802.1X

Similar Messages

• ISE 1.2 - WLC 5508 (7.5x) - Windows 7 802.1X

  Hi ,
  We deployed ISE 1.2 (patch 3) with 5580 WLC to authenticate machines and users using 802.1x .
  We are experiencing a strange issue - randomly some machines authenticate fine over wireless and we are able to see logs on ISE and nexst day the same machine stops authenticating itself and ISE doesnt generate any log.. seems like somehow no request is coming to ISE.
  we have checked all the settings including wireless settings ,services, 802.1x settings on the laptop but struggling to find the a reason why randomly machine would work and then not work.
  whenever a machine works we see all the logs but when a machine doesnt work no log is generated in ise.
  has anyone experienced a similar issue?
  Thanks

  Thanks, we have figured it out.
  Machine Auth timer would expire after 12 hours and ISE had another setting where it would blacklist the client and supress logs for an hour if it sees more then certain amount of failed authentication attempts.
  Thanks

• Unable to Connect Using New AirPort Express 802.11n

  My mom purchased an AirPort Express 802.11n wireless router (AX) and I, as the designated "technology guru", was tasked with setting it up. Unfortunately, I am having problems out of the box.
  When I connect it to the wall, it is found by AirPort Utility, but when I try to set it up, it is unable to connect to the wireless network. ("An error occurred joining the selected wireless network." "An error occurred, close the configuration window and try again.") This is annoying because I have an older AX and it was true to the "it just works" Apple mantra. It is also annoying because the error message has a comma splice.
  Feeling pretty proud of my "technology guru" title, I come here to see what I could be doing wrong. I try connecting the computer directly to the router via ethernet cable. With this, I am able to setup my wireless network. I am still not able to connect to it. Additionally, once the AX has been configured, the AirPort Utility can't find it.
  I tried updating firmware to 7.5.2. I've tried downgrading to 7.3.2. I've tried hard resets, soft resets. Every tip I could find I have tried. Please help. My self-confidence is wearing out.
  Is it time for a call to Apple or a visit to the Apple Store?

  Are you trying to configure the Express to "join" the wireless network?
  If yes, the message you are receiving is likely an indication that you do not have the correct security settings selected for the Express. Unless the security settings between the wireless router and Express match up exactly, the Express will display the error that "an error occurred, etc".
  The easiest way to confirm if you have this problem is temporarily set the main wireless router to "no security" and try to connect the Express that way. If you can connect, then you know that it is a security issue.
  Please tell us the exact setting for security that the wireless router there is using and we'll try to give you some more ideas.
  The Express will connect. It's just a matter of finding the right settings.
  Message was edited by: Bob Timmons

• 10.5.1 doesn't fix 802.1X WEP os-logon and Go To Folder in finder dock Bug

  Hi,
  I still have a bug when opening folder/directory view from the finder dock icon. it instantly locks the finder and i have to kill it to get it function again. This bug doesnt' work when a finder window is open.. (as referred to be me in http://discussions.apple.com/message.jspa?messageID=5768515#5768515)
  There is still also a bug when i was using 802.1X WEP encryption at college earlier today. when booting leopard it searches for new or known wireless networks and gives me a password dialog. Since I authenticate against a LDAP server (U/P settings stored in the 802.1X tab) ) and also have a certificate, this dialog box is wrong. If i enter my password it also doesn't work!
  When canceling the dialog box and going to the wireless menu in the top right screen and selecting my access point, i get connected right away!!
  Come on apple, you can do better then that!
  Also, please remove or upgrade the "address book" in the terminal application, its still a shame...
  Regards,
  Rick

  In my searching beforehand, there were some rare problems in Finder with fonts in the sidebar causing problems. I figured it couldn't hurt. If I don't get any kind of solution here, I'm just going to wipe the computer (data backed up, of course), since I've accumulated quite a few odd things the past 18 months. Thanks anyway.
  edit: I just realized what you meant about the /Library/Fonts folder. I did the ~ one too, but no dice.
  Message was edited by: mintrepublic

• How do I connect my Airport Extreme 802.11n to Epson 645 Printer?

  I can't figure out how to connect my Airport Extreme 802.11n to my Epson 645 Printer.  Can anyone help me?  Thanks!

