ACS 3.3 to 3.3.11 upgrade

when i try to upgrade my ACS 3.3 to 3.3.11 it says folder ACS in prog files is locked...
any idea?

Wasim,
The error that we are getting is generally due to huge accