A network or server issue is temporarily limiting features
Hi,
Any idea about below error ? some user is getting this while doing IM and some are while searching the contacts on Lync 2010 client.
-- Regards Ahsan Kamal | MCITP
Agree with Alessio Giombini.
When the user database offline, you can get this warning.
You can check at
http://blogs.technet.com/b/nexthop/archive/2011/04/25/haiku096.aspx
If these users are home in branch site, when the branch site’s WAN connection to a central site fails, the users can also get the warning.
Check the Event Log on Lync Front End Server and Back End Server.
You can use Best Practices Analyzer to scan your deployment for potential issues
http://technet.microsoft.com/en-us/library/gg591343.aspx
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Similar Messages
-
Server 2012 R2 Network Teaming Issues After Adding WOW64 Feature
Recently I have had a specific issue adding the WOW64 feature to an active Server 2012 R2 server in core mode (no management). The server had two active virtual machines. A server 2008 R2 in version 1 mode and a 2012 R2 in version 2.
All were up2date as of April 10 2015. This was a domain connected core with domain connected virtual machines. We are the domain administrator.
After using powershell to install WOW64 and issuing a restart we lost all external network connectivity to the server once the server came back up. From the console we could ping 127.0.0.1 and all the network addresses of each VM but not the
default gateway or any address on the local network. We tried several resolutions including disabling all firewall rules and assigning a known VLAN but nothing worked. Something went completely haywire within Windows 2012 R2 and network teaming
and the virtual switch that supplies the VM's with communication.
What we had to do was remove one of the physical network adapters from the team using powershell from the core console. We then assigned an address to the nic and whallah we were able to remotely communicate to the server again but the problem
still remained with communicating to the team.
After hours of trials we finally stumbled on a solution deleting the hyper-v virtual switch though a remote console, then the team through powershell. This of course broke all the hyper-v VM's. We said f'it and rebooted.
This is the magical combination apparently
We then recreated the team using the remote management GRAPHICAL widget using every physical EXCEPT the nic we were communicating to. Then we recreated the hyper-v virtual switch remotely again with the GRAPHICAL widget and assigned
it an address using the command line sconfig tool. We then went into the GRAPHICAL hyper-v manager and assigned all VM's to the new virtual switch. WOW everything works again
Let me just say here in this post that the lack of graphical management in CORE mode is a complete nightmare. The fact we have to use some graphical tools to perform certain tasks and the command line for others is just silly. The sconfig.exe
tool should have built-in teaming commands as inexperienced remote administrators are very difficult to work with over the phone trying to explain spelling of the upper/lowercase commands.
This post is more informative than really asking a specific question but if I were to ask one I'd ask, why did installing the WOW64 feature and rebooting break the external communication of the team and the virtual switch?Hi gettnmorebetter,
Could you try to confirm whether you have in the following situation, if you do not found the related symptom please try to install the latest update then monitor the issue
again.
Event ID 106 when a Hyper-V virtual switch is bound to an LBFO team
https://support.microsoft.com/en-us/kb/2974384
I’m glad to be of help to you!
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
The AIM server has temporarily limited your account
Ok deployed to Iraq and this is one of the only ways to contact my wife, and now all I get are these messages "The AIM server has temporarily limited your account due to too much activity - try again in a few minutes".
This problem started about 5 days ago, and is really aggrevating me. Any help or info would be greatly appreciated.
Thanks in advance.Hi Quack,
I would go to this page and pick the closest to your error message that has a Click Here link.
Ralph -
Remote Access Management Console - configuration issue with Network Location Server
2012 Std R2
The remote Access management console operation status shows all green except for network location server .
Error: There is no response from the network location server URL. DirectAccess connectivity might not work as expected, and DirectAccess clients located inside the corporate network might not be able to reach internal resources.
Resolution listed as:
1. Configure the network location server on a server that is highly available to clients on the internal network.
2. If the network location server is running on the Remote Access server, ensure that IIS is running, and that the URL is available.
The remote access server is located on this server. IIS is running. What URL: show I be looking at?
Any other thoughts so I can get remote access working.
l also am getting a remote access error for IPV6, could this be a cause:
RoutingDomainID- {00000000-0000-0000-0000-000000000000}: Unable to add the interface {D37062B2-A3E0-4496-A459-9E0BBCE5423C} with the Router Manager for the IPV6 protocol. The following error occurred: Cannot complete this function.
John LenzHi John,
please follow the steps to reinstall TCP/IP stack.
1.Restart your PC into Safe Mode with Networking.
2.
Edit your registry. Delete the following keys:
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Winsock
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Winsock2
3.
Open the nettcpip.inf file in your %winroot%/inf folder
(%winroot% is usually c:/windows).
Find the [MS_TCPIP.PrimaryInstall] section. Change the Characteristics value from 0xA0 to 0x80.