  You may want to try reinstalling Mavericks. Airport Utility installed by Mavericks may no longer connect to your older AEBS (though I've not heard that.) Installing the Old AirPort Utility (Version 5.6) on Mountain Lion | frank.is.
  Reinstall Lion, Mountain Lion, or Mavericks
       Boot to the Recovery HD: Restart the computer and after the chime press and hold down the
       COMMAND and R keys until the Utilities menu screen appears. Alternatively, restart the computer and
       after the chime press and hold down the OPTION key until the boot manager screen appears.
       Select the Recovery HD and click on the downward pointing arrow button.
       Repair the Hard Drive and Permissions: Upon startup select Disk Utility from the Utilities menu.
       Repair the Hard Drive and Permissions as follows.
  After DU loads select your hard drive entry (mfgr.'s ID and drive size) from the the left side list.  In the DU status area you will see an entry for the S.M.A.R.T. status of the hard drive.  If it does not say "Verified" then the hard drive is failing or failed. (SMART status is not reported on external Firewire or USB drives.) If the drive is "Verified" then select your OS X volume from the list on the left (sub-entry below the drive entry,) click on the First Aid tab, then click on the Repair Disk button. If DU reports any errors that have been fixed, then re-run Repair Disk until no errors are reported. If no errors are reported click on the Repair Permissions button. Wait until the operation completes, then quit DU and return to the main menu.
       Reinstall Lion/Mountain Lion, Mavericks: Select ReinstallLion/Mountain Lion, Mavericks from
       the Utilities menu, and click on the Continue button.
       Note: You will need an active Internet connection. I suggest using Ethernet if possible because it is
                  three times faster than wireless.

• Broadcom 802.11n Network Adapter not working on Windows 7 64bit

  As the title suggests, my laptop (Alienware m17x) is installed with the Broadcom 802.11n Network Adapter and Windows 7 64bit Home Premium.  I have had several other driver incompatibility issues with Windows 7, but those I have slowly been able to resolve.  This however just cropped up after two months of successful use.  Yesterday it started failing to connect to the internet, telling me that no wireless connections are available.  I live in a dorm, and everyone else on my floor has successful wireless, including my Ipod Touch, PS3 and XBox 360.  I called Alienware/Dell Support and we spent hours trying to fix the problem and all look well until I rebooted my laptop this morning and the same issue reappeared.  When I reboot my laptop, all I get is a notification that no networks appear in range.  If I uninstall the broadcom chip and let windows install it after a boot up it works until the machine is rebooted a second time.  I have tried over a dozen windows 7 drivers for the chip, and about half a dozen vista drivers and they all have the same results, works on the first boot, fails every time after that 

  Just registered to say, on an Alienware M17x system as well running Windows 7 Ultimate, here is a link to a solution that worked exactly for me:
  http://forum.notebookreview.com/alienware/436486-guide-properly-solve-wireless-connection-problems-m17x.html
  All I did was section I.a. If the link is down, I copied the only section that I needed to follow out of this guide, in order to get my wireless to work repeatedly without having to uninstall the wireless driver every single reboot. Now it works perfectly,
  already connected to a wireless network on startup.
  I.a. Disable Device sleep on disconnect
  Some newer Nvidia Ethernet drivers have a feature called Device sleep on disconnect. This is the culprit. Normally, it should only put the Ethernet adapter to sleep when the cable is disconnected, but it's buggy and thus kills the wireless connection as
  well.
  Follow these steps to disable this feature on your Nvidia Ethernet Adapter:
  1. Open the Windows Device Manager by hitting Win+Pause, then click on Device Manager on the left side.
  2. Double-click on Network adapters.
  3. Double-click on NVIDIA nForce Networking Controller (yes, that's the wired Ethernet adapter indeed).
  4. Click on the Advanced tab.
  5. Select Device sleep on disconnect.
  6. Set the Value to Disabled. 
  7. Click OK and wireless should work again (might require a reboot afterwards, but probably not).

• Dell wireless 1538 802.11 a/g/n adapter

  I have a Dell Venue 8 Pro 5830 and I cannot get an internet connection. When I run the Windows network diagnostics I get the message "The Dell wireless 1538 802.11 a/g/n adapter is experiencing driver or hardware related problems".
  I have tried everything suggested in the Tablet.  What can I do now? I bought the Tablet through Amazon and I live in Venezuela.

  I have the same EXACT problem for 3 days.Even with my 5 yr computer experience I still couldn't figure this issue out.Dell rep and I found a temp solution.restart......press f8 nonstop....click on repair......restore it to an earlier time....
  this so far is the ONLY thing wev'e tried thats had a temp and pleasing result.let me guess there's a big red x on the bottom right hand corner? also try pressing fn + f2 same time......device manger-right click on dell wireless and disable,then enable.......
  ive had my dell inspiron 5423 for 2 1/2 months off of ebay.still has warranty under owner before me.After tons of research I'm thinking either driver I bad,or hardware or when he installed fresh copy of windows 7,he didn't install everything in the correct order (very important thing to do).
  If by chance you come across a permanent solution please keep me informed.

