RV016 access to the modem in wan1 administration page, wan 2... from LAN
Hello
We have installed router rv016, balancing 5 adsl conections.
We can access the router rv016 with IP 192.168.1.1 LAN.
We can access the administration modem1 page in wan1 which has IP 10.0.0.1
But we cannot access other pages of Directors of modems as fitted wan2 IP 10.0.0.2, or modem wan3 with IP 10.0.0.3, modem wan4 or wan5...
In the diagnosis of rv016 page, we can make a successful ping 10.0.0.1, but not to another wan...
All modems have active DHCP ok with access authorization.
Can you help us?
Thank you!
Hello
Change modems to get LAN IP addresses in different subnets:
10.0.0.1
10.0.1.1
10.0.2.1
10.0.3.1
10.0.4.1
Then, everything should work perfectly.
Please mark this thread as answer or reply if you have any additional questions.
-Marty
Tags: Cisco Support
Similar Questions
-
What happened to the access of the button "back" to several pages past?
What happened to the access of the button "back" to several pages past?
The arrow to open the history tab of the previous buttons and following was removed in Firefox 4.
Use one of the following methods to open the tab history list:
- Right-click on the back or next button
- Press and hold the left button of the mouse on the active back or forward button until the list opens
You can watch this extension:
- Backward forward history Dropdown: https://addons.mozilla.org/firefox/addon/backforedrop/
-
I have a problem of access to the Outlook account and other pages because appears "certificate error" what's happened with these certificates? Help please.
There are two main reasons for the mistakes of certificate:
- Your computer's time is not set correctly. Check your time year/month/day/hour/minute/timezone/light of day. Right-click on the clock in your taskbar and select "set Date/time" and make sure you are ready approximately 5 minutes of real time (don't forget time zone and DST).
- The second reason is that Windows XP is not very good for updating root certificates. Go to the following site:
<>http://support.Microsoft.com/kb/931125 >
and go down to the section:
'Update Package root (designed for Windows XP only)'
There is a link, you can use to download a update for your root certificates package. Download this package and double-click it to update.
HTH,
JW
-
When I have access to the internet, I get a page advertisement of Windows Explorer that is empty.
Original title: Windows Explorer announced.
When I have access to the internet, I get a page advertisement of Windows Explorer that is empty. How can I stop this coming?
I think I found a solution. A very good actually, if it works. I opened the adversiment. just a line in the upper part of the screen and goes to unsubscribe. The line mentioned coupons that I'm not interested.
He said that it takes several days to unsubscribe, so I don't know if it will work.
-
direct access to the modem point
is it possible to directly use the access point with a modem. my router seems to slow down my internet connection. If I connect directly access point, I can still access the internet with my laptop, but my xbox comes up with an error "no IP". any advice?
Yes and NO
An access point is designed to be a network of signal and therefor if the WAP54G was connected to your moen he will be part of the public network like all clients attached to it. This means that all customers should also public IP provided by your ISP.
Your ISP probably would not be in favor of offering more than 1 IP because there is a finite number of available IPv4 IP and there is a growing shortage of IPv4 IP addresses. This is the reason why IPv6 is developed.
Concerning
Fred
-
Access to the ASA 5515 IPS administration
Hello!
I can not access the ASA IPS module.
I try to ASDM. Configuration-> IPS. I type user name and password, see following message: "error connecting to the sensor. Error loading sensor.
Could you please help me fix my config?
I have the topology of the network like this
http://www.Cisco.com/image/gif/paws/113690/IPS-config-mod-01.gif
My config
KR - ASA # sh run concert int 0/5
!
interface GigabitEthernet0/5
nameif inside
security-level 100
IP 172.33.1.253 255.255.255.0 watch 172.33.1.254
!
interface Management0/0
management only
No nameif
security-level 0
no ip address
!
KR - ASA # sh details ips module
App name: IPS
App status. : to the top
App Status / / Desc: Normal operation
App version: 4,0000 E4
Flight status data: to the top
Status: to the top
License: IPS active Module perpetual
Mgmt IP addr: 172.33.1.251
MGMT network mask: 255.255.255.0
Mgmt gateway: 172.33.1.253
MGMT access list: 172.33.1.0/24
MGMT access list: 172.34.1.0/24
Web to MGMT ports: 443
Mgmt TLS enabled: true
!
KR - ASA # ping 172.33.1.251
Type to abort escape sequence.
Send 5, echoes ICMP 100 bytes to 172.33.1.251, wait time is 2 seconds:
!!!!!
