TCP / HTTP overhead
I apologize if this isn't the right place to ask this question... I'm trying to understand overhead with tcp and HTTP response that I see in the capture of packages (wireshark) that I join you the topic.
My understanding is:
I can calculate the portion of TCP data by subtracting the ip/tcp headers of the total length field in the IP header. My confusion is when watching the payload data tcp and then seeing the overhead that is specified in the body of message/response HTTP header. In my view, it has 1448 bytes which corresponds to the part of the packet tcp data.
However, the HTTP response header is 347 bytes and the Content-Length entity 3867 bytes message body. I am trying to wrap my head on how to determine the correct load for this specific package. Normally, it's very simple, but it's the rsponse HTTP header which throws me off the power.
Can someone break down and help me understand how I can have 1448 for TCP data but larger values for the HTTP part?
Because the HTTP message is fragmented.
You can see the somdwhere message back in the next Wireshark screen.
Tags: Cisco Network
Similar Questions
-
Settings of the AFN for a direct TCP (3G v.s. GPRS) connection
Today, I read a lot of articles about the transportation options for the Blackberry network.
I installed the Tool of Network Diagnostics on my device (BlackBerry 9300 v5.0).
I'm Tournai on "Mobile network" and disabled the "WiFi". Therefore, my device must use the direct TCP (HTTP protocol) only.
According to this article, for a cell TCP connection, we need to set up the APN settings, otherwise we will have 'Tunnel failed' error
http://docs.BlackBerry.com/en/developers/deliverables/21128/Network_transport_options_1293321_11.jsp
However, without specifying the AFN, I was still able to have labour Direct TCP (HTTP).
I'm in New Zealand, I tested the Network Diagnostic tool with 2 dgree and vodafone sim cards. Two of them work properly. Two of them are 3 G networks
However, a lot of people on the internet saying that if they do not specify the APN for GPRS or EDGE networks, they would get the error "failure of Tunnel.
So, I had the impression that with 3G networks, don't need us to specify the APN.
I don't know if that's okay?
One of the really annoying things on the treatment on the Blackberry network is its inconsistency. I think you've hit one of them. I saw this in the past with Vodafone, I wasn't sure that this has happened with other networks but maybe so.
The inconsistency is the following.
If your connection URL looks like
If you think that this will force the connection to use the carrier TCP aka Direct TCP. However, on some phones of brands, including Vodafone, is not correct. On these phones a connection as it goes actually on WAP.
To force the direct TCP, you must follow the instructions in this post:
http://supportforums.BlackBerry.com/T5/Java-development/Vodafone-UK-direct-TCP/m-p/463081#M92387
-
HTTPS protocol between the client vpn and host of the internet through tunnel ipsec-parody
Hello
We have a cisco ASA 5505 and try to get the next job:
ip (192.168.75.5) - connected to the Cisco ASA 5505 VPN client
the customer gets a specific route for an internet address (79.143.218.35 255.255.255.255 192.168.75.1 192.168.75.5 100)
When I try to access the url of the client, I get a syn sent with netstat
When I try trace ASA package, I see the following:
1 FLOW-SEARCH ALLOW Not found no corresponding stream, creating a new stream
2 ROUTE SEARCH entry ALLOW in 0.0.0.0 0.0.0.0 outdoors
3 ACCESS-LIST Journal ALLOW Access-group outside_access_in in interface outside
outside_access_in list extended access permitted tcp everything any https eq
access-list outside_access_in note hyperion outside inside
4 IP-OPTIONS ALLOW 5 CP-PUNT ALLOW 6 VPN IPSec-tunnel-flow ALLOW 7 IP-OPTIONS ALLOW 8 VPN encrypt ALLOW outdoors upward upward outdoors upward upward drop (ipsec-parody) Parody of detected IPSEC When I try the reverse (i.e. from the internet host to vpn client), it seems to work:
1 FLOW-SEARCH ALLOW Not found no corresponding stream, creating a new stream
2 ROUTE SEARCH entry ALLOW in 192.168.75.5 255.255.255.255 outside
3 ACCESS-LIST Journal ALLOW Access-group outside_access_in in interface outside
outside_access_in of access allowed any ip an extended list
4 IP-OPTIONS ALLOW 5 VPN IPSec-tunnel-flow ALLOW 6 VPN encrypt ALLOW My question is why this phenomenon happens and how solve us this problem?
Thanks in advance, Sipke
our running-config:
: Saved
:
ASA Version 8.0 (4)
!
ciscoasa hostname
domain somedomain
activate the password - encrypted
passwd - encrypted
names of
name 10.10.1.0 Hyperion
name 164.140.159.x xxxx
name 192.168.72.25 xxxx
name 192.168.72.24 xxxx
name 192.168.72.196 xxxx
name 192.168.75.0 vpn clients
name 213.206.236.0 xxxx
name 143.47.160.0 xxxx
name 141.143.32.0 xxxx
name 141.143.0.0 xxxx
name 192.168.72.27 xxxx
name 10.1.11.0 xxxx
name 10.1.2.240 xxxx
name 10.1.1.0 xxxx
name 10.75.2.1 xxxx
name 10.75.2.23 xxxx
name 192.168.72.150 xxxx
name 192.168.33.0 xxxx
name 192.168.72.26 xxxx
name 192.168.72.5 xxxx
name 192.168.23.0 xxxx
name 192.168.34.0 xxxx
name 79.143.218.35 inethost
!
interface Vlan1
nameif inside
security-level 100
IP 192.168.72.254 255.255.255.0
OSPF cost 10
!
interface Vlan2
nameif outside
security-level 0
IP address 193.173.x.x 255.255.255.240
OSPF cost 10
!
interface Vlan3
Shutdown
nameif dmz
security-level 50
192.168.50.1 IP address 255.255.255.0
OSPF cost 10
!
interface Vlan23
nameif wireless
security-level 80
192.168.40.1 IP address 255.255.255.0
OSPF cost 10
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
switchport access vlan 3
!
interface Ethernet0/6
switchport access vlan 23
!
interface Ethernet0/7
!