• Can my mid 2011 macbook air be upgraded to wifi 802.11ac?

  Can my mid 2011 macbook air be upgraded to wifi 802.11ac? I am considering replacing my 802.11n router with the 802.11ac time capsule. Will this effect my download speed on my 802.11n macbook air (mid 2011)? can it be upgraded?

  No, you cannot change the Wi-Fi hardware in your Mac. The Time Capsule is still worth it due to its ability to make backups of your Mac via Time Machine.

• New Macbook Air will not connect to 802.11n, but my old 2011 model will

  I have just bought a new MBA 13", i7, 8 GB RAM, 256 GB SSD.
  When I connect to my home network I see it as a 802.11n network, but as soon as I log on, I only have 802.11g connection. I still have my old 2011 MBA, and it connects to the n-standard just fine.
  I went to the local Apple reseller to have them look at it, but the problem was not present when connecting to their airport extremes.
  Has anyone else had this kind of problem, and is there a known fix?
  Casper

  The warranty entitles you to complimentary phone support for the first 90 days of ownership. If you bought the product in the U.S. directly from Apple (not from a reseller), you also have 14 days from the date of delivery in which to  exchange or return it for a refund. In other countries, the return policy may be different.

• Airport Drives Me CRAZY! New 802.11n Network Slower Than Old 802.11g/b

  I've been using Macs since 1988 and consider myself an advanced user. However, every time I setup a new Airport wireless network or re-configure an existing one, I feel like a helpless newbie trying to figure out how to open a folder on my desktop. No matter how many times I read the manual or the help files or these forums, I can never grasp what seems like it should be a simple path from A to B to C.
  Anyway, here's my current situation: I've been successfully (I think) running a 6 year old AP Extreme Base Station [AE] (in my home office addition) and 2 Airport Expresses [AX] (one AX roughly 15 feet from the base station--through sheetrock, and the second AX roughly 30 feet from the first AX--through sheetrock and some wooden stairs. (so roughly 45 feet from AE to 2nd AX). It wasn't the speediest thing going but it did the trick with older Macs.
  I recently bought a MacBook Pro which supports 802.11n. I most often use this laptop at the point in the house furthest away from the AE (Base Station) The AE (Base Station) is in my home office connected to my MacPro desktop (see #1 below). In addition, the family iMac is also in that room furthest from the AE. Using the new MacBook Pro with the old 802.11/g/b network turned out to be painfully slow. I was experiencing the same slow network connection my family has complained about for years with their older Macs and 802.11g/b.
  I decided it was time to upgrade the whole network, if only to speed up my MacBook Pro connection. Bought new 802.11n Airport Extreme (MC340LL/A) and 2 new 802.11n Airport Expresses (MB321LL/A). Setup did not go smoothly. Again, my normally competent Mac persona was reduced to a babbling three-year-old. Had three different Apple techs on the phone trying to help me through it. Got different, contradictory instructions from the last two. Finally got all three units working, only to find that not only does my MacBook Pro seem even more sluggish than when connected to the old 802.11g/b network, but my wife tells me web pages are taking at least twice as long to load as with the old network.
  As concisely as I can lay this out:
  *1. Airport Extreme (Base Station)*
  Connected via Ethernet from its WAN port to my Comcast cable modem. One Ethernet (LAN) port on that AE is then connected via Ethernet to my Netgear 8-port Ethernet switch. Ethernet from switch to Ethernet port 1 on my MacPro. (MacPro does NOT have an Airport card because I forgot to order one. Also I confirmed that this setup was functional by connecting to the AE wirelessly with my MacBook Pro showing the name I'd given the new network prior to adding the two AX's to the mix).
  Some Airport Extreme settings of note (all accessed via "Manual Setup" button):
  Airport Tab > Summary
  Version 7.5.1
  Wireless Mode: Create a wireless network
  Channel: 149 (Automatic), 1 (Automatic)
  Wireless Clients: 3
  Airport Tab > Base Station:
  Allow Setup over WAN: Unchecked
  Airport Tab > Wireless:
  Allow this network to be extended: Checked
  Airport Tab > Guest Network:
  Nothing checked
  Airport Tab > Access Control:
  MAC Address Access Control: Not Enabled
  Internet Tab > Internet Connection:
  Connect Using: Ethernet
  Ethernet WAN Port: Automatic (Default)
  Connection Sharing: Share a public IP address [Think this one is probably wrong]
  Internet Tab > TCP/IP:
  Configure IPv4: Using DHCP
  Internet Tab > DHCP:
  Shows Beginning & Ending Address
  Internet Tab > NAT:
  Enable default host at: Unchecked and blank field
  Enable NAT Port Mapping Protocol: Checked
  Internet Tab > Advanced
  Didn't touch anything here, so all at defaults
  *2. Airport Express #1: Living Room Express (Closest to AE (Base Station)*
  Airport Tab > Summary
  Version 7.4.2
  Wireless Mode: Extend a wireless network
  Connect using: Wireless Network
  Channel: 1 (Automatic)
  Wireless Clients: 1
  Airport Tab > Base Station:
  Allow Setup over the Internet using Bonjour: Unchecked
  Airport Tab > Wireless:
  Wireless Mode: Extend a wireless network
  Allow wireless clients: checked
  Airport Tab > Access Control:
  MAC Address Access Control: Not Enabled
  Internet Tab > Internet Connection:
  Connect using: Greyed-out, not selectable
  Connection sharing: Greyed-out, not selectable
  Internet Tab > TCP/IP:
  Configure IPv4: Using DHCP
  Shows IP Address
  Internet Tab > Advanced
  Didn't touch anything here, so all at defaults
  *3. Airport Express #2: Dining Room Express (Furthest from AE (Base Station)*
  Airport Tab > Summary
  Version 7.4.2
  Wireless Mode: Extend a wireless network
  Connect using: Wireless Network
  Channel: 1 (Automatic)
  Wireless Clients: 2
  Airport Tab > Base Station:
  Allow Setup over the Internet using Bonjour: Unchecked
  Airport Tab > Wireless:
  Wireless Mode: Extend a wireless network
  Allow wireless clients: checked
  Airport Tab > Access Control:
  MAC Address Access Control: Not Enabled
  Internet Tab > Internet Connection:
  Connect using: Greyed-out, not selectable
  Connection sharing: Greyed-out, not selectable
  Internet Tab > TCP/IP:
  Configure IPv4: Using DHCP
  Shows IP Address
  Internet Tab > Advanced
  Didn't touch anything here, so all at defaults
  SETUP/GOALS:
  With Airport Extreme (Base Station) as the starting point, have the two Airport Express units with the strongest, fastest signal possible, provide Internet access (and file sharing, iTunes speakers capability) to three Macs (one older iMac, one older PowerBook and my new MacBookPro). Again, I believe my new MacBook Pro is the only one with 802.11n support, so I don't expect the other Macs to take advantage of the speed boost offered by the three new 802.11n devices.
  +Any and all help with this will be greatly appreciated. Thanks!+

