802.1x per host authentication under one port with multi-host access by switch

Similar Messages

• 802.1x per host authentication under one port with multi-host access by hub

  Dear,
  While multi-host connect to one port by hub, it seems that in multi-host mode, after one host passed the authentication, the port change state to up, and the other hosts do not need to authenticate any more. And in single host mode, only one host could access to the network under one port.
  In the situation with multi-host access to one port by hub, is it possible that we could control per user access by authentication for each?
  We did some test on 3550, it seems that the 3550 doesnot support what we need. And what about 4506?
  Thanks!

  Multiauthentication Mode
  Available in Cisco IOS Release 12.2(33)SXI and later releases, multiauthentication (multiauth) mode allows one 802.1X/MAB client on the voice VLAN and multiple authenticated 802.1X/MAB/webauth clients on the data VLAN. When a hub or access point is connected to an 802.1X port (as shown in Figure 60-5), multiauth mode provides enhanced security over the multiple-hosts mode by requiring authentication of each connected client. For non-802.1X devices, MAB or web-based authentication can be used as the fallback method for individual host authentications, which allows different hosts to be authenticated through different methods on a single port.
  Multiauth also supports MDA functionality on the voice VLAN by assigning authenticated devices to either a data or voice VLAN depending on the data that the VSAs received from the authentication server.
  Release 12.2(33)SXJ and later releases support the assignment of a RADIUS server-supplied VLAN in multiauth mode, by using the existing commands and when these conditions occur:
  •The host is the first host authorized on the port, and the RADIUS server supplies VLAN information.
  •Subsequent hosts are authorized with a VLAN that matches the operational VLAN.
  •A host is authorized on the port with no VLAN assignment, and subsequent hosts either have no VLAN assignment, or their VLAN information matches the operational VLAN.
  •The first host authorized on the port has a group VLAN assignment, and subsequent hosts either have no VLAN assignment, or their group VLAN matches the group VLAN on the port. Subsequent hosts must use the same VLAN from the VLAN group as the first host. If a VLAN list is used, all hosts are subject to the conditions specified in the VLAN list.
  •After a VLAN is assigned to a host on the port, subsequent hosts must have matching VLAN information or be denied access to the port.
  •The behavior of the critical-auth VLAN is not changed for multiauth mode. When a host tries to authenticate and the server is not reachable, all authorized hosts are reinitialized in the configured VLAN.
  NOTE :
  •Only one voice VLAN is supported on a multiauth port.
  •You cannot configure a guest VLAN or an auth-fail VLAN in multiauth mode.
  for more information :
  http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/dot1x.html

• I upgraded from Dreamweaver CS4 to CS6. but now "an TFP error occured - cannot make connection to host". I spent hours with the host technician and we cant find the error. I reinstalled DW4 and it connects to host perfectly. Anyone else seen this problem?

  I upgraded from Dreamweaver CS4 to CS6. but now when I want to upload I get "an TFP error occured - cannot make connection to host". I spent hours with the host technician and we cant find the error. I reinstalled DW4 and it connects to host perfectly. Anyone else seen this problem?
  Mac OS 10.8.5
  None of these issues are causing the error in DW CS6. We have double checked all of them and we have everything exactly right. Also I have exactly the same SiteSetup in DW CS4 and that works perfectly well. Could there must be factor in 6 that didn't exist in 4? Something that isnt in the SiteSetup but in some hidden dialog box ?
  I can also upload to my host using Fetch, a third party FTP. And as I said DW CS4 works fine. So the problem is not with my host, its with DW CS6 in particular.

  Thank you Jon, that fixed it perfectly. You have saved me from going crazy. The only difference I see now is in "Server Name" it changed what I had entered (my ftp address) to "Remote Server"; which seems odd -- but it works!   Although I know there maybe also some other dialog box I have never seen
  Of course I saw that menu item "Import"  and but I thought thats obviously not for me: "Why would I want to import an entire website?". I did not however see "Export the selected site" for thats only a tiny icon in the footer. However I would have thought the same:  "Why would I want to export my entire website?".
  An observation: I've seen this problem in a lot of Adobe software, the menu-names of items are  obscure, non descriptive. What would be better would be for the menu names or popups to say "Export Site Setup settings" and "Import Site Setup settings"

• Howto work on ONE repository  with multi-user

  hi guyz, im new in using warehouse builder. i got a problem in using a single repository (with one target database and one source) which is used by multiple user to design a lot of dimensions n cubes.
  is it possible 2 do it? if yes, how? cuz my frenz and i were trying 2 design and then deployed / saved the dimensions n cubes simultaneously but it juz ended with data lost (dimensions and cubes dat already made). is there any solution 4 it???
  thx guyz...

