1240AG WPA2 and PSK for non radius clients

Similar Messages

• Sharing Primary Site and Secondary Site's SUP WSUS for non-SCCM client use

  I was wondering if the WSUS deployed for the SCCM's SUP can also be (re)used for non-SCCM clients.
  Our SCCM infrastructure are mainly used to manage Workstations whereas our back-end servers are not deployed with SCCM agents due to overlapping SLAs and responsibilities. However, we would like to take advantage of WSUS's centralized update repository without
  each back-end servers initiating connection to the Internet to get their updates.
  Is this possible?

  No. WSUS servers that are used for SUPs are controlled by ConfigMgr and cannot be used outside ConfigMgr.
  Torsten Meringer | http://www.mssccmfaq.de

• Urgent help please, I made an file with the size 1024x768, then i made two folios, one for retina 2048x1536 and one for non retina 1024x768, i have alot of video content in it, everything works perfect on my retina ipad, but when i open it on ipad 2 an er

  Urgent help please, I made an file with the size 1024x768, then i made two folios, one for retina 2048x1536 and one for non retina 1024x768, i have alot of video content in it, everything works perfect on my retina ipad, but when i open it on ipad 2 an error appears on the pages with video content?

  its in german:
  der Vorgang könnte nicht abgeschlossen werden.
  something like the process coundnt be completed

• 802.1x errors from client in WLAN with WPA2 and PSK

  Hello,
  I have been doing a client troubleshooting and I have got some errors that does not have so much sense for me:
  1)
  Time :03/15/2011 14:49:54 CET Severity :ERROR Controller IP :10.x.x.x Message :802.1x authentication message received, static dynamic wep supported.
  2)
  Time :03/15/2011 14:49:54 CET Severity :INFO Controller IP :10.x.x.x Message :Association request received from a client has an invalid RSN IE.(One reason could be mismatch in WPA2 algorithm).
  The WLAN is configured with WPA2 with AES and PSK, and during the troubleshooting several roamings have happened.
  Do you have any idea why they can be produced?
  I attach the complete log.
  Thank you in advanced.

  Sounds like the clients are doing WPA with TKIP for the message number 2 for example ?

• Risk Management & Process controls for non SAP client

  Hi Forum Gurus,
  I need clarity on the following:  Can Risk managment 3.0 and Process controls be implemented for a non-SAP client?
  i.e. Our client does not run SAP, but they are interested in RM and PC, so is this possible to implement?
  Any advice would be highly appreciated.
  Kind regards,
  PREVO.

  Hi Prevo,
  Process control and Risk management 3.0 are delivered within same installation package files so it is same for both the applications .
  Also real time agents for Oracle or peoplesoft are avaialble if you want to leverage the automated control functionality of PC 3.0 in non SAP environment.
  Remember the automated control functionality is the optional feature of PC3.0.If you wish only to use the manual controls features of PC 3.0 you dont need RTAs(real time agent).
  You can find further information about manual controls at http://service.sap.com
  use the quicklink '/rkt' then the following menu path: SAP Business Objects for GRC Solutions -> SAP BO Process Control 3.0 -> Technology Consultant
  Regards
  Debraj

• App-V 5 over https for non-domain clients

  Hello, Is this scenario possible?

  Hi,
  here's how I have it set in my lab. Your mileage may vary, but hopefully this should give you all the different components of how I managed to get it to work, and allow you to try something similar.
  Firstly, my publishing server is: HTTPS://CSC-APPV5.CSC.local:8016
  I have an application published through the app-v console, with the package URL configured to be:
  HTTPS://CSC-APPV5.CSC.local/APPVSHARE/Notepadplusplusx86/notepadplusplusx86.appv
  This is published to the AD group CSC.local\notepadplusplus, of which the user CSC.local\appvuser is a member of.
  On my Windows 8 non domain joined computer, Press Start, type "credential manager", and click on this option under settings.
  Click on "Windows Credentials", then click "Add a Windows credential".
  It will ask you for the Internet or network address. Based on the information I stated earlier, I entered the address: CSC-APPV5.CSC.local
  for User name, I entered: CSC.local\appvuser
  and lastly for password I entered the current valid credentials for this user.
  To test this, I then browsed to the publishing server mentioned above, but found that it still prompted me for a password (but remembered the user ID I had specified), and that the app-v client would not sync through powershell.
  I then added http://csc-appv5.csc.local into this devices local intranet zone (im sure you can avoid this step by adjusting a various number of settings, this was just the first quick test I performed).
  Browsing to the publishingserver address now no longer prompted for a username/pw - correctly showing the application published to this user. I then performed a restart (unlikely to be required, but I just wanted to have a clean run from a user perspective),
  and straight away, there was my shortcut to the appv application, and running it resulted in the normal streaming you would expect.
  The one thing I will add is I was very particular around fully quilifying everything, to eliminate this as a potential issue, and would be one of the first places I would start if you are attempting to troubleshoot why you were not able to get this to work.