  {quote}With the AirPort Extreme, in the AirPort panel, Wireless tab, click on the button for "Wireless Network Options", check the box for "5 GHz Network Name", and enter a different network name. (That can be trivially different, such as the name of the main network suffixed with an underscore and the digit 5.) Once configured that way, connect your "N" gear to each network in turn to see if one is any better than the other. (If you're wondering what effect this would have, it allows segregating your "N" gear from the older gear to prevent the older gear from slowing down your network. However, distance and interference from things like walls may negate any advantage.){quote}
  William: I was gone most of yesterday, but had a chance to implement your recommendations today. I added the 5 GHz network as you suggested, but in order to connect to that at all with my 802.n11 MacBokk Pro, I need to be within a few feet of the AE (base station). If I try to access that network even from the next room (well within reach of both the AE and the livingroom AX, I get one bar and "failure to connect" messages just trying to logon to that network.
  However, I did some experimenting that (as of right now, anyway) resulted in much faster network access, not only from my MacBook, but also from the older iMac which is the furthest Mac from the AE. According to my wife, that iMac is "loading web pages faster than I've ever seen them!"
  Here's what I did:
  1. Moved all three units to places where it seemed they would have the least amount of interference with the clearest path from unit to unit, also raising the height of both AXs from about 2-3 feet from the floor to about 5-6 feet from the floor.
  2. Changed one setting on the AE (base station): Wireless Tab > Wireless Network Options > Multicast Rate ---> Changed this from Low to High.
  I have a feeling the location shifts made the real difference, but I will try changing the multicast rate back to "Low" just to see what happens.
  Paul

• Does Mixing 802.11n with .11g Devices Slow the Whole Network?

  Hi all,
  I'm considering buying the new Airport Extreme as I also have a new Macbook Pro that supports 802.11n. I also have a couple Airport Expresses on my network, and my question is this:
  Will the presence of the Airport Express units (which are 802.11g) drag the whole network into .11g speeds? I ask this because of this note on the Airport Extreme page:
  Speed and range will be less if an 802.11a/b/g product joins the network.
  Thanks for any guidance.

