-VLAN20 allowed extended object VLAN10 VLAN20 ip access list
deny access list extended VLAN20 EXT ip no matter what LOCAL NETS of object-group paper
EXT-VLAN20 allowed extended icmp access list no echo
access list EXT-VLAN20 allowed extended object-group SERVICE VLAN20 object VLAN20 everything
EXT-VLAN20 extended access list deny ip any any newspaper
extended access list ACL-ALGOTECH allow ip object-group object VLAN20 ALGOTECH
GROUP_POLICY-91 group policy. X 41. X.12 internal
GROUP_POLICY-91 group policy. X 41. X.12 attributes
value of VPN-filter ACL-ALGOTECH
Ikev1 VPN-tunnel-Protocol
tunnel-group 91.X41. X.12 type ipsec-l2l
tunnel-group 91.X41. X.12 General attributes
Group Policy - by default-GROUP_POLICY-91. X 41. X.12
tunnel-group 91.X41. X.12 ipsec-attributes
IKEv1 pre-shared-key *.
PHA-FW01 # show running-config nat
NAT (EXT-VLAN20, outdoors) static source VLAN20 VLAN20 static destination ALGOTECH ALGOTECH non-proxy-arp-search to itinerary
network of the VLAN20 object
dynamic NAT interface (EXT-VLAN20, outdoors)
group-access to the INTERIOR in the interface inside
Access-group interface VLAN20 EXT EXT-VLAN20
Hello
The command "sysopt connection permit-vpn" is the default setting and it applies only to bypass ACL interface to the interface that ends the VPN. It would be connected to the external network interface. This custom has no effect on the other interfaces ACL interface.
So if you initiate or need to open connections from your local network to remote network through the VPN L2L connection then you will need to allow this traffic on your LAN interface ACL networks.
If the situation was that only the remote end has launched connections to your network then 'sysopt permit vpn connection' would allow their connections around the external interfaces ACL. If If you have a VPN configured ACL filter, I think that the traffic will always accompany against this ACL.
Here are the ASA reference section to order custom "sysopt"
http://www.Cisco.com/en/us/docs/security/ASA/command-reference/S21.html#wp1567918
-Jouni
-
I have two problems with IPSEC VPN, using the cisco client, and a third, which I think could answer here if this isn't strictly associated with VPN.
1. cannot access the internet, while VPN is in place. This can be a problem of client as I * think * I've split tunneling to install correctly.
2. cannot access other networks except the network associated with the inside interface natively.
3. I can not ping to the internet from inside, be it on the VPN or not.
I tend to use the SMDA; Please, if possible, keep the answer to this kindof of entry.
Here is the config:
Output of the command: "sh run".
: Saved
:
ASA Version 8.4 (1)
!
hostname BVGW
domain blueVector.com
activate qWxO.XjLGf3hYkQ1 encrypted password
2KFQnbNIdI.2KYOU encrypted passwd
names of
!
interface Ethernet0/0
nameif outside
security-level 10
IP 5.29.79.10 255.255.255.248
!
interface Ethernet0/1
nameif inside
security-level 100
IP 172.17.1.2 255.255.255.0
!
interface Ethernet0/2
Shutdown
No nameif
no level of security
no ip address
!
interface Ethernet0/3
Shutdown
No nameif
no level of security
no ip address
!
interface Management0/0
nameif management
security-level 100
IP 172.19.1.1 255.255.255.0
management only
!
