Wired Laptop Policy
Please forgive me as I am brand new to Endpoint Security. After upgrading to ZCM 11 I'm excited to have this feature and am primarily interested in creating a wired laptop policy. In looking at some of the other postings I see references to a "Disable Wi-Fi When Wired" feature but I'm not seeing anything similar to this as I'm going through the WiFi Policy.
What I'm ultimately looking to do is create a policy so that if the laptop is in a wired (or docked) state that the WiFi is disabled, but if the LAN cable is unplugged or laptop is undocked WiFi will become available. Something else that I noticed in a few posts were that it looked like other people had to restart their systems after changing the wired status, is this usually the case? It would seem a bit counterproductive. I often have situations where someone will have a docked laptop and they would remove it to take to a meeting room where we have WiFi with internet only available. Thanks for any direction you can provide!
I found that the policy that I am looking for was under Communication Hardware Policy rather than WiFi Policy. Now that I've configured for how I think it is supposed to behave I'm seeing some behavior that I'm not sure if it is normal. I'm seeing the network connection toggle between wired or wireless depending on if I plug in my cable or not, but I'm not seeing anything preventing connecting to WiFi if the laptop is connected to the LAN. What am I missing in the policy? Thanks!
Similar Messages
-
Cannot connect desktop (wired) & laptop (wireless)
I've been at this for days, scoured much info and many threads, and tried many things; so I could go on and on for days about all I've found and tried. I'll try to be concise, but I also want to be thorough. Every other forum I’ve posted in has asked the same questions, so I’m just going to try to get it all out there right off the bat. I apologize if I come off as curt. I’m usually good for some laughs, but I’ve been at this for way too long and am feeling pretty deflated.
GOAL: Achieve connectivity between my desktop and my new T520 - be able to swap files without fumbling thumb drives or emailing myself.
SYSTEM SPECS:
Desktop
self built: AMD Phenom II X4 3.4GHz
Mobo: Gibabyte GA-890GPA-UD3H
network adapter: Realtek RTL8168D/8111D
running Windows 7 Professional
Laptop
Lenovo T520
network adapter: Intel Centrino Advanced N 6205
running Windows 7 Home Premium
Router
Belking F5D8231-4 version 3000
SUMMARY OF EFFORTS THUS FAR:
Firewalls: Windows & router disabled
Anti-virus: (AVG) disabled, then uninstalled
Network adaptor drivers: updated
Router firmware: updated
Router has been restored to factory settings
Power cycles performed multiple times at various points
Tried static ip addresses (presently set to dynamic) - shared ip addresses not the cause
Sharing options have been enabled both in general network settings and specific folders
Pinging results in either "Request timed out." or "Destination host unreachable."
My network is designated a "Home network"
Neither machine is connected to multiple networks
Both machines are assigned to same Workgroup: tried changing from generic "WORKGROUP" to custom name to isolate my machines from rommie's
Relevant services I've been told to check and confirmed started:
- DHCP Client
- Computer Browser
- Network Location Awareness
- Remote Procedure Call (RPC)
- Server
- TCP/IP NetBIOS Helper
- Workstation
- Peer Networking Grouping
- PNRP Machine Name Publication Service
Under Local Area Network Status I've noticed that IPv4 shows connectivity to internet, but IPv6 says "No Internet Access" - disabling IPv6 has no effect
When I create a Windows Homegroup on one machine, an invite to join is never extended to the other.
I installed TeamViewer as alternative to Homegroup. After setup, the program claims to have a working connection, but any attempt to access the other gives an error.
Now, the name of my laptop will sometimes appear under Explorer>>Network, but clicking on it gives an error message (can't think what it says & the laptop isn't visible right now); while my laptop has never shown my desktop. However, if I hardline my laptop to the router, suddenly the two are best friends - connecting, accessing folders, swapping files, trading recipes, sharing steamy cups of Maxwellhouse International Cafe.
Does anybody have any insights into this situation? Any suggestions would be appreciated. I’ve wondered if perhaps there was some pre-installed Lenovo software that interferes with networks the way firewalls or anti-virus programs can? I've tried calling both Belkin and Lenovo tech support - played their little choose your own adventure games. Belkin's final word is that its a software issue. I'm at a complete loss.
I'm always asked for ipconfig and ping results at some point, so I'll go ahead and post them below. I've also found some errors in Administrative Events on both machines that may provide clues:
Dhcp-Client (both) - The IP address lease 192.168.2.2 for the Network Card with network address 0x6CF049E337F0 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
bowser (desktop) - The master browser has received a server announcement from the computer GLADOS that believes that it is the master browser for the domain on transport NetBT_Tcpip_{4F23028C-E9A3-47B6-94A5-025192E2DBE0}. The master browser is stopping or an election is being forced.
