Translate dynamically

The example i8n shows how update you your user interface (by calling setText again, essentially)

http://BlackBerry.github.com/Qt-Cascades-examples-private/Qt-examples/docs/HTML/tools-i18n.html

But what is the signal (global event) you will need to connect to trigger this?

The sample application triggers a signal by interaction with the user, but I would like to set my language when language system settings are changed.

I do this amd also dynamically change the application language

Watch OpenDataSpace

have you plugged the signal / slot?

connect(m_LocaleHandler, SIGNAL(systemLanguageChanged()), this,
            SLOT(localeChanged()));

and then...

void OpenDataSpace::localeChanged() {
    updateLocale(QLocale().name());
}

and...

....
Application::instance()->removeTranslator(m_translator);
            Application::instance()->installTranslator(m_translator);
.....

Tags: BlackBerry Developers

Similar Questions

Dynamic translation with re-translation

Hello

I'm trying to implement a dynamic conversion in my application using re-translation (http://developer.blackberry.com/cascades/reference/bb__cascades__qmlretranslate.html)

My translations already working when you change the regional settings in the device and restart the application, but I want to be able to change the language directly from my application's settings, and it applied dynamics at the interface.

I'm doing exactly as in the example:
```
void MyApp::changeLanguage(const QString &lang){
    QTranslator translator;
    if(translator.load("myapp_" + lang + ".qm", "app/native/qm")){
        Application::instance()->installTranslator(&translator);
        qDebug() << "Translated in " << lang;
    }
    else
        qDebug() << "Failed to translate";
}
```
I also added the"Retranslate.onLanguageChanged" suffix to my labels in qml.

From the console, I see that the translator loads correctly as it penetrates into the fi. But the text remains in the colloquial language no matter what.

Am I missing a step?

Thank you!

Hey there... Maybe this thread will help you solve your problem... The solution was provided by God...

http://supportforums.BlackBerry.com/T5/Cascades-development/translate-dynamically/TD-p/1969625

Problems with NAT? Can't access internet from inside the network?

I was intrigued with this problem for a few days now. I'm stuck on what could be the issue. The problem is that I can ping my router, G0/0 and G0/1, to the internet. However, since the switch and my PC, I can not ping Internet. I'm sure that everything is configured correctly, but here is my setup for the switch and the router:

Router 1:

version 15.1
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname LAN_Router_1
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 *.
!
No aaa new-model
!
no location network-clock-participate 3
!
dot11 syslog
no ip source route
!
IP cef
!
!
!
!
domain IP MyTestLab.com
8.8.8.8 IP name-server
IP-server names 8.8.4.4
No ipv6 cef
!
Authenticated MultiLink bundle-name Panel
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
Crypto pki token removal timeout default 0
!
!
!
!
license udi pid CISCO3845-MB sn FOC105013BA
username * secret privilege 15 5 *.
!
redundancy
!
!
property intellectual ssh time 60
property intellectual ssh authentication-2 retries
property intellectual ssh event logging
property intellectual ssh version 2
!
!
!
!
!
!
!
!
interface Loopback0
192.168.254.1 IP 255.255.255.255
!
interface GigabitEthernet0/0
DHCP IP address
penetration of the IP stream
stream IP output
NAT outside IP
IP virtual-reassembly in
automatic duplex
automatic speed
media type rj45
!
interface GigabitEthernet0/1
the IP 192.168.0.1 255.255.255.248
penetration of the IP stream
stream IP output
IP nat inside
IP virtual-reassembly in
GLBP 100 ip 192.168.0.4
priority GLBP 100 115
GLBP 100 preempt
automatic duplex
automatic speed
media type rj45
!
ospf Router 5
router ID - 192.168.254.1
network 192.168.0.1 0.0.0.0 area 1
192.168.254.1 network 0.0.0.0 area 0
!
IP forward-Protocol ND
no ip address of the http server
no ip http secure server
!
!
IP nat inside source list 10 interface GigabitEthernet0/0 overload
IP route 0.0.0.0 0.0.0.0 dhcp
!
access-list 10 permit 192.168.94.32 0.0.0.15 connect
access-list 10 permit 192.168.17.0 connect 0.0.0.7
access-list 10 permit 192.168.52.0 connect 0.0.0.7

access-list 10 permit 192.168.0.0 0.0.0.7 connect
access-list 10 deny any newspaper
!
!
!
!
!
!
control plan
!
!
!
!

profile MGCP default
!
!
!
!
!
connection of the banner ^ C
W A R N I N G

THIS IS A PRIVATE COMPUTER SYSTEM.