  I did this the same way....
  I connected my cable modem directly to the WAN port of my new 802.11n AirPort Extreme Base Station. I have selected 'n' only (5GHz). I call this network Saturn.
  There are 3 ethernet ports on this new base station. Wired to one of these ports is my 802.11g Snow Airport Extreme Base Station. This base station will handle any 'g' services (like my friends who are using MacBooks/iBooks/PCs). I have 2 AirPort Express base stations that I use to play music on remote speakers, and wireless printing. It also has 2 Linksys wireless USB 'b' devices that connect to it, which 2 of my TiVos use to get their daily updates. I wanted to keep all of this stuff off the 'n' network since I heard it would slow it down. I call this 'g' network Zodiak. I can see both networks in my AirPort menu, and can select either.
  In addition, I have an xBox that I connected directly to one of the wired ethernet ports on the 'n' base station, and I have a Linksys switch that is wired to the 'g' base station.
  My only complaint is that I can't get to all of this stuff that is on the 'g' network. Which means, if I want to print something, I need to change my network, if I want to play iTunes out of my stereo speakers, I need to change the network, and if I want to use my TiVo to display photos, I need to change networks. I was hoping I'd still be able to get to that stuff since the 'g' network is hard wired into the ethernet port of the 'n' network. Oh well. I'm only on a 6MB Comcast service, so perhaps I'll try mixing the 'g' network in and seeing how bad it affects performance.
  I'm getting 2.5 mb/sec on a hard drive transfer...can't imagine that being much worse on 'g'.

• Wireless VoIP roaming - getting an 802.11g phone to roam with CCX / CCKM

  Hello,
  Our group is facing a pretty difficult issue at the moment, we are trying to deploy a wireless Avaya VoIP phone at one of our sites in Australia.
  The site in question is located in Western Australia, which is on the other side of the continent to where our 5508 WLC is (in Sydney), so there is a latency of abouy 60-80ms between the sites. When testing the phone at the Sydney location, we're able to authenticate the phone via a number of methods (802.11x, 802.11x FT) and the phone can roam fine. When testing at the WA location, the 802.11x authentication method drops the call when roaming, and the 802.11x FT authentication method has about 2 seconds of dead air during roaming / reassociation.
  The avaya phone supports a few different methods of "fast handoff" - CCKM and OKC - and we've only got the OKC (802.11 version of fast transition) method to work, not CCKM. The phone reports error messages when trying to connect to the network with CCKM enabled - specifically "No CCKM AP's" and "No CCX AP's".
  So I have some questions...
  1) Is a 60ms latency between sites a dealbreaker for wireless voice usually?
  2) The voice engineer is convinced that CCX is disabled on the WLAN. My understanding of CCX (according to online Cisco docco) is that it can't be switched off. Is this the case? I know CCKM can be disabled (in the Layer 2 Authentication options) but can CCX or CCKM be enabled / disabled anywhere else?
  3) The voice engineer has a point on one front - if we do a command "show ap ccx rm [APName] status", the command outputs "Beacon Request ..... Disabled." This seems to be related to CCX Location awareness - but even after switching this on in the WLC (both globally and for the WLAN), I cannot get this to enable.
  3) We have had some minimal success getting the phone to connect with only CCKM Authentication enabled. The phone could not roam. When we did this, I looked at the Client information in the WLC of this device and the CCX Version read "Not Supported." Does this perhaps mean some kind of CCX compatibility problem?
  4) Is there much of a difference between OKC (Fast Transition) and CCKM in terms of roaming time? I.e. are we better off trying to install a WLC at the location rather than getting this work remotely.
  We're a bit lost on this. Anyone that's had experience in getting Wireless VoIP phones to roam on a wireless campus before, particularly where the WLC is remote, I'd love to hear from you.
  Thanks,
  Dave

  Hi, thanks Steve. Aironet IE is enabled.
  The encryption is news to me. We intially tried WPA2/AES & WPA/TKIP together but had no success at all. We then moved to WPA/TKIP, and we were able to get the phone to connect to the WLAN using the CCKM settings, but it doesn't roam at all & the WLC reported the Clients CCX version was "Not Supported".
  I think the phone has CCX version 4. Are you certain that the phone will only support WPA & WPA2 with CCX v5? Just that this sounds a little strange, the phone's documentation claims to support CCKM, but if you're right then there's no way we can secure our phone conversations? In previous testing, we did actually temporarily drop all authentication / encryption and the roaming worked perfectly.
  Thanks for your help...