  Firstly, you should set up an OWB user for each user if you haven't already done so rather than use a shared user id.
  Secondly, you should make one person responsible for controlling the changes to the dimensions/cubes and allocating who will make the changes, when they will be made and when they will be deployed. You need control within your project/data warehouse team, you can't expect OWB to do this part for you.
  You may also want to have separate OWB projects to split the work up a bit but this can add additional complications with e.g. process flows.
  Lastly, you may also want to consider separate projects per environment e.g. DEV, QA, LIVE.
  Si

• Updating one table with mult. table where clause

  I'm having problems with my update statement. I want to update one table that has a mulitple table where clause. Not sure how to accomplish this. Here is what I have so far.
  update lawson.apvenmast a
  set vendor_status = 'I'
  where ((select * from apinvoice i
  where i.due_date <= TO_DATE('20011231', 'YYYYMMDD') and
  i.vendor = a.vendor)
  ((apvenmast.ven_class = 'INS') or
  (apvenmast.ven_class = 'REF')));
  Am I on the right track?
  thanks in advance for any help.
  Lisa Mears

  A lot is missing.
  where ((select * from apinvoice iA where clause should be like
  where <something> IN (select <something> from ...)
  ((apvenmast.ven_class = 'INS') or
  (apvenmast.ven_class = 'REF')));Where does this belong? There is no AND or OR with these two lines.
  Check your table aliases too.

• One Master with Multi Details on separate tabs

  Hi all,
  I'm trying to figure out how to get a single master record on the main page and then below that 5 tabs with a separate detailed table on each tab.
  I'm trying to modify the "page with 2 level tabs" template, but unfortunately I am not familiar with the syntax and everything keeps breaking. Would anyone be able to share the syntax to do this?
  Also I am creating multiple detailed tabular forms - are there any shortcuts on how to do this? Or do I just have to manually create each detail after the first?
  Thanks!
  Jen

  Hello,
  Take a look at this example http://htmldb.oracle.com/pls/otn/f?p=11933:55
  It has inpage tabs based off of regions
  Carl

• Port with multi-vlan for voice and data??

  Hi guys,
  I've a situation where my VOIP and DATA on a different segments. Voice is 10.x.x.x riding on VLAN 701. And my data is 192.x.x.x riding on VLAN 100.
  The problem occur when our receptionist PC have a software installed for call forwarding for our general line. This software need to be on the same vlan with the IP Phone vlan which is 701. If I put her PC on those vlan, she can't access
  to our LAN which is vlan 100. So she can't check her email etc.
  Can I know what is the options I have? Can I configured multi-vlan for her PC on the switch? We are using Cisco PoE 3560 switch. Thanks.

  Hi,
  on the L3 switch, you should have an IP address for both VLAN 701 and 100. So, the L3 switch is doing inter-VLAN routing.
  This means, unless you have ACL blocking traffic, any device will be able to reach any other device, even on a different VLAN.
  And, no matter where you put voice and applications, everything will work anyway.

• 802.1x Blocking port (many deviсes to one port)

  Hello!
  On ports of the Cisco 3750 there is authentication on 802.1x (Mab). I connect the "stupid" switch (that doesn't work with 802.1x) to port and logs of Radius-server and Cisco show that it was authenticated. Then I connect the device (laptop or PC) to the "stupid" switch, then the port is blocked. However PC passes authentication at direct connection to the Cisco.
  I know that in 802.1x is provided blocking of port at connection of many MAC-addresses to one port. 
  "Stupid" switch must be in vlan, and the devices (that are connected to switch) must be in the same vlan. Maybe they must be authenticated on Radius-server or maybe I have to create ACL with their MAC-addresses...
  How it can be solved? Help me, please.
  P.S. Multi-auth is enabled.