BROWSER (laptop) - The browser service has failed to retrieve the backup list too many times on transport .... The backup browser is stopping
I don't really know much about Windows services and events, but they sound like they could be related, and they're the only lead I have to work right now.
================================================================================================
IPCONFIG/ALL - DESKTOP
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Matt>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : MasterControl
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TeamViewer VPN Adapter
Physical Address. . . . . . . . . : 00-FF-47-E5-AD-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 6C-F0-49-E3-37-F0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d8bf:b8a9:475a:e04%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, May 07, 2011 1:45:30 PM
Lease Expires . . . . . . . . . . : Monday, May 04, 2020 1:45:30 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 242020425
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-53-71-E4-6C-F0-49-E3-37-F0
DNS Servers . . . . . . . . . . . : 192.168.2.1
209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{47E5ADC9-D9C5-414A-8659-36D9EA7E6293}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:38b4:2ea7:e7e4:e5a6(Pref
erred)
Link-local IPv6 Address . . . . . : fe80::38b4:2ea7:e7e4:e5a6%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.Belkin:
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.3%15(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.1
209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Disabled
IPCONFIG/ALL - LAPTOP
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : GLaDOS
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TeamViewer VPN Adapter
Physical Address. . . . . . . . . : 00-FF-87-3A-ED-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-10-6C-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6470:d6ce:953e:60ce%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, May 07, 2011 1:47:54 PM
Lease Expires . . . . . . . . . . : Monday, May 04, 2020 2:02:47 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 379619508
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-32-24-66-F0-DE-F1-53-62-F8
DNS Servers . . . . . . . . . . . : 192.168.2.1
209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connecti
on
Physical Address. . . . . . . . . : F0-DE-F1-53-62-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c20:3d8c:e7e4:e5a6(Pref
erred)
Link-local IPv6 Address . . . . . : fe80::3c20:3d8c:e7e4:e5a6%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.Belkin:
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.5%21(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.1
209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Disabled
FREQUENT PINGING ATTEMPTS IN EITHER DIRECTION RESULT IN ONE OF FOLLOWING
(1)
C:\Users\Matt>ping 192.168.2.5
Pinging 192.168.2.5 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.5:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
(2)
C:\Users\Matt>ping 192.168.2.3
Pinging 192.168.2.3 with 32 bytes of data:
Reply from 192.168.2.5: Destination host unreachable.
Reply from 192.168.2.5: Destination host unreachable.
Reply from 192.168.2.5: Destination host unreachable.
Reply from 192.168.2.5: Destination host unreachable.
Ping statistics for 192.168.2.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)Just throwing this out there: I had a cash register which bafflingly refused to talk to other systems on the network, except for just a few minutes after it booted. The problem was cured by unchecking "Allow the computer to turn off this device to save power" in the Power Management tab of the Realtek ethernet card Device Manager Properties.
I don't work for Lenovo. I'm a crazy volunteer! -
NPS: Event 6274 - Network Policy Server discarded the request for a user
Intermittently I will get desktop (wired) and laptop (wireless) computers experiencing issues with NPS (they drop off the network).
Some computers are affected more than others, although they are identical hardware and based on a standard image.
In the event log of the NPS servers I can see the following messages:
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 2/05/2014 8:47:58 a.m.
Event ID: 6274
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: NT147.domain.local
Description:
Network Policy Server discarded the request for a user.Contact the Network Policy Server administrator for more information.User:
Security ID: NULL SID
Account Name: host/DPC0387.domain.local
Account Domain: DOMAIN
Fully Qualified Account Name: DOMAIN\DPC0387$Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 3c-xx-xx-xx-xx-xx
Calling Station Identifier: 00-xx-xx-xx-xx-xxNAS:
NAS IPv4 Address: 10.nnn.nnn.nnn
NAS IPv6 Address: -
NAS Identifier: ND246
NAS Port-Type: Ethernet
NAS Port: 71RADIUS Client:
Client Friendly Name: Network Device Management Subnet
Client IP Address: 10.nnn.nnn.nnnAuthentication Details:
Connection Request Policy Name: NAP 802.1X (Wired)
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: NT147.domain.local
Authentication Type: -
EAP Type: -
Account Session Identifier: 384F322E317838316564303034313030306230666632
Reason Code: 1
Reason: An internal error occurred. Check the system event log for additional information.
How do I debug when an internal error occurs but there is nothing in the system event log? Where else can I look?