This computer system, including all related equipment, network devices
(specifically including Internet access), are provided only for
authorized used.

All computer systems may be monitored for all lawful, including purpose
to ensure that their use is authorized, for management of the system, to
facilitate protection against unauthorized access, and to verify security
survival and operational security procedures.

Monitoring includes active attacks by authorized personnel and their
entities to test or verify the security of the system. During the surveillance,.
information may be examined, recorded, copied and used for authorized
purposes.

All information, including personal information, placed on or sent over
This system may be monitored. Uses of this system, authorized or
unauthorized, constitutes consent to monitoring of this system.

Unauthorized use may subject you to criminal prosecution. Evidence of
any unauthorized use collected during monitoring may be used for
administrative, criminal or other adverse action. Use of this system
constitutes a consent to monitoring for these purposes.
^ C
!
Line con 0
Synchronous recording
local connection
line to 0
line vty 0
local connection
entry ssh transport
output transport ssh
line vty 1 4
opening of session
transport of entry all
!
Scheduler allocate 20000 1000
NTP 198.60.73.8 Server
NTP 13.85.70.43 Server
SaveRunConfig event manager applet
cron cron-event timer entry ' 0 0 * * ".
command action 1.0 cli 'enable '.
cli 2.0 action command "RAM".

Router 2:

version 15.1
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname LAN_Router_2
!
boot-start-marker
boot-end-marker
!
!
! card order type necessary for slot 1
Monitor logging warnings
enable secret 5 *.
!
No aaa new-model
!
clock timezone CST - 5 0
!
dot11 syslog
IP source-route
!
IP cef
!
!
!
!
domain IP MyTestLab.com
8.8.8.8 IP name-server
IP-server names 8.8.4.4
No ipv6 cef
!
Authenticated MultiLink bundle-name Panel
!
!
!
!
type of parameter-card inspect global
Select a dropped packet newspapers
!
voice-card 0
!
!
!
!
!

!
!
Crypto pki token removal timeout default 0
!
!
!
!
license udi pid CISCO3845-MB sn FOC1411592J
username * secret 5 *.

!
redundancy
!
!
property intellectual ssh time 60
property intellectual ssh authentication-2 retries
property intellectual ssh event logging
property intellectual ssh version 2
!
!
!
!
!
!
!
!
interface Loopback0
192.168.254.2 the IP 255.255.255.255
!
interface GigabitEthernet0/0
DHCP IP address
penetration of the IP stream
stream IP output
NAT outside IP
IP virtual-reassembly in
automatic duplex
automatic speed
media type rj45
!
interface GigabitEthernet0/1
IP 192.168.0.2 255.255.255.248
penetration of the IP stream
stream IP output
IP nat inside
IP virtual-reassembly in
GLBP 100 ip 192.168.0.4
priority GLBP 100 110
automatic duplex
automatic speed
media type rj45
!
ospf Router 5
router ID - 192.168.254.2
network 192.168.0.2 0.0.0.0 area 1
0.0.0.0 network 192.168.254.2 area 0
!
Default IP gateway 192.168.0.1
IP forward-Protocol ND
no ip address of the http server
no ip http secure server
!
!
IP nat inside source list 10 interface GigabitEthernet0/0 overload
IP route 0.0.0.0 0.0.0.0 dhcp
!
SSH extended IP access list
permit tcp host 192.168.52.2 any eq 22 log
permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
permit tcp host 192.168.17.18 any eq 22 log
any eq 22 host tcp 192.168.0.1 newspaper permit
permit tcp host 192.168.0.2 any eq 22 log
permit tcp host 192.168.0.3 any eq 22 log
permit tcp host 192.168.0.5 any eq 22 log
denyip a session
!
access-list 10 permit 192.168.94.32 0.0.0.15 connect
access-list 10 permit 192.168.17.0 connect 0.0.0.7
access-list 10 permit 192.168.52.0 connect 0.0.0.7
access-list 10 permit 192.168.0.0 0.0.0.7 connect
access-list 10 deny any newspaper
!
!
!
!
!
!
control plan
!
!
!
!
profile MGCP default
!
!
!
!
!
connection of the banner ^ C
W A R N I N G

THIS IS A PRIVATE COMPUTER SYSTEM.