  Hi,
  Along with all the other bits and pieces to invoke 802.1x on the switch
  May be try adding this to the interface to "stupid"
  interface gigabitethernet2/0/1
  description *** LINK TO STUPID ***
  dot1x port-control auto
  dot1x host-mode multi-host
  end
  from the 12.2.55 config guide
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/sw8021x.html#wp1271507
  Regards
  Alex

• Difference between 802.1x multi-host and 802.1x multi-auth

  Hi,
  This is a bit confusing for me. Does someone has an easy explanation?
  What I understand and looked up for the moment (correct me if I'm wrong):
  802.1x multi-host: Good for an AP or a phone setup. Port becomes authorized as soon as one client is authenticated. In this situation the AP or the phone. Aftherwards pc's have access without any further 802.1x action.
  802.1x multi-auth: Multiple devices are allowed to independently authenticate through the same port. More secure? Is this good for next setup: I have a 802.1x port on the managed 24p switch, but the customer decides to plug in a non-managed 8p cheap switch on his desk where different pc's will be plugged in. So I have a 802.1x port on the Cisco switch connected to a non-managed 8p switch. I suppose 802.1x multi-host configuration is not a secure option here.
  I don't know if I am clear enough. Don't hesitate to ask if not.
  Thanks for your reply.

  You are right with your understanding.
  Multi-Host is a valid solution if a power-user for example is using many VMs on his PC. After authenticating initially, all VMs can communicate with the network.
  Multi-Auth is more secure because each MAC address accessing the network is controlled.
  A very good overview on 802.1x and the configuration can be found on the Cisco IOS Quick Reference Guide for IBNS.

• How to configurate system for two database under one server

  Hi Friends,
  I installed abd created A database by oracle 10GR4 in window 32 bit 2003.
  it works.
  Then i created other B database by DBCA under this server.
  When I shutdown immediate database.
  it works well. But I can not startup mount ot startup A database again,
  I got below message as
  SQL> startup mount;
  ORA-24324: service handle not initialized
  ORA-01041: internal error. hostdef extension doesn't exist
  SQL> startup;
  ORA-24324: service handle not initialized
  ORA-01041: internal error. hostdef extension doesn't exist
  SQL> startup;
  ORA-24324: service handle not initialized
  ORA-01041: internal error. hostdef extension doesn't exist
  From EM, I saw as
  A listen Status Up
  LISTENER
  Oracle Home          
  C:\oracle\product\10.2.0\db_1\BIN
  Location          
  C:\oracle\product\10.2.0\db_1\BIN\network\admin
  BUT agent connect Status          
  Failed
  Details          ORA-12505: TNS:listener does not currently know of SID given in connect descriptor (DBD ERROR: OCIServerAttach)
  A database instance down
  Host     salerpt.net
  Port 1521
  SID SALERPT
  Oracle Home C:\oracle\product\10.2.0\db_1\BIN
  Also I try to connect as
  SQL> connect sys/salel@salerpt as sysdba;
  ERROR:
  ORA-12514: TNS:listener does not currently know of service requested in connect
  descriptor
  Form EM, I saw listen start up.
  Then I stop it. then restart it
  I can saw B db listen and can not see A db listen.
  also
  I saw that other B database works.
  My listen info as***************
  SID_LIST_LISTENER =
  (SID_LIST =
  (SID_DESC =
  (SID_NAME = PLSExtProc)
  (ORACLE_HOME = C:\oracle\product\10.2.0\db_1\BIN)
  (PROGRAM = extproc)
  LISTENER =
  (DESCRIPTION_LIST =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
  (ADDRESS = (PROTOCOL = TCP)(HOST = SALERPT.NET)(PORT = 1521))
  I check physical, two database use one common bin directory .
  I do not have any experience to handle two database under one oracle server.
  How to check and configurate DB server system?
  Thanks for help.
  Edited by: user589812 on Jan 4, 2009 8:17 AM

  Jim,
  Before starting the database A, did you set ORACLE_SID=A from command line? You can run as many instances you want from single server provided you enough memory, processing power. Also try starting your instances usign window services and check and post some lines from alert.log for database A.
  tnsnames.ora entry
  DATABASE_A =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = salesrpt.net)(PORT = 1521))
      (CONNECT_DATA =
        (SERVER = DEDICATED)
        (SERVICE_NAME = DATABASE_A)
  DATABASE_B =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = salesrpt.net)(PORT = 1521))
      (CONNECT_DATA =
        (SERVER = DEDICATED)
        (SERVICE_NAME = DATABASE_B)
    )Regards
  Edited by: OrionNet on Jan 5, 2009 10:55 AM