• DSCP marking for non WMM-clients

  hello,
  i just made several tries but didn´t find the result which i expected. i have the following scenario:
  non WMM-clients in branches in our WAN
  traffic over the wan line must be shaped
  there is no local breakout, the traffoic should be tunneled to the central datacenter
  so what i want to achieve is that every traffic from this non WMM-clients (which are using a special SSID (i call it here "EXTERNAL")) is getting marked in that way that the CAPWAP-packets are holding dscp-values so that i can refer on these packets beforer they are going over the WAN-connection
  what i did:
  the ssid uses the QOS-Profile "bronze"
  WMM is disabled
  the QOS-Profile itself has 802.1p enabled with a value of 1
  so i expected that every traffic via this ssid "EXTERNAL" gets a dscp marking in the capwap packet of 10 (perhaps also 12 or 14, i´m not sure whcih value really is used). in reality i see 0.
  i´m using Wismv1 with version 7.0.230. i also tried it with 5508 with the same version but it didn´t work. APs are 1142.
  is my expectation wrong that this scenario is working in this way? do i forget something??
  thanks for your help

  The WLAN can only re-mark client traffic that has existing DSCP values in the original packet, typically at the application layer. The platinum profile itself has 46 as VoWLAN, 48 as Mgmt traffic (CAPWAP etc), and 56 as network traffic, classifying them as such based on the original marking. The values are only remarked if the configured SSID is different.
  This link provides a few more details:
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807e9717.shtml

• Default username and password for  newly created client in minisap

  Hi all,
            I am using the free SAP minisap provided by SAP. In this system i tried to create a user from tcode scc4 . when i try to login to the new client with the username SAP* and password minisap i am not able to login. What will be the default username and password for the newly created client in minisap.

  In the new installation
  The parameter
  login/no_automatic_user_sapstar is set to " 1"
  You create the parameter with value "0" & restart application server.
  & Try to login into New client as SAP* with password "pass" - ( For a Standard System) - I don't what will be the default password in minisap.
  Rgds
  PR

• Windows Domain Controller certificate for non domain clients

  Hi,
  Is it possible that we can export windows domain certificate and use it for non domain computers without joining domain, so that they can communicate each others without joining domain controller?
  Regards

  Hi,
  Is it possible that we can export windows domain certificate and use it for non domain computers without joining domain, so that they can communicate each others without joining domain controller?
  Not sure that what you want to achieve here.
  However, yes, it is possible to export certificates (with private keys) from domain machines then import them to non-domain machines, and some certificates can even function well based on key usages. Please note that Domain Controller certificates are only
  meaningful to Domain Controllers. Possession of domain certificates doesn’t indicate machines are part of domain.
  Without joining a machine to a domain (or without a trust), the machine is always treated as untrusted by the domain members no matter what kind of certificates it holds.
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Different GR/IR account for service entry and GRN for non-valuated material

  Hi,
  Our requirement is GR/IR account while doing service entry and GR/IR account while doing GRN for non-valuated material (UNBW) should be different.
  Though we maintain valuation class for material group (Transaction OMQW), system is picking only the valuation class maintained for blank entry in transaction WRX under OBYC setting.  The system is ignoring the respective valuation class G/L account.  Also if we maintain valuation class for service masters, then also while doing service entry sheet system is picking only the valuation class maintained for blank entry in transaction WRX under OBYC setting
  Had i missed out any other setting.  Pls help.
  Regards