passive FTP mode
DNS server-group DefaultDNS
domain blueVector.com
permit same-security-traffic inter-interface
permit same-security-traffic intra-interface
the subject of WiFi network
172.17.100.0 subnet 255.255.255.0
WiFi description
the object to the Interior-net network
172.17.1.0 subnet 255.255.255.0
network of the NOSPAM object
Home 172.17.1.60
network of the BH2 object
Home 172.17.1.60
the EX2 object network
Home 172.17.1.61
Description internal Exchange / SMTP outgoing
the Mail2 object network
Home 5.29.79.11
Description Ext EX2
network of the NETWORK_OBJ_172.17.1.240_28 object
subnet 172.17.1.240 255.255.255.240
network of the NETWORK_OBJ_172.17.200.0_24 object
172.17.200.0 subnet 255.255.255.0
DM_INLINE_TCP_1 tcp service object-group
port-object eq www
EQ object of the https port
the DM_INLINE_NETWORK_1 object-group network
network-object BH2
network-object NOSPAM
Outside_access_in list extended access permit tcp any eq smtp DM_INLINE_NETWORK_1 object-group
Outside_access_in list extended access permit tcp any object object-group DM_INLINE_TCP_1 BH2
pager lines 24
Enable logging
asdm of logging of information
Outside 1500 MTU
Within 1500 MTU
management of MTU 1500
mask pool local 172.17.1.240 - 172.17.1.250 VPN IP 255.255.255.0
mask pool local 172.17.200.100 - 172.17.200.200 VPN2 IP 255.255.255.0
no failover
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
NAT (inside, outside) static source EX2 Mail2
NAT (inside, outside) static source all all NETWORK_OBJ_172.17.1.240_28 of NETWORK_OBJ_172.17.1.240_28 static destination
NAT (inside, outside) static source all all NETWORK_OBJ_172.17.200.0_24 of NETWORK_OBJ_172.17.200.0_24 static destination
NAT (inside, outside) static source to the Interior-NET Interior-net destination static NETWORK_OBJ_172.17.1.240_28 NETWORK_OBJ_172.17.1.240_28
!
the object to the Interior-net network
NAT (inside, outside) dynamic interface
network of the NOSPAM object
NAT (inside, outside) static 5.29.79.12
Access-group Outside_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 5.29.79.9 1
Route inside 10.2.0.0 255.255.255.0 172.17.1.1 1
Route inside 10.3.0.0 255.255.255.128 172.17.1.1 1
Route inside 10.10.10.0 255.255.255.0 172.17.1.1 1
Route inside 172.17.100.0 255.255.255.0 172.17.1.3 1
Route inside 172.18.1.0 255.255.255.0 172.17.1.1 1
Route inside 192.168.1.0 255.255.255.0 172.17.1.1 1
Route inside 192.168.11.0 255.255.255.0 172.17.1.1 1
Route inside 192.168.30.0 255.255.255.0 172.17.1.1 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
AAA-server blueVec protocol ldap
blueVec AAA-server (inside) host 172.17.1.41
LDAP-base-dn DC = adrs1, DC = net
LDAP-group-base-dn DC = EIM, DC = net
LDAP-scope subtree
LDAP-naming-attribute sAMAccountName
LDAP-login-password *.
LDAP-connection-dn CN = Hanna\, Roger, OU = human, or = WPLAdministrator, DC = adrs1, DC = net
microsoft server type
Enable http server
http 192.168.1.0 255.255.255.0 management
http 172.17.1.0 255.255.255.0 inside
http 24.32.208.223 255.255.255.255 outside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
card crypto Outside_map 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
Outside_map interface card crypto outside
Crypto ikev1 allow outside
IKEv1 crypto policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 30
authentication crack
3des encryption
sha hash
Group 2
life 86400
Telnet timeout 5
SSH 172.17.1.0 255.255.255.0 inside
SSH timeout 5
Console timeout 0
dhcpd address 172.17.1.100 - 172.17.1.200 inside
dhcpd 4.2.2.2 dns 8.8.8.8 interface inside
dhcpd lease interface 100000 inside
dhcpd adrs1.net area inside interface
!