This computer system, including all related equipment, network devices
(specifically including Internet access), are provided only for
authorized used.

Unauthorized use may subject you to criminal prosecution. Evidence of
any unauthorized use collected during monitoring may be used for
administrative, criminal or other adverse action. Use of this system
constitutes a consent to monitoring for these purposes.
^ C
!
Line con 0
session-timeout 360
exec-timeout 360 0
7 password *.
Synchronous recording
local connection
line to 0
opening of session
line vty 0 4
SSH access class in
Synchronous recording
local connection
entry ssh transport
output transport ssh
!
Scheduler allocate 20000 1000
NTP 198.60.73.8 Server
NTP 13.85.70.43 Server
SaveRunConfig event manager applet
cron cron-event timer entry ' 0 0 * * ".
command action 1.0 cli 'enable '.
cli 2.0 action command "RAM".

Switch:

version 12.2
no service button
tcp KeepAlive-component snap-in service
a tcp-KeepAlive-quick service
horodateurs service debug uptime
Log service timestamps uptime
encryption password service
!
hostname LAN_Switch
!
boot-start-marker
boot-end-marker
!
!
username * secret privilege 15 5 *.
!
!
!
No aaa new-model
clock timezone CST - 6
1 supply ws-c3750-24ts switch
mtu 1500 routing system
IP routing
IP - domain name MyTestLab.com
8.8.8.8 IP name-server
IP-server names 8.8.4.4
!
!
!
!
!
!
!
!
!
spanning tree mode rapid pvst
spanning tree logging
spanning tree extend id-system
!
internal allocation policy of VLAN ascendant
!
property intellectual ssh time 60
property intellectual ssh authentication-2 retries
property intellectual ssh event logging
property intellectual ssh version 2
!
!
interface Loopback0
192.168.254.5 the IP 255.255.255.255
!
interface FastEthernet1/0/1
switchport access vlan 17
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/2
switchport access vlan 10
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/3
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/4
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard

!
interface FastEthernet1/0/5
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/6
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/7
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/8
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/9
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/10
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/11
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/12
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/13
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/14
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/15
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/16
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/17
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/18
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/19
Description # PC #.
switchport access vlan 10
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/20
Description # X_BOX #.
switchport access vlan 666
switchport mode access
Shutdown
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/21
switchport access vlan 94
switchport mode access
spanning tree portfast
spanning tree enable bpduguard
!
interface FastEthernet1/0/22
switchport access vlan 5
switchport mode access
!
interface FastEthernet1/0/23
switchport access vlan 5
switchport mode access
!
interface FastEthernet1/0/24
switchport access vlan 5
switchport mode access
!
GigabitEthernet1/0/1 interface
switchport access vlan 666
Shutdown
!
interface GigabitEthernet1/0/2
switchport access vlan 666
Shutdown
!
interface Vlan1
no ip address
Shutdown
!
interface Vlan5
IP 192.168.0.5 255.255.255.248
!
interface Vlan10
address 192.168.10.2 255.255.255.0
!
interface Vlan17
IP 192.168.17.17 255.255.255.248
!
interface Vlan52
IP 192.168.52.1 255.255.255.248
!
interface Vlan94
IP 192.168.94.33 255.255.255.240
!
ospf Router 5
router ID - 192.168.254.5
Log-adjacency-changes
network 192.168.0.5 0.0.0.0 area 1
network 192.168.10.2 0.0.0.0 area 2
network 192.168.17.17 0.0.0.0 area 2
network 192.168.52.1 0.0.0.0 area 2
network 192.168.94.33 0.0.0.0 area 2
0.0.0.0 network 192.168.254.5 area 0
!
IP classless
IP route 0.0.0.0 0.0.0.0 192.168.0.4 permanent
no ip address of the http server
no ip http secure server
!
!
SSH_IN extended IP access list
permit tcp host 192.168.52.2 any eq 22 log
permit tcp 192.168.10.0 0.0.0.255 any eq 22 log
permit tcp host 192.168.17.18 any eq 22 log
any eq 22 host tcp 192.168.0.1 newspaper permit
permit tcp host 192.168.0.2 any eq 22 log
permit tcp host 192.168.0.3 any eq 22 log
permit tcp host 192.168.0.5 any eq 22 log
deny ip any any newspaper
!
!
connection of the banner ^ C
W A R N I N G
THIS IS A PRIVATE COMPUTER SYSTEM.
This computer system, including all related equipment, network devices
(specifically including Internet access), are provided only for
authorized used.
All computer systems may be monitored for all lawful, including purpose
to ensure that their use is authorized, for management of the system, to
facilitate protection against unauthorized access, and to verify security
survival and operational security procedures.
Monitoring includes active attacks by authorized personnel and their
entities to test or verify the security of the system. During the surveillance,.
information may be examined, recorded, copied and used for authorized
purposes.
All information, including personal information, placed on or sent over
This system may be monitored. Uses of this system, authorized or
unauthorized, constitutes consent to monitoring of this system.
Unauthorized use may subject you to criminal prosecution. Evidence of
any unauthorized use collected during monitoring may be used for
administrative, criminal or other adverse action. Use of this system
constitutes a consent to monitoring for these purposes.
^ C
!
Line con 0
session-timeout 60
exec-timeout 60 0
Synchronous recording
local connection
line vty 0
access-class SSH_IN in
local connection
line vty 1 4
access-class SSH_IN in
opening of session
line vty 5 15
access-class SSH_IN in
opening of session
!
NTP 198.60.73.8 Server
Event Manager environment suspend_ports_config flash: / susp_ports.dat
Event Manager environment suspend_ports_days 7
Event Manager user Directorystrategie "flash: / policies /.
Event manager session cli username "stw".
political event manager sl_suspend_ports.tcl
political event manager tm_suspend_ports.tcl
SaveRunConfig event manager applet
cron cron-event timer entry ' 0 0 * * ".
command action 1.0 cli 'enable '.
cli 2.0 action command "RAM".

Well, I totally forgot the keyword "log" and NAT:

Cisco IOS NAT support ACLs with a keyword "log"?

A. When you configure Cisco IOS NAT translation dynamic NAT, an ACL is used to identify the packages that can be translated. The current NAT architecture does not support the ACL with a keyword "log".

http://www.Cisco.com/c/en/us/support/docs/IP/network-address-translation...

If your problem is not the mask with joker, but the command "log"...

On ASA 5510 VPN works do not but the work stations

We have an ASA 8.2 (3) running and have two VPN site to site running on it. The second VPN we just establish the other day, and of the SAA itself, it seems to work. We are able to ping remote hosts from the ASA without problem. However, on this second VPN all hosts on our local network cannot reach the remote party... Trying to understand what could happen. Applicable config below (please forgive the mistakes and formatting):

interface Ethernet0/0

nameif outside

security-level 0

address IP WAN. IP. ADDR 255.255.255.224

!

interface Ethernet0/1

nameif inside

security-level 100

IP 192.168.21.1 255.255.255.0

!

interface Ethernet0/2

Shutdown

nameif intf2

security-level 0

no ip address

!

interface Ethernet0/3

Shutdown

No nameif

no level of security

no ip address

!

interface Management0/0

Shutdown

nameif management

security-level 100

no ip address

management only

!

access extensive list ip 192.168.21.0 outside_cryptomap allow 255.255.255.0 10.50.50.0 255.255.255.0

Access-group acl_out in interface outside

Crypto ipsec transform-set esp-3des esp-sha-hmac ATLAS-TS

life crypto ipsec security association seconds 28800

card crypto mymap 2 match address outside_cryptomap

card crypto mymap 2 together peer PEER. WAN. IP. DEA

card crypto mymap 2 game of transformation-ATLAS-TS

map mymap 65535-isakmp ipsec crypto dynamic dynmap

mymap outside crypto map interface

crypto isakmp identity address

crypto ISAKMP allow outside

crypto ISAKMP policy 5

preshared authentication

3des encryption

sha hash

Group 2

ISAKMP crypto 10 nat-traversal

tunnel-group of PEERS. WAN. IP. ADDR type ipsec-l2l

tunnel-group of PEERS. WAN. IP. ADDR ipsec-attributes

pre-shared key *.