Open the properties of the network connection you want to fix. In the General tab, click on the Install button. Click on the Have Disk button, and point the location to %winroot%/inf. After that select TCP/IP (not version 6).
4.
Now you would notice that you can uninstall TCP/IP!
Do that, then restart the PC.
Go back to your network connection, and install TCP/IP again as per the above. After another reboot, you should be up and running.
I also noted that the XP network repair tool may yank out the ISA 2004 firewall client stuff. Just run the firewall clinet repair or install it again to fix that problem after you did your reboot. Before you do this kind of crazy stuff.
5.
This along with a TCP/IP reset using the netsh command:
netsh int ip reset resetlog.txt
wish you have a nice thanksgiving too
Regards,
Mike
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
Network issue Windows 10, limited access
I have totally no idea what to do. This thread is not about a smartphone problem
Ive updated from Windows 7 to Windows 10 build 10074
I dont have a Internet connection at all. Every network i connect to it says limited access does anyone have windows 10 and the same problem ?Hi Curnow1,
I moved your thread to Other Discussions General since the question was not related to a smartphone.
- Official Sony Xperia Support Staff
If you're new to our forums make sure that you have read our Discussion guidelines.
If you want to get in touch with the local support team for your country please visit our contact page. -
Forefront TMG network policy server and VPN issue.
Hello every one!
I have a problem with configuration VPN server on Forefront TMG on Windows Server 2008R2 with latests microsoft updates.
I install Forefront TMG on on Windows Server 2008R2 with latest updates.
Then, I configure startup wizard where I set network configuration and etc.
Next, I set VPN settings, I set DHCP pool, DNS servers, Access groups for VPN, and set PPTP.
After apply this settings, service RemoteAccess doesn't start. I try to reboot server but service doesn't start.
But it's not one problem.
When I add VPN Access groups in Forefront, and apply configuration, I don't see changes in network policy server (nps.msc) Groups don't add to policy in network policy server.
Screenshot
If I start RemoteAccess manually and add new VPN Access groups in policy in network policy server, I can use VPN server, and connect to forefront server.
But I don't understand why TMG Forefront can't apply this settings in nps.msc and services.
What I do wrong?
I Use Windows Server 2008R2
Forefront TMG RTM 7.0.7734.100Hello! Thank you for your help!
I see this link
http://www.isaserver.org/articles-tutorials/configuration-security/Implementing-Secure-Remote-Access-PPTP-Forefront-Threat-Management-Gateway-TMG-2010-Part2.html
But I don't use RADIUS server in my Forefront TMG VPN configuration.
I configure client VPN Access via PPTP
When I configure TMG VPN settings, I set VPN Access groups. After that NPS server change and apply TMG network policy correctly.
But if I change some TMG firewall policy, and then I try to add VPN Access groups (screenshot -
http://i.gyazo.com/34a34ba18a01c58689e5e3cddbc52585.png) NPS server can't change and apply TMG network policy correctly.
Now I have a two Access groups in TMG VPN settings
http://i.gyazo.com/34a34ba18a01c58689e5e3cddbc52585.png
And I have a NPS server network policy with not correctly settings
http://i.gyazo.com/1dd973ca9cc2a228d54a53d88ca90009.png
Forefront can't change NPS server network policy. I don't undesrtand where problem.
I try to reinstall TMG on new machine, but problem
problem persists. -
Airport extreme network and bizarre issue...
Thanks for any and all help but let's start with the setup...
Airport Extreme (dual band) is my main station connected to the modem and also to an imac (wired).
Two airport expresses both using the extend wireless network option
Exp. 1 is connected to the TV through ethernet
Exp. 2 extends wireless network. Used to extend wireless connection to the outside
Now here is my issue. Up until last week my main station was a first generation airport extreme n (fast ethernet).
I tried to add access to the bottom floor with this station and hook up an old pc (no wireless card) to it with ethernet. This works without a problem with an airport express but NOT with the bigger brother...
It will work for about fifty odd seconds (internet and everything), it even has a green light, then boom loses the connection for about 30 seconds (blinking orange). Then back to green... This over and over again. I reset it a couple of times, have even tried to change the firmware to no benefit. I thought maybe it had a reception issue and moved it next to the new main station. Same problem...
Any ideas?
Years ago, I did try to setup a WDS and failed miserably and would like to skip the experience. Are they easier and is that the way to go? If yes, can a relay station (the exp. 1) still send data to the tv through the ethernet port?
Thanks for any and all help.
Phillyman
Message was edited by: PhillymanHere a small update.... I went through the assistant and it took me through a couple of steps and I think at the very end I read setting up WDS. I could be wrong but here a protocol from the affected station.