• Send Port to internally hosted IIS web service needs to run on the SAME IIS SERVER from multiple orchestrations

  Hi
  We have a multi-server BizTalk environment. We have an Orchestration with multiple call orchestrations in it. Each called orchestration is calling a web service through a 2 way Send Port (which is hosted in IIS on each BizTalk server in our multi server
  environment). We have to ensure that each called orchestration is calling these web services on the same IIS server.
  I could create a dedicated host instance that the Send Port runs under to run only on one server but then this means that all our DBase traffic is happening on one server. We also thought about using the load balancer some how to achieve this through sticky
  sessions etc.
  This is all necessary because we are using Entity Framework exposed through web services and we need to manage transactions.
  Any ideas on how we may achieve this. I have inserted a picture to try and show the scenario
  Biztalk Developer

  Haha, Entity Framework strikes again!  But seriously, that is a rather odd architectural requirement, double check first. But anyway...
  Try this: Configure the Send Port URI to point to something like http://localservicehost/[yourEFService]
  Then in the local hosts file (the DNS/IP hosts file), define localservicehost to the local IP address where the service is listening.
  That way, the connection will always be made to the local machine.  Essentially the same as localhost.

• FlexConnect Access Point - Wired 802.1X or MAB Authentication

  Hi all,
  We are piloting wired 802.1X but have hit a snag - FlexConnect AP switchport configuration requires the port be configured as trunk, with the native VLAN for management and access VLAN(s) for client data.
  I know 802.1X cannot be configured on trunk port, but how can we configure MAB on trunk ports such as these?
  Otherwise, is there another way we can authenticate these FlexConnect APs on a switch using ISE?
  Thanks in advance.
  Regards,
  Stephen.

  Hi Stephen. You are correct, 802.1x should not be configured on a trunk port. Moreover, you would run into an issue with clients if you are running local switching mode. Here is the flow:
  1. AP, authenticates via MAB and profiling
  2. Client authenticates via PEAP/EAP-TLS, etc
  3. Now the client's traffic is locally switched, thus, the client mac address is showing on the same port where the AP is connected. The NAD (Switch) sees this new mac address and it is expecting it to perform 802.1x or MAB based authentication. The supplicant, however, does not know that and as far it is concerned it was already authenticated.
  So I have ran into this issue in my deployments and you have the following options (listed in preference order):
  1. Eliminate FlexConnect :)
  2. Utilize AutoSmartPorts where:
  - If an AP is connected, then 802.1x configuration is removed, port-security is enabled and locked to a single MAC address and trunk configuration is enabled
  - If the AP is removed, then port is configured as standard access port, port-security is removed and 802.1x is configured
  More info on auto smart ports:
  http://www.cisco.com/c/en/us/td/docs/switches/lan/auto_smartports/15-0_1_se/configuration/guide/asp_cg.html
  3. You can configure the port in a "multi-host" mode where after the first device is authenticated all subsequent devices are allowed on the network.
  Hope this helps!
  Thank you for rating helpful posts!

• Sf-300 48port failing 802.1x reauthentication and not re-initialising ports

  Hi,
  I have an issue with the sf-300 switch model, which i am depolying in lapsafe trolleys. The approach is to wake the laptops from the guest VLAN (20) with WOL have them authenticate with 802.1x and use DVA to put the ports in VLAN14 so updates can be pushed to them over night.
  I have configured 802.1x, guest vlan and DVA which works initially, all host wake from WOL, the laptops successfully authenticate and are assigned to the VLAN (14). This remains stable for a time then the hosts fail reauthentication. I have also noticed that when a host is disconnected from a port and patched into another port the initial port remains in the authenticated state and the new port authenticates the client but the hostnames are missing on the 'authenticated hosts' page of the GUI, DVA fails. The ports display a port-failure message for a time then moves to failed reauthentication.
  The only way I can get it to work again is to reboot the box. From the logs I can see the macs of laptops being rejected and I can also see attribute 26 being ignored. See log below. I am unsure as to why host are initially authenticated but reauthentication fails, is it not the same process?.
  I have 11 of these switches and have configured 6 which all display the same behaviour. These switches are not CISCO I do not understand why they have badged them. The protocols/standards are implemented differently. If you incuded 'general ports' as an answer in a CISCO exam you would fail. There are also other issues I have noticed with these boxes, I am not impressed!!!.
  Kind Regards
  Daniel