Success rate is 100 per cent (5/5), round-trip min/avg/max = 10/10/10 ms
!
permit same-security-traffic inter-interface
permit same-security-traffic intra-interface
!
Thank you!
Hi Vladimir,.
Yups, this is an issue that is seen. Downgrade of Java should solve the problem. If this is not the case, turn on java debugging logs and paste those here:
Go to control panel-> java right click-> Open-> Advanced-> check all the boxes that appear under debugging and click the radio button to see the console
Rerun the IDM in browser and collect data in the java console window and paste it here.
-
Kind regards
Sourav Kakkar
-
Access to the DPS 2015: new browse Page Authoring Tool
Hello... we in the United Kingdom seeking to embark on the
New navigation Page Authoring Tool.
Any news on when this will drop here? No button "Layout Template" or features are still available...
See you soon.
Everything is going live today, but it is still too early to Seattle http://status.adobedps.com/ will be updated once the release is powered.
Neil
-
FPGA Xilinx compilation failed. Access to the path 'C:\NIFPGA\corecache\activity.log' is denied.
I just has my cRIO. I installed all necessary software and drivers and have written a VI mode FPGA. However, when I try to compile the code, I get the error of follow-up message (see attachment). I contacted the support NEITHER and they have been unable to solve this problem at the moment.
The engineer NOR gave me the following advice:
' 1. start the registry editor by selecting Start ' Run and then entering the window run regedit.
2. press the Enter key to open the editor.
3. find the following registry key in the path below:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\National Instruments\LabVIEW\11.0\AddOns\FPGA\CompilerPath_Xilinx12_4
* the Wow6432Node is not correct in all cases. on my PC, you go to HKEY_LOCAL_MACHINE\SOFTWARE. National Instruments\LabVIEW\11.0\AddOns\FPGA\CompilerPath_Xilinx12_4
4. on the data tab, you should see the path associated with your CompilerPath_Xilinx12_4. Please confirm that it is linked to the C:\NIFGPA\programs\Xilinx12_4
If you Xilinx 11.5 installed, make sure it is also bound to the correct path.
5. If you have previous versions of LabVIEW installed, you will need to go to these versions as well. For example if you have LabVIEW 2010 is installed, please, go to 10.0\AddOns\FPGA
Make sure that the CompilerPath_Xilinx12_4 or the CompilerPath_Xilinx11_5 or the CompilerPath_Xilinx10_1 are all properly placed under the drive C as seen above in step 4.
(6) make sure that the "Working Directory" under LabVIEW 11.0 has the right path of C:\NIFPGA\
(7) after that, close the registry editor and navigate to where is the worker to compile the FPGA. By default, it should be here: C:\Program Files (x 86) \National Instruments\FPGA\CompileWorker
(8) here open the document "WorkerRootDirectory.txt" and change the path. Make sure that it is pointing to the C drive.
(9) save and close the file. Restart your computer.It was already correct and still impossible to compile.
Usually, a "access to the path... denied." error comes from the permissions of the user.
What operating system do you use?
You use this tool from an administrator account?
Is there a security policy on your computer which determines the permissions and user rights?
Is it possible to run LabVIEW as an administrator? (e.g. under Windows 7, you right-click on LabVIEW.exe and choose 'Run as administrator'.)
Best regards
-
meet the demand of the system will not play audio through the modem to the phone line.
I use Callstation 5.1 I replaced the old legacy driven by a new modem. need a work around short of reinstalling XP
Hello
· What do you do? Reinstall Windows XP?
I suggest to update the drivers for the modem and check if the problem is resolved. I suggest you to contact the modem manufacturer for assistance.
Apart from that, I suggest you to install the softwareCallstation 5.1 on the manufacturer's Web site and see if the problem is resolved. I would say to check the configuration of the modem.
Thanks and regards.
Thahaseena M
Microsoft Answers Support Engineer.
Visit our Microsoft answers feedback Forum and let us know what you think. -
Installation of Windows 7 does not connect to the modem broadband.
I installed characteristic of two different versions of Win 7 64 on my desktop at different times.
The two does not connect to my modem. I get error 651. I've tried everything.I have consulted my ISP, checked the provider. The installer works fine with other OS and Win 7 on another computer.My office tells me that there is no driver installed. There is no driver to install.I need a connection to the firmware in the modem to work, something that seems missing from Win 7 Home Premium 64.Your background of catch-22LCWSee this previous post/answer
PS after I clean installed did you get your motherboard manufacturer system drivers, if a generic desktop computer, or if from a major manufacturer, for example Dell/HP support site?