a basic threat threat detection
threat detection statistics
a statistical threat detection tcp-interception rate-interval 30 burst-400-rate average rate 200
WebVPN
internal blueV group policy
attributes of the strategy of group blueV
value of server WINS 172.17.1.41
value of 172.17.1.41 DNS server 172.17.1.42
Ikev1 VPN-tunnel-Protocol
value by default-field ADRS1.NET
internal blueV_1 group policy
attributes of the strategy of group blueV_1
value of server WINS 172.17.1.41
value of 172.17.1.41 DNS server 172.17.1.42
Ikev1 VPN-tunnel-Protocol
Split-tunnel-policy tunnelspecified
adrs1.NET value by default-field
username gwhitten encrypted password privilege 0 8fLfC1TTV35zytjA
username gwhitten attributes
VPN-group-policy blueV
rparker encrypted FnbvAdOZxk4r40E5 privilege 15 password username
attributes of username rparker
VPN-group-policy blueV
username mhale encrypted password privilege 0 2reWKpsLC5em3o1P
username mhale attributes
VPN-group-policy blueV
VpnUser2 SlHbkDWqPQLgylxJ encrypted privilege 0 username password
username VpnUser2 attributes
VPN-group-policy blueV
Vpnuser3 R6zHxBM9chjqBPHl encrypted privilege 0 username password
username Vpnuser3 attributes
VPN-group-policy blueV
username VpnUser1 encrypted password privilege 0 mLHXwxsjJEIziFgb
username VpnUser1 attributes
VPN-group-policy blueV
username dcoletto encrypted password privilege 0 g53yRiEqpcYkSyYS
username dcoletto attributes
VPN-group-policy blueV
username, password jmcleod aSV6RHsq7Wn/YJ7X encrypted privilege 0
username jmcleod attributes
VPN-group-policy blueV
rhanna encrypted Pd3E3vqnGmV84Ds2 privilege 15 password username
rhanna attributes username
VPN-group-policy blueV
username rheimann encrypted password privilege 0 tHH5ZYDXJ0qKyxnk
username rheimann attributes
VPN-group-policy blueV
username jwoosley encrypted password privilege 0 yBOc8ubzzbeBXmuo
username jwoosley attributes
VPN-group-policy blueV
2DBQVSUbfTBuxC8u encrypted password privilege 0 kdavis username
kdavis username attributes
VPN-group-policy blueV
username mbell encrypted password privilege 0 adskOOsnVPnw6eJD
username mbell attributes
VPN-group-policy blueV
bmiller dpqK9cKk50J7TuPN encrypted password privilege 0 username
bmiller username attributes
VPN-group-policy blueV
type tunnel-group blueV remote access
tunnel-group blueV General-attributes
address VPN2 pool
authentication-server-group blueVec
Group Policy - by default-blueV_1
blueV group of tunnel ipsec-attributes
IKEv1 pre-shablue-key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
context of prompt hostname
call-home
Profile of CiscoTAC-1
no active account
http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address
email address of destination [email protected] / * /
destination-mode http transport
Subscribe to alert-group diagnosis
Subscribe to alert-group environment
Subscribe to alert-group monthly periodic inventory
monthly periodicals to subscribe to alert-group configuration
daily periodic subscribe to alert-group telemetry
HPM topN enable
Cryptochecksum:2491a825fb8a81439a6c80288f33818e
: end
Any help is appreciated!
-Roger
Hey,.
Unfortunately, I do not use ASDM myself but will always mention things that could be done.
You do not split tunneling. All traffic either tunnel to the ASA, while VPN is active
You have the following line under the "group policy"
Split-tunnel-policy tunnelspecified
You will also need this line
Split-tunnel-network-list value
Defines the destination for the VPN Client networks. If you go in on the side of the ASDM group policy settings, you should see that no ACL is selected. You don't really seem to have an ACL in the configuration above, for the split tunneling?
To activate access Internet via the VPN Client now in the current configuration, I would say the following configuration of NAT
VPN-CLIENT-PAT-SOURCE network object-group
object-network 172.17.200.0 255.255.255.0
NAT (outside, outdoor) automatic interface after dynamic source VPN-CLIENT-PAT-SOURCE
In regards to the traffic does not for other networks, I'm not really sure. I guess they aren't hitting the rule NAT that are configured. I think they should, but I guess they aren't because its does not work
I could myself try the following configuration of NAT
object-group, network LAN-NETWORKS
object-network 10.2.0.0 255.255.255.0
object-network 10.3.0.0 255.255.255.128
object-network 10.10.10.0 255.255.255.0
object-network 172.17.100.0 255.255.255.0
object-network 172.18.1.0 255.255.255.0
object-network 192.168.1.0 255.255.255.0
object-network 192.168.11.0 255.255.255.0
object-network 192.168.30.0 255.255.255.0
object-group, network VPN-POOL
object-network 172.17.200.0 255.255.255.0
NAT (inside, outside) static static source of destination LAN-LAN-NETWORK VPN-VPN-POOL
Add ICMP ICMP Inspection
Policy-map global_policy
class inspection_default
inspect the icmp
or alternatively
fixup protocol icmp
This will allow automatically response to ICMP echo messages pass through the firewall. I assume that they are is blocked by the firewall now since you did not previously enable ICMP Inspection.