Hello

Seems to me that his dynamic State PAT shot meant for Internet traffic

Phase: 6

Type: NAT

Subtype:

Result: ALLOW

Config:

NAT (inside) 1 0.0.0.0 0.0.0.0

is the intellectual property inside everything outside of any

dynamic translation of hen 1 (WAN. IP. ADDR.162 [Interface PAT])

translate_hits = 6186208, untranslate_hits = 145616

Additional information:

Translation dynamic 192.168.21.100/0 to WAN. IP. ADDR.162/12936 using subnet mask 255.255.255.255

So you might miss the NAT0 configuration for this connection

Do the following

Issue the command "Display running nat" and you should see a NAT0 configuration for the 'inside' interface. Something like that

NAT (inside) - 0 access list

Next, you will need to check the ACL configuration

See the list of access running

You can add local and remote network that need to communicate through that VPN L2L connection to this ACL

So for examples sake lets assume that your ASAs directly related "inside" subnet needs to access the remote network, and then you would add

ip 192.168.21.0 access list allow 255.255.255.0 10.50.50.0 255.255.255.0

So use the above configuration format with good source and network of destination, as well as the correct name of the ACL and add the required ACL lines and then try to host LAN connections.

Hope this helps

Remember to mark a reply as the answer if it answered your question.

Feel free to ask more if necessary

-Jouni

Translations of Apex 4.2 dynamic Oracle

Hello
I would like to know where to find the option 'translations of Dynamics. Documentation says it should be under shared-> components-> translation request globalization.
Thank you
Sergio

Hi Sergio,

Under-> globalization-> request to translate shared components, there is a region "Translation utilities. The second items in the list is called:
- Manage the dynamic translation repository
"

Kind regards

Vincent Deelen

Pavilion DV6 3122sl: Notebook DV6 3122sl HDD dynamic disk can be cloned on SSD

I want to change the drive HARD Samsung 320 GB with a SSD Samsung EVO 850 256 GB.

My HDD + o - 170 GB and othe is free.

My problem is: SSD cannot accept as dynamic disk configuration, then I have to copy (clone) system.

How this is possible, I'm not able to do.

Any answer to this request?

Please, thank you.

with the AOMEI tool, I made a backup of dynamic drive (internal hard drive for laptop DV6 3122sl) not enterily,

only one backup.

I made 2 backup:

1 ^ system with C: operating system backup

(System bring letter O or any 199 MB

Windows 7 in C: which appear as 'LOGIC') 146 GB (80 GB used)

2 ^ back-up Recovery Partition 19 GB D:

Backup of G: HP_TOOLS 99 MB

I cloned 1 ^ backup on EVO 850 and the result were:

Drive C: status of operating system LOGIC

Disc part O: primary system

When laptop open it a message like "there is no Operating system.

Windows 7 using "compmgmt.msc" in the drive section is not possible translating volume LOGIC of Partition primary and

activate that, to my knowledge, the operation of CHANGE MEMORY SSD HARD drive is not possible.

I hope that "HP" can help me to achieve this change, how, I don't know, but I am a user, not a graduate.

Help me please!

Dynamically loading the file location

Hi all

Please give me an idea on dynamic locations. At present iam using the localization file it works fine locally, but is new scenario: I need to download the file location on the server side and dynamically change the value.

Please help me if anyone has any idea on this?

Thank you

I'm not saying it's impossible, but I really don't see a way to use the built-in location facility and have the ability to dynamically load the additional locations.

My only suggestion is to establish a similar device yourself.