Jul 05 13:44:20 Severity:5 Joined BSS xx:xx:xx:xx:xx:dc
Jul 05 13:44:20 Severity:5 Installed unicast CCMP key for authenticator xx:xx:xx:xx:xx:dc
Jul 05 13:44:20 Severity:5 Deauthenticating with station ff:ff:ff:ff:ff:ff (reserved 3).
Jul 05 13:44:20 Severity:5 Deauthenticating with station ff:ff:ff:ff:ff:ff (reserved 2).
Jul 05 13:44:20 Severity:5 Rotated CCMP group key.
Jul 05 13:44:21 Severity:5 Internet Configuration leased -- host <10.0.1.5/255.255.255.0> gateway <10.0.1.1> dns <10.0.1.1> wins lease <86400> domain
Jul 05 13:44:23 Severity:5 Connection accepted from [::ffff:10.0.1.4]:52206.
Jul 05 13:44:23 Severity:5 Internet Configuration leased -- host <10.0.1.5/255.255.255.0> gateway <10.0.1.1> dns <10.0.1.1> wins lease <86400> domain
Jul 05 13:44:27 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52208.
Jul 05 13:44:27 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52207.
Then it dies and it disappears from the airport utility, when it comes back we get this:
Jul 05 13:47:37 Severity:5 Initialized (firmware 7.4.2).
Jul 05 13:47:40 Severity:3 No Address for NTP server time.apple.com.
Jul 05 13:47:45 Severity:5 Joined BSS xx:xx:xx:xx:xx:dc
Jul 05 13:47:45 Severity:5 Installed unicast CCMP key for authenticator xx:xx:xx:xx:xx:dc
Jul 05 13:47:45 Severity:5 Deauthenticating with station ff:ff:ff:ff:ff:ff (reserved 3).
Jul 05 13:47:45 Severity:5 Deauthenticating with station ff:ff:ff:ff:ff:ff (reserved 2).
Jul 05 13:47:45 Severity:5 Rotated CCMP group key.
Jul 05 13:47:48 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52223.
Jul 05 13:47:48 Severity:5 Internet Configuration leased -- host <10.0.1.5/255.255.255.0> gateway <10.0.1.1> dns <10.0.1.1> wins lease <86400> domain
Jul 05 13:47:55 Severity:5 Clock synchronized to network time server time.apple.com (adjusted +4 seconds).
and here the last set, it never lists when and why the connection is dropped. It cannot be reception since all other wireless products are fine (airport expresses, ipod touches, ipad)
Jul 05 13:51:01 Severity:5 Initialized (firmware 7.4.2).
Jul 05 13:51:04 Severity:3 No Address for NTP server time.apple.com.
Jul 05 13:51:09 Severity:5 Joined BSS xx:xx:xx:xx:xx:dc
Jul 05 13:51:09 Severity:5 Installed unicast CCMP key for authenticator xx:xx:xx:xx:xx:dc
Jul 05 13:51:09 Severity:5 Deauthenticating with station ff:ff:ff:ff:ff:ff (reserved 3).
Jul 05 13:51:09 Severity:5 Deauthenticating with station ff:ff:ff:ff:ff:ff (reserved 2).
Jul 05 13:51:09 Severity:5 Rotated CCMP group key.
Jul 05 13:51:11 Severity:5 Internet Configuration leased -- host <10.0.1.5/255.255.255.0> gateway <10.0.1.1> dns <10.0.1.1> wins lease <86400> domain
Jul 05 13:51:15 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52237.
Jul 05 13:51:15 Severity:5 Internet Configuration leased -- host <10.0.1.5/255.255.255.0> gateway <10.0.1.1> dns <10.0.1.1> wins lease <86400> domain
Jul 05 13:51:19 Severity:5 Clock synchronized to network time server time.apple.com (adjusted +5 seconds).
Jul 05 13:51:43 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52238.
Jul 05 13:51:44 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52239.
Jul 05 13:51:47 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52240.
Jul 05 13:51:49 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52243.
Jul 05 13:51:49 Severity:5 Connection accepted from [fe80::222:41ff:fe38:b149%bridge0]:52242. -
Very new user needs help setting up a three user network plus server
Hi,
I'm an owner/manager of a recruitment company in the UK and we use three mac minis in our office to run our recruitment software (on a filemaker database) internet, mail and MS Office 2008.
We currently use one of the mini's as a 'server' in so much that it has a external HDD attached and shared across the network. We use Airport Extreme to share the internet.
Although to begin with this set up has served us well the amount of data travelling across the network and the prospect of a couple of new employees starting has made me think it's time to invest in a network and server of some description.
With my very limited knowledge i'm proposing the following but would greatly appreciate some assistance from the forum users!
Install OSX 10.5.3 Server on one of the Mac Minis
Get an ethernet switch and cable the three minis together
Use the external HDD as a time machine backup and store all files on the 'server' HDD
Continue to use the Airport Extreme to share the internet over airport.