passive FTP mode
clock timezone THATS 1
clock to summer time CEDT recurring last Sun Mar 02:00 last Sun Oct 03:00
DNS lookup field inside
DNS server-group DefaultDNS
domain pearle.local
permit same-security-traffic inter-interface
permit same-security-traffic intra-interface
object-group Protocol TCPUDP
object-protocol udp
object-tcp protocol
object-group service RDP - tcp
Remote Desktop Protocol Description
EQ port 3389 object
object-group service UDP - udp VC
range of object-port 60000 60039
object-group VC - TCP tcp service
60000 60009 object-port Beach
object-group service tcp Fortis
1501 1501 object-port Beach
Beach of port-object 1502-1502
Beach of port-object sqlnet sqlnet
1584 1584 object-port Beach
1592 1592 object-port Beach
object-group service tcp fortis
1592 1592 object-port Beach
Beach of port-object 1502-1502
1584 1584 object-port Beach
Beach of port-object sqlnet sqlnet
1501 1501 object-port Beach
1500 1500 object-port Beach
the DM_INLINE_NETWORK_1 object-group network
object-network 192.168.50.0 255.255.255.0
object-network 192.168.72.0 255.255.255.0
object-network 192.168.40.0 255.255.255.0
object-network VPN_Pool_2 255.255.255.0
the DM_INLINE_NETWORK_2 object-group network
object-network 192.168.50.0 255.255.255.0
object-network 192.168.72.0 255.255.255.0
object-group network inside-networks
object-network 192.168.72.0 255.255.255.0
WingFTP_TCP tcp service object-group
Secure FTP description
port-object eq 989
port-object eq 990
DM_INLINE_TCP_1 tcp service object-group
port-object eq ftp
port-object eq ftp - data
Group object WingFTP_TCP
DM_INLINE_TCP_2 tcp service object-group
port-object eq ftp
port-object eq ftp - data
Group object WingFTP_TCP
the DM_INLINE_NETWORK_3 object-group network
object-network 192.168.72.0 255.255.255.0
object-network VPN_Pool_2 255.255.255.0
the DM_INLINE_NETWORK_4 object-group network
object-network 192.168.72.0 255.255.255.0
object-network VPN_Pool_2 255.255.255.0
object-group network Oracle
network-object OracleTwo 255.255.224.0
network-object OracleOne 255.255.240.0
network-object OracleThree 255.255.224.0
the DM_INLINE_NETWORK_5 object-group network
network-object Grandvision 255.255.255.0
network-object Grandvision2 255.255.255.240
object-network Grandvision3 255.255.255.0
host of the object-Network Grandvision4
host of the object-Network GrandVision_PC
the DM_INLINE_NETWORK_6 object-group network
network-object Grandvision 255.255.255.0
network-object Grandvision2 255.255.255.240
object-network Grandvision3 255.255.255.0
host of the object-Network Grandvision4
host of the object-Network GrandVision_PC
the DM_INLINE_NETWORK_7 object-group network
network-object Grandvision 255.255.255.0
network-object Grandvision2 255.255.255.240
object-network Grandvision3 255.255.255.0
host of the object-Network GrandVision_PC
the DM_INLINE_NETWORK_8 object-group network
network-object Grandvision 255.255.255.0
network-object Grandvision2 255.255.255.240
object-network Grandvision3 255.255.255.0
host of the object-Network GrandVision_PC
object-group service DM_INLINE_SERVICE_2
the purpose of the ip service
EQ-3389 tcp service object
the DM_INLINE_NETWORK_9 object-group network
network-object OracleThree 255.255.0.0
network-object OracleTwo 255.255.224.0
network-object OracleOne 255.255.240.0
object-group service DM_INLINE_SERVICE_3
the purpose of the ip service
EQ-3389 tcp service object
Atera tcp service object-group
Atera Webbased monitoring description
8001 8001 object-port Beach
8002 8002 object-port Beach
8003 8003 object-port Beach
WingFTP_UDP udp service object-group
port-object eq 989
port-object eq 990
WingFTP tcp service object-group
Description range of ports for the transmission of data
object-port range 1024-1054
HTTPS_redirected tcp service object-group
Description redirect WingFTP Server
port-object eq 40200
Note to inside_access_in to access list ICMP test protocol inside outside
inside_access_in list extended access allow icmp 192.168.72.0 255.255.255.0 any
Note to inside_access_in to access list ICMP test protocol inside outside
access-list inside_access_in note HTTP inside outside
inside_access_in list extended access allowed object-group TCPUDP 192.168.72.0 255.255.255.0 any eq www
access-list inside_access_in note queries DNS inside to outside
inside_access_in list extended access allowed object-group TCPUDP 192.168.72.0 255.255.255.0 no matter what eq field
access-list inside_access_in note the HTTPS protocol inside and outside
inside_access_in list extended access permitted tcp 192.168.72.0 255.255.255.0 any https eq
Note to inside_access_in to access list ICMP test protocol inside outside
access-list inside_access_in note 7472 Epo-items inside outside
inside_access_in list extended access permitted tcp 192.168.72.0 255.255.255.0 any eq 7472
access-list inside_access_in note POP3 inside outside
inside_access_in list extended access permitted tcp 192.168.72.0 255.255.255.0 any eq pop3
inside_access_in list extended access permit udp host LifeSize-PE-HQ any object-group UDP - VC
inside_access_in list extended access permit tcp host LifeSize-PE-HQ all eq h323
access-list inside_access_in note video conference services
inside_access_in list extended access permit tcp host LifeSize-PE-HQ any object-group VC - TCP
inside_access_in list extended access permitted tcp 192.168.72.0 255.255.255.0 any
Note to inside_access_in to access list Fortis
inside_access_in list extended access permitted tcp 192.168.72.0 255.255.255.0 any object-group Fortis
access extensive list ip 192.168.40.0 inside_access_in allow 255.255.255.0 any
inside_access_in list extended access permitted tcp 192.168.40.0 255.255.255.0 any
inside_access_in list extended access permitted tcp 192.168.40.0 255.255.255.0 any eq www
inside_access_in list extended access permitted tcp 192.168.40.0 255.255.255.0 any https eq
inside_access_in allowed all Hyperion 255.255.255.0 ip extended access list
inside_access_in list extended access udp allowed any any eq isakmp
inside_access_in list extended access udp allowed any any eq ntp
inside_access_in list extended access udp allowed any any eq 4500
inside_access_in list of allowed ip extended access any Oracle object-group
inside_access_in list extended access udp allowed any any eq 10000
access-list inside_access_in note PPTP inside outside
inside_access_in list extended access permit tcp any any eq pptp
access-list inside_access_in note WILL inside outside
inside_access_in list extended access will permit a full
Note to inside_access_in to access the Infrastructure of the RIM BES server list
inside_access_in list extended access permit tcp host BESServer any eq 3101
inside_access_in list extended access permit tcp any any DM_INLINE_TCP_2 object-group
inside_access_in list extended access permit tcp any any HTTPS_redirected object-group
access extensive list ip Hyperion 255.255.255.0 inside_access_in 255.255.255.0 allow VPN_Pool_2
inside_access_in list extended access permit udp any host 86.109.255.177 eq 1194
access extensive list ip 192.168.72.0 inside_access_in allow 255.255.255.0 DM_INLINE_NETWORK_7 object-group
access extensive list ip VPN_Pool_2 inside_access_in allow 255.255.255.0 any
inside_access_in list extended access deny ip any any inactive debug log
Note to outside_access_in to access list ICMP test protocol outside inside
outside_access_in list extended access permit icmp any one
access-list outside_access_in Note SMTP outside inside
outside_access_in list extended access permit tcp any any eq smtp
outside_access_in list extended access udp allowed any any eq ntp disable journal
access-list outside_access_in note 7472 EPO-items outside inside
outside_access_in list extended access permit tcp any any eq 7472
outside_access_in list extended access permit tcp any any object-group inactive RDP
outside_access_in list extended access permit tcp any any eq www
outside_access_in list extended access permit tcp any any HTTPS_redirected object-group
outside_access_in list extended access permitted tcp everything any https eq
access-list outside_access_in note hyperion outside inside
outside_access_in list extended access permitted tcp Hyperion 255.255.255.0 DM_INLINE_NETWORK_4 object-group
outside_access_in to access Hyperion 255.255.255.0 ip extended list object-group DM_INLINE_NETWORK_3 allow
outside_access_in list extended access permit tcp any host LifeSize-PE-HQ eq h323
outside_access_in list extended access permit tcp any host LifeSize-PE-HQ object-group VC - TCP
outside_access_in list extended access permit udp any host group-object-LifeSize-PE-HQ UDP - VC
outside_access_in of access allowed any ip an extended list
outside_access_in list extended access udp allowed any any eq 4500
outside_access_in list extended access udp allowed any any eq isakmp
outside_access_in list extended access udp allowed any any eq 10000
outside_access_in list extended access will permit a full
outside_access_in list extended access permit tcp any any eq pptp
outside_access_in list extended access permit tcp any any DM_INLINE_TCP_1 object-group
outside_access_in list extended access allowed object-group ip DM_INLINE_NETWORK_8 192.168.72.0 255.255.255.0 inactive
outside_access_in list extended access permit tcp any any Atera object-group
outside_access_in list extended access deny ip any any inactive debug log
outside_1_cryptomap list extended access allowed object-group Hyperion DM_INLINE_NETWORK_2 255.255.255.0 ip
outside_1_cryptomap to access extended list ip 192.168.50.0 allow Hyperion 255.255.255.0 255.255.255.0
access extensive list ip 192.168.72.0 inside_nat0_outbound allow Hyperion 255.255.255.0 255.255.255.0
inside_nat0_outbound list of allowed ip extended access all 193.172.182.64 255.255.255.240
inside_nat0_outbound list of allowed ip extended access all 192.168.72.192 255.255.255.192
inside_nat0_outbound list of allowed ip extended access all 192.168.72.0 255.255.255.0
access extensive list ip 192.168.72.0 inside_nat0_outbound allow 255.255.255.0 VPN_Pool_2 255.255.255.0
access extensive list ip 192.168.72.0 inside_nat0_outbound allow 255.255.255.0 DM_INLINE_NETWORK_5 object-group
inside_nat0_outbound list of allowed ip extended access all GrandVisionSoesterberg 255.255.255.0
inside_nat0_outbound list of allowed ip extended access any Swabach 255.255.255.0
access-list 200 scope allow tcp all fortis of fortis host object-group
access extensive list ip VPN_Pool_2 outside_nat0_outbound allow 255.255.255.0 DM_INLINE_NETWORK_9 object-group
outside_cryptomap_2 list extended access allowed object-group Hyperion DM_INLINE_NETWORK_1 255.255.255.0 ip
outside_cryptomap_2 to access extended list ip 192.168.50.0 allow Hyperion 255.255.255.0 255.255.255.0
Note Wireless_access_in of access list, select Hyperion / wifi access NAT rule.