Here's the packet trace that matches the event log entry above:
No. Time Source Destination Protocol Length Time from request Info
1 0.000000 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
2 2.470423 Universa_xx:xx:xx Nearest EAPOL 60 Start
3 2.472870 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
4 2.539416 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
5 2.544206 Universa_xx:xx:xx Nearest EAPOL 60 Start
6 2.548804 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
7 2.550050 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
8 2.552597 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=249, l=208)
9 2.556043 10.NPS_Server 10.switch RADIUS 136 0.003446000 Access-Challenge(11) (id=249, l=90)
10 2.565876 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Protected EAP (EAP-PEAP)
11 2.569472 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=250, l=208)
12 2.572566 10.NPS_Server 10.switch RADIUS 136 0.003094000 Access-Challenge(11) (id=250, l=90)
13 2.580254 Universa_xx:xx:xx Nearest TLSv1 123 Client Hello
14 2.586544 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
15 4.564841 Universa_xx:xx:xx Nearest EAPOL 60 Start
16 4.568530 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
17 4.569876 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
18 4.582263 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=252, l=208)
19 4.586006 10.NPS_Server 10.switch RADIUS 136 0.003743000 Access-Challenge(11) (id=252, l=90)
20 4.591896 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Protected EAP (EAP-PEAP)
21 4.592692 Universa_xx:xx:xx Nearest TLSv1 123 Client Hello
22 4.599634 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=253, l=315)
23 4.600887 10.NPS_Server 10.switch IPv4 1518 Fragmented IP protocol (proto=UDP 17, off=0, ID=07db)
24 4.609920 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 1514 Server Hello, Certificate, Certificate Request, Server Hello Done
25 4.610516 Universa_xx:xx:xx Nearest EAP 60 Response, Protected EAP (EAP-PEAP)
26 4.617407 10.switch 10.NPS_Server RADIUS 262 Access-Request(1) (id=254, l=216)
27 4.618352 10.NPS_Server 10.switch RADIUS 288 0.000945000 Access-Challenge(11) (id=254, l=242)
28 4.623650 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 176 Server Hello, Certificate, Certificate Request, Server Hello Done
29 4.643316 Universa_xx:xx:xx Nearest TLSv1 361 Certificate, Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
30 4.649607 10.switch 10.NPS_Server RADIUS 601 Access-Request(1) (id=255, l=555)
31 4.656950 10.NPS_Server 10.switch RADIUS 199 0.007343000 Access-Challenge(11) (id=255, l=153)
32 4.662734 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 87 Change Cipher Spec, Encrypted Handshake Message
33 4.681106 Universa_xx:xx:xx Nearest EAP 60 Response, Protected EAP (EAP-PEAP)
34 4.788536 10.switch 10.NPS_Server RADIUS 262 Access-Request(1) (id=2, l=216)
35 4.789735 10.NPS_Server 10.switch RADIUS 173 0.001199000 Access-Challenge(11) (id=2, l=127)
36 4.795723 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 61 Application Data
37 4.796372 Universa_xx:xx:xx Nearest TLSv1 93 Application Data
38 4.802368 10.switch 10.NPS_Server RADIUS 331 Access-Request(1) (id=3, l=285)
39 4.803363 10.NPS_Server 10.switch RADIUS 189 0.000995000 Access-Challenge(11) (id=3, l=143)
40 4.808905 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
41 4.809501 Universa_xx:xx:xx Nearest TLSv1 77 Application Data
42 4.817342 10.switch 10.NPS_Server RADIUS 315 Access-Request(1) (id=4, l=269)
43 4.822986 10.NPS_Server 10.switch RADIUS 189 0.005644000 Access-Challenge(11) (id=4, l=143)
44 4.828973 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
45 4.833318 Universa_xx:xx:xx Nearest TLSv1 829 Application Data
46 4.840610 10.switch 10.NPS_Server RADIUS 1073 Access-Request(1) (id=5, l=1027)
47 4.845946 10.NPS_Server 10.switch RADIUS 189 0.005336000 Access-Challenge(11) (id=5, l=143)
48 4.850938 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
49 4.907924 Universa_xx:xx:xx Nearest TLSv1 141 Application Data
50 4.913390 10.switch 10.NPS_Server RADIUS 379 Access-Request(1) (id=6, l=333)
51 4.917535 10.NPS_Server 10.switch RADIUS 221 0.004145000 Access-Challenge(11) (id=6, l=175)
52 4.922877 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 109 Application Data
53 4.923472 Universa_xx:xx:xx Nearest TLSv1 61 Application Data
54 4.930319 10.switch 10.NPS_Server RADIUS 299 Access-Request(1) (id=7, l=253)
55 4.937348 10.NPS_Server 10.switch RADIUS 381 0.007029000 Access-Challenge(11) (id=7, l=335)
56 4.942543 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 269 Application Data
57 4.944791 Universa_xx:xx:xx Nearest TLSv1 125 Application Data
58 4.951408 10.switch 10.NPS_Server RADIUS 363 Access-Request(1) (id=8, l=317)
59 4.954022 10.NPS_Server 10.switch RADIUS 355 0.002614000 Access-Accept(2) (id=8, l=309)
60 4.981482 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Success
61 32.590347 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
62 62.592420 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
63 92.595043 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)
64 122.597856 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)
65 152.600618 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)A belated thanks for your reply.