-
Sir I have huawei modem e303c... When I press eject button on the bottom left hand side it not ejected... and in computer shows another drive, when I press on open it doesnot open and modem cannot be ejected by the removal of the security, and finally I just unplug while flashing in the modem, even though I closed all services from Task Manager ..., I have reinsatalled the software but the same problem please help me... I use dell n5110 win7home BA
Hello
Thank you for contacting Microsoft Community.Remove the material is not necessary when you stop all services of software that uses the modem. In addition, safely remove is mainly for storage as memory and disks devices external hard, but that's too not necessary because Windows optimizes each removable device by disabling the write cache in most devices. If it is enabled by the user, safely remove hardware option should be used. But note that it does not mean that you can simply remove the device during a file transfer. You can find the light in key USB flashes during the transfer of notification data and only it is done, the light is slowed down (not flashing), the State, you can remove the device instantly, no need to remove the device.When any removable device as a USB is connected, you can got start-> type devmgmt.msc -> press ENTER. Expand disk drives, double-click appliance removable/pendrive. In the Properties dialog box, go to the policies tab. You will find two options: a quick deletion (by default) and better performance. If you select best performance, you should use safely remove hardware option. But for fast moving, you should use not safely remove hardware option. -
Storage and access to the values of the pageFlowScope at the bean
Using JDeveloper 11.1.1.4.0
Hi again,
I read somewhere that store parameter values in a bean is a good practice, now I wonder. I did this and 'declared' this bean to my workflow bounded as pageFlowScope. Now, I need to access the values in another bean "method (scope of application) and cannot get them." If I would have just used EL #{pageFlowScope.variable1} I know how access (as in my code below), but since they are in a bean I can't find the right way to retrieve the values. Is it possible and how?
I also tried to use accessors of the bean of the pageFlowScope, which gives me an error indicating that the access is forbidden.<managed-bean id="__3"> <managed-bean-name id="__2">ViewAmtsParameters</managed-bean-name> <managed-bean-class>tax.viewamtsowedtreetbl.view.ViewAmtsParameters</managed-bean-class> <managed-bean-scope id="__4">pageFlow</managed-bean-scope> </managed-bean> // Get access to the adf faces context for page flow scope AdfFacesContext adfctx = null; adfctx = AdfFacesContext.getCurrentInstance(); BindingContainer bindings = getBindings(); OperationBinding operationBinding = bindings.getOperationBinding("ExecuteWithParams"); // Set the parameters for the query operationBinding.getParamsMap().put("cid", adfctx.getPageFlowScope().get("ViewAmtsParameters.clientIdParam")); operationBinding.getParamsMap().put("can", adfctx.getPageFlowScope().get("ViewAmtsParameters.canParam")); operationBinding.getParamsMap().put("asofdate", newValue); System.out.printf("first execute parms %s %s %s \n", operationBinding.getParamsMap().get("cid"), -- returned null operationBinding.getParamsMap().get("can"), -- returned null operationBinding.getParamsMap().get("asofdate"));
Thanks again in advance.
Troy"" "You're almost there. '" You cannot directly access the bean inside bean attributes. The pageFlowScope card allows you to access the bean itself. Once you have the bean, you can use their getter to get the attributes.
Or you use the EL (as you use it on the page) and evaluate it for the value:public static Object resolveExpression(String expression) { try { FacesContext facesContext = FacesContext.getCurrentInstance(); Application app = facesContext.getApplication(); ExpressionFactory elFactory = app.getExpressionFactory(); ELContext elContext = facesContext.getELContext(); ValueExpression valueExp = elFactory.createValueExpression(elContext, expression, Object.class); return valueExp.getValue(elContext); } catch (Exception e) { e.printStackTrace(); } return null; } public void YOURMETHOD() { AdfFacesContext adfctx = null; adfctx = AdfFacesContext.getCurrentInstance(); Map pageParams = adfctx.getPageFlowScope(); // assuming the class of your bean class is ViewAmtsParametersBean and the name you've given the bean is "ViewAmtsParameters" ViewAmtsParametersBean parambean = (ViewAmtsParametersBean) pageParams .get("ViewAmtsParameters"); //an other way to access the bean attributes is to use EL String strIdParam = (String) resolveExpression("#{pageFlowScope.ViewAmtsParameters.clientIdParam}"); BindingContainer bindings = getBindings(); OperationBinding operationBinding = bindings.getOperationBinding("ExecuteWithParams"); // Set the parameter for the query operationBinding.getParamsMap().put("cid", parambean.getClientIdParam()); operationBinding.getParamsMap().put("can", parambean.getCanParam()); operationBinding.getParamsMap().put("asofdate", newValue); System.out.printf("first execute parms %s %s %s \n", operationBinding.getParamsMap().get("cid"), operationBinding.getParamsMap().get("can"), operationBinding.getParamsMap().get("asofdate")); }Timo
-
Firefox 5.0.1 claims to be updated (how he knew that if she could not connect to the Web?), Windows XP Home 2002 SP3 Dell DIM3000 Pentium 4, 3 GHz, 1 GB of Ram.