Access extensive list ip 192.168.40.0 Wireless_access_in allow Hyperion inactive 255.255.255.0 255.255.255.0
Wireless_access_in list extended access deny ip 192.168.40.0 255.255.255.0 192.168.72.0 255.255.255.0
Comment by Wireless_access_in-list of the traffic Internet access
Access extensive list ip 192.168.40.0 Wireless_access_in allow 255.255.255.0 any
standard access list splittunnelclientvpn allow 192.168.72.0 255.255.255.0
splittunnelclientvpn list standard access allowed Hyperion 255.255.255.0
standard access list splittunnelclientvpn allow Pearleshare 255.255.255.0
splittunnelclientvpn list standard access allowed host 85.17.235.22
splittunnelclientvpn list standard access allowed OracleThree 255.255.224.0
standard access list splittunnelclientvpn allow 143.47.128.0 255.255.240.0
splittunnelclientvpn list standard access allowed host inethost
Standard access list SplittnlHyperion allow OracleThree 255.255.0.0
Standard access list SplittnlOOD allow OracleThree 255.255.0.0
Standard access list SplittnlOOD allow 143.47.128.0 255.255.240.0
access extensive list ip 192.168.72.0 outside_cryptomap allow 255.255.255.0 DM_INLINE_NETWORK_6 object-group
outside_cryptomap_1 list of allowed ip extended access all GrandVisionSoesterberg 255.255.255.0
outside_cryptomap_3 list of allowed ip extended access any Swabach 255.255.255.0
192.168.72.0 IP Access-list extended sheep 255.255.255.0 GrandVisionSoesterberg 255.255.255.0 allow
192.168.72.0 IP Access-list extended sheep 255.255.255.0 VPN_Pool_2 255.255.255.0 allow
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
MTU 1500 dmz
MTU 1500 wireless
local pool VPN_DHCP 192.168.72.220 - 192.168.72.235 255.255.255.0 IP mask
mask 192.168.75.1 - 192.168.75.50 255.255.255.0 IP local pool VPN_Range_2
no failover
ICMP unreachable rate-limit 1 burst-size 1
ICMP allow any inside
ICMP allow all outside
ASDM image disk0: / asdm - 613.bin
don't allow no asdm history
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 0 access-list sheep
NAT (inside) 1 0.0.0.0 0.0.0.0
NAT (wireless) 1 192.168.40.0 255.255.255.0
public static tcp (indoor, outdoor) interface smtp smtp Mailsrv_Pearle_Europe netmask 255.255.255.255
public static tcp (indoor, outdoor) interface ftp ftp netmask 255.255.255.255 Pearle-DC02
public static 990 Pearle-DC02 990 netmask 255.255.255.255 interface tcp (indoor, outdoor)
static (inside, outside) tcp 3389 3389 Mailsrv_Pearle_Europe netmask 255.255.255.255 interface
public static tcp (indoor, outdoor) interface www Pearle-DC02 www netmask 255.255.255.255
public static 40200 Pearle-DC02 40200 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static tcp (indoor, outdoor) interface https Exchange2010 https netmask 255.255.255.255
public static tcp (indoor, outdoor) interface h323 h323 LifeSize-PE-HQ netmask 255.255.255.255
public static 60000 60000 LifeSize-PE-HQ netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60001 LifeSize-PE-HQ 60001 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60002 LifeSize-PE-HQ 60002 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60003 LifeSize-PE-HQ 60003 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60004 LifeSize-PE-HQ 60004 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60005 LifeSize-PE-HQ 60005 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60006 LifeSize-PE-HQ 60006 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60007 LifeSize-PE-HQ 60007 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60008 LifeSize-PE-HQ 60008 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static 60009 LifeSize-PE-HQ 60009 netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static (inside, outside) udp interface 60001 LifeSize-PE-HQ 60001 netmask 255.255.255.255
public static (inside, outside) udp interface 60002 LifeSize-PE-HQ 60002 netmask 255.255.255.255
public static (inside, outside) udp interface 60003 LifeSize-PE-HQ 60003 netmask 255.255.255.255
public static (inside, outside) udp interface 60004 LifeSize-PE-HQ 60004 netmask 255.255.255.255
public static (inside, outside) udp interface 60005 LifeSize-PE-HQ 60005 netmask 255.255.255.255
public static (inside, outside) udp interface 60006 LifeSize-PE-HQ 60006 netmask 255.255.255.255
public static (inside, outside) udp interface 60007 LifeSize-PE-HQ 60007 netmask 255.255.255.255
public static (inside, outside) udp interface 60008 LifeSize-PE-HQ 60008 netmask 255.255.255.255
public static (inside, outside) udp interface 60009 LifeSize-PE-HQ 60009 netmask 255.255.255.255
public static (inside, outside) udp interface 60010 LifeSize-PE-HQ 60010 netmask 255.255.255.255
public static (inside, outside) udp interface 60011 LifeSize-PE-HQ 60011 netmask 255.255.255.255
public static (inside, outside) udp interface 60012 LifeSize-PE-HQ 60012 netmask 255.255.255.255
public static (inside, outside) udp interface 60013 LifeSize-PE-HQ 60013 netmask 255.255.255.255
public static (inside, outside) udp interface 60014 LifeSize-PE-HQ 60014 netmask 255.255.255.255
public static (inside, outside) udp interface 60015 LifeSize-PE-HQ 60015 netmask 255.255.255.255
public static (inside, outside) udp interface 60016 LifeSize-PE-HQ 60016 netmask 255.255.255.255
public static (inside, outside) udp interface 60017 LifeSize-PE-HQ 60017 netmask 255.255.255.255
public static (inside, outside) udp interface 60018 LifeSize-PE-HQ 60018 netmask 255.255.255.255
public static (inside, outside) udp interface 60019 LifeSize-PE-HQ 60019 netmask 255.255.255.255
public static (inside, outside) udp interface 60020 LifeSize-PE-HQ 60020 netmask 255.255.255.255
public static (inside, outside) udp interface 60021 60021 LifeSize-PE-HQ netmask 255.255.255.255
public static (inside, outside) udp interface 60022 LifeSize-PE-HQ 60022 netmask 255.255.255.255
public static (inside, outside) udp interface 60023 LifeSize-PE-HQ 60023 netmask 255.255.255.255
public static (inside, outside) udp interface 60024 LifeSize-PE-HQ 60024 netmask 255.255.255.255
public static (inside, outside) udp interface 60025 LifeSize-PE-HQ 60025 netmask 255.255.255.255
public static (inside, outside) udp interface 60026 LifeSize-PE-HQ 60026 netmask 255.255.255.255
public static (inside, outside) udp interface 60027 LifeSize-PE-HQ 60027 netmask 255.255.255.255
public static (inside, outside) udp interface 60028 LifeSize-PE-HQ 60028 netmask 255.255.255.255
public static (inside, outside) udp interface 60029 LifeSize-PE-HQ 60029 netmask 255.255.255.255
public static (inside, outside) udp interface 60030 LifeSize-PE-HQ 60030 netmask 255.255.255.255
public static (inside, outside) udp interface 60031 LifeSize-PE-HQ 60031 netmask 255.255.255.255
public static (inside, outside) udp interface 60032 LifeSize-PE-HQ 60032 netmask 255.255.255.255