If you are looking for something on the basis of this, in addition to the Blackberry application, I was looking at the Android application that uses XML "translation." Using this approach, you would be able to download a new XML file to get a new translation.

Adding textfeild dynamically in the second qml file

Hello

I have two files qml, main.qml & second.qml, and there is navigation between main.qml & second.qml.

Now, I want to dynamically add a textfield to second.qml...

Any help would be appreciated

Thank you

C++ its as simple as using containers add and remove features.

http://developer.BlackBerry.com/native/reference/Cascades/bb__cascades__container.html#function-Add-...

Here is an example for adding two labels...
```
    mRootContainer = Container::create()
            .layout(DockLayout::create())
            .margins(0.0, 0.0, 0.0, 0.0);

    mTitle = Label::create()
            .translate(0.0, -5)
            .multiline(false)
            .textStyle(ControlStyles::cardLabelTitle())
            .text("");

    mValue = Label::create()
            .multiline(true)
            .textStyle(*mTextStyle)
            .text("");

    mRootContainer->add(mTitle);
    mRootContainer->add(mValue);

    setRoot(mRootContainer);            // Set the root of the custom control.
```
To put them in a file QML directly instead of doing everything in C++ you would just need to identify the place in the scene graph that you want to add the textfields somehow. There are several options to achieve this, such as;

-using the function findChild()

-fixing of the class, and then call the function call to add components

-creation of a customcontrol

NAT problem? Large amount of NAT translations.

I have a client with a particular site who complains constantly of performance.

They have a 871 at the location remote with 4 tunnels IPsec, built over WAN connections to their provider hosting the database and software.

There are about 50 people who work at this place, but I show 3410 current connections with a peak of 14703. I don't see how that's possible with only 50 people and starts to lean towards the NAT config which can be the cause of the poor performance that users encounter.

Auffen_Washington #show ip nat statistics
Total active translations: 3410 (static, dynamic 0 3410; 3410 extended)
Translations of crete: 14703, took place there is 2d05h
External interfaces:
FastEthernet4, Tunnel401, Tunnel0, Tunnel11, Vlan3, Tunnel101, Tunnel201
Tunnel301
Interfaces in reverse:
Vlan1, Vlan2
Hits: 574573468 Misses: 0
CEF translated packages: 566630850, CEF punted packets: 45186206
Expiry of the translations: 10381404
Dynamic mappings:
-Source inside
[Id: 1] access-list interface Loopback1 refcount NAT_Wireless_DMS 0
[Id: 2] NAT_Failover interface Vlan3 refcount route map 0
[Id: 3] NAT_Primary interface FastEthernet4 refcount 3410 route map
Doors appl: 0
Normal doors: 0
Queuing of packets: 0

Any help would be greatly appreciated.

Thank you

Russell Stamey

NAT translations, by default, remain active for a very long time. If I remember correctly, is 24 hours, but I have to what to look for to be sure. They don't take a lot of memory, so this isn't normally a problem, but if you encounter conditions that you think may be due to this, it is quite easy to limit the wait time.
```
 ip nat translation timeout 1800
```
This will set the timeout for new connections to half an hour. Existing connections will always keep the original deadlines, then you might want to wait a period of slow to change and the issue a "clear the ip nat translation *" right then to clear existing translations.

ASA 5505 8.41 dynamic configuration NAT NAT/static

Hello

I am having some problems of configuration statements NAT on my ASA5505 which has recently been upgraded to 8.41.

I have a unique dynamic IP on the external interface of the ASA and wish that all internal hosts NAT/Pat it. In addition, I would like to have multiple ports 'sent' to internal hosts, one of which is TCP/4343. With the current configuration guests originate from the external interface correctly, but the service running on TCP/4343 is not accessible from the outside. See the output of the command below:

exit "sh run object:

network of the object DrJones
Home 10.81.220.90
network of the LAN object - 10.81.220.0
10.81.220.0 subnet 255.255.255.0

exit "sh run nat:

network of the object DrJones
NAT (inside, outside) interface static 4343 4343 tcp service
network of the LAN object - 10.81.220.0
NAT dynamic interface (indoor, outdoor)

exit "sh run access-list":

access extensive list ip 10.81.220.0 inside_access_in allow 255.255.255.0 any
outside_access_in list extended access permit icmp any any echo response
outside_access_in list extended access permit tcp any interface outside eq 4343

Any help would be appreciated, if additional information is needed please let me know and I'll post it.