Our environment doesn't have NPS accounting configured so that was easy to rule out.
The mid-day drop outs have stopped after I added "set protocols dot1x authenticator no-mac-table-binding" to our Juniper switches (which prevents mac address aging from clearing the active dot1x client session).
I believe the above error message occurs because the RADIUS session ID is rejected / ignored because of some quirks in the RADIUS standard. At the start of a dot1x authentication request a RADIUS session ID is created. For whatever reason the
RADIUS/NAP server stops responding and the Juniper switch fails over to the backup RADIUS/NAP server configured. The session ID is kept (per RADIUS standard) but the backup RADIUS/NAP server doesn't know about the session, so this event: "Network
Policy Server discarded the request for a user." occurs.
It would be nice to see a clearer error message "Invalid RADIUS session" or similar.
There is a Microsoft guide on how to set up RADIUS/NAP servers in a highly available configuration - something to do with RADIUS proxy servers.
It would be even nicer to see some kind of RADIUS session synchronisation between NAP servers... if it doesn't already exist?
I am having the same exact issue you posted on here except I have Extreme Network switches. Some of my computers, various hardware, will randomly not authenticate during re-authentication. The switch says that it failed to contact the NPS server so then it
switches to my backup server. The client has a random time on how long it waits to authenticate so sometimes I end up having the disable/re-enable the port they are connected to so that the session is started again. I see that you basically removed the option
to force clients to re-authenticate Any downfall disabling that?. Any idea why the NPS server is no longer responding? Are you using Windows Server 2012? -
Can no longer get my laptop to connect to the internet
Hi,
I recently moved my router and dsl modem after reconnecting everything my laptop no longer can acquire internet access. I have network magic on both my desktop and my wired laptop. I tried resetting the modem reseting the router. nothing seems to work.
I have network magic version 5.5.9195.0-Pure0
Using Windstream DSL
The modem is a Speedstream 4200 Adsl Modem version a12
The router is a Belkin f4d7230-4 version 7000
The problem is present in both wired and wireless configuration.
The desktop is using Windows XP SP 3, the laptop is using Windows 7 64 bit professional
I am using ZoneAlarm Extreme Security.
I am able to connect the desktop directly to the DSL modem (bypassing the router) and have connection but when I try to connect the laptop, no internet access is available.
I am lost!!! Any suggestions??Hi...
Here is one item you can check... If I am following how your home network is setup...
Usually when this happens you have to clone your mac-address to the appliance. This can be done using the administration console on your Belkin router.
First, attach your laptop or desktop directly to the DSL and check your connection.
Then after you have tested your internet connection ok directly attached to the DSL router you reconnect your Belkin router and open your network connection to the web interface. (check your ip address and gateway once attached to the Belkin and see what the gateway address is - this is the ip you need to use to get to the Belkin web interface) Once attached to the web inerface on the Belkin find the "Clone Mac Address" wizard within the advanced administration settings. Then once you clone your mac address using the wizard you should be reconnected to your network like it was originally and your setup should work again...
Hope this makes sense...
Good luck...
H.
Best Regards;
Hmeister -
Wired Guest Using ISE Interface
Ive scoured the forums for a solution but struck out looking for design tips. I have a centralized guest wireless using ISE with CWA on an anchor controller and it works great. Now I need to create wired guest network for my remote sites. Is this possible using an interface on my 3415 running ISE, or can the anchor controller be used some how?
The 3415 sits in my Pennsylvania data center. It has a new dedicated interface going to the internet for guest traffic. Can this interface be used as a redirect for a guest at a remote site? If so, is there documentation detailing the basic steps to implement this?
Thanks in advance!If you are already authenticating your wireless users and anchoring them to a DMZ you can do the same with wired users as long as you have a foreign controller layer 2 adjacent to the wired guests.
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/99470-config-wiredguest-00.html
You would just need to set the VLAN on the port for the guest users, or if you want you can use ISE wired AuthZ policy to place the guest users into the correct VLAN, or FlexAuth using guest VLANs. -
HomeHub 2 wired connections drop overnight
I have a home network based on a HH2. One (older) laptop and a printer have wired connections to the hub, one (new) laptop has a wireless connection.
The wired laptop is a Sony Vaio running Windows Vista. The wireless laptop is a Samsung running Windows 7.
When I wake the wired laptop after it has been in hibernate mode, the connection to the hub has been lost and the ethernet adapter is no longer shown as installed in Device Manager. The conection can be re-established by re-booting te laptop.
Initially I assumed this was a problem with the laptop and changed the adapter's power settings, as is recommended in various forums, but this made no difference.