public static (inside, outside) udp interface 60033 LifeSize-PE-HQ 60033 netmask 255.255.255.255
public static (inside, outside) udp interface 60034 LifeSize-PE-HQ 60034 netmask 255.255.255.255
public static (inside, outside) udp interface 60035 LifeSize-PE-HQ 60035 netmask 255.255.255.255
public static (inside, outside) udp interface 60036 LifeSize-PE-HQ 60036 netmask 255.255.255.255
public static (inside, outside) udp interface 60037 LifeSize-PE-HQ 60037 netmask 255.255.255.255
public static (inside, outside) udp interface 60038 LifeSize-PE-HQ 60038 netmask 255.255.255.255
public static (inside, outside) udp interface 60039 LifeSize-PE-HQ 60039 netmask 255.255.255.255
public static (inside, outside) udp interface 60040 60040 LifeSize-PE-HQ netmask 255.255.255.255
public static Mailsrv_Pearle_Europe 7472 netmask 255.255.255.255 7472 interface tcp (indoor, outdoor)
public static LanSweep-XP netmask 255.255.255.255 8001 8001 interface tcp (indoor, outdoor)
public static 8002 8002 LanSweep-XP netmask 255.255.255.255 interface tcp (indoor, outdoor)
public static LanSweep-XP netmask 255.255.255.255 8003 8003 interface tcp (indoor, outdoor)
static (inside, outside) 193.173.12.194 tcp https Pearle-DC02 https netmask 255.255.255.255
inside_access_in access to the interface inside group
Access-group outside_access_in in interface outside
Access-group Wireless_access_in in wireless interface
Route outside 0.0.0.0 0.0.0.0 193.173.12.206 1
Route outside OracleThree 255.255.224.0 193.173.12.198 1
Route outside 143.47.128.0 255.255.240.0 193.173.12.198 1
Route inside 172.27.0.0 255.255.255.0 Pearle-DC02 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-registration DfltAccessPolicy
AAA authentication LOCAL telnet console
the ssh LOCAL console AAA authentication
Enable http server
http 192.168.40.0 255.255.255.0 Wireless
http 192.168.1.0 255.255.255.0 inside
http 192.168.72.0 255.255.255.0 inside
http GrandVisionSoesterberg 255.255.255.0 inside
SNMP-server host inside 192.168.33.29 survey community public version 2 c
location of Server SNMP Schiphol
contact Server SNMP SSmeekes
SNMP-Server Public community
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set esp-aes-256 GRANDVISION esp-md5-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
Dynamic crypto map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
Dynamic crypto map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define security association lifetime 28800 seconds
cryptographic kilobytes 4608000 life of the set - the association of security of the 65535 SYSTEM_DEFAULT_CRYPTO_MAP of the dynamic-map
card crypto outside_map0 1 match address outside_cryptomap_1
outside_map0 card crypto 1jeu pfs
outside_map0 card crypto 1jeu peer 212.78.223.182
outside_map0 card crypto 1jeu transform-set ESP ESP-3DES-SHA-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-ESP ESP-3DES-MD5 MD5-DES-SHA ESP-DES-MD5
outside_map0 map 1 lifetime of security association set seconds 28800 crypto
card crypto outside_map0 1 set security-association life kilobytes 4608000
card crypto game 2 outside_map0 address outside_cryptomap_2
outside_map0 crypto map peer set 2 193.173.12.193
card crypto outside_map0 2 game of transformation-ESP ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5-DES-SHA ESP-DES-MD5
life card crypto outside_map0 2 set security-association seconds 28800
card crypto outside_map0 2 set security-association life kilobytes 4608000
card crypto outside_map0 3 match address outside_1_cryptomap
outside_map0 card crypto 3 set pfs
outside_map0 card crypto 3 peers set 193.172.182.66
outside_map0 crypto map 3 the value transform-set ESP-3DES-SHA
life card crypto outside_map0 3 set security-association seconds 28800
card crypto outside_map0 3 set security-association life kilobytes 4608000
card crypto outside_map0 game 4 address outside_cryptomap
outside_map0 card crypto 4 peers set 213.56.81.58
outside_map0 4 set transform-set GRANDVISION crypto card
life card crypto outside_map0 4 set security-association seconds 28800
card crypto outside_map0 4 set security-association life kilobytes 4608000
card crypto outside_map0 5 match address outside_cryptomap_3
outside_map0 card crypto 5 set pfs
outside_map0 crypto card 5 peers set 86.109.255.177
outside_map0 card crypto 5 game of transformation-ESP ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5-DES-SHA ESP-DES-MD5
life card crypto outside_map0 5 set security-association seconds 28800
card crypto outside_map0 5 set security-association life kilobytes 4608000
Crypto map outside_map0 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
outside_map0 interface card crypto outside
crypto ISAKMP allow inside
crypto ISAKMP allow outside
crypto ISAKMP enable dmz
crypto ISAKMP enable wireless
crypto ISAKMP policy 5
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Telnet 192.168.72.0 255.255.255.0 inside
Telnet timeout 5
SSH 192.168.72.0 255.255.255.0 inside
SSH GrandVisionSoesterberg 255.255.255.0 inside
SSH 213.144.239.0 255.255.255.192 outside
SSH timeout 5
Console timeout 0
management-access inside
dhcpd dns 194.151.228.18 is 10.10.1.100
dhcpd outside auto_config
!
dhcpd address 192.168.72.253 - 192.168.72.253 inside
!
dhcpd address dmz 192.168.50.10 - 192.168.50.50
dhcpd enable dmz
!
dhcpd address wireless 192.168.40.10 - 192.168.40.99
dhcpd dns 194.151.228.18 wireless interface
dhcpd activate wireless
!
a basic threat threat detection
host of statistical threat detection
statistical threat detection port
Statistical threat detection Protocol
Statistics-list of access threat detection
no statistical threat detection tcp-interception
Group Policy "pearle_vpn_Hyp only" internal
attributes of Group Policy "pearle_vpn_Hyp only".
value of server WINS 192.168.72.25
value of server DNS 192.168.72.25
Protocol-tunnel-VPN IPSec l2tp ipsec
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list SplittnlHyperion
Split-dns value pearle.local
internal pearle_vpn_OOD_only group policy
attributes of the strategy of group pearle_vpn_OOD_only
value of Split-tunnel-network-list SplittnlOOD
internal pearle_vpn group policy
attributes of the strategy of group pearle_vpn
value of server WINS 192.168.72.25
value of server DNS 192.168.72.25
Protocol-tunnel-VPN IPSec l2tp ipsec svc
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list splittunnelclientvpn
Pearle.local value by default-field
Split-dns value pearle.local
username anyone password encrypted password
username something conferred
VPN-group-policy pearle_vpn_OOD_only
type of remote access service
tunnel-group 193 type ipsec-l2l
tunnel-group 193 ipsec-attributes
pre-shared-key *.
tunnel-group 193.173.12.193 type ipsec-l2l
IPSec-attributes tunnel-group 193.173.12.193
pre-shared-key *.