-Jouni
-
Problem with FWSM and the same L3 interface switch
I have two 6513 s with a 802. 1 q trunk linking them. Each switch is redundant Sup720s running in native mode, worm IOS 12.2 (18) SXF (that they were running out of SXD3). A FWSM (ver 2.3 (3), routed mode, unique context) is in each switch, Setup in failover mode.
I can't get a PC in a virtual LAN that has the defined layer 3 interface on the switch with the active FWSM in this document, to communicate with the devices 'behind' the FWSM. If I move the configuration of layer 3 to this vlan to the other 6513, everything works fine.
The MSFCs are inside the firewall, they have a configured layer 3 interface in the same vlan as the FWSM 'inside' interface. Several "same security level" interfaces are defined on the FWSM and used to protect the farms. I use OSPF on the MSFCs and FWSM and the routing table is correct.
The FWSM generates connections to the attempts made by the PC with interface layer 3 defined on the same switch as the active FWSM very well, so this isn't a problem with FWSM ACL.
A ping of the FWSM "inside" interface from a PC with the defined layer 3 interface on the same switch as the active FWSM fails, although debug icmp trace on the FWSM demand and response shows. A the packet capture, using the NAM-2, only shows the request packets. I captured on the vlan common and FWSM port channel interface bottom of basket.
Just to add to the confusion, if I capture in the same places, but do the ping of a PC which is in a VLAN with the interface of layer 3 defined in the 6513 which does not contain the active FWSM, that works very well, I see the request and response on the capture of vlan common, but only on demand on the capture of the port channel.
This problem has been there since the beginning of this implementation and has not changed with IOS and FWSM software upgrades. I had this experience with all the VLANS that I tried to define the interface of layer 3 to on the switch with the active FWSM. I turned on MLS.
If anyone has experienced this and solved, or knows what is happening, I would be grateful for any ideas.
Thank you.
Keith
Keith, are you running etherchannel distributed on of your 6513?
-
Problem with VPN compatibility between 2811 and 2911
Hello
I would ask anyone had problems with the implementation of a VPN tunnel between 2811 and 2911?
The IPSec VPN is established, but for some reason, I cannot ping the side LAN across LAN to the other end of the VPN router?
All experience would be highly appreciated
Thank you
IPSec VPN can be smoothly between routers cisco (and not nesesserely cisco) set up, so there should be no problem in your case.
If you say that this tunnel is established successfully, then the problem most likely related to routing problems between sites or incorrect configured crypto-acl. Check if the hosts located on both sites have correct routing information on how to get to subnets on the other site.
Make more accurate assumptions, it would be helpful that you provide config on both sites and describe your topology.
-
Problem with different ASM disaster recovery start - new
Hello together,
I had an old net here about it but now will not solve the problem with the points in the old thread. Here's the old: https://community.oracle.com/thread/3608049?start=0 & tstart = 0
I'm doing a disaster recovery with the 'apex11A' on a new server database, which has an another ASM starts. The old man starts is '+ DGA112_1' and '+ FRA112_1', newcomers are called '+ DATA_QUM169' and '+ FRA_QUM169 '. I changed the settings in the spfile restored by writing in a pfile file and creating the spfile from pfile.