Thank you in advance.

Hi Mitch,

There are two major changes between 8.3 - pre and post - 8.3.

1 NAT

2 interface Access-list.

You went directly to step 1, but have set up the pre - 8.3 outside_access_in access list.

The correct config would be:

outside_access_in list extended access permit icmp any any echo-reply //you can remove this and add inspect icmp to the overall strategy.
outside_access_in list extended access permit tcp any host 10.81.220.90 eq 4343

8.3 and above, the access list interface should have the real ip and not the ip translated.

I hope this helps.

-Shrikant

P.S.: Please check the question as answered if it was resolved. Note the useful messages. Thank you.

Translation nat ip clear to only one address

I have this in the nat table

Inside global internal local outside global local outdoor Pro

TCP 199.212.17.130:1617 142.135.4.69:1617 132.206.246.112:21 132.206.246.112:21

and I want to erase just one I go through the command and get this:

clear the nat ip inside the 199.212.17.130 translation 142.135.4.69

% Translation not found

Can you help me?

Here are a few cpmmands that will help you. What you need to do is to understand what translation you do and then choose the appropriate command: delete all entries in the NAT translation table dynamic address translation: "erase the ip nat translation *"

Delete an entry simple dynamic translation containing a translation, or inside Interior and outside translation: "clear translation nat ip in ip global local-ip [global outside local-ip-ip]" erase an entry simple dynamic translation containing a translation outside: 'clear local-ip-ip global outside ip nat translation' delete a dynamic conversion entry extended: "clear ip protocol translation nat inside global ip global-port local ip local port [outside port-local-ip-ip local-global global port].

Static and dynamic NAT at the same time?

Is this possible? Let's say you have 20 public address pool and you have 30 computers LAN. You want to assign the same public address for some of the servers. And the rest can get the addresses of the pool at random.

It would be nice if we can easily do the appropriate firewall rules.

Yes, it is possible, you can use nat and global commands for dynamic conversion and use the static commands for static translation at the same time.

Here is an example:

Public rate IP-range outdoors: xxx.xxx.xxx.0/27

(IP addresses are xxx.xxx.xxx.1 - xxx.xxx.xxx.30)

Private range of IP addresses on the inside: yyy.yyy.yyy.0/24

In the example I'm going to static translate xxx.xxx.xxx.2 to yyy.yyy.yyy.2 Server1 (ditto for server2, but by using adresse.3)

All other IP addresses is translated dynamics.

Here is an example of how you can do this:

IP address outside xxx.xxx.xxx.1 255.255.255.224

IP address yyy.yyy.yyy.1 255.255.255.0 inside

NAT (inside) 0 access-list sheep

NAT (inside) 1 yyy.yyy.yyy.0 255.255.255.0

Global 1 interface (outside)

public static yyy.yyy.yyy.2 xxx.xxx.xxx.2 (indoor, outdoor)

public static yyy.yyy.yyy.3 xxx.xxx.xxx.3 (indoor, outdoor)

access-list deny ip host yyy.yyy.yyy.2 sheep all

access-list deny ip host yyy.yyy.yyy.3 sheep all

access-list sheep ip allow a whole

Kind regards

Leo

IPSec VPN (remote VPN access) - dynamic NAT

Hello dear group

I like ASA 5510 is configured for remote access VPN, ASA authenticates Clients remoter with Radius Server (accounting software) and will be assigned an address IP of VPN-pool (172.16.20.0/24). Prose all in use of authentication with radius server is successful, but there is no any Internet browsing on the client side. I've set up a dynamic NAT rule on the external interface of SAA, I write in the following:

Interface: outside

Source: VPN-users object (address pool 172.16.20.0/24)

The translation of the output interface.

the NAT rule to above does not. (I think that traffic is not clothed with VPN POOL address via external interface)

Note: this VPN users access the INTERNET only. (because of this, the pool address range is different with inside the Network Interface)

Its a favor if you help me how NAT.