NOCHECK Peer-id-validate
type tunnel-group pearle_vpn remote access
tunnel-group pearle_vpn General-attributes
address pool VPN_Range_2
Group Policy - by default-pearle_vpn
pearle_vpn group of tunnel ipsec-attributes
pre-shared-key *.
type tunnel-group Pearle_VPN_2 remote access
attributes global-tunnel-group Pearle_VPN_2
address pool VPN_Range_2
strategy-group-by default "pearle_vpn_Hyp only".
IPSec-attributes tunnel-group Pearle_VPN_2
pre-shared-key *.
tunnel-group 213.56.81.58 type ipsec-l2l
IPSec-attributes tunnel-group 213.56.81.58
pre-shared-key *.
tunnel-group 212.78.223.182 type ipsec-l2l
IPSec-attributes tunnel-group 212.78.223.182
pre-shared-key *.
tunnel-group 86.109.255.177 type ipsec-l2l
IPSec-attributes tunnel-group 86.109.255.177
pre-shared-key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
inspect the pptp
!
global service-policy global_policy
context of prompt hostname
Cryptochecksum:7d4d9c7ca7c865d9e40f5d77ed1238eb
: end
ASDM image disk0: / asdm - 613.bin
ASDM BESServer 255.255.255.255 inside location
ASDM VPN_Pool_2 255.255.255.0 inside location
ASDM OracleTwo 255.255.224.0 inside location
ASDM OracleOne 255.255.240.0 inside location
ASDM OracleThree 255.255.224.0 inside location
ASDM location Exchange2010 255.255.255.255 inside
ASDM location Grandvision 255.255.255.0 inside
ASDM Grandvision2 255.255.255.240 inside location
ASDM Grandvision3 255.255.255.0 inside location
ASDM Grandvision4 255.255.255.255 inside location
ASDM GrandVision_PC 255.255.255.255 inside location
ASDM location LanSweep-XP 255.255.255.255 inside
ASDM GrandVisionSoesterberg 255.255.255.0 inside location
ASDM location Pearle-DC02 255.255.255.255 inside
ASDM location Pearle-WDS 255.255.255.255 inside
ASDM location Swabach 255.255.255.0 inside
ASDM GrandVisionSoesterberg2 255.255.255.0 inside location
don't allow no asdm history
Where is that host (inethost)? Inside of the ASA, or on the internet (on the outside)?
If it is outside, you must configure the NAT for the pool of vpn as you turn on the SAA.
NAT (outside) 1 192.168.75.0 255.255.255.0
-
How to close TCP 443 and 902? (WS 9.0.1 on the Linux host)
When it is hosted on Linux (Ubuntu 12.04), VMware Workstation 9.0.1 listens on ports TCP 443 and 902 on all network (0.0.0.0) interfaces. This happens as soon as the host operating system is finished booting, even if you do not launch the VMware GUI or run the virtual computer guests.
This creates a potential attack surface, on a machine that can be used on hostile networks and normally has no open TCP ports listening.
These two headphones can safely be stopped?
Or can reconfigure us these headphones link only to the loopback address (127.0.0.1)?
Of course, we could solve this problem by activating the Linux Firewall on the host computer, but this seems to be using a sledgehammer to crack a nut! There is no reason for VMware Workstation business link to nothing else than the loopback address, so it would be easier if there was a change for VMware startup scripts to solve the problem at the source.
Thanks for the pointers!
-Martin.
VMware-authdlau 1419 root 8u IPv4 12139 0 t 0 TCP *: 902 (LISTEN)
spend-worker 1732 root 27u IPv4 8818 0 t 0 TCP *: https (LISTEN)spend-worker 1732 root 32u IPv4 8822 0 t 0 TCP localhost:8307 (LISTEN)I did not, but if you do not use the shared virtual machine so I see no harm to comment on the entries above. It wouldn't break anything permanently and you can certainly easily Uncomment if/when necessary.
-
What TCP/UDP ports must be open on a firewall for adobe reader and Flash Player?
What TCP/UDP ports must be open on a firewall for adobe reader and flashplaer to work properly? This would include the update, which connects and no matter what subset of functionality.
The Acrobat family uses TCP, HTTP/HTTPS for all traffic. Ports and the following processes can be active on a client computer in Windows:
AdobeARM.exe - automatic updates - port 443
AcroRd32.exe - brand messages - port 443
AcroRd32.exe - links in documents - whatever that is specified in the URL
Acrobat.exe - brand messages - port 443
Acrobat.exe - links in documents - whatever that is specified in the URL
AdobeCollabSync.exe - review Tracker data - port 443
The same ports are used by the components of program on OS X.
There is no listen to incoming ports for all elements of the Acrobat family. Automatic updates are not pushed, and there is no server in the software process.
-
Can broadcast more than radio...
I use Vista 32 Home Premium
Internet explore 8All of a sudden I can't listen to radio more. Station players a few simply load the pages, and I will see the situation as such (in quick succession) connection to the media... Opening media... Loan
Nothing happens.Another station gives me a popup window that says: ' we're sorry, but this support seems to be unavailable, you want to reconnect?
I go to my wife's computer, and all is well.These are the solutions I've tried so far without success:
I went to WMP Options, Network tab, and all options are cheque (RTSP/UDP, RTSP/TCP, HTTP). Allow player to receive the stream of muli-casting also verified.
I went to the types of files to make sure that WMP is the default player for MMS. Still no results.
I tried to start IE (no add-on), same result.
I tried to register the wmsdkns.xml file in the command prompt. He recorded, but same result.
I tried to DELETE the same file so WMP would recreate. He fact, but same result.I'm running out of patience. Help, please!
Hi, I noticed erratic behavior on mine a little too.
Try to rebuild the IP stack:
Startup command - type in the search - box found at the top of the list and do a RIGHT CLICK – RUN AS ADMIN
Enter each of them individually and press ENTER after each one.
ipconfig/flushdns
nbtstat-r
nbtstat - RR
netsh int Reinitialis
netsh int ip reset
netsh winsock
RESET
Also try another player
Winamp - free
http://www.Winamp.com/or
VLC - free (needs no codec)
http://www.videolan.org/VLC/Also check the Site system and manufacturer the manufacturer of the device for new networks and/or pilots wi - fi.
(Not only updated drivers in Device Manager because it will find only certified 'old' and MS
is far behind in possession.)Look at the sites of the manufacturer for drivers manually
http://pcsupport.about.com/od/driverssupport/HT/driverdlmfgr.htmRob - bicycle - Mark Twain said it is good.
-
Vista and Seven send incorrect credentials via a VPN tunnel
My working samba server is file sharing in the 3 scenarios:
1 serving on local network (at work), no problem.
2 serving OpenVPN tunnel when the client is connected to his home LAN (throw a nat-router connected to a modem broadband - ADSL or cable modem), no problem.
3 portion OpenVPN tunnel when the client is connected using a modem mobile broadband (Huawei), clients can see the server and actions, but can only connect to the public all others get a refused connection dialog box.I've isolated the problem: when connecting throws the 3G modem, the user name is sent to the samba server is the user name required by the ISP to make the connection mobile broadband and not the account user name.
I tried with windows firewall enabled, disabled, as well as with zonealarm, but the problem persists.
Excellent work of all the other network protocols: tcp, http, ftp, etc.
I have observed that windows has always defined the openvpn as a public network. Never asking the network location dialog box pop ups.Please advice will have my gratitude. Thank you.