I tried in several ways. First lay the new ASM with RMAN to the course:
run { SET NEWNAME FOR DATABASE TO '+DATA_QUM169'; restore database until LOGSEQ 24286; switch datafile all; switch tempfile all; recover database until LOGSEQ 24286; }Then I tried it in RMAN by defining the new ASM for each data file:
run { SET NEWNAME FOR DATAFILE 1 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 2 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 3 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 4 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 5 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 6 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 7 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 8 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 9 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 10 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 11 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 12 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 13 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 14 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 15 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 16 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 17 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 18 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 19 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 20 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 21 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 22 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 23 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 24 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 25 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 26 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 27 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 28 TO '+DATA_QUM169'; restore database until LOGSEQ 24286; switch datafile all; switch tempfile all; recover database until LOGSEQ 24286; }Then I tried the bot in one:
run { SET NEWNAME FOR DATABASE TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 1 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 2 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 3 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 4 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 5 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 6 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 7 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 8 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 9 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 10 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 11 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 12 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 13 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 14 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 15 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 16 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 17 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 18 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 19 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 20 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 21 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 22 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 23 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 24 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 25 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 26 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 27 TO '+DATA_QUM169'; SET NEWNAME FOR DATAFILE 28 TO '+DATA_QUM169'; restore database until LOGSEQ 24286; switch datafile all; switch tempfile all; recover database until LOGSEQ 24286; }Whenever I get one
Starting restore at 03-FEB-16 using channel ORA_DISK_1 creating datafile file number=1 name=+DATA_QUM169 RMAN-00571: =========================================================== RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS =============== RMAN-00571: =========================================================== RMAN-03002: failure of restore command at 02/03/2016 16:20:41 ORA-01180: can not create datafile 1 ORA-01110: data file 1: '+DGA112_1/apex11a/datafile/system.1423.788355253'
The backuppiece which I bring are correctly defined with
RMAN> catalog backuppiece '/usr/local/oracle/product/11.2.0.4/dbs/m4qt0mnk_1_1', '/usr/local/oracle/product/11.2.0.4/dbs/m3qt0mi2_1_1'; cataloged backup piece backup piece handle=/usr/local/oracle/product/11.2.0.4/dbs/m4qt0mnk_1_1 RECID=3779 STAMP=902851052 cataloged backup piece backup piece handle=/usr/local/oracle/product/11.2.0.4/dbs/m3qt0mi2_1_1 RECID=3780 STAMP=902851052 RMAN> list backup; List of Backup Sets =================== BS Key Size Device Type Elapsed Time Completion Time ------- ---------- ----------- ------------ --------------- 3779 52.61M DISK 00:00:00 03-FEB-16 BP Key: 3779 Status: AVAILABLE Compressed: YES Tag: TAG20160203T145340 Piece Name: /usr/local/oracle/product/11.2.0.4/dbs/m4qt0mnk_1_1 List of Archived Logs in backup set 3779 Thrd Seq Low SCN Low Time Next SCN Next Time ---- ------- ---------- --------- ---------- --------- 1 24285 11073415926066 03-FEB-16 11073416327345 03-FEB-16 1 24286 11073416327345 03-FEB-16 11073416678326 03-FEB-16 BS Key Type LV Size Device Type Elapsed Time Completion Time ------- ---- -- ---------- ----------- ------------ --------------- 3780 Full 813.86M DISK 00:00:00 03-FEB-16 BP Key: 3780 Status: AVAILABLE Compressed: YES Tag: TAG20160203T145042 Piece Name: /usr/local/oracle/product/11.2.0.4/dbs/m3qt0mi2_1_1 List of Datafiles in backup set 3780 File LV Type Ckp SCN Ckp Time Name ---- -- ---- ---------- --------- ---- 1 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/system.1423.788355253 2 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/sysaux.1422.788355259 3 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/undotbs1.1359.788355263 4 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/users.1362.788355273 5 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/apex4.1369.788356305 6 