  Hi,
  In OBYC, please maintain a GL for valuation class 3200 for services and a GL for val class 3300 for Non-valuated material in WRX.
  Regards
  Ram

• DHCP configuration for non-compliant clients

  So your question isn't for a live situation, but because you are studying for a test?

  hello!
  i have a question about network policy server..
  that is , how to configure DHCP server to lease IP address to non-compliant client??
  specifically for access to remediation servers
  thank you..
  This topic first appeared in the Spiceworks Community

• How to hide the page ribbon and quichlaunch for non admin users

  HI
  1 ) how to hide the ribbon in a page in sharepoint 2010 for non administrator users  
  2) how to hide quicklaunch also for non admin users
  in quick lanuch i want to hide links for all site content also.
  i used Document Center Template to create my web application.
  adil

  HI
  i did not get how i use this control 
  <Sharepoint:SPSecurityTrimmedControl
  runat="server"
  PermissionsString="FullMask">
  2
    <div>
  3
      <SharePoint:SPLinkButton
  id="idNavLinkViewAll"
  runat="server"
  NavigateUrl="~site/_layouts/viewlsts.aspx"
  Text="<%$Resources:wss,quiklnch_allcontent%>" AccessKey="<%$Resources:wss,quiklnch_allcontent_AK%>"/>
  4
    </div>
  5
  </SharePoint:SPSecurityTrimmedControl>
  adil

• Help with configuring AP-1240AG as local authenticator for EAP-FAST client

  Hi,
  I am trying to configure an AP-1240AG as a local authenticator for a Windows XP client with no success. Here is a part of the AP configuration:
  dot11 lab_test
     authentication open eap eap_methods
     authentication network-eap eap_methods
     guest-mode
     infrastructure-ssid
  radius-server local
    eapfast authority id 0102030405060708090A0B0C0D0E0F10
    eapfast authority info lab
    eapfast server-key primary 7 211C7F85F2A6056FB6DC70BE66090DE351
    user georges nthash 7 115C41544E4A535E2072797D096466723124425253707D0901755A5B3A370F7A05
  Here is the Windows XP client configuration:
  Authentication: Open
  Encrpytion WEP
  Disable Cisco ccxV4 improvements
  username: georges
  password: georges
  Results: The show radius local-server statistics does not show any activity for the user georges and the debug messages are showing the following:
  *Mar  4 01:15:58.887: %DOT11-7-AUTH_FAILED: Station 0016.6f68.b13b Authentication failed
  *Mar  4 01:16:28.914: %DOT11-7-AUTH_FAILED: Station 0016.6f68.b13b Authentication failed
  *Mar  4 01:16:56.700: RADIUS/ENCODE(00001F5C):Orig. component type = DOT11
  *Mar  4 01:16:56.701: RADIUS:  AAA Unsupported Attr: ssid              [263] 19
  *Mar  4 01:16:56.701: RADIUS:    [lab_test]
  *Mar  4 01:16:56.701: RADIUS:   65                                               [e]
  *Mar  4 01:16:56.701: RADIUS:  AAA Unsupported Attr: interface         [156] 4
  *Mar  4 01:16:56.701: RADIUS:   38 32                                            [82]
  *Mar  4 01:16:56.701: RADIUS(00001F5C): Storing nasport 8275 in rad_db
  *Mar  4 01:16:56.702: RADIUS(00001F5C): Config NAS IP: 10.5.104.22
  *Mar  4 01:16:56.702: RADIUS/ENCODE(00001F5C): acct_session_id: 8026
  *Mar  4 01:16:56.702: RADIUS(00001F5C): sending
  *Mar  4 01:16:56.702: RADIUS/DECODE: parse response no app start; FAIL
  *Mar  4 01:16:56.702: RADIUS/DECODE: parse response; FAIL
  It seems that the radius packet that the AP receive is not what is expected. Do not know if the problem is with the client or with the AP configuration. Try many things but running out of ideas. Any suggestions would be welcome
  Thanks