I have a couple of questions:
Can the Server computer still be used as a desktop or do we need to buy a new mini
Does this set up make the airport base station redundant
As we grow I would envisage enlisting the help of a specialist Mac IT support company but in the mean time any help would be greatly appreciated.
Thank you again in advance.I would get something better specified than a mini to be my Mac OS X based server, and although you can run it as a desktop I wouldnt advise it.
You ought to go out and buy the book Mac OS X Server 10.5 Essentials - The only Apple-certified book on Mac OS X Server - which Ive found to be a godsend of a book in getting Leopard Server going. Make sure you get the 10.5 version. Im in the UK and got it from Foyles in London.
Your approach is fine, but Leopard Server isnt as plug and go as the rest of Apples products. In particular it just doesnt function correctly if you do not have working DNS before you start. Period. If you dont understand DNS in your office or If having read the book you find its too technical you might be better off buying a no-brand Network File Store/Disk or even a Time Capsule from Apple if its mainly shared disk space that you need.
Angus -
Time machine and network file server
Hi,
Is it possible to set up the time machine to a network file server which my macbook is able to see and use? Right now, time machine is limited to be used with a delicated external HD or another Mac...
It would be convenient to share files between my 1st mac and other windows PCs.armyedwrd wrote:
I believe I can do a work around by simply sharing my External HD so that that can happen. It's just very awkward to navigate to that shared drive each time we access it. If I had separate backup HDs for each MAC, I think I could use the TC as a media server (at least that's what I get from the marketing material here ).
You might want to try one of the workarounds in #Q3 of Using Time Machine with a Time Capsule.
Have you ever used Time Machine Editor? Is it worth downloading and using?
It's not recommended; Time Machine usually works best the way it was designed. See Time Machine - Frequently Asked Question #13. -
I am new to dynamic site development. Am caught up in a very
basic issue. I am using XP Pro, IIS is working, am trying to set up
a ASPjavascript page. In "site definition", "testing files", my URL
is
http://localhost/test. "Test URL"
gives error "Dreamweaver cannot use the prefix you entered to
display live data Please double check your site configuration or
click Help for more information (HTTP error:12029)".
If I ignore this and complete the site definition, when I
make a new ASP javascript page, the Application Databases,
Bindings, Server behaviours etc don't work - "Set up the sites
testing server" is not checked
The IIS
http://localhost/ works fine. If i put
in a file in the test folder "index.html" and type in
http://localhost/test/index.html
, the page opens.
Details of the Site Definition settings are:
LOCAL INFO
Site : test
Local root folder : C:\inetpub\wwwroot\test\
Http address:
http://localhost/test/
TESTING SERVER
Server model :ASP javascript
Access : local/network
Testing server folder : c:\inetpub\wwwroot\test\
URL prefix :
http://localhost/test/
I've checked and re-checked IIS, Site definition settings.
I've been to as many forums as I could. I've un-installed and
re-installed dreamweaver - No luck.
I would greatly appreciate any help in resolving this issue.
Thanks in advanceHi,
You posted a reply to my problem regarding the "testing
server". I did things as you'd told but am still stuck with the
same problem. I can open the index page in the internet explorer by
typing in
http://localhost/test/index.html.
My problem is that when trying to make a dynamic page in
ASPJavascript, the "bindings", "server behaviours" etc won't work
as the third step "set up sites testing server" remains
"unchecked". In the database if I check "use DSN on testing server"
I get an error message saying that 1)There is no testing server on
the server machine 2) The testing server specified does not map to
the
http://localhost/test/_mmserverscripts/MMHTTPBD.asp
URL. Verify prefix maps to the root of the site.
I am certain that the IIS is working as I can access the
local host on the internet explorer.
I feel that the whole issue revolves around when I am working
on the Site Definition and at "SiteDefinition"-"Basic"-TestingFiles
stage, when I click "TestURL" it gives the error message that
dreamweaver cannot use the prefix entered to display live data.
I have been trying everything , but haven't been able to
resolve this very basic issue.
I am grateful that you took time to reply earlier and I would
be even more grateful if you could help me here.
Thanks and best regards -
NPS: Event 6274 - Network Policy Server discarded the request for a user
Intermittently I will get desktop (wired) and laptop (wireless) computers experiencing issues with NPS (they drop off the network).
Some computers are affected more than others, although they are identical hardware and based on a standard image.
In the event log of the NPS servers I can see the following messages:
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 2/05/2014 8:47:58 a.m.