      2147483217   2011-May-12 12:44:15 Informational   %AAA-I-CONNECT:        New http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 ACCEPTED 
      2147483218   2011-May-12 12:39:31 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483219   2011-May-12 12:36:46 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483220   2011-May-12 12:22:12 Informational   %AAA-I-DISCONNECT: http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 TERMINATED 
      2147483221   2011-May-12 12:19:42 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483222   2011-May-12 12:19:03 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (2) 
      2147483223   2011-May-12 12:18:02 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483224   2011-May-12 12:16:34 Informational   %AAA-I-CONNECT: New http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 ACCEPTED 
      2147483225   2011-May-12 12:02:38 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483226   2011-May-12 11:45:34 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483227   2011-May-12 11:39:50 Warning         %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:c3:7b was rejected on port e21 
      2147483228   2011-May-12 11:39:31 Informational   %SEC-I-PORTAUTHORIZED: Port e30 is Authorized 
      2147483229   2011-May-12 11:39:31 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483230   2011-May-12 11:38:48 Informational   %AAA-I-DISCONNECT: http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 TERMINATED 
      2147483231   2011-May-12 11:30:57 Informational   %AAA-I-CONNECT: New http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 ACCEPTED 
      2147483232   2011-May-12 11:28:30 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483233   2011-May-12 11:21:24 Informational   %AAA-I-DISCONNECT: http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 TERMINATED 
      2147483234   2011-May-12 11:19:18 Informational   %AAA-I-CONNECT: New http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 ACCEPTED 
      2147483235   2011-May-12 11:19:03 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (2) 
      2147483236   2011-May-12 11:18:02 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483237   2011-May-12 11:11:26 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483238   2011-May-12 10:54:22 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483239   2011-May-12 10:37:18 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483240   2011-May-12 10:34:23 Informational   %AAA-I-DISCONNECT: http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 TERMINATED 
      2147483241   2011-May-12 10:21:25 Informational   %AAA-I-CONNECT: New http connection for user wayne, source 10.163.102.24 destination 10.167.152.131 ACCEPTED 
      2147483242   2011-May-12 10:20:14 Debug          %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483243   2011-May-12 10:19:03 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (2) 
      2147483244   2011-May-12 10:18:01 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483245   2011-May-12 10:03:10 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483246   2011-May-12 09:46:06 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483247   2011-May-12 09:29:02 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483248   2011-May-12 09:19:02 Informational   %SEC-I-PORTAUTHORIZED: Port e26 is Authorized 
      2147483249   2011-May-12 09:19:02 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483250   2011-May-12 09:18:13 Informational   %SEC-I-PORTAUTHORIZED: Port e27 is Authorized 
      2147483251   2011-May-12 09:18:13 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483252   2011-May-12 09:18:06 Note            %COPY-N-TRAP: The copy operation was completed successfully 
      2147483253   2011-May-12 09:18:01 Informational   %SEC-I-PORTAUTHORIZED: Port e48 is Authorized 
      2147483254   2011-May-12 09:18:01 Warning         %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483255   2011-May-12 09:17:56 Informational   %COPY-I-FILECPY: Files Copy - source URL flash://startup-config destination URL flash://mirror-config 
      2147483256   2011-May-12 09:17:14 Warning         %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:ba:fb was rejected on port e27 
      2147483257   2011-May-12 09:17:07 Warning         %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:bf:f4 was rejected on port e23 
      2147483258   2011-May-12 09:17:05 Warning         %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:bf:34 was rejected on port e25 
      2147483259   2011-May-12 09:16:56 Warning         %STP-W-PORTSTATUS: e26 of instance 0: STP status Forwarding 
      2147483260   2011-May-12 09:16:53 Warning         %STP-W-PORTSTATUS: e27 of instance 0: STP status Forwarding 
      2147483261   2011-May-12 09:16:52 Informational   %LINK-I-Up: e26 
      2147483262   2011-May-12 09:16:50 Warning         %LINK-W-Down: e26 
      2147483263   2011-May-12 09:16:48 Informational   %LINK-I-Up: e27 
      2147483264   2011-May-12 09:16:46 Warning         %LINK-W-Down: e27 
      2147483265   2011-May-12 09:16:46 Warning         %STP-W-PORTSTATUS: e23 of instance 0: STP status Forwarding 
      2147483266   2011-May-12 09:16:46 Warning         %STP-W-PORTSTATUS: e48 of instance 0: STP status Forwarding 
      2147483267   2011-May-12 09:16:43 Warning         %STP-W-PORTSTATUS: e25 of instance 0: STP status Forwarding 
      2147483268   2011-May-12 09:16:42 Informational   %LINK-I-Up: e23 
      2147483269   2011-May-12 09:16:42 Informational   %LINK-I-Up: e48 
      2147483270   2011-May-12 09:16:40 Warning         %LINK-W-Down: e48 
      2147483271   2011-May-12 09:16:40 Warning         %LINK-W-Down: e23 
      2147483272   2011-May-12 09:16:39 Informational   %LINK-I-Up: e25 
      2147483273   2011-May-12 09:16:38 Warning         %STP-W-PORTSTATUS: e26 of instance 0: STP status Forwarding 
      2147483274   2011-May-12 09:16:37 Warning         %LINK-W-Down: e25 
      2147483275   2011-May-12 09:16:36 Warning         %STP-W-PORTSTATUS: e27 of instance 0: STP status Forwarding 
      2147483276   2011-May-12 09:16:34 Informational   %LINK-I-Up: e26 
      2147483277   2011-May-12 09:16:32 Warning         %LINK-W-Down: e26 