• ACS 5.3 Configuring 802.1x

  Trying to configure 802.1x with ACS 5.3, have some general doubts about how to make it, this is what I got for the moment:
  ACS 5.3 = 192.168.240.28
  AD = 192.168.251.97
  Switch = 192.168.240.171
  IOS device config
  Already configured and running Device Administration using Tacacs, mising with Radius aaa commands:
  aaa group server tacacs+ TACACS_PLUS
  server 192.168.240.28
  aaa group server radius RADIUS_1x
  server 192.168.240.28 auth-port 1812 acct-port 1813
  aaa authentication login default group TACACS_PLUS
  aaa authentication login no_tacacs enable local
  aaa authentication enable default group RADIUS_1x
  aaa authentication dot1x default group RADIUS_1x
  aaa authorization config-commands
  aaa authorization exec no_tacacs local
  aaa authorization commands 15 TACACS_PLUS group tacacs+
  aaa authorization network default group RADIUS_1x
  aaa authorization auth-proxy default group RADIUS_1x
  aaa accounting send stop-record authentication failure
  aaa accounting update newinfo
  aaa accounting dot1x default start-stop group RADIUS_1x
  aaa accounting exec default start-stop group TACACS_PLUS
  aaa accounting network default start-stop group TACACS_PLUS
  aaa accounting connection default start-stop group TACACS_PLUS
  aaa accounting system default start-stop group RADIUS_1x
  tacacs-server host 192.168.240.28 port 49 key 7 104D0617040717180F05
  tacacs-server directed-request
  radius-server attribute 8 include-in-access-req
  radius-server host 192.168.240.28 auth-port 1812 acct-port 1813
  radius-server timeout 20
  radius-server key 7 094F410718151201080D
  radius-server vsa send authentication
  dot1x system-auth-control
  errdisable detect cause security-violation shutdown vlan
  errdisable recovery cause security-violation
  interface GigabitEthernet0/24
  switchport mode access
  switchport voice vlan 7
  dot1x pae authenticator
  dot1x port-control auto
  dot1x host-mode multi-host
  dot1x timeout quiet-period 15
  spanning-tree portfast
  spanning-tree bpduguard enable
  ACS 5.3 Configuration until now
  I have a document on how to configure this on ACS 4.2, but I have some problems trying to configure on ACS 5.3.
  I'll appreciate a lot any ideas that could help me on this.
  Regards,
  Juan Carlos