Event ID: 6274
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: NT147.domain.local
Description:
Network Policy Server discarded the request for a user.Contact the Network Policy Server administrator for more information.User:
Security ID: NULL SID
Account Name: host/DPC0387.domain.local
Account Domain: DOMAIN
Fully Qualified Account Name: DOMAIN\DPC0387$Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 3c-xx-xx-xx-xx-xx
Calling Station Identifier: 00-xx-xx-xx-xx-xxNAS:
NAS IPv4 Address: 10.nnn.nnn.nnn
NAS IPv6 Address: -
NAS Identifier: ND246
NAS Port-Type: Ethernet
NAS Port: 71RADIUS Client:
Client Friendly Name: Network Device Management Subnet
Client IP Address: 10.nnn.nnn.nnnAuthentication Details:
Connection Request Policy Name: NAP 802.1X (Wired)
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: NT147.domain.local
Authentication Type: -
EAP Type: -
Account Session Identifier: 384F322E317838316564303034313030306230666632
Reason Code: 1
Reason: An internal error occurred. Check the system event log for additional information.
How do I debug when an internal error occurs but there is nothing in the system event log? Where else can I look?
Here's the packet trace that matches the event log entry above:
No. Time Source Destination Protocol Length Time from request Info
1 0.000000 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
2 2.470423 Universa_xx:xx:xx Nearest EAPOL 60 Start
3 2.472870 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
4 2.539416 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
5 2.544206 Universa_xx:xx:xx Nearest EAPOL 60 Start
6 2.548804 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
7 2.550050 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
8 2.552597 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=249, l=208)
9 2.556043 10.NPS_Server 10.switch RADIUS 136 0.003446000 Access-Challenge(11) (id=249, l=90)
10 2.565876 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Protected EAP (EAP-PEAP)
11 2.569472 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=250, l=208)
12 2.572566 10.NPS_Server 10.switch RADIUS 136 0.003094000 Access-Challenge(11) (id=250, l=90)
13 2.580254 Universa_xx:xx:xx Nearest TLSv1 123 Client Hello
14 2.586544 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
15 4.564841 Universa_xx:xx:xx Nearest EAPOL 60 Start
16 4.568530 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
17 4.569876 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
18 4.582263 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=252, l=208)
19 4.586006 10.NPS_Server 10.switch RADIUS 136 0.003743000 Access-Challenge(11) (id=252, l=90)
20 4.591896 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Protected EAP (EAP-PEAP)
21 4.592692 Universa_xx:xx:xx Nearest TLSv1 123 Client Hello
22 4.599634 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=253, l=315)
23 4.600887 10.NPS_Server 10.switch IPv4 1518 Fragmented IP protocol (proto=UDP 17, off=0, ID=07db)
24 4.609920 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 1514 Server Hello, Certificate, Certificate Request, Server Hello Done
25 4.610516 Universa_xx:xx:xx Nearest EAP 60 Response, Protected EAP (EAP-PEAP)
26 4.617407 10.switch 10.NPS_Server RADIUS 262 Access-Request(1) (id=254, l=216)
27 4.618352 10.NPS_Server 10.switch RADIUS 288 0.000945000 Access-Challenge(11) (id=254, l=242)
28 4.623650 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 176 Server Hello, Certificate, Certificate Request, Server Hello Done
29 4.643316 Universa_xx:xx:xx Nearest TLSv1 361 Certificate, Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
30 4.649607 10.switch 10.NPS_Server RADIUS 601 Access-Request(1) (id=255, l=555)
31 4.656950 10.NPS_Server 10.switch RADIUS 199 0.007343000 Access-Challenge(11) (id=255, l=153)
32 4.662734 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 87 Change Cipher Spec, Encrypted Handshake Message
33 4.681106 Universa_xx:xx:xx Nearest EAP 60 Response, Protected EAP (EAP-PEAP)
34 4.788536 10.switch 10.NPS_Server RADIUS 262 Access-Request(1) (id=2, l=216)
35 4.789735 10.NPS_Server 10.switch RADIUS 173 0.001199000 Access-Challenge(11) (id=2, l=127)
36 4.795723 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 61 Application Data
37 4.796372 Universa_xx:xx:xx Nearest TLSv1 93 Application Data
38 4.802368 10.switch 10.NPS_Server RADIUS 331 Access-Request(1) (id=3, l=285)
39 4.803363 10.NPS_Server 10.switch RADIUS 189 0.000995000 Access-Challenge(11) (id=3, l=143)
40 4.808905 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
41 4.809501 Universa_xx:xx:xx Nearest TLSv1 77 Application Data
42 4.817342 10.switch 10.NPS_Server RADIUS 315 Access-Request(1) (id=4, l=269)
43 4.822986 10.NPS_Server 10.switch RADIUS 189 0.005644000 Access-Challenge(11) (id=4, l=143)
44 4.828973 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
45 4.833318 Universa_xx:xx:xx Nearest TLSv1 829 Application Data
46 4.840610 10.switch 10.NPS_Server RADIUS 1073 Access-Request(1) (id=5, l=1027)
47 4.845946 10.NPS_Server 10.switch RADIUS 189 0.005336000 Access-Challenge(11) (id=5, l=143)
48 4.850938 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
49 4.907924 Universa_xx:xx:xx Nearest TLSv1 141 Application Data
50 4.913390 10.switch 10.NPS_Server RADIUS 379 Access-Request(1) (id=6, l=333)
51 4.917535 10.NPS_Server 10.switch RADIUS 221 0.004145000 Access-Challenge(11) (id=6, l=175)
52 4.922877 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 109 Application Data
53 4.923472 Universa_xx:xx:xx Nearest TLSv1 61 Application Data
54 4.930319 10.switch 10.NPS_Server RADIUS 299 Access-Request(1) (id=7, l=253)
55 4.937348 10.NPS_Server 10.switch RADIUS 381 0.007029000 Access-Challenge(11) (id=7, l=335)
56 4.942543 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 269 Application Data
57 4.944791 Universa_xx:xx:xx Nearest TLSv1 125 Application Data
58 4.951408 10.switch 10.NPS_Server RADIUS 363 Access-Request(1) (id=8, l=317)
59 4.954022 10.NPS_Server 10.switch RADIUS 355 0.002614000 Access-Accept(2) (id=8, l=309)
60 4.981482 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Success
61 32.590347 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
62 62.592420 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
63 92.595043 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)
64 122.597856 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)
65 152.600618 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)A belated thanks for your reply.