Since I have been using the new laptop with a wireless connection to the hub, I have found the connection via the hub to the wired network printer is lost overnight and the printer is no longer shown as installed, even when the machine is re-booted. The printer connection is renewed only by resetting the Home Hub or reinstalling the printer. The wireless connection to the hub and internet is never affected.
This has led me to wonder whether the problem is with the Hub, rather than (both) the laptops. Power Save is not enabld on the hub, so there is no disconnection of the wireless link overnight.
Has anyone had a similar problem or a suggested solution? Help wouldbe much appreciated!Hi Neil and Joanna,
Get in contact with BT and ask for a BT Home Hub 3.
We got our 7th BT Home Hub 2 - yes i said 7, because they are just c - rap! and now have a BT Home Hub 3 which allows me to use my PS3, iPhone, iPad, and other multiple wireless and ethernet devices connected without any problems.
Not had to reset my BT Home Hub 3 since it was installed 2 ish weeks ago!!
CG Over An Out -
Epson printer using airport express connect wired to PC
Hi,
I have a problem with my epson printer C41 series.
It is connected using USB to Airport express then wired using ethernet cable to my existing router in order to share to 3 computer (2 PC, 1 PowerbookG4).
Firstly, I used bonjour to detect the printer, and it was working perfect unfortunately under my PowerbookG4. So I unplug the powerbook, just want to use airport as printer server. I ran bonjour again, it detect the printer under my airport, but it doesn't work when printing.
Perhaps you could help my problem.
Thanks in advance.I have a cable modem (Comcast) connected (WAN) to my
Airport Extreme Base Station. Question: Can I us an
AirPort Express to "join" this network (plug it in in
another room) and use the LAN port to connect an
Ethernet cable to a computer's Ethernet port?
If you "Join an Existing Wireless Network" the ethernet port on the AX is DISABLED. If you set up a WDS network using the AX to extend the range of your AEBS, the ethernet port will be ENABLED.
Will
the AE LAN port have a local IP address ( i.e.
10.0.1.5) available for a wired Laptop to connect to
the internet (or even attach a non-wireless internet
web camera)?
Properly configured as a WDS network, the device connected to the AX ethernet port will pull an IP address from the AEBS, just like any other connected device. You can also configure this connected device with a static IP address, outside the range of the dynamic DHCP addresses.
I hope this is not too basic...... -
How to connect a E1200 wireless router to a machine tool network for wireless communications
Hello all, I am new to the forum, hope someone can help me out. I am wanting to connect my E1200 wireless router to a machine tool in our factory that has programmable controllers and is connected to the machine components via ethernet connections. This is so we can troubleshoot the machine without having a wired laptop. We have several ethernet switches on the machine and a range of IP addresses say from 192.16.1.1 through 192.16.1.150, and 192.16.17.1 through 192.16.17.150, all of the addresses are not used but random addresses in the range. I would like to be able to connect my E1200 to either one of the networks without having to make a change in the router setup. I can make it work on either network but when I switch my cable to the other network it has to be reconfigured. I am currently connecting my data cable to a ethernet port on the router and changing my router address from 192.168.1.1 to 192.16.1.1 and selecting a range of 150 so it will assign numbers as needed. This works great until I change to the other network and I have to change my router address to 192.16.17.1, I know this can be done on some routers because the technicians from the machine builder use them when working on the machines. thanks
On the basic setup tab make the changes shown below:
This basically make the router disappear off the existing networks and turns it into a wireless AP.
Then when you set your laptop's wireless adapter to whatever IP network you want to connect to.
If you need to connect to your router again change the laptop's adapter IP to something like 192.168.200.2
Keep in mind nothing ever gets plugged into the Internet Port on the router.
What I do with these manufacturing machine's is put them on the company network with static IP's. Then so operators can transfer programs and view drawings I place ELO touchscreens at each location. For the Laser cutter operators that do nesting they have a desktop workstation for the CAD software and put the nests on a network share or direct to the laser cutters.
Please remember to Kudo those that help you.
Linksys
Communities Technical Support -
Desperately Need Help. At my Wits End
Ok Here is the issue. I live in a house with my GF and 3 roommates. I have an elaborate home network setup with 4 wireless laptops and 4 Desktops hardwired in. I am having an issue where it is dropping my connection to everything every hour if I am not playing a game and every 20 minutes If I am playing a game. Here is how it is set up
Cable Modem - Router (Router Goes to)
My Bedroom 8 Port Hub (Hub Goes to)
My Desktop
Wired Laptop
Radio Server
My Roommates Laptop
My Other Two Roommates Bedroom (Goes to Wireless Router set to Gateway - Connects...)
2 Desktops
1 Lapto
Network Printer
The Hardware...