  Ok Carlos, I make it simple, just AD as condition and authorization profile, I tested with compliant client, and still receiving timeout, and Network Access Authorization still in 0, here is the debug:
  001250: Jan 19 18:40:58.028 GDL: AAA/BIND(0000002F): Bind i/f 
  001251: Jan 19 18:40:58.237 GDL: %AUTHMGR-5-START: Starting 'dot1x' for client (f04d.a2a2.a028) on Interface Gi0/24 AuditSessionID C0A8F0AB0000001101B6C743
  001252: Jan 19 18:41:00.007 GDL: %LINK-3-UPDOWN: Interface GigabitEthernet0/24, changed state to up
  001253: Jan 19 18:41:01.014 GDL: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/24, changed state to up
  001254: Jan 19 18:41:08.547 GDL: AAA/AUTHEN/8021X (0000002F): Pick method list 'default'
  001255: Jan 19 18:41:08.547 GDL: RADIUS/ENCODE(0000002F):Orig. component type = Dot1X
  001256: Jan 19 18:41:08.547 GDL: RADIUS(0000002F): Config NAS IP: 0.0.0.0
  001257: Jan 19 18:41:08.547 GDL: RADIUS(0000002F): Config NAS IPv6: ::
  001258: Jan 19 18:41:08.555 GDL: RADIUS/ENCODE(0000002F): acct_session_id: 37
  001259: Jan 19 18:41:08.555 GDL: RADIUS(0000002F): sending
  001260: Jan 19 18:41:08.555 GDL: RADIUS/ENCODE: Best Local IP-Address 192.168.240.171 for Radius-Server 192.168.240.28
  001261: Jan 19 18:41:08.555 GDL: RADIUS(0000002F): Send Access-Request to 192.168.240.28:1812 id 1645/27, len 246
  001262: Jan 19 18:41:08.555 GDL: RADIUS:  authenticator 27 15 50 22 ED AB FC 34 - F1 24 56 87 30 6F 7D F9
  001263: Jan 19 18:41:08.555 GDL: RADIUS:  User-Name           [1]   18  "juancarlos.arias"
  001264: Jan 19 18:41:08.555 GDL: RADIUS:  Service-Type        [6]   6   Framed                    [2]
  001265: Jan 19 18:41:08.555 GDL: RADIUS:  Vendor, Cisco       [26]  27 
  001266: Jan 19 18:41:08.555 GDL: RADIUS:   Cisco AVpair       [1]   21  "service-type=Framed"
  001267: Jan 19 18:41:08.555 GDL: RADIUS:  Framed-MTU          [12]  6   1500                     
  001268: Jan 19 18:41:08.555 GDL: RADIUS:  Called-Station-Id   [30]  19  "00-1C-0E-08-69-98"
  001269: Jan 19 18:41:08.555 GDL: RADIUS:  Calling-Station-Id  [31]  19  "F0-4D-A2-A2-A0-28"
  001270: Jan 19 18:41:08.555 GDL: RADIUS:  EAP-Message         [79]  23 
  001271: Jan 19 18:41:08.555 GDL: RADIUS:   02 01 00 15 01 6A 75 61 6E 63 61 72 6C 6F 73 2E 61 72 69 61 73  [ juancarlos.arias]
  001272: Jan 19 18:41:08.555 GDL: RADIUS:  Message-Authenticato[80]  18 
  001273: Jan 19 18:41:08.555 GDL: RADIUS:   E5 92 90 F9 39 F2 EA A9 E4 B2 C9 02 12 9D EA B0                 [ 9]
  001274: Jan 19 18:41:08.555 GDL: RADIUS:  EAP-Key-Name        [102] 2   *
  001275: Jan 19 18:41:08.555 GDL: RADIUS:  Vendor, Cisco       [26]  49 
  001276: Jan 19 18:41:08.555 GDL: RADIUS:   Cisco AVpair       [1]   43  "audit-session-id=C0A8F0AB0000001101B6C743"
  001277: Jan 19 18:41:08.555 GDL: RADIUS:  NAS-Port-Type       [61]  6   Ethernet                  [15]
  001278: Jan 19 18:41:08.555 GDL: RADIUS:  NAS-Port            [5]   6   50024                    
  001279: Jan 19 18:41:08.555 GDL: RADIUS:  NAS-Port-Id         [87]  21  "GigabitEthernet0/24"
  001280: Jan 19 18:41:08.555 GDL: RADIUS:  NAS-IP-Address      [4]   6   192.168.240.171          
  001281: Jan 19 18:41:08.555 GDL: RADIUS(0000002F): Sending a IPv4 Radius Packet
  001282: Jan 19 18:41:08.555 GDL: RADIUS(0000002F): Started 20 sec timeout
  001283: Jan 19 18:41:26.507 GDL: RADIUS(0000002F): Request timed out
  001284: Jan 19 18:41:26.507 GDL: RADIUS: Retransmit to (192.168.240.28:1812,1813) for id 1645/27
  001285: Jan 19 18:41:26.507 GDL: RADIUS(0000002F): Started 20 sec timeout
  Complete Report:
  aaa group server tacacs+ TACACS_PLUS
  server 192.168.240.28
  aaa group server radius RADIUS_1x
  server 192.168.240.28 auth-port 1812 acct-port 1813
  aaa authentication login default group TACACS_PLUS
  aaa authentication login no_tacacs enable local
  aaa authentication enable default group RADIUS_1x
  aaa authentication dot1x default group RADIUS_1x
  aaa authorization config-commands
  aaa authorization exec no_tacacs local
  aaa authorization commands 15 TACACS_PLUS group tacacs+
  aaa authorization network default group RADIUS_1x
  aaa authorization auth-proxy default group RADIUS_1x
  aaa accounting send stop-record authentication failure
  aaa accounting update newinfo
  aaa accounting dot1x default start-stop group RADIUS_1x
  aaa accounting exec default start-stop group TACACS_PLUS
  aaa accounting network default start-stop group TACACS_PLUS
  aaa accounting connection default start-stop group TACACS_PLUS
  aaa accounting system default start-stop group RADIUS_1x
  dot1x system-auth-control
  interface GigabitEthernet0/24
  switchport mode access
  switchport voice vlan 7
  authentication port-control auto
  authentication violation protect
  dot1x pae authenticator
  dot1x timeout quiet-period 15
  spanning-tree portfast
  spanning-tree bpduguard enable
  tacacs-server host 192.168.240.28 key 7 104D0617040717180F05
  tacacs-server directed-request
  radius-server attribute 8 include-in-access-req
  radius-server host 192.168.240.28 auth-port 1812 acct-port 1813 key 7 15110402053A2E372B32
  radius-server timeout 20
  radius-server key 7 0110090A5A1B031C224D
  radius-server vsa send authentication
  The compliant client should have access to Vlan 60.

• New Mac Mini and 802.11n 5Ghz - Does it work?

  Does anyone know if this works? It states that it is 802.11a compatible which uses 5Ghz so I am guessing it does. I don't want to have to use a third party internal card like I do now with a separate external antenna. Thanks.