Our environment doesn't have NPS accounting configured so that was easy to rule out.
The mid-day drop outs have stopped after I added "set protocols dot1x authenticator no-mac-table-binding" to our Juniper switches (which prevents mac address aging from clearing the active dot1x client session).
I believe the above error message occurs because the RADIUS session ID is rejected / ignored because of some quirks in the RADIUS standard. At the start of a dot1x authentication request a RADIUS session ID is created. For whatever reason the
RADIUS/NAP server stops responding and the Juniper switch fails over to the backup RADIUS/NAP server configured. The session ID is kept (per RADIUS standard) but the backup RADIUS/NAP server doesn't know about the session, so this event: "Network
Policy Server discarded the request for a user." occurs.
It would be nice to see a clearer error message "Invalid RADIUS session" or similar.
There is a Microsoft guide on how to set up RADIUS/NAP servers in a highly available configuration - something to do with RADIUS proxy servers.
It would be even nicer to see some kind of RADIUS session synchronisation between NAP servers... if it doesn't already exist?
I am having the same exact issue you posted on here except I have Extreme Network switches. Some of my computers, various hardware, will randomly not authenticate during re-authentication. The switch says that it failed to contact the NPS server so then it
switches to my backup server. The client has a random time on how long it waits to authenticate so sometimes I end up having the disable/re-enable the port they are connected to so that the session is started again. I see that you basically removed the option
to force clients to re-authenticate Any downfall disabling that?. Any idea why the NPS server is no longer responding? Are you using Windows Server 2012? -
Hello everyone:
I know this question have been asked in these forums quite a few times. I apologize if it is a repeat telecast but I was not able to find a suitable solution pertaining to my problem.
I have a AP/SM setup that is configured to get EAP-PEAP authentication from Windows 2012 Server. I have setup everything and have verified that the EAP-PEAP authentication works fine on AP/SM by getting authentication from FreeRADIUS server. Now, when I try
to get authentication from Windows Server, I am getting a reject. The Event log shows this generic message:
Reason Code: 23
Reason:
An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.
There is nothing in the EAP logs that is obvious too:
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,1,"SANDBOX\test","SANDBOX\test",,,,,,"10.120.133.10",5,0,"10.120.133.10","Canopy_AP",,,18,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1
07/11/2014 00:05:57 4927",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,11,,"SANDBOX\test",,,,,,,,0,"10.120.133.10","Canopy_AP",,,,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1 07/11/2014 00:05:57 4927",30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,1,"SANDBOX\test","SANDBOX\test",,,,,,"10.120.133.10",5,0,"10.120.133.10","Canopy_AP",,,18,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1
07/11/2014 00:05:57 4928",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,11,,"SANDBOX\test",,,,,,,,0,"10.120.133.10","Canopy_AP",,,,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1 07/11/2014 00:05:57 4928",30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,1,"SANDBOX\test","SANDBOX\test",,,,,,"10.120.133.10",5,0,"10.120.133.10","Canopy_AP",,,18,,,,11,"PEAP_TEST",0,"311 1 10.120.133.1
07/11/2014 00:05:57 4929",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,3,,"SANDBOX\test",,,,,,,,0,"10.120.133.10","Canopy_AP",,,,,,,11,"PEAP_TEST",23,"311 1 10.120.133.1 07/11/2014 00:05:57 4929",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
So, basically, the sequence is this:
request , challenge, request , challenge, request, reject
Any idea what might be happening?