Cable Modem - Motorola Standard Comcast Cable
Router from Modem - Linksys WRT54G V6.0 With Cisco Security
8 Port hub - Linksys 8 port Network Switch
Second Router/Gateway - Linksys/D-Link I can't remember
Network Printer - OkiPage 24DX/NX
Laptops:
Dell Latitude D620
Dell Latitude D600
Apple Powerbook
Desktops
My Custom Rig for Pwn
HP Pavilion 1915 (Roommates)
HP Pavilion 1915 (Radio Server)
Apple G3/G4 Desktop (Maybe 2)
Now Here is the issue. My laptop is connected wirelessly to my base router from the cable modem. The router is directly below me in the basement and I am on the second floor of the condo. My Desktop is connected by a network wire run through the house to the second floor from the same router. At any point while play in a game the connection will either lag or stop; DoD:s will freeze like I am having a connection error, vent will either dissconnect or lagg to hell and Everything has even disconnected for about 3 seconds so i lose connection to everything. If i am not play a game it will lose connection every hour or so along with my laptop. Xfire, vent will disconnect for about 3 second and reconnect. The router is brand new and it has been happening with the old router too. NOw this has become a major issue because I can't play DoD well because **bleep** keeps disconnecting and I can't paly anything. I can't talk on vent or even download cause **bleep** keeps disconnecting.
Steps to trouble shoot so far:
Comcast has come out to check the modem wires and connection to house. All Normal
New Router Implemented
New wire from modem to router installed
Updated router firmware
Changed MTU
Changed Network Wires Everywhere
I am totally out of Ideas. I have an 8MB download and a 768 UP. I have done a check with Comcast and They show me using about nothing of that speed at anytime to prove I am not going over speed.
Does anyone have an Idea or can help me figure this out because that would be most help full. Thanks
Can anyone help me please I am at my wits end. Connection drops for everything, Ventrilo, Xfire, All Instant Messengers, Lags all my games, and makes it hard to hear my online team. Can anyone help me I am at my wits end with this problem and it has been happenning for about a month and a half now and I am really pissed off. Thanks.The next step is to do my #3 suggestion.
You have to eliminate the possibility that the problem is local to your network and by performing #3 you can do that.
The next thing to do is while the problem is occurring, do a traceroute to some destination on the Internet. If your desktop is using Windows do the following:
tracert www.google.ca
The first hop in your listing will be your WRT router.
The 2nd hop will be the 1st router within your ISP's network.
If you do not get a response from the first hop, the problem is local to your network.
If you don't get a response from the 2nd hop the problem could be that your router has lost connectivity to your ISP or that it's routing table is fouled up.
If the 1st hop is reachable, you should log into your router and check the router to see if it has an IP address that would have been acquired from your ISP. The WRT is, by default, configured to acquire an IP automatically using something called DHCP. You can check the current IP by looking at "Status" after logging into the router.
If the router has an IP address you could try tracerouting from the router itself, but if the traceroute failed from your desktop it will likely fail from the router.
By the way when this problem occurs how long do you have to wait for connectivity to return?
Does connectivity return by itself or do you have to do anything (i.e., is a router reboot required) to restore connectivity?
If the traceroute from your desktop gets past hop 2, the problem is further out on the Internet. This will require further investigation. -
E1200 - Ports not working and mac filtering problem
If there was a way to give negative stars to this router, I would. As it is, the minimum rating I can give this product is one star, and that's one star too many.
I was upgrading from the WRT54G, which is an ugly thing to look at, but a reliable workhorse nonetheless. I turned that in to a downstream switch in my comms hub.
On the E1200, I flashed the latest firmware, used different Cat5 cables, and different laptops before committing to hating this product.
The first time I reached out to Amazon, the Amazon rep gave me a Cisco number to call. Turns out, that's some shady mortgage refinance hotline. Try it for yourself! 1-800-666-1771.
Now, the rant -
1. Two out of four wired LAN ports don't work: What can be the fix for this?! The activity lights on ports 3 and 4 blink and suggest data transfer is taking place, but the wired laptop simply can't acquire an IP address and access the internet. Same result when I connect my Panasonic Blu-Ray player to ports 3 and 4. None of the Viera Cast features load.
2. MAC filtering unreliable: The wireless routing works somewhat reliably, if and only if, one settles for the most basic security. If I only choose a password and WPA2 protocol, things work fine. If I add another layer of security (in my case, enabling MAC filtering and only PERMITTING gateway to listed MAC IDs), things break down. As soon as I disable MAC filtering, wireless access to authenticated clients is restored.