      2147483278   2011-May-12 09:16:32 Informational   %LINK-I-Up: e27 
      2147483279   2011-May-12 09:16:30 Warning         %LINK-W-Down: e27 
      2147483280   2011-May-12 09:16:29 Warning         %STP-W-PORTSTATUS: e23 of instance 0: STP status Forwarding 
      2147483281   2011-May-12 09:16:27 Warning         %STP-W-PORTSTATUS: e48 of instance 0: STP status Forwarding 
      2147483282   2011-May-12 09:16:26 Warning         %STP-W-PORTSTATUS: e25 of instance 0: STP status Forwarding 
      2147483283   2011-May-12 09:16:24 Informational   %LINK-I-Up: e23 
      2147483284   2011-May-12 09:16:23 Warning         %LINK-W-Down: e23 
      2147483285   2011-May-12 09:16:22 Informational   %LINK-I-Up: e48 
      2147483286   2011-May-12 09:16:22 Informational   %LINK-I-Up: e25 
      2147483287   2011-May-12 09:16:20 Warning         %LINK-W-Down: e48 
      2147483288   2011-May-12 09:16:20 Warning         %LINK-W-Down: e25 
      2147483289   2011-May-12 09:11:58 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483290   2011-May-12 08:54:54 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483291   2011-May-12 08:37:50 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483292   2011-May-12 08:20:46 Debug           %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483293   2011-May-12 08:20:25 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:c3:94 was rejected on port e20 , aggregated (1) 
      2147483294   2011-May-12 08:20:07 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:c3:94 was rejected on port e20 
      2147483295   2011-May-12 08:20:07 Warning   %SEC-W-PORTUNAUTHORIZED: Port e20 is unAuthorized 
      2147483296   2011-May-12 08:16:58 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:5c:b1 was rejected on port e2 
      2147483297   2011-May-12 08:16:58 Warning   %SEC-W-PORTUNAUTHORIZED: Port e2 is unAuthorized 
      2147483298   2011-May-12 08:03:42 Debug     %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483299   2011-May-12 08:00:04 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:be:13 was rejected on port e19 
      2147483300   2011-May-12 08:00:04 Warning   %SEC-W-PORTUNAUTHORIZED: Port e19 is unAuthorized 
      2147483301   2011-May-12 07:46:38 Debug     %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483302   2011-May-12 07:40:23 Warning   %SEC-W-PORTUNAUTHORIZED: Port e18 is unAuthorized 
      2147483303   2011-May-12 07:40:22 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:c3:23 was rejected on port e5 , aggregated (1) 
      2147483304   2011-May-12 07:40:10 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:b4:b9 was rejected on port e28 
      2147483305   2011-May-12 07:40:10 Warning   %SEC-W-PORTUNAUTHORIZED: Port e28 is unAuthorized 
      2147483306   2011-May-12 07:40:04 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:c3:23 was rejected on port e5 
      2147483307   2011-May-12 07:40:04 Warning   %SEC-W-PORTUNAUTHORIZED: Port e5 is unAuthorized 
      2147483308   2011-May-12 07:29:34 Debug     %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483309   2011-May-12 07:19:49 Informational   %SEC-I-PORTAUTHORIZED: Port e20 is Authorized 
      2147483310   2011-May-12 07:19:49 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483311   2011-May-12 07:19:34 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:c2:19 was rejected on port e43 
      2147483312   2011-May-12 07:19:34 Warning   %SEC-W-PORTUNAUTHORIZED: Port e43 is unAuthorized 
      2147483313   2011-May-12 07:16:22 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483314   2011-May-12 07:12:30 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483315   2011-May-12 06:59:46 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483316   2011-May-12 06:55:26 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483317   2011-May-12 06:39:46 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483318   2011-May-12 06:38:22 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483319   2011-May-12 06:21:18 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483320   2011-May-12 06:19:16 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483321   2011-May-12 06:16:22 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483322   2011-May-12 06:04:14 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483323   2011-May-12 05:59:46 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483324   2011-May-12 05:47:10 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483325   2011-May-12 05:39:46 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483326   2011-May-12 05:30:06 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483327   2011-May-12 05:19:15 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483328   2011-May-12 05:16:22 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483329   2011-May-12 05:13:02 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483330   2011-May-12 04:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483331   2011-May-12 04:58:57 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:c3:25 was rejected on port e47 
      2147483332   2011-May-12 04:58:57 Warning   %SEC-W-PORTUNAUTHORIZED: Port e47 is unAuthorized 
      2147483333   2011-May-12 04:55:58 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483334   2011-May-12 04:39:46 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483335   2011-May-12 04:38:54 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483336   2011-May-12 04:21:50 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483337   2011-May-12 04:19:15 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483338   2011-May-12 04:16:22 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483339   2011-May-12 04:04:46 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483340   2011-May-12 03:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483341   2011-May-12 03:58:39 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483342   2011-May-12 03:47:42 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483343   2011-May-12 03:39:46 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483344   2011-May-12 03:30:38 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483345   2011-May-12 03:19:15 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483346   2011-May-12 03:16:22 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483347   2011-May-12 03:13:34 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483348   2011-May-12 02:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483349   2011-May-12 02:58:39 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483350   2011-May-12 02:56:30 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483351   2011-May-12 02:41:10 Warning   %STP-W-PORTSTATUS: e48 of instance 0: STP status Forwarding 