Thank you.Hi,
Have you installed certificates on the NPS server properly? Have you selected the proper certificate in the properties of PEAP?
Here is an article about the Certificate requirements of PEAP,
Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS
http://support.microsoft.com/kb/814394
If your certificate matches the requirement, you may try to reinstall the certificate by export and import.
To export a certificate, please follow the steps below,
Open the Certificates snap-in for a user, computer, or service.
In the console tree under the logical store that contains the certificate to export, click
Certificates.
In the details pane, click the certificate that you want to export.
On the Action menu, point to
All Tasks, and then click Export.
In the Certificate Export Wizard, click No, do not export the private key. (This option will appear only if the private key is marked as exportable and you have access to the private key.)
Provide the following information in the Certificate Export Wizard:
Click the file format that you want to use to store the exported certificate: a DER-encoded file, a Base64-encoded file, or a PKCS #7 file.
If you are exporting the certificate to a PKCS #7 file, you also have the option to include all certificates in the certification path.
If required, in Password, type a password to encrypt the private key you are exporting. In
Confirm password, type the same password again, and then click
Next.
In File name, type a file name and path for the PKCS #7 file that will store the exported certificate and private key. Click
Next, and then click Finish.
To import a certificate, please follow the steps below,
Open the Certificates snap-in for a user, computer, or service.
In the console tree, click the logical store where you want to import the certificate.
On the Action menu, point to
All Tasks, and then click Import to start the Certificate Import Wizard.
Type the file name containing the certificate to be imported. (You can also click
Browse and navigate to the file.)
If it is a PKCS #12 file, do the following:
Type the password used to encrypt the private key.
(Optional) If you want to be able to use strong private key protection, select the
Enable strong private key protection check box.
(Optional) If you want to back up or transport your keys at a later time, select the
Mark key as exportable check box.
Do one of the following:
If the certificate should be automatically placed in a certificate store based on the type of certificate, click
Automatically select the certificate store based on the type of certificate.
If you want to specify where the certificate is stored, select
Place all certificates in the following store, click
Browse, and choose the certificate store to use.
If issue persists, you may try to re-issue the certificate.
For detailed procedure, you may refer to the similar threads below,
Having issues getting PEAP with EAP-MSCHAP v2 working on Windows 2008 R2
http://social.technet.microsoft.com/Forums/windowsserver/en-US/c66cf0a8-24dd-4ccd-b5bb-16bd28ad8d4c/having-issues-getting-peap-with-eapmschap-v2-working-on-windows-2008-r2?forum=winserverNAP
Hope this helps.
Steven Lee
TechNet Community Support -
Premiere network account login issues
We currently are running CS5 and having issues logging anyone in other than Admin. Is anyone else having issues looging in and dtarting Premiere with network accounts? Better yet has any found a fix if this is a common problem?
Yes, BOTH are common problems
Premiere is designed to require ALL of a computer's resources... which means running with an Admin account
Premiere is NOT designed to run on a network
Win Server is NOT supported http://forums.adobe.com/thread/851602
Not in a Network environment http://forums.adobe.com/thread/771151
-and not on a "domain" http://forums.adobe.com/thread/858977 -
Network Policy Server Policies
We are using Windows Network Policy Server application as a radius server for VPN connections using windows server 2008 R2.
On my firewall, we currently have only 1 VPN profile and we have a Network Policy that saysif they are not part of this windows group, they cannot connect to the VPN.
I have setup two additional vpn profiles for different vendors, etc and set up the test accounts to use different groups and setup new network policies for each one. The issue I am running into is all NPS network policies work with each vpn profile. I would
like to know how can you setup a policy so they differenciate between each vpn policy so if user is on vpn profile 1 it will use network policy 1 and not allow them access to any of the other vpn profile 2 or 3 because they do not meet the requirements for
them based off the network policy that is defined.Hi,
According to your description, my understanding is that you wanted the NPS pociles to work differing from the firewall rules/profiles. If I misunderstood anything, please feel free to let me know.
Based on my experience, it seems that NPS won't do that with firewall profiles. If you want to define different network policies to different user group. You can select the specific user group when specifying conditions of the network policy. More information:
Network Policy Conditions Properties
Best regards,
Susie -
Help!Electronic noises,server issues,console messages,ethernet -PowerPC G4
I've been searching the internet as well as the Console and Activity Monitor for answers to this scenario, and it looks as though there is some kind of relationship between recent strange sounds I have been hearing over my speakers and server issues (my IP? Apple servers? spyware? )
Immediately below, are some of the log messages I have copied (for terminology examples).
Below them will be the description of the sounds I've been hearing, and potentially related details.
The first of the log examples documents something that happened when no one was home to use the computer. The second describes some kind of process that might be suspicious. The third describes what is happening a lot lately, and it seems to correspond with the sounds I referred to as well as with simultaneous increases in network activity shown on the Activity Monitor
Apr 8 14:01:13 Macintosh kernel[0]: System Sleep
Apr 8 14:01:13 Macintosh mDNSResponder: Couldn't read user-specified Computer Name; using default “Macintosh-000000000000” instead
Apr 8 14:01:13 Macintosh kernel[0]: System Wake
Apr 8 14:01:13 Macintosh kernel[0]: Wake event 0020
Apr 8 14:01:14 Macintosh configd[65]: posting notification com.apple.system.config.network_change
Apr 8 14:01:16 Macintosh kernel[0]: USB caused wake event (EHCI)
Apr 8 14:01:16 Macintosh mDNSResponder: Couldn't read user-specified Computer Name; using default “Macintosh-00112474A206” instead
Apr 8 14:01:17 Macintosh kernel[0]: UniNEnet::monitorLinkStatus - Link is up at 100 Mbps - Full Duplex
Mac OS X Version 10.4.11 (Build 8S165)
2009-04-09 23:06:12 -0400
2009-04-09 23:06:18.315 HPEventHandler[216]: DebugAssert: Third Party Client: (NULL != m_lock && 0 == errno) Can't create semaphore lock[/Volumes/Development(Build System)/HP/Mac-Fontana/mac-software/components/HPEventHandler/Sources/Core/HPTM NotificationManager.cpp:62]
2009-04-09 23:06:25.995 SystemUIServer[207] lang is:en
Will Power On (Wake) Notification occurred.
2009-04-09 11:21:49 EDT - Network transition occurred.
2009-04-09 11:21:49 EDT - Network transition occurred.
2009-04-09 11:21:49 EDT - Network transition occurred.
2009-04-09 11:21:55 EDT - Network transition occurred.
2009-04-09 11:21:55 EDT - Network transition occurred.
2009-04-09 11:21:55 EDT - Network transition occurred.
2009-04-09 12:01:12 EDT - Sleep Notification occurred.
I have recently been getting both a tapping and a buzzing sound through my speakers. Both kinds of sounds come together, intermittently and repeatedly, and each time, the volume rises, peaks, and fades away again (or stays faint until it starts to rise again). Today, once, there was a squeal-ish sound (not like a fax) as well, paralleling the other sound. These episodes vary in duration.
The Activity Monitor has shown increases in the Network window when these sounds have occurred, but I don't remember whether the greater increases were incoming or outgoing--I think, incoming.
When this first started happening, I was also seeing a lot of "Network Transition Occurred" messages in the log. Now I am seeing mostly "Macintosh mDNSResponder: Couldn't read user-specified Computer Name; using default "Macintosh-000000000000” (or “Macintosh-00112474A206)” instead" messages.
It all started happening after I uninstalled a trial version of ProtectMac (at the end of March), as well as set up a separate log-in for my grandson to use (major changes for the first time in years, which also caused me to lose a lot of things like bookmarks, saved music in iTunes, home movies in camera related software, pictures in iPhoto, etc...). Somewhere along the line I also lost iSync and just left it off.
Are these noises servers trying to communicate with my computer, which I somehow happen to be hearing as transmitted static/feedback/or signaling?
I have a 1.42 GHz PowerPC G4. I use a DSL, ethernet.
Thank you.Hello,
Try these DNS numbers.
Try putting these numbers in Network/Advanced/DNS.
Add these numbers to DNS Servers
208.67.222.222
208.67.220.220
Click OK. These are safer/faster than most ISP's NDS numbers, and have been patched against DNS poisoning.
Go here to test DNS. https://www.dns-oarc.net/oarc/services/dnsentropy
Carolyn
Maybe you are looking for
-
Grid Control performance tab not available when on the target home of ASM
I noticed recently that the "Performance" tab/link is not available when you are using 10g Grid Control and you are on the home page of an ASM instance. Can this be explained?
-
Can you pass an array URL variable
Hi, Doing a form which I want to validate, then re-display with error messages and the keyed data still in place should there be errors, or go onto a second form if all ok. I have tried to use <form action="<?=$_SERVER['PHP_SELF']?>" but as the vario
-
Read data from Vector object serialized in a file issue!!
Hi all, I have two classes :CBase and CHelper class in a package and serializing some information in a file and then reading it. I am facing some problem while reading the data which was stored using vector of objects. Below is the detailed problem::
-
How do I reinstall iWeb 3.0.3? I inadvertently opened an html file of my website and tried to open it with iWeb '09. I get a message saying "Can't open file" etc., etc. I've tried reinstalling the updated version. Iweb will not open.
-
I am trying to deactivate my photoshop Elements 9 on a crashed c drive, now on a external drive conn
I am trying to deactivate my photoshop Elements 9 on a crashed c drive, now on a external drive connected to my new computer. When I open, from the old C drive the deactivation option is not highlighted on the drop down menu- its not available. How d