Internet Explorer (8.0.6001.18702 with 128-bit encryption) and Opera (10.2? can't get it to display its version) both can access all the local and remote (Web) pages - Firefox does very well with all local pages but impossible to connect to what anyone remotely.
One possible cause is security software (firewall) that blocks or limits Firefox or plugin-container process without informing you, possibly after the detection of changes (update) for the Firefox program.
Delete all rules for Firefox in the list of permissions in the firewall and leave your firewall again ask permission to get full unlimited access to the internet for Firefox and the plugin-container and the update process.
See:
-
Access to the administration via VPN to 887 after config setup pro
Hi all
Ive just made a three 887w for a client in a few branches, and as this is the first time I have deployed these devices, I decided to go with the GUI (downloaded config pro 2.3) to get the configuration made that I had some constraints of time to get them in place (sometimes I go with the graphical interface first and then look back at the CLI to see what as its been) (, then hand it in Notepad to get a better understanding of the new features of the CLI may be gone and allowed).
One thing I again, that I was going to do face was my first experience of the firewall IOS area type of config...
At this point, I'm still unclear on the config (where why Im posting here I guess!) - but the main problem I have at the moment is with managing access to devices.
Particularly with regard to access to the administration of headquarters inside the IP address of the branch routers.
I should mention that the branch routers are connected to Headquarters by connections IPSec site-to-site VPN and these connections are all very good, all connectivity (PC server, PC, printer, etc.) is very well... I can also send packets (using the inside of the interface as a source) ping from branch routers to servers on the headquarters LAN.
Set up access to administration using config pro to allow access to the router on the subnet headquarters (on its inside interface), as well as the local subnet and also SSH access to a specific host from the internet - the local subnet and the only host on the internet can access the router very well.
I'm not sure if the problem is with the ZBF config or if its something really obvious Im missing! -Ive done routers branch several times previously, so with this being the first config ZBF I did, so I came to the conclusion that there must be something in the absence of my understanding.
Any help greatly appreciated... sanitized config below!
Thanks in advance
Paul
version 15.1
no service button
tcp KeepAlive-component snap-in service
a tcp-KeepAlive-quick service
horodateurs service debug datetime localtime show-timezone msec
Log service timestamps datetime localtime show-timezone msec
encryption password service
sequence numbers service
!
hostname name-model
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
recording console critical
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxx
!
No aaa new-model
!
iomem 10 memory size
clock timezone PCTime 0
PCTime of summer time clock day March 30, 2003 01:00 October 26, 2003 02:00
Service-module wlan-ap 0 autonomous bootimage
!
Crypto pki trustpoint TP-self-signed-2874941309
enrollment selfsigned
name of the object cn = IOS - Self - signed - certificate - 2874941309
revocation checking no
rsakeypair TP-self-signed-2874941309
!
!
TP-self-signed-2874941309 crypto pki certificate chain
certificate self-signed 01
no ip source route
!
!
DHCP excluded-address IP 10.0.0.1 10.0.0.63
DHCP excluded-address IP 10.0.0.193 10.0.0.254
!
DHCP IP CCP-pool
import all
Network 10.0.0.0 255.255.255.0
default router 10.0.0.1
xxxxxxxxx.com domain name
Server DNS 192.168.xx.20 194.74.xx.68
Rental 2 0
!
!
IP cef
no ip bootp Server
IP domain name xxxxxxx.com
name of the server IP 192.168.XX.20
name of the server IP 194.74.XX.68
No ipv6 cef
!
!
Authenticated MultiLink bundle-name Panelparameter-card type urlfpolicy websense cpwebpara0
Server 192.168.xx.25
source-interface Vlan1
allow mode on
parameter-card type urlf-glob cpaddbnwlocparapermit0
model citrix.xxxxxxxxxxxx.comlicense udi pid xxxxxxxxxxx sn CISCO887MW-GN-E-K9
!
!
username xxxxxxx privilege 15 secret 5 xxxxxxxxxxxxxxxxxxxxx
username privilege 15 secret 5 xxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
!
synwait-time of tcp IP 10
!
type of class-card inspect correspondence sdm-cls-VPNOutsideToInside-1
game group-access 106
type of class-card inspect entire game SDM_SHELL
match the name of group-access SDM_SHELL
type of class-card inspect entire game SDM_SSH
match the name of group-access SDM_SSH
type of class-card inspect entire game SDM_HTTPS
match the name of group-access SDM_HTTPS
type of class-card inspect all match sdm-mgmt-cls-0
corresponds to the SDM_SHELL class-map
corresponds to the SDM_SSH class-map
corresponds to the SDM_HTTPS class-map
type of class-card inspect entire game SDM_AH
match the name of group-access SDM_AH
type of class-card inspect entire game SDM_ESP
match the name of group-access SDM_ESP
type of class-card inspect entire game SDM_VPN_TRAFFIC
match Protocol isakmp
match Protocol ipsec-msft
corresponds to the SDM_AH class-map
corresponds to the SDM_ESP class-map
type of class-card inspect the correspondence SDM_VPN_PT
game group-access 105
corresponds to the SDM_VPN_TRAFFIC class-map
type of class-card inspect entire game PAC-cls-insp-traffic
match Protocol cuseeme
dns protocol game
ftp protocol game
h323 Protocol game
https protocol game
match icmp Protocol
match the imap Protocol
pop3 Protocol game
netshow Protocol game
Protocol shell game
match Protocol realmedia
match rtsp Protocol
smtp Protocol game
sql-net Protocol game
streamworks Protocol game
tftp Protocol game
vdolive Protocol game
tcp protocol match
udp Protocol game
inspect the class-map match PAC-insp-traffic type
corresponds to the class-map PAC-cls-insp-traffic
type of class-map urlfilter match - all cpaddbnwlocclasspermit0
Server-domain urlf-glob cpaddbnwlocparapermit0 match
type of class-card inspect entire game PAC-cls-icmp-access
match icmp Protocol
tcp protocol match
udp Protocol game
class-map type urlfilter websense match - all cpwebclass0
match any response from the server
type of class-card inspect correspondence ccp-invalid-src
game group-access 100
type of class-card inspect correspondence ccp-icmp-access
corresponds to the class-ccp-cls-icmp-access card
type of class-card inspect sdm-mgmt-cls-ccp-permit-0 correspondence
corresponds to the class-map sdm-mgmt-cls-0
game group-access 103
type of class-card inspect correspondence ccp-Protocol-http
http protocol game
!
!
type of policy-card inspect PCB-permits-icmpreply
class type inspect PCB-icmp-access
inspect
class class by default
Pass
type of policy-card inspect sdm-pol-VPNOutsideToInside-1
class type inspect sdm-cls-VPNOutsideToInside-1
inspect
class class by default
drop
type of policy-card inspect urlfilter cppolicymap-1
urlfpolicy websense cpwebpara0 type parameter
class type urlfilter cpaddbnwlocclasspermit0
allow
Journal
class type urlfilter websense cpwebclass0
Server-specified-action
Journal
type of policy-map inspect PCB - inspect
class type inspect PCB-invalid-src
Drop newspaper
class type inspect PCB-Protocol-http
inspect
service-policy urlfilter cppolicymap-1
class type inspect PCB-insp-traffic
inspect
class class by default
drop
type of policy-card inspect PCB-enabled
class type inspect SDM_VPN_PT
Pass
class type inspect sdm-mgmt-cls-ccp-permit-0
inspect
class class by default
drop
!
security of the area outside the area
safety zone-to-zone
zone-pair security PAC-zp-self-out source destination outside zone auto
type of service-strategy inspect PCB-permits-icmpreply
zone-pair security PAC-zp-in-out source in the area of destination outside the area
type of service-strategy inspect PCB - inspect
source of PAC-zp-out-auto security area outside zone destination auto pair
type of service-strategy inspect PCB-enabled
sdm-zp-VPNOutsideToInside-1 zone-pair security source outside the area of destination in the area
type of service-strategy inspect sdm-pol-VPNOutsideToInside-1
!
!
crypto ISAKMP policy 1
BA 3des
preshared authentication
Group 2
ISAKMP crypto key address 194.105.xxx.xxx xxxxxxxxxxxx
!
!
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
!
map SDM_CMAP_1 1 ipsec-isakmp crypto
Description Tunnel to194.105.xxx.xxx
the value of 194.105.xxx.xxx peer
game of transformation-ESP-3DES-SHA
match address VPN - ACL
!
!
!
!
!
interface BRI0
no ip address
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
encapsulation hdlc
Shutdown
Multidrop ISDN endpoint
!
ATM0 interface
no ip address
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
No atm ilmi-keepalive
!
point-to-point interface ATM0.1
Description $ES_WAN$
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
PVC 0/38
aal5mux encapsulation ppp Dialer
Dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
wlan-ap0 interface
description of the Service interface module to manage the embedded AP
IP unnumbered Vlan1
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
ARP timeout 0
!
interface GigabitEthernet0 Wlan
Description interface connecting to the AP the switch embedded internal
!
interface Vlan1
Description $ETH - SW - LAUNCH, INTF-INFO-HWIC $$ $4ESW $FW_INSIDE$
the IP 10.0.0.1 255.255.255.0
IP access-group 104 to
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
IP nat inside
IP virtual-reassembly
Security members in the box area
IP tcp adjust-mss 1452
!
interface Dialer0
Description $FW_OUTSIDE$
IP address 81.142.xxx.xxx 255.255.xxx.xxx
IP access-group 101 in
no ip redirection
no ip unreachable
no ip proxy-arp
penetration of the IP stream
NAT outside IP
IP virtual-reassembly
outside the area of security of Member's area
encapsulation ppp
Dialer pool 1
Dialer-Group 1
Authentication callin PPP chap Protocol
PPP chap hostname xxxxxxxxxxxxxxxx
PPP chap password 7 xxxxxxxxxxxxxxxxx
No cdp enable
map SDM_CMAP_1 crypto
!
IP forward-Protocol ND
IP http server
23 class IP http access
local IP http authentication
IP http secure server
IP http timeout policy slowed down 60 life 86400 request 10000
!
!
IP nat inside source overload map route SDM_RMAP_1 interface Dialer0
IP route 0.0.0.0 0.0.0.0 Dialer0
!
SDM_AH extended IP access list
Note the category CCP_ACL = 1
allow a whole ahp
SDM_ESP extended IP access list
Note the category CCP_ACL = 1
allow an esp
SDM_HTTP extended IP access list
Note the category CCP_ACL = 0
permit tcp any any eq www
SDM_HTTPS extended IP access list
Note the category CCP_ACL = 0
permit any any eq 443 tcp
SDM_SHELL extended IP access list
Note the category CCP_ACL = 0
permit tcp any any eq cmd
SDM_SNMP extended IP access list
Note the category CCP_ACL = 0
allow udp any any eq snmp
SDM_SSH extended IP access list
Note the category CCP_ACL = 0
permit tcp any any eq 22
SDM_TELNET extended IP access list
Note the category CCP_ACL = 0
permit tcp any any eq telnet
scope of access to IP-VPN-ACL list
Note ACLs to identify a valuable traffic to bring up the VPN tunnel
Note the category CCP_ACL = 4
Licensing ip 10.0.0.0 0.0.0.255 192.168.xx.0 0.0.0.255
Licensing ip 10.0.0.0 0.0.0.255 10.128.xx.0 0.0.255.255
Licensing ip 10.0.0.0 0.0.0.255 160.69.xx.0 0.0.255.255
!
recording of debug trap
Note category of access list 1 = 2 CCP_ACL
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 23 allow 193.195.xxx.xxx
Note access-list 23 category CCP_ACL = 17
access-list 23 permit 192.168.xx.0 0.0.0.255
access-list 23 allow 10.0.0.0 0.0.0.255
Access-list 100 category CCP_ACL = 128 note
access-list 100 permit ip 255.255.255.255 host everything
access-list 100 permit ip 127.0.0.0 0.255.255.255 everything
access-list 100 permit ip 81.142.xxx.xxx 0.0.0.7 everything
Access-list 101 remark self-generated by SDM management access feature
Note access-list 101 category CCP_ACL = 1
access-list 101 permit tcp host 193.195.xxx.xxx host 81.142.xxx.xxx eq 22
access-list 101 permit tcp host 193.195.xxx.xxx host 81.142.xxx.xxx eq 443
access-list 101 permit tcp host 193.195.xxx.xxx host 81.142.xxx.xxx eq cmd
access-list 101 tcp refuse any host 81.142.xxx.xxx eq telnet
access-list 101 tcp refuse any host 81.142.xxx.xxx eq 22
access-list 101 tcp refuse any host 81.142.xxx.xxx eq www
access-list 101 tcp refuse any host 81.142.xxx.xxx eq 443
access-list 101 tcp refuse any host 81.142.xxx.xxx eq cmd
access-list 101 deny udp any host 81.142.xxx.xxx eq snmp
access-list 101 permit ip 160.69.0.0 0.0.255.255 10.0.0.0 0.0.0.255
access-list 101 permit ip 10.128.0.0 0.0.255.255 10.0.0.0 0.0.0.255
access-list 101 permit ip 192.168.xx.0 0.0.0.255 10.0.0.0 0.0.0.255
access-list 101 permit udp host 194.105.xxx.xxx host 81.142.xxx.xxx eq non500-isakmp
access-list 101 permit udp host 194.105.xxx.xxx host 81.142.xxx.xxx eq isakmp
access-list 101 permit host 194.105.xxx.xxx host 81.142.xxx.xxx esp
access-list 101 permit ahp host 194.105.xxx.xxx host 81.142.xxx.xxx
access list 101 ip allow a whole
Note access-list 102 CCP_ACL category = 1
access-list 102 permit ip 192.168.xx.0 0.0.0.255 everything
access-list 102 permit ip host 193.195.xxx.xxx all
access-list 102 permit ip 10.0.0.0 0.0.0.255 any
Note access-list 103 self-generated by SDM management access feature
Note access-list 103 CCP_ACL category = 1
access-list 103 allow ip host 193.195.xxx.xxx host 81.142.xxx.xxx
Note access-list 104 self-generated by SDM management access feature
Note access-list 104 CCP_ACL category = 1
access-list 104 permit tcp 192.168.xx.0 0.0.0.255 host 10.0.0.1 eq telnet
access-list 104 permit tcp 10.0.0.0 0.0.0.255 host 10.0.0.1 eq telnet
access-list 104 permit tcp 192.168.xx.0 0.0.0.255 eq on host 10.0.0.1 22
access-list 104 permit tcp 10.0.0.0 0.0.0.255 host 10.0.0.1 eq 22
access-list 104 permit tcp 192.168.xx.0 0.0.0.255 host 10.0.0.1 eq www
access-list 104 permit tcp 10.0.0.0 0.0.0.255 eq to host 10.0.0.1 www
access-list 104 permit tcp 192.168.xx.0 0.0.0.255 host 10.0.0.1 eq 443
access-list 104 permit tcp 10.0.0.0 0.0.0.255 host 10.0.0.1 eq 443
access-list 104 permit tcp 192.168.xx.0 0.0.0.255 host 10.0.0.1 eq cmd
access-list 104 permit tcp 10.0.0.0 0.0.0.255 host 10.0.0.1 eq cmd
access-list 104 tcp refuse any host 10.0.0.1 eq telnet
access-list 104 tcp refuse any host 10.0.0.1 eq 22
access-list 104 tcp refuse any host 10.0.0.1 eq www
access-list 104 tcp refuse any host 10.0.0.1 eq 443
access-list 104 tcp refuse any host 10.0.0.1 eq cmd
access-list 104 deny udp any host 10.0.0.1 eq snmp
104 ip access list allow a whole
Note access-list 105 CCP_ACL category = 128
access-list 105 permit ip host 194.105.xxx.xxx all
Note access-list 106 CCP_ACL category = 0
access-list 106 allow ip 192.168.xx.0 0.0.0.255 10.0.0.0 0.0.0.255
access-list 106 allow ip 10.128.0.0 0.0.255.255 10.0.0.0 0.0.0.255
access-list 106 allow ip 160.69.0.0 0.0.255.255 10.0.0.0 0.0.0.255
Note category from the list of access-107 = 2 CCP_ACL
access-list 107 deny ip 10.0.0.0 0.0.0.255 160.69.0.0 0.0.255.255
access-list 107 deny ip 10.0.0.0 0.0.0.255 10.128.0.0 0.0.255.255
access-list 107 deny ip 10.0.0.0 0.0.0.255 192.168.xx.0 0.0.0.255
access-list 107 allow ip 10.0.0.0 0.0.0.255 any
Dialer-list 1 ip protocol allow
not run cdp!