3. Cisco customer service: The censored world we live in, compels me to criticize politely. TERRIBLE. Cisco website is unintuitive, and frustrating. There's no easy way to register your purchased product. The Cisco "registration" is intentionally misleading and deceptive. For all intents and purposes, it's just an information gathering tool for Cisco. Don't bother registering there, unless you love the idea of storing your personal information on their servers. Their phone-based customer service is apathetic and uninterested. My rep was so distrusting of my intelligence and motor control, that he simply wouldn't believe that I had selected "PERMIT" and not "PREVENT" as the option under MAC filtering. After he asked me the same question for the fourth time, I raised my voice, and he gave up the idea of checking for the fifth time.
However, this review is a tale of two companies. I reached out to Amazon again. This time, I got a rockstar in the shape of Leanne C! She was incredibly helpful, and understanding. What's more, she set up my return without any hassle and this Cisco dud is on its way back. I'm a big fan of Leanne's and my confidence in Amazon is restored.
I'm sure that i received a lemon. I've never had problems with Linksys products. Maybe others' experience is different from mine.In your case as port numbers 1 and 2 does not work, what you could have done a loop back test. To perform a loop back test you need to take an ethernet cable, connect one end of that cable to internet port and the other end to the non-working port on the router. If you get the led to glow on both internet and the respective ethernet port that indicates that the port is working fine.
It could also be a sychronization issue between the above mentioned lan ports and the lan card of your computer. As a part of trouble shooting you can try to reduce the card speed of your lan card. Following are the steps to reduce the speed of your lan card.
START--> right-click My Network Places and click Properties
right-click on the device manager and click properties
Click on the CONFIGURE button
Select the ADVANCED tab and in the box under the header property select "speed and duplex" and change the value on the right to 10 mbps half duplex. A restart would be recommended after performing these steps.
In the second half you said that after enabling the mac filter option the internet breaks down. Here, do you mean to say that the computer
gets disconnected from the wireless network or it stays connected with a valid IP address but without an internet connection.
Well, it is an unusual issue however you could have reset and reconfigure the router as you got the latest firmware upgraded on it.
Steps to reset the router:
Push the reset button on router for 30 seconds, turn off the router wait for 30 seconds and then power it on. Power light should blink when you perform the reset process. -
IAS dot1x dynamic VLAN assignment not working
I have a windows 2003 server with AD and IAS configured. IAS uses AD for authentication. I have AAA login configured and working. I have AAA dot1x configured on the 3550 switch. IAS has a Wired Ethernet policy configured for PEAM and is send back attributes tunnel-type = VLAN, tunnel-medium-type = 802, and tunnel-pvt-group-id = 210. My XP supplicant has dot1x enabled and is authenticating through the switch and IAS.
Using Ethereal I can see the both the Radius request and accept packets. I can see that radius is sending the above attributes through ethereal as well. Using the Debug Radius command I can see that the attributes are getting to the switch. When I use the show VLAN command the switch port is still in VLAN 1. I want it to be in VLAN 210.
I have upgraded the IOS in the 3550 switch. This fixed a previous problem of the switch not sending the NAS port type of Ethernet. It as sending a port type of Asynch.
I also have service pack 2 on the Windows 2003 server.
Has anyone else had this problem? If so how do I fix it.
Here is my debug code:
06:56:45: RADIUS: Tunnel-Medium-Type [65] 6 00:ALL_802 [6]
06:56:45: RADIUS: Tunnel-Private-Group[81] 5 "210"
06:56:45: RADIUS: Tunnel-Type [64] 6 00:VLAN [13]
Here is my switch code:
aaa new-model
aaa authentication login default group radius local
aaa authentication dot1x default group radius local
aaa session-id common
interface FastEthernet0/1
switchport mode access
dot1x pae authenticator
dot1x port-control auto
radius-server host 10.1.1.254 auth-port 1645 acct-port 1646 key test
radius-server deadtime 60You're missing this:
aaa authorization network default group radius
I assume "everything works" other than VLAN-Assignment itself.
This should get you squared away, -
Lenovo might want to rethink your relationship with Staples. The manger at the local Staples was a complete jerk with me when I returned my Twist. He said that all touch screen laptops will only have 3 hours of battery during active use and that I should just put up with it. I am guessing they are getting many Twist's returned, they took it but not without some verbal abusing.
I have bought many Lenovo products in the past and was happy to see Staples carrying them, but this was the first and LAST computer purchase from Staples.
As for Lenovo I am sure you guys will come out with a better version of the Twist down the road but I am going to hold out for the Surface Pro, and stick to the T series laptops.Policy is you can return for any reason within 14 days, good on them! I had same experience with promise of upgradable memory. When I found online it's not upgradable, I called Staples to confirm, and they asked around with no conclusion, said they would call me back, and never did. They don't know enough to service this machine.
I returned mine for a complete refund, including the full extended warranty I had purchased. The store manager complained vigorously because I returned it to a different staples than I bought it, and the apparently store I bought it gets good sales numbers while the one I returned it is hurt by the return. But I tried not to internalize that complaint as it's Staples poor system hurting that store manager, not my fault.