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/apex4_files.1366.788356317 7 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/mms_archiv.1358.788357229 8 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/planwerte.1357.788357243 9 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/btdb_prod.1352.788456613 10 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/mais.1353.788456763 11 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/mms.1354.788456995 12 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/externe_wirk.1355.788457525 13 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/mais2mt.1356.788458151 14 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/btdb_read.1351.788458291 15 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/hwdb2acs.1343.788458329 16 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/hwdb2sccm.1341.788458657 17 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/macmon.1340.788458691 18 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/mais_read.1339.788458725 19 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/mais2srm.266.788458799 20 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/outdating_sap_user.267.788458859 21 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/quickcheck.1338.788458887 22 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/switch.1337.788459139 23 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/veit_r.1333.788459167 24 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/test-btdb.1298.795097725 25 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/apex11dev.986.874230931 26 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/apex11devbt.985.874230963 27 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/hrbew.1083.851007823 28 Full 11073416676796 03-FEB-16 +DGA112_1/apex11a/datafile/optimadata.1032.865951029
I also tried to put the new ASM SQL:
SQL*Plus: Release 11.2.0.4.0 Production on Wed Feb 3 16:04:05 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Automatic Storage Management and OLAP options SYS@apex11A> ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/system.1423.788355253' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/sysaux.1422.788355259' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/undotbs1.1359.788355263' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/users.1362.788355273' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex4.1369.788356305' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/system.1423.788355253' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 1 - new file '+DATA_QUM169' not found ORA-01110: data file 1: '+DGA112_1/apex11a/datafile/system.1423.788355253' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form SYS@apex11A> ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/sysaux.1422.788355259' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 2 - new file '+DATA_QUM169' not found ORA-01110: data file 2: '+DGA112_1/apex11a/datafile/sysaux.1422.788355259' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form SYS@apex11A> ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/undotbs1.1359.788355263' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 3 - new file '+DATA_QUM169' not found ORA-01110: data file 3: '+DGA112_1/apex11a/datafile/undotbs1.1359.788355263' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form SYS@apex11A> ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/users.1362.788355273' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 4 - new file '+DATA_QUM169' not found ORA-01110: data file 4: '+DGA112_1/apex11a/datafile/users.1362.788355273' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form SYS@apex11A> ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex4.1369.788356305' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 5 - new file '+DATA_QUM169' not found ORA-01110: data file 5: '+DGA112_1/apex11a/datafile/apex4.1369.788356305' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex4_files.1366.788356317' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex4_files.1366.788356317' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 6 - new file '+DATA_QUM169' not found ORA-01110: data file 6: '+DGA112_1/apex11a/datafile/apex4_files.1366.788356317' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mms_archiv.1358.788357229' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mms_archiv.1358.788357229' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 7 - new file '+DATA_QUM169' not found ORA-01110: data file 7: '+DGA112_1/apex11a/datafile/mms_archiv.1358.788357229' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/planwerte.1357.788357243' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/planwerte.1357.788357243' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 8 - new file '+DATA_QUM169' not found ORA-01110: data file 8: '+DGA112_1/apex11a/datafile/planwerte.1357.788357243' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/btdb_prod.1352.788456613' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/btdb_prod.1352.788456613' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 9 - new file '+DATA_QUM169' not found ORA-01110: data file 9: '+DGA112_1/apex11a/datafile/btdb_prod.1352.788456613' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais.1353.788456763' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais.1353.788456763' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 10 - new file '+DATA_QUM169' not found ORA-01110: data file 10: '+DGA112_1/apex11a/datafile/mais.1353.788456763' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mms.1354.788456995' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mms.1354.788456995' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 11 - new file '+DATA_QUM169' not found ORA-01110: data file 11: '+DGA112_1/apex11a/datafile/mms.1354.788456995' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/externe_wirk.1355.788457525' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/externe_wirk.1355.788457525' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 12 - new file '+DATA_QUM169' not found ORA-01110: data file 12: '+DGA112_1/apex11a/datafile/externe_wirk.1355.788457525' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais2mt.1356.788458151' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais2mt.1356.788458151' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 13 - new file '+DATA_QUM169' not found ORA-01110: data file 13: '+DGA112_1/apex11a/datafile/mais2mt.1356.788458151' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/btdb_read.1351.788458291' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/btdb_read.1351.788458291' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 14 - new file '+DATA_QUM169' not found ORA-01110: data file 14: '+DGA112_1/apex11a/datafile/btdb_read.1351.788458291' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/hwdb2acs.1343.788458329' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/hwdb2acs.1343.788458329' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 15 - new file '+DATA_QUM169' not found ORA-01110: data file 15: '+DGA112_1/apex11a/datafile/hwdb2acs.1343.788458329' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/hwdb2sccm.1341.788458657' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/hwdb2sccm.1341.788458657' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 16 - new file '+DATA_QUM169' not found ORA-01110: data file 16: '+DGA112_1/apex11a/datafile/hwdb2sccm.1341.788458657' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/macmon.1340.788458691' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/macmon.1340.788458691' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 17 - new file '+DATA_QUM169' not found ORA-01110: data file 17: '+DGA112_1/apex11a/datafile/macmon.1340.788458691' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais_read.1339.788458725' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais_read.1339.788458725' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 18 - new file '+DATA_QUM169' not found ORA-01110: data file 18: '+DGA112_1/apex11a/datafile/mais_read.1339.788458725' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais2srm.266.788458799' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/mais2srm.266.788458799' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 19 - new file '+DATA_QUM169' not found ORA-01110: data file 19: '+DGA112_1/apex11a/datafile/mais2srm.266.788458799' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/outdating_sap_user.267.788458859' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/outdating_sap_user.267.788458859' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 20 - new file '+DATA_QUM169' not found ORA-01110: data file 20: '+DGA112_1/apex11a/datafile/outdating_sap_user.267.788458859' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/quickcheck.1338.788458887' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/quickcheck.1338.788458887' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 21 - new file '+DATA_QUM169' not found ORA-01110: data file 21: '+DGA112_1/apex11a/datafile/quickcheck.1338.788458887' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/switch.1337.788459139' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/switch.1337.788459139' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 22 - new file '+DATA_QUM169' not found ORA-01110: data file 22: '+DGA112_1/apex11a/datafile/switch.1337.788459139' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/veit_r.1333.788459167' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/veit_r.1333.788459167' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 23 - new file '+DATA_QUM169' not found ORA-01110: data file 23: '+DGA112_1/apex11a/datafile/veit_r.1333.788459167' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/test-btdb.1298.795097725' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/test-btdb.1298.795097725' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 24 - new file '+DATA_QUM169' not found ORA-01110: data file 24: '+DGA112_1/apex11a/datafile/test-btdb.1298.795097725' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex11dev.986.874230931' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex11dev.986.874230931' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 25 - new file '+DATA_QUM169' not found ORA-01110: data file 25: '+DGA112_1/apex11a/datafile/apex11dev.986.874230931' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex11devbt.985.874230963' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/apex11devbt.985.874230963' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 26 - new file '+DATA_QUM169' not found ORA-01110: data file 26: '+DGA112_1/apex11a/datafile/apex11devbt.985.874230963' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/hrbew.1083.851007823' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/hrbew.1083.851007823' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 27 - new file '+DATA_QUM169' not found ORA-01110: data file 27: '+DGA112_1/apex11a/datafile/hrbew.1083.851007823' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form SYS@apex11A> ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/optimadata.1032.865951029' TO '+DATA_QUM169'; ALTER DATABASE RENAME FILE '+DGA112_1/apex11a/datafile/optimadata.1032.865951029' TO '+DATA_QUM169' * ERROR at line 1: ORA-01511: error in renaming log/data files ORA-01141: error renaming data file 28 - new file '+DATA_QUM169' not found ORA-01110: data file 28: '+DGA112_1/apex11a/datafile/optimadata.1032.865951029' ORA-17503: ksfdopn:2 Failed to open file +DATA_QUM169 ORA-15045: ASM file name '+DATA_QUM169' is not in reference form
But my new database will not set the new ASM and I have no why.
The db_create_file_dest parameter is set correctly, so I think that:
NAME TYPE VALUE ------------------------------------ ----------- ------------------------------ db_create_file_dest string +DATA_QUM169
I forgot something? Would be nice to get help ...
A big thank you and best regards,
David
Your data checkpoint SCN file are in the LOW and HIGH range of the SNA for SEQUENCE 24286.
Therefore, your UNTIL clause should be 24287 SEQUENCE up to THAT.
Hemant K Collette
-
Problem with download custom to CSV in APEX
Apex: Apex 4.2
Oracle 11g
Listener of the apex.