      2147483352   2011-May-12 02:41:06 Informational   %LINK-I-Up: e48 
      2147483353   2011-May-12 02:41:04 Warning   %LINK-W-Down: e48 
      2147483354   2011-May-12 02:39:46 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483355   2011-May-12 02:39:26 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483356   2011-May-12 02:34:30 Warning   %STP-W-PORTSTATUS: e45 of instance 0: STP status Forwarding 
      2147483357   2011-May-12 02:34:25 Informational   %LINK-I-Up: e45 
      2147483358   2011-May-12 02:34:23 Warning   %LINK-W-Down: e45 
      2147483359   2011-May-12 02:22:22 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483360   2011-May-12 02:19:15 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483361   2011-May-12 02:16:21 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483362   2011-May-12 02:15:55 Warning   %STP-W-PORTSTATUS: e2 of instance 0: STP status Forwarding 
      2147483363   2011-May-12 02:15:51 Informational   %LINK-I-Up: e2 
      2147483364   2011-May-12 02:15:49 Warning   %LINK-W-Down: e2 
      2147483365   2011-May-12 02:05:18 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483366   2011-May-12 01:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483367   2011-May-12 01:58:39 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483368   2011-May-12 01:48:14 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483369   2011-May-12 01:39:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483370   2011-May-12 01:31:10 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483371   2011-May-12 01:19:15 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483372   2011-May-12 01:14:06 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483373   2011-May-12 00:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483374   2011-May-12 00:58:38 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483375   2011-May-12 00:57:02 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483376   2011-May-12 00:39:58 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483377   2011-May-12 00:39:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483378   2011-May-12 00:39:16 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a2:b7:9a was rejected on port e24 
      2147483379   2011-May-12 00:39:16 Warning   %SEC-W-PORTUNAUTHORIZED: Port e24 is unAuthorized 
      2147483380   2011-May-12 00:22:54 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483381   2011-May-12 00:19:14 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483382   2011-May-12 00:05:50 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483383   2011-May-11 23:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483384   2011-May-11 23:58:38 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483385   2011-May-11 23:48:46 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483386   2011-May-11 23:39:46 Informational   %SEC-I-PORTAUTHORIZED: Port e18 is Authorized 
      2147483387   2011-May-11 23:39:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483388   2011-May-11 23:38:50 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483389   2011-May-11 23:31:42 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483390   2011-May-11 23:19:14 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483391   2011-May-11 23:14:38 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483392   2011-May-11 22:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483393   2011-May-11 22:58:38 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483394   2011-May-11 22:57:34 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483395   2011-May-11 22:40:30 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483396   2011-May-11 22:39:45 Informational   %SEC-I-PORTAUTHORIZED: Port e5 is Authorized 
      2147483397   2011-May-11 22:39:45 Informational   %SEC-I-PORTAUTHORIZED: Port e28 is Authorized 
      2147483398   2011-May-11 22:39:44 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483399   2011-May-11 22:38:49 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483400   2011-May-11 22:23:26 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483401   2011-May-11 22:19:14 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483402   2011-May-11 22:06:22 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483403   2011-May-11 21:59:45 Informational   %SEC-I-PORTAUTHORIZED: Port e19 is Authorized 
      2147483404   2011-May-11 21:59:45 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483405   2011-May-11 21:58:38 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483406   2011-May-11 21:49:18 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483407   2011-May-11 21:39:44 Informational   %SEC-I-PORTAUTHORIZED: Port e2 is Authorized 
      2147483408   2011-May-11 21:39:44 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft, aggregated (1) 
      2147483409   2011-May-11 21:38:49 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483410   2011-May-11 21:32:14 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483411   2011-May-11 21:20:02 Warning   %SEC-W-SUPPLICANTUNAUTHORIZED: MAC 60:eb:69:a1:93:3f was rejected on port e7 
      2147483412   2011-May-11 21:19:14 Informational   %SEC-I-PORTAUTHORIZED: Port e43 is Authorized 
      2147483413   2011-May-11 21:19:14 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
      2147483414   2011-May-11 21:15:10 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible 
      2147483415   2011-May-11 20:58:38 Warning   %AAAEAP-W-RADIUSREPLY: Invalid attribute 26 ignored - vendor id is not Microsoft 
     2147483416   2011-May-11 20:58:06 Debug   %SNTP-D-NTPBADVER: NTP server version not compatible