  Hi Stephen,
  I do not want to create a workgroup bridge, just want to have the wireless radio bridge with the Ethernet port. I will remove the infrastructure command.
  Thanks for your help
  Stephane
  Here is the complete configuration:
  version 12.3
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname Lab
  ip subnet-zero
  aaa new-model
  aaa group server radius rad_eap
  aaa group server radius rad_mac
  aaa group server radius rad_admin
  aaa group server tacacs+ tac_admin
  aaa group server radius rad_pmip
  aaa group server radius dummy
  aaa authentication login eap_methods group rad_eap
  aaa authentication login mac_methods local
  aaa authorization exec default local
  aaa accounting network acct_methods start-stop group rad_acct
  aaa session-id common
  dot11 lab_test
     authentication open eap eap_methods
     authentication network-eap eap_methods
     guest-mode
     infrastructure-ssid
  power inline negotiation prestandard source
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  ssid lab_test
  traffic-metrics aggregate-report
  speed basic-54.0
  no power client local
  channel 2462
  station-role root
  antenna receive right
  antenna transmit right
  no dot11 extension aironet
  bridge-group 1
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio1
  no ip address
  no ip route-cache
  shutdown
  dfs band 3 block
    speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
  channel dfs
  station-role root
  no dot11 extension aironet
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface FastEthernet0
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  hold-queue 160 in
  interface BVI1
  ip address 10.5.104.22 255.255.255.0
  ip default-gateway 10.5.104.254
  ip http server
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface BVI1
  radius-server local
    eapfast authority id 000102030405060708090A0B0C0D0E0F
    eapfast authority info LAB
    eapfast server-key primary 7 C7AC67E296DF3437EB018F73BE00D822B8
    user georges nthash 7 14424A5A555C72790070616C03445446212202080A75705F513942017A76057007
  control-plane
  bridge 1 route ip
  line con 0
  line vty 0 4
  end

• More secure forms and CAPTCHA for non-BC sites?

  Spam is ramping up...
  Clients are unhappy.
  When can we expect this issue to be addressed?
  Loving Muse and Edge :)
  Thanks!

  The short answers are:
  There are no forms enhancements in the Q2 release. The Q2 release is currently in late Beta. Subscribers who can accept the terms of the Non-disclosure Agreement are invited to participate in the Beta program by going to museprerelease.com.
  Addressing the need for CAPTCHA and/or similar technology for sites hosted on non-Adobe hosting is a high priority for the Q3 release of Muse.
  We're not ignoring your pleas. The Q2 release marks the first release of work that started nearly 2 years ago. Completing the changes that are part of the Q2 release has required long hours and the full attention of the entire development team. We simply have not had the bandwidth to ponder anything else. We all look forward to that changing once the Q2 version of Muse is released.
  Options for limiting or eliminating spam prior to the Q3 release of Muse include:
  1) Verify your hosting includes a compatible version of SQL.
  This will not elminate spam, but it does throttle the number of submissions a spammer can submit via your form. For your site go to http://<yoursiteurl.com>/scripts/form_check.php This URL will load a page that will report the status of the form processing on your site. Confirm there's a green checkmark next to SQL Configuration.
  2) Use a third party forms service.
  JotForms, WuFoo and Adobe Forms Central all provide very powerful services for creating and managing forms that require little or no knowledge of HTML coding. The forms created using one of these services can be pasted as an HTML object on a page in Muse.
  3) Use a third party form processing library.
  This solution requires some knowledge of coding. Products such as CoffeeCup software's forms solution can be used with Muse.
  4) Host the site, or at least the form page, on Adobe Business Catalyst.

• A Web application + API for non web clients

  Hi there,
  I am new to the java enterprise world, i have a query regarding the application i am developing currently, I am not sure this is the exact category to ask this question but please help me on this.
  In very simple terms my applications job is to give a listing or view of files distributed across network.
  For this I need to have a webApp which can provide a view to all web clients. (where view is nothing but listing of files independent of there location)
  Because this view tells nothing more than files , and i am as data center administrator cannot tell much about data, so we need to provide APIs so other applications (WebAPP or anything else)
  can present the view in more data specific terms.
  The webapp part is fine with me, but how do i support API being on an application server like glassfish.
  Please help me on this.
  Thanks in advance
  AP

  Dear all,
  Anyone can help me to clear this problem ?