!
!
!
allowed SDM_RMAP_1 1 route map
corresponds to the IP 107
!
!
control plan
!
!
Line con 0
local connection
no activation of the modem
line to 0
line 2
no activation-character
No exec
preferred no transport
transport of entry all
line vty 0 4
access-class 102 in
privilege level 15
local connection
transport input telnet ssh
!
Scheduler allocate 4000 1000
Scheduler interval 500
NTP-Calendar Update
130.159.196.118 source Dialer0 preferred NTP server
endHi Paul,.
Here is the relevant configuration:
type of policy-card inspect PCB-enabled
class type inspect sdm-mgmt-cls-ccp-permit-0
inspecttype of class-card inspect sdm-mgmt-cls-ccp-permit-0 correspondence
corresponds to the class-map sdm-mgmt-cls-0
game group-access 103type of class-card inspect all match sdm-mgmt-cls-0
corresponds to the SDM_SHELL class-map
corresponds to the SDM_SSH class-map
corresponds to the SDM_HTTPS class-maptype of class-card inspect entire game SDM_SHELL
match the name of group-access SDM_SHELL
type of class-card inspect entire game SDM_SSH
match the name of group-access SDM_SSH
type of class-card inspect entire game SDM_HTTPS
match the name of group-access SDM_HTTPSSDM_SHELL extended IP access list
Note the category CCP_ACL = 0
permit tcp any any eq cmd
SDM_SSH extended IP access list
Note the category CCP_ACL = 0
permit tcp any any eq 22
SDM_HTTPS extended IP access list
Note the category CCP_ACL = 0
permit any any eq 443 tcpNote access-list 103 self-generated by SDM management access feature
Note access-list 103 CCP_ACL category = 1
access-list 103 allow ip host 193.195.xxx.xxx host 81.142.xxx.xxxThe above configuration will allow you to access the router on the 81.142.xxx.xxx the IP address of the host 193.195.xxx.xxx using HTTPS/SSH/SHELL. To allow network 192.168.16.0/24 access to the router's IP 10.0.0.1, add another entry to the access list 103 as below:
access-list 103 allow ip 192.168.16.0 0.0.0.255 host 10.0.0.1
This should take enable access to this IP address for hosts using ssh and https. Try this out and let me know how it goes.
Thank you and best regards,
Assia
-
How to give some access to the system without giving local administrator access?
Hello
I'm looking for advice on how I can accomplish the following tasks without giving certain groups of rights of a local administrator on the server.
- Ability to query the status of all Windows Services
- Access WMI
- Ability to read all the event logs
- Ability of the State to the query of all services
- Activation of remote PowerShell commands
I need to give this kind of access to the servers are Windows Server 2008 R2, Windows Server 2008 Std Edition and Windows Server 2003.
Advice and guidance would be greatly appreciated.
Thanks in advance.
Hello
The question you have posted is better suited for the TechNet forums. Please post your question here.
http://social.technet.Microsoft.com/forums/en-us/category/WindowsServer
Maybe you are looking for
-
Software crash-do I need poster update driver for satellite C660
Hi people,recently I installed the trial version of cs5 Adobe Premier, composer then avid media and none of them are loading, (not answer) and Adobe hangs on importerquicktime.prm. Everywhere wherever I look it seems to be telling me that I need to u
-
Write historical graphic band given in MS Office Chart
I need to send data that have been collected in a chart of the band to a chart of MS Office Word. I send you the other data of the report of MS Word, but I'm struggling with the graph plots. I don't know exactly how to get the data on the Strip in
-
Hey, I was wondering if it might well work on my laptop [GTA IV]
Hey guys, I've just bought a new laptop (acer 5738Z), And I was told that my video card is not that good to run this game, but I want to hear what you guys have to say. my laptop: CPU - Pentium Dual-Core T4300 2.10 GHz CPU RAM - 1, 9 GB OS - Microsof
-
BlackBerry 8830 smartphones and Media Card & Manager
installed 8830 2 giga Scandisk memory card. V4.3.0.17 DTM does not list media Mgr. Support of BB site says to get rid of all the Roxio files on computer - some are embeddable in ESSILOR. So have not affected them. According to the list of program
-
Hi all I need to change the IP addresses in a deployment ISE 1.2 HA (a pair of primary and secondary school). The tricky part is that the deployment was broken before I could get my hands on the servers. I can do the stand-alone primary server and ch