Ok. Yesterday, I create another account (another user to the server) in my machine and to my surprise the problem disappeared (in this account in my account, the problem persists). So I checked my setup on the server was correct. Also, I compared several registry keys that contain references of connection between the two accounts, and found no difference. Today, I solved the problem of making a backup of all my files, delete my account and files and recreate my account on vista.
However I know what else could be done, a decent solution. -
Impossible to download on backend
Hey there,
Hoping someone can shed some light on this;
Recently set up my collector, EPSC 2.5.2.1 to NMP
When connected to the server as root on the CLI I can form a successful connection to cisco 443 (I think this is the IP address we need to talk, however its outgoing opening so it can not much talk about anything whatsoever at the moment. )
# nc -v 72.163.7.113 443Connection to 72.163.7.113 443 port [tcp/https] succeeded!
and yet when trying to transfer the license to the graphical interface, or to run a profile download I a unable to speak for the backend. When you try to load the license file, I get the following error;Entitlement update done locally, but failed on tail-end gateway. No response from connectivity tail-end gateway. CSPC not run without connectivity tail-end gateway.
This seems to be the same as this user link. However, the user upload for seamed to have worked. This isn't the case for me. Best regards, IanHi Ian,
Thanks for this info, it seems that your host name is absent from the hosts file.
You can fix this by editing the file/etc/hosts and adding the entry for your hostname next to the IP address of loopback (127.0.0.1).
You can also add your own IP address of the server, but make sure that it also has the hostname beside him, the loopback IP must always be hostname of the server next to him.
Your hosts file should look similar to the following:
[[email protected]/* */ collectorlogin]# cat /etc/hosts72.163.9.100 nettools-upload.cisco.com192.135.250.12 nettools-upload.cisco.com64.103.36.134 nettools-upload.cisco.com72.163.7.113 concsoweb-prd.cisco.com173.37.186.17 concsoweb-prd.cisco.com72.163.4.161 www.cisco.com72.163.7.60 dl.cisco.com72.163.7.60 dl1.cisco.com173.37.146.12 dl2.cisco.com173.37.144.208 sso.cisco.com::1 localhost.localdom localhost localhost ip6-localhost ip6-loopback127.0.0.1 localhost per5-netops-sntc-01123.111.222.123 localhost per5-netops-sntc-01
In the example above, 123.111.222.123, would be the IP address of your server. After this change, restart all of the CSPC function and try to download once more.service cspc restart
If you're wondering what the recommended way to configure a host name personalized without breaking the cause. That would be by setting up the host name custom Admin shell using the command "hostname", rather than do it directly from the linux CLI. In this case, however, we can just apply the workaround. Please, try the steps above and the answer comes back with updates. Sincerely, Cesar -
Hi, I am looking to build applications for any specific real user community. My goal is to collect the JDE who meets the following criteria:
-Support 'most' out there (curve & new if possible) blackberry phones.
-Takes advantage of improvements in the API for location based services & TCP/HTTP connections.
-Take advantage of any improvement in the new user interface which makes it easier 'slick' user interfaces.
I've done a few blackberry 4.2 development and APIs for LBS and TCP seemed still need a good amount of device-specific code, so if the newer versions of the API that make it simpler I'd be happy to use a version more recent, although it reduces my audience a little.
Any advice on this topic are appreciated.
IMHO, 4.2.1 is your best bet for a basic version. It will cover you up to 4.6 with a build.
I worry too much on this subject "slick" - it is not a whole lot of "slick" in BB UI no matter what version you use.
For GPS and HTTP, it is not that you are missing at least in later versions.
-
BlackBerry network connectivity
Hello
I have problems intermittent attempt to download data in JSON format using http. I understand, much has been written about this issue, but anyone who has used below class to connect to HTTP?
http://www.sameernafdey.com/2009/08/HTTPConnection-over-bis-WAP-10-11-WAP.html
I tried above class for formatting my URL and it seems to help a little, because connections are not to be allowed to fall as well.
Here are the class-
/**
* NetworkUtils.java
*
* Note: This class is not originally written by myself. It is rather a
* updated the version of the open source of the alias of the application
* NetworkDiagnosticTool provided by RIM. Feel free to edit and use this
source code, but at your own risk. As I'm not the original author of this code,
* I'm not responsible for any problems if you use this source code.
*
* References:
* 1. NetworkDiagnostic tool: http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/348583/800451/800563/What_Is...
* 2. BlackBerry Technical Knowledge Base: http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/348583/customview.html?func=...
* 3. BlackBerry Support Forum Post: http://supportforums.blackberry.com/rim/board/message?board.id=java_dev&message.id=29111
*/import java.io.EOFException;
Import net.rim.device.api.servicebook.ServiceBook;
Import net.rim.device.api.servicebook.ServiceRecord;
Import net.rim.device.api.synchronization.ConverterUtilities;
Import net.rim.device.api.system.CoverageInfo;
Import net.rim.device.api.system.WLANInfo;
Import net.rim.device.api.util.DataBuffer;/**
* NetworkUtils for Blackberry. This class provides utility functions for formatting
* URL HTTP and Socket connections in the platform Blackberry RIM who take advantage
* the ability of the device to connect to the internet using the SDM, BIS, WAP 1.0, 1.1
* WAP 2.0, unite, WiFi.
*
For more information about the options of connectivity etc. Please take a look at the
* great post in the Blackberry Support Forum here
Your BlackBerry - http connections and a connection in the world.
*
* @author Sameer najar
* @since August 21, 2009.
* [email protected]
*/
public final class NetworkUtils {}/ * Stores carry ServiceBooks if found. Otherwise, null * /.
private ServiceRecord srMDS, srBIS, srWAP, srWAP2, srWiFi, srUnite;
/ * Indicators showing the status of each transport coverage * /.
Private boolean coverageTCP = false, coverageMDS = false, coverageBIS = false, coverageWAP = false, coverageWAP2 = false, coverageWiFi = false, coverageUnite = false;
/**
* Applies to WAP1.0 connection only.
* It is a flag to indicate if the WAP settings should be parsed from the full book.
* If the user provides any WAP on the InputScreen parameter, this flag is set to false.
* TODO currently, analysis of service book is not supported.
*/
Private boolean wapParametersUnavailable = true;
/**
* The constant CONFIG_TYPE_ which are used to find appropriate service books.
* TODO now that single unit is detected in this way.
*/
private static final int CONFIG_TYPE_WAP = 0;
private static final int CONFIG_TYPE_BES = 1;
private static final int CONFIG_TYPE_WIFI = 3;
private static final int CONFIG_TYPE_BIS = 4;
private static final int CONFIG_TYPE_WAP2 = 7;
private static final String UNITE_NAME = "unit";public String formatURL (String httpBaseURL) {}
initializeTransportAvailability();/**
* The rest of this method simply tries to communicate on different transport
* that are available. For each transport it retries 'attempts' several times if
* an attempt fails.
*// * WiFi using HTTP * /.
If (srWiFi! = null & coverageWiFi) {}
System.out.println ("WiFi (HTTP)" ");
Return getWiFiURL (httpBaseURL);
} else {}
If (srWiFi == null) {}
System.out.println ("No WiFi service found.");
}
If (! coverageWiFi) {}
System.out.println ("WiFi coverage is not available");
}
}/ * Direct TCP using HTTP * /.
If {(coverageTCP)
System.out.println ("Direct TCP (HTTP)" ");
Return getTCPURL (httpBaseURL);
}/ * MDS using HTTP * /.
If (srMDS! = null & coverageMDS) {}
System.out.println ("MDS (HTTP)" ");
Return getMDSURL (httpBaseURL);
} else {}
If (srMDS == null) {}
System.out.println ("No. MDS service records found.");
}
If (! coverageMDS) {}
System.out.println ("coverage of SDM is not available");
}
}/ * Unite using HTTP * /.