  I have a mac mini I purchased last week (late 2009). I run 5Ghz 802.11n only (there is a g access point in the house, but that's on another part of the LAN). I have an iMac and MacBookPro that connect to the 802.11n and the performance is great - almost half as fast as a direct USB connection - it simply flies.
  However, the mac mini is abysmal. It connects fine - everything works, but I get hardly 1Mbyte per second., despite having full signal strength. This is the info in System Profiler:
  en1:
  Card Type: AirPort Extreme (0x14E4, 0x90)
  Firmware Version: Broadcom BCM43xx 1.0 (5.10.91.19)
  Locale: ETSI
  Country Code: IE
  Supported PHY Modes: 802.11 a/b/g/n
  Supported Channels: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140
  Wake On Wireless: Supported
  Status: Connected
  Current Network Information:
  MyHomeNetwork:
  PHY Mode: 802.11n
  BSSID: 0:23:6c:be:92:08
  Channel: 44,1
  Network Type: Infrastructure
  Security: WPA2 Personal
  Signal / Noise: -52 dBm / -94 dBm
  Transmit Rate: 270
  MCS Index: 15
  If I can't fix this soon, I'm going to have to run a cable to it, which wasn't the idea in my living room!

• Trying to Port Forward Airport Extreme 802.11ac using Airpot Utility 6.3.2

  Hello kind experts. I am finally getting around to replacing my old BEFSR81 Cisco Router with an old Time Capsule attached with the Airport Extreme 802.11ac.  The BEFSR81 also had 8 ports, so I have 8 hardwired locations throughout the house.  I have a couple of IP cameras for which it was easy to port forward on the Cisco (just click on the port range forwarding tab, type the start/end ranges (which are identical) and the assigned IP address).  Everything has been working well for years.  Here's what I wish to do with the new setup: Cable Modem -> Airport Extreme -> Dumb gigaport switch with the hardwires connected to it.
  When I go to Airport Utility (6.3.2) -> Network Tab -> Port Settings -> "+", the following comes up:
  Firewall Entry Type (Defaulted to IPv4 Port Mapping)
  Description (5 pull down choices)
  Public UDP Ports : _________
  Public TCP Ports: __________
  Private IP Address (I take it that is where I enter the IP address for each camera, e.g. 192.168.1.xxx)?
  Private UDP Ports: __________
  Private TCP Ports: __________
  I am obviously not a technophile, especially when it comes to networking, but was able to create my old setup.
  Any advice on whether or not my configuration is appropriate and what exactly I need to put in the port fields would be greatly appreciated!
  Thanks in advance!

  To successfully access an IP camera on the local network from the Internet, the following basics need to be taken care of:
  Install the camera(s) and verify that you can access them from the local network.
  Configure port mapping/forwarding on your router. Typically, IP cameras require at least two ports: 1) A web port for administering the camera; Usually TCP port 80, and 2) A streaming port to broadcast the camera video feed; Usually UDP port 9000. Note: You should check with your camera's documentation for the exact ports required.
  If the camera is attached to a computer, you will need to configure the computer's firewall to open the same ports as in step 2 above.
  Verify that your modem is in bridge mode, i.e., if the modem provides NAT & DHCP services, turn them off.
  Test your network. Use CheckIP to determine your router's current WAN-side (public) IP address. Then, from a remote location (not from a computer on the local network), use the DynDNS Open Port Tool to verify that the required ports are open. Success is an "Open" response from the Tool.
  Check out the following AirPort User tip for configuring port mapping on an AirPort base station.

• How do I convert a file size to decimal so I can assign an isbn to my book?  my size is 802 kb and have no idea what this means.

  I am an independent author that has purchased the batch of 10 isbn's from bowker.  When I put in all the information to assign the isbn to my book, it tells me the file size must be converted to decimal.  I have searched the internet and understand that one meg would be 10^6 but what is it if it is over or under one meg? my file size is 802 kb.  so would that be .802 x 10^6?  I have tried this and it still will not accept it.  Can someone please help me with this as I have spent 250 dollars and bowker has zero customer support and refuses to answer this question.

  tanyafrombakersfield wrote:
  It starts preparing to write the disc,then it says,"
  The drive reported an error: Sense Key= HARDWARE ERROR Sense Code= 0x09,0x01 TRACKING SERVO FAILURE.
  This is an error reported by the optical drive's firmware. The tracking servo is the servomechanism which guides the laser pickup along the track on the optical disc. The error means that the servo couldn't do its job within the programmed parameters. What it doesn't say is why.
  You have to be very precise as to when this error occurs. If it occurs as you wrote, while it "starts preparing to write the disc", and not when it has actually began to burn, then it's likely that the drive has gone bad and needs to be replaced.
  There are other possibilities, so you should check them, but they would be more likely if the error occurred after the drive began to write. OrangeMarlin has suggested two options -- try a different brand of CD or DVD, and try cleaning the lens.