Thank you

Best regards

Hello

Would really need to see your current NAT configurations to the CLI format to determine the problem.

Naturally, the problem could be as simple as missing the following command on the SAA

permit same-security-traffic intra-interface

This command is required on the SAA for traffic to come through an interface and let the same interface. In your case this interface would be "Outside" the customer VPN traffic arrives at the ASA via this interface what is leaving through this interface to the Internet.

-Jouni

Address - w-dynamic PIX 3000 LAN-to-LAN Configuration

I've got some 506 Firewall running 6.3.1 code that I want to connect through my hub 3000 running 3.5.5. 506 Firewall either have a dynamically assigned public address or a private address which is translated to a public address through a NAT pool I have no control over (in common premises). I created this in the past using all firewalls PIX and dynamic crypto maps of, but may not know how to set up a LAN-to-LAN connection on the 3000 without entering an address peer. This configuration will work?

Thganks,

Roger

Hello, it can be done, and here's a doc who may help you. It is a router, but the confg 3000 will work with the PIX... Make sure that when you make changes to the core group that you are not inherit these changes to your existing groups of 3000...

http://www.Cisco.com/en/us/products/HW/vpndevc/ps2284/products_configuration_example09186a00800ae459.shtml

Also, here is a link on how to configure the PIX...

http://www.Cisco.com/en/us/products/HW/vpndevc/ps2284/products_configuration_example09186a00800949d2.shtml

Good luck!!

Cannot ping via the VPN client host when static NAT translations are used

Hello, I have a SRI 3825 configured for Cisco VPN client access.

There are also several hosts on the internal network of the static NAT translations have a services facing outwards.

Everything works as expected with the exception that I cannot ping hosts on the internal network once connected via VPN client that is internal IP addresses have the static NAT translations in external public addresses, I ping any host that does not have static NAT translation.

For example, in the example below, I cannot ping 192.168.1.1 and 192.168.1.2, but I can ping to the internal interface of the router, and any other host on the LAN, I can ping all hosts in the router itself.

Any help would be appreciated.

Concerning

!

session of crypto consignment

!

crypto ISAKMP policy 10

BA 3des

preshared authentication

Group 2

!

ISAKMP crypto client configuration group vpnclient

key S3Cu4Ke!

DNS 192.168.1.1 192.168.1.2

domain domain.com

pool dhcppool

ACL 198

Save-password

PFS

netmask 255.255.255.0

!

!

Crypto ipsec transform-set-SECURE 3DES esp-3des esp-sha-hmac

!

Crypto-map dynamic dynmap 10

86400 seconds, life of security association set

game of transformation-3DES-SECURE

market arriere-route

!

card crypto client cryptomap of authentication list drauthen

card crypto isakmp authorization list drauthor cryptomap

client configuration address card crypto cryptomap answer

map cryptomap 65535-isakmp ipsec crypto dynamic dynmap

!

interface GigabitEthernet0/0

NAT outside IP

IP 1.2.3.4 255.255.255.240

cryptomap card crypto

!

interface GigabitEthernet0/1

IP 192.168.1.254 255.255.255.0

IP nat inside

!

IP local pool dhcppool 192.168.2.50 192.168.2.100

!

Note access-list 198 * Split Tunnel encrypted traffic *.
access-list 198 allow ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

!
Note access-list 199 * NAT0 ACL *.
access-list 199 deny ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 199 permit ip 192.168.1.0 0.0.0.255 any

!

Sheep allowed 10 route map
corresponds to the IP 199

!
IP nat inside source map route sheep interface GigabitEthernet0/0 overload

!

IP nat inside source static 192.168.1.1 1.2.3.5
IP nat inside source static 192.168.1.2 1.2.3.6

The problem seems to be that static NAT take your nat exemption.

The solution would be:

IP nat inside source static 192.168.1.1 1.2.3.5 sheep map route
IP nat inside source static 192.168.1.2 1.2.3.6 sheep map route

HTH

Herbert

Translate dynamically

Similar Questions

Maybe you are looking for