If (srUnite! = null & coverageUnite) {}
System.out.println ("unit (HTTP)" ");
Return getUniteURL (httpBaseURL);
} else {}
If (srUnite == null) {}
System.out.println ("No. Unit service records found.");
}
If (! coverageUnite) {}
System.out.println ("unit cover is not available");
}
}/ * BIS-B using HTTP * /.
If (srBIS! = null & coverageBIS) {}
System.out.println ("BIS-B (HTTP)" ");
Return getBISURL (httpBaseURL);
} else {}
If (srBIS == null) {}
System.out.println ("No BIS - B service records found.");
}
If (! coverageBIS) {}
System.out.println ("BIS-B coverage is not available");
}
}/ * WAP1.0 usign HTTP * /.
getWAPURL (httpBaseURL);
If (srWAP! = null &! wapParametersUnavailable & coverageWAP) {}
System.out.println ("WAP (HTTP)" ");
Return getWAPURL (httpBaseURL);
} else {}
If (srWAP == null) {}
System.out.println ("No WAP service records found.");
}
If (! coverageWAP) {}
System.out.println ("WAP coverage is not available");
}
If {(wapParametersUnavailable)
System.out.println ("enter the WAP settings");
}
}/ * WAP2.0 using HTTP * /.
If (srWAP2! = null & coverageWAP2) {}
System.out.println ("WAP2 (HTTP)" ");
Return getWAP2URL (httpBaseURL);
} else {}
If (srWAP2 == null) {}
System.out.println ("No WAP2 service records found.");
}
If (! coverageWAP2) {}
System.out.println ("WAP2 coverage is not available");
}
}Return httpBaseURL;
}/**
* Initializes the ServiceRecord instances for each transport (if available). Otherwise makes null.
* Also determines if sufficient coverage is available for each transport and sets coverage indicators.
*/
private void initializeTransportAvailability() {}
Full book sb = ServiceBook.getSB ();
Reviews [] ServiceRecord = sb.getRecords ();for (int i = 0; i)< records.length;="">
{
MyRecord = documents [i] ServiceRecord;
String cid, uid;If (myRecord.isValid () &! myRecord.isDisabled ()) {}
CID = myRecord.getCid () .toLowerCase ();
UID = myRecord.getUid () .toLowerCase ();
BIS
If (cid.indexOf ("ippp")! = - 1 & uid.indexOf ("gpmds")! = - 1) {}
srBIS = myRecord;
}BES
If (cid.indexOf ("ippp")! = - 1 & uid.indexOf ("gpmds") ==-1) {}
srMDS = myRecord;
}
WiFi
If (cid.indexOf ("wptcp")! = - 1 & uid.indexOf ("wifi")! = - 1) {}
srWiFi = myRecord;
}
Wap1.0
{If (getConfigType (myRecord) == CONFIG_TYPE_WAP & {cid.equalsIgnoreCase ("wap"))}
srWAP = myRecord;
}
Wap2.0
If (cid.indexOf ("wptcp")! = - 1 & uid.indexOf ("wifi") ==-1 & uid.indexOf ("mms") ==-1) {}
srWAP2 = myRecord;
}
Unite
{If (getConfigType (myRecord) == CONFIG_TYPE_BES & {myRecord.getName () .equals (UNITE_NAME))}
srUnite = myRecord;
}
}
}
If (CoverageInfo.isCoverageSufficient (CoverageInfo.COVERAGE_BIS_B)) {}
coverageBIS = true;
System.out.println ("State of coverage: BIS-B - online").
}
If (CoverageInfo.isCoverageSufficient (CoverageInfo.COVERAGE_DIRECT)) {}
coverageTCP = true;
System.out.println ("State of coverage: COVERAGE_DIRECT - online").
coverageWAP = true;
System.out.println ("State of coverage: WAP 1.0, 1.1 - online").
coverageWAP2 = true;
System.out.println ("State of coverage: WAP 2.0 - online").
}
If (CoverageInfo.isCoverageSufficient (CoverageInfo.COVERAGE_MDS)) {}
coverageMDS = true;
System.out.println ("State of coverage: MDS - online").
coverageUnite = true;
System.out.println ("State of coverage: unit - online").
}If (WLANInfo.getWLANState () == WLANInfo.WLAN_STATE_CONNECTED) {}
coverageWiFi = true;
System.out.println ("State of coverage: Wifi - online").
}
}/**
* Gets the type of a ServiceRecord config with getDataInt below
@param record A ServiceRecord
* @return the ServiceRecord configType
*/
private int getConfigType (file ServiceRecord) {}
return getDataInt (balance, 12);
}/**
* Gets the type of a ServiceRecord config. From 12 as a type returns the configType.
@param record A ServiceRecord
@param type dataType
* @return configType
*/
private int getDataInt (ServiceRecord Records, int type) {}
DataBuffer buffer = null;
buffer = getDataBuffer (type of record),If (buffer! = null) {}
try {}
Return ConverterUtilities.readInt (buffer);
} catch (EOFException e) {}
Returns - 1;
}
}
Returns - 1;
}/**
* Utility method to getDataInt()
*/
private DataBuffer getDataBuffer (ServiceRecord Records, int type) {}
data Byte [] = record.getApplicationData ();
If (data! = null) {}
DataBuffer buffer = new DataBuffer (data, 0, data.length, true);
try {}
buffer.readByte ();
} catch (EOFException e1) {}
Returns a null value.
}
If {(ConverterUtilities.findType (buffer, type))
return the buffer;
}
}
Returns a null value.
}/**
Construction of a direct url TCP of the baseURL supplied by the user
* @return A url with direct TCP settings
*/
private String getTCPURL (String baseURL) {}
String url = baseURL + "; deviceside = true;
String AFN = ""; inputs.getEfTcpAPN ();
String username = ""; inputs.getEfTcpAPNUser ();
String password = ""; inputs.getEfTcpAPNPassword ();
If (apn.length () > 0) {}
URL += '; APN ="+ AFN;
}
If (username.length () > 0) {}
URL += '; TunnelAuthUsername ="+ username;
}
If (password.length () > 0) {}
URL += '; TunnelAuthPassword ="+ password;
}
Back to url;
}/**
Construction of a url MDS of the baseURL supplied by the user
* @return A url with parameters MDS
*/
private String getMDSURL (String baseURL) {}
return baseURL + '; deviceside = false;
}/**
Construction of a url of the unity of the baseURL supplied by the user
* @return A url with the parameters of the unit
*/
private String getUniteURL (String baseURL) {}
return baseURL + '; deviceside = false' + ";". " ConnectionUID ="+ srUnite.getUid ();
}/**
Construction of a url BIS-B of the baseURL supplied by the user
* @return A url with parameters BIS-B
*/
private String getBISURL (String baseURL) {}
return baseURL + '; deviceside = false; Not implemented since it is only available for RIM ISV partners
}/**
Construction of a url the baseURL user-provided WAP2.0
* @return A url with parameters WAP2.0
*/
private String getWAP2URL (String baseURL) {}
return baseURL + '; deviceside = true' + ";". " ConnectionUID ="+ srWAP2.getUid ();
}/**
Construction of a url the baseURL user-provided WiFi
* @return A url with WiFi settings
*/
private String getWiFiURL (String baseURL) {}
return baseURL + '; interface = wifi. "
}/**
Construction of a WAP1.0 url from the baseURL supplied by the user
* @return A url with parameters WAP1.0
*/
private String getWAPURL (String baseURL) {}
String url = baseURL + "; deviceside = true;
String gatewayIP = ""; inputs.getEfWapGatewayIP ();
String gatewayAPN = ""; inputs.getEfWapGatewayAPN ();
String gatewayPort = ""; inputs.getEfWapGatewayPort ();
String sourceIP = ""; inputs.getEfWapSourceIP ();
SourcePort string = ""; inputs.getEfWapSourcePort ();
String username = ""; inputs.getEfWapUser ();
String password = ""; inputs.getEfWapPassword ();
If (gatewayIP.length () > 0) {}
URL = url + ";". " WapGatewayIP =' + gatewayIP;
wapParametersUnavailable = false;
}
If (gatewayAPN.length () > 0) {}
URL = url + ";". " WapGatewayAPN ="+ gatewayAPN;
wapParametersUnavailable = false;
}
If (gatewayPort.length () > 0) {}
URL = url + ";". " WapGatewayPort ="+ gatewayPort;
wapParametersUnavailable = false;
}
If (sourceIP.length () > 0) {}
URL = url + ";". " WapSourceIP =' + sourceIP;
wapParametersUnavailable = false;
}
If (sourcePort.length () > 0) {}
URL = url + ";". " WapSourcePort =' + sourcePort;
wapParametersUnavailable = false;
}
If (username.length () > 0) {}
URL = url + ";". " TunnelAuthUsername ="+ username;
wapParametersUnavailable = false;
}
If (password.length () > 0) {}
URL = url + ";". " TunnelAuthPassword ="+ password;
wapParametersUnavailable = false;
}
/*
If (inputs.getCfWapEnableWTLS ()) {}
URL = url + ";". " WapEnableWTLS = true;
wapParametersUnavailable = false;
}*/
If (wapParametersUnavailable & srWAP! = null) {}
Back to url;
} / * Not implemented * /.