Hello I have a general problem with export to CSV using a custom process of pl/sql manual tabular.
I can't use the native 'Download' option because it will not be exported my textbox objects to CSV
So I have a custom download process that calls another page which has a prior to the process of the header as follows:
-
Problem with report PDF - external (Apache FOP) - APEX 5.0 + ADR 3.0 + Tomcat 7
Hello
I have a problem with the pdf reports.
I tried to make the steps of Apache FOP missing Oracle Apex installable for 5.0 and 5.0.1 APEX APEX
It's something wrong with my settings 'external (Apache FOP)'.
When I download the report I .pdf file.
I can't open this file with the reader of pdf, but Notepad ++ open it.
In the first line is: "ORA-20001: the print engine could not be reached because the URL is incorrect or a proxy URL must be specified."
I have:
- APEX 5.0 (c:\apex)
- ADR 3.0.1 (c:\OracleREST-
- files apex.xml, apex_al.xml, apex_pu.xml and apex_rt.xml are in C:\OracleREST\pathtoconfig\apex\conf,
- defaults.XML, fop.xml are C:\OracleREST\pathtoconfig\apex)
- Apache Tomcat 7.0.64 (C:\apache-tomcat-7.0.64)
- Apache FOP 2.0 (C:\ApacheFOP\fop-2.0) - I don't now how to bind with APEX, ADR and Tomcat
My fop2pdf.jar file is located in C:\apache-tomcat-7.0.64\webapps\apex\WEB-INF\lib
If I use ADR as print server is OK, but I need to use non-English characters.
Can you help me? Please
AGM
P.S. I'm sorry for my English, I hope you understand me
Hi AgaSz,
AgaSz wrote:
I have a problem with the pdf reports.
I tried to make the steps of Apache FOP missing Oracle Apex installable for 5.0 and 5.0.1 APEX APEX
It's something wrong with my settings 'external (Apache FOP)'.
When I download the report I .pdf file.
I can't open this file with the reader of pdf, but Notepad ++ open it.
In the first line is: "ORA-20001: the print engine could not be reached because the URL is incorrect or a proxy URL must be specified."
You use DB Oracle 11g or later? If so, you must enable Network Services to use the configured Print Services.
Reference: The last point mentioned here: PDF of print on demand Express 3.1 and above
My fop2pdf.jar file is located in C:\apache-tomcat-7.0.64\webapps\apex\WEB-INF\lib
If I use ADR as print server is OK, but I need to use non-English characters.
You should not use "External Apache FOP", but you can "Oracle REST Data Services" as an option "print server". But, you should open the ords.war file and replace the Apache FOP associated jar files so that it supports non-English characters.
You crossed the aforementioned following threads in the thread:
Recently, I met the following threads:
3. ASK : if I agree that Apache FOP comes with ADR supports the Base-14 fonts and it's more issue ADR as Oracle APEX, but it will help you qualify for Oracle APEX + ADR as users of at least the next version ADR print server comes with Apache FOP 1.1 and the xmlgraphics - commons-1.5.jar. This will help the people setting up fonts and support for complex Scripts for example, Arabic, Hebrew, hindi and Southeast Asian scripts using Apache FOP comes with ADR as "print server".
Kind regards
Kiran
Maybe you are looking for
-
Hi, my iphone showed 5s no service and I tried to restart my iphone and it still the same.
-
My Equium A300D freezes at BIOS
Someone help with this one? My Equium A300d froze in the Bios boot screen. Finally, I have replaced the ram and hard drive but still the same problem. By trial and error I discovered that the problem was the dvd drive... Remove the system and it load
-
Display two signals on a graphic band
Everyone, Graphic of the band have always been my downfall. Please see the image 'Simple Data Point works' to see a diagram of a program carefully trace a series of points on a graph of the band. I thought it would be simple to add another set of da
-
is it still out there? or Win 7 shared Win Vista SP2?
-
Hello I would like to know if there is a way for the PDM file properties to be arranged in order the information has been saved. I recorded for example date, author, devices used and the others in the file properties If I want to use tdms Viewer info