• One armed bandit and one port to another

  I was trying to setup a CSS in one-armed bandit mode for the first time per the URL below. But I want to be able to have arbitrary ports on the "real" servers. E.g. use https://hooty.com as the VIP but on the backend take you to hoot1.hooty.com port 8443 say while http://hooty.com would direct you to hoot1.hoot.com port 8080. Must the port number on the VIP equal the port number on the real server in one-armed-bandit mode?
  http://www.cisco.com/warp/public/117/one_armed_bandit.html
  group Servers1
  vip address 26.19.98.45
  add destination service oldwww:80
  active
  group Servers2
  vip address 26.19.98.45
  add destination service oldwww:443
  css-n1-1(config)# group Servers2
  css-n1-1(config-group[Servers2])# active
  %% An active source group with that address already exists

  The port number of the vip does not have to to be the same as the real server.
  You can set the port you want for the real server with the 'port' command under the service definition.
  This is true for one-armed or any other type of setup.
  The problem in your config is that you can't create 2 groups using the same vip ip address.
  So, simply configure all your servers under one group.
  ie:
  group Servers1
  vip address 26.19.98.45
  add destination service oldwww:80
  add destination service oldwww:443
  active
  Gilles.

• Two devices under one apple ID, how do I keep my privacy?

  I have two devices under one apple ID, my sister's iPhone 4s and my own iPod touch 5. iMessages and FaceTime requests etc are being sent to both devices instead of the specific one it's meant to be sent to. For example, I am recieving the iPhone's iMessages on my iPod as well, when they are meant to be only sent to the iPhone. Also, will safari history and bookmarks/app downloads and passwords etc be shown on both devices as well?

  Remember this construct:
  One Apple ID per individual; one device per Apple ID. If you have two devices you should have an Apple ID for each unless you want both devices to draw from the same iTunes Library. This is your situation now.
  If you open iTunes and select one device to configure, then go through the configuration options for Apps, Music, etc. and select what you want synched to that device. Repeat the process for your other device. This is the best you can do to keep each device's configuration different.