I've now purchased the 8GB version online from Lenovo. It was hard to go a week without my favorite new gadget waiting for it to ship from China, but considering that reality, it shipped relatively quickly. -
I'm not sure if this is a Windows 7 problem as a result of the laptop itself or not but as it is the last thing I've checked...
I have 3 computers: 1 wired desktop(64-bit), 1 wireless desktop(32-bit), and 1 wired laptop(T400 w/ 64-bit) each running Windows 7 Professional. The two desktops are able to view one another fine in the Homegroup and exchange files.
The T400 laptop is having some issues. It can see the wireless desktop and transfer files from that machine to itself, but it is not able to even see the wired desktop in the homegroup. Both desktops are able see the laptop but neither is able to get files from it.
Each of the desktops can see all 3 computers in the standard network location, the laptop is only able to see the wireless desktop.
I've run troubleshooter on all three computers, and I've ensured they are all on the 'home network'. I've also made sure the network discovery/file sharing/etc is on in the 'advanced settings' and they are all apart of the same workgroup.
The problems seem focused on the laptop, and both desktops worked right from the get go but the laptop hasn't. Further, I used to have Windows 7 RC (Build 7100) on both the wired desktop and the wired laptop and homegroup feature worked flawlessly at that time...just not with the release.hey wolverine42,
uninstall the current camera driver and any software that has access to the camera.
windows should now be installing its own generic camera driver. once done, there should be a camera icon in My Computer. Launch that and see if the camera works.
If it does, head over to >> http://support.lenovo.com , download and install the camera driver that is available here and try again.
WW Social Media
Important Note: If you need help, post your question in the forum, and include your system type, model number and OS. Do not post your serial number.
Did someone help you today? Press the star on the left to thank them with a Kudo!
If you find a post helpful and it answers your question, please mark it as an "Accepted Solution"!
Follow @LenovoForums on Twitter!
Have you checked out the Community Knowledgebase yet?!
How to send a private message? --> Check out this article. -
Hi all,
Designing on an ISE wireless case, i would like seek idea about:
1. My design goal is differentiate domain user are only capable to connect to Employee_AP; while guest connect to Guest_AP. What rule's condition should i do ?
2. What is the best practice for BYOD's policies to permit each employee access are only able to use 2 units of personal devices. Says one notebook and one handheld device. Anyway i can enforce this rule on ISE?
Million thanks
NoelIf you are already authenticating your wireless users and anchoring them to a DMZ you can do the same with wired users as long as you have a foreign controller layer 2 adjacent to the wired guests.
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/99470-config-wiredguest-00.html
You would just need to set the VLAN on the port for the guest users, or if you want you can use ISE wired AuthZ policy to place the guest users into the correct VLAN, or FlexAuth using guest VLANs. -
Whats the best router for multiple Wireless-G
I just want to know whats the best router for running multiple wireless-G with some things wired and some wireless also sharing on the network and gaming with a good internet connection whats the best router ?
Good Speeds
Good Range
Multiple online sharing
Online Gaming
I think everything is wireless-g
Things i have on the router
Linksys Nas200 - wired
Laptop - wireless
Desktop - wired
2 Xbox 360's - 1 wired and 1 wireless
2 Sony PSP's - both wireless
Soon a wireless printer or a linksys printer server
Message Edited by Sas101 on 11-12-2007 07:30 PMAs you posted it sems that you need good router for wireless connectivity .....
You can go for any N router lile WRT300N.... WRT350N ..... WRT150N ....
They will give you excellent performance for the connection you require.....
Maybe you are looking for
-
How to update Acrobat 9 to current version during CS4 install
HI All: I have a corporate wide deployment of Creative Suite 4 and Acrobat 9 Professional. Due to the security vulnerabilities of Acrobat Professional, we need to update Acrobat 9 to version 9.4 during the deployment. For Acrobat Pro 9 the procedur
-
Is Azure Media Services Account only made for videos?
After creating my Media Service account I only see links, tutorials and documentation about how to use it with video. I'm working on a project with music files. Is it possible and recommended to use Media Service for music?
-
Hi all, I am working with Flex where a HTTP POST request with XML is sent from the client to the server (Java server, I am running JBoss) expecting a reply. Can someone point to example code of Java on the server side receiving POST request, and if p
-
Hi, I am using Jmenu/menubar/item on a JFrame in my applicatrion. I set mnemonics to the menus and menu items. When I press the ALT+Mnemonic it is working fine. At the same time if I press only ALT key the menu on the frame is not getting selected. A
-
How to deselect a select table column?
Hi! I've implemented a table with selectable columns. This is working fine, but I'm not clear how to deselect the selected table column with code. How to do so? Thanks for any hints! Peter