else {}
Back to url;
}
}
}the code creates 'only' the correct one to use connection suffix, it does not take care to use them or close the connection.
Maybe your code does not correctly clean on the rise? -
How to connect through the connection Socket BIS?
Hi all, I am trying to connect to Socket BIS. I'm able to establish BIS my service provider Http connection. I downloaded a chat application that checks the types of networks supported by my device/package that has the following list:
(1) BIS-Http: OK
(2) BIS-SOCKET: OK
(3) BES-HTTP: NA
BES-SOCKET 4): NA
(5) TCP-HTTP: BAD DNS
(SOCKET TCP-6): EXPIRED
I know direct TCP is not supported by my ISP. So I would use BIS-Socket connection. Can anypne please help me reach this type of connectivity? Help, please. Thanks in advance.
as a member of the alliance, you can apply to BIS-B access with an application. you get your own connection key that you can use to create connections of bis - b.
-
More than 100MB of traffic on a port FIN_WAIT_2 - process long gone
I have 100's of megabytes of traffic while a loooooooong (10-20 minutes), after that the process has spent on the port that once belonged to this process and is now in FIN_WAIT_2. I know that some will say 'impossible', but here is the proof: I used to be a network guy, doing same programming (Linux) kernel of the TCP (firewall) code so I know at least a little bit what I talk even if it was some time ago. In my view, I must say that, as all previous because these reports and discussions that I could find where met with disbelief.
I run Wireshark, so I can SEE the traffic, and it's all about the port that "netstat - year ' lists as"FIN_WAIT_2.
Reminder: This is twitch.tv and flow of video on demand (not live). I use the latest Flash and Firefox. Even when I do some (list of processes) that Firefox and the Flash plugin went network traffic continues to max my connection 16Mbit.
Connections (which are TCP-> HTTP) are data centers "Level 3 Communications' (a company), which is where the shaking hosts them (I checked that, and besides, as I said, I can see the traffic with Wireshark).
How can I stop this unnecessary traffic? How is it possible anyway? Yes, I know it is not lack of Windows, but I have no access to the servers of video at the request of jerk or the code of their flash video player. I * could * add manually a firewall block for the port, but I'm not even sure which would prevent the server continue to send packets, only that I can't - and this "denial of service attack" on my connection Internet would always be there.
I found this, and there is a sentence that gives me pause:
http://msdn.Microsoft.com/en-us/library/Windows/hardware/ff550023%28V=vs.85%29.aspx
"If an acceptable TCP segment arrives on the connection, before the expiration of the timer FIN_WAIT_2, unloading target restarts the FIN_WAIT_2 timer."
Given that these packages coming form the server (lots of them!) it seems that perhaps happens, which does not expire the FIN_WAIT_2 timer?
EDIT:
Maybe is not specific twitch.tv, as I watched my system more closely I noticed that it may be a general problem with playback of the video stream through Flash (on Firefox?).
EDIT 2:
This problem may be more widespread, here's a similar report for videos on Chrome (they don't say no HTML5 or Flash videos?): https://productforums.google.com/forum/#! Chrome/EupZB8aHVPM/section
EDIT 3:
More of the same show (if you read the details): http://forum.bitdefender.com/lofiversion/index.php/t46323-100.html
Hello
The question you posted would be better suited to Windows 7 IT pro community.
http://social.technet.Microsoft.com/forums/en-us/w7itpronetworking/threads -
Outside NAT / Port Translation assistance needed
Image, says it all really...
I can't configure two external public IP (1.1.1.2 and 1.1.1.3) addresses that point to the same host but different ports (443 for the first) and 8443 for the latter.
Assuming you have your web servers in the DMZ:
(a) static (DMZ, outside) 1.1.1.2 tcp https 2.2.2.2 https netmask 255.255.255.255
(b) permitted HTTPS-OUT extended access list tcp any host 1.1.1.2 eq https
(c) group-HTTPS-OUT access in interface outside
For the second entry, you may need to do this.
(a) static (DMZ, outside) tcp 1.1.1.3 https 2.2.2.2 8443 netmask 255.255.255.255
(b) permitted HTTPS-OUT extended access list tcp any host 1.1.1.3 eq https
(c) group-HTTPS-OUT access in interface outside
-
Hello
Can anyone provide the stmt NAT for version 9.2 of ASA?
public static tcp (indoor, outdoor) interface https 10.1.1.2 https dns netmask 255.255.255.255 0 0
Thank you
network of the object OBJ - 10.1.1.2
host 10.1.1.2
service of the object OBJ-TCP-https
TCP source eq https service
NAT (inside, outside) source static OBJ - 10.1.1.2 interface https-TCP-OBJ OBJ-TCP-https dns serviceThere is a very convenient tool for conversion to the http://www.tunnelsup.com/nat-converter/
-
Hi all, I have a question.
Which is the best method (udp, tcp, http, using the pushRegistry...) to connect two blackberrys and set the communication with IP address?
Thank you!
except maybe in a wlan environment (which I do not know of the), you are not able to directly connect two blackberries. It must be a server between the two, using push, if they are connected to a BES or mail/bbmsger if not.
Maybe you are looking for
-
Uninstall conversations TB add-on
I tried the Conversations of Thunderbird Add-on, but has decided to disable and uninstall, but it seems to always work, grouping my emails by conversation. How can I get rid of this feature? Thank you
-
Menu and toolbars, tabs suddenly LARGE, need to reset Firefox, not fixed by eliminating add-ins, only a reset works - help!
-
Satellite A210-SP6812 hangs after hibernation with a Wi - Fi connected
I have a Satellite A210-SP6812 running with win XP SP3, and when I turn into suspend mode and later he attends the hibernation (I have the choice in Toshiba energy saving) it will, but after that you will wake up never the system again unless you res
-
Satellite P100-347: Blue Leds - they disabled/disabled?
I read several topics in the forum on the P100 Harman/Kardon speakers Blue LEDs/lights. None expressed a definitive answer on how to turn off the LEDs. I was wondering if a new update on this issue has occurred. The last post of forum about this was
-
My Windows Security Center is set to the automatic updates in the Control Panel, but shows always OFF in the taskbar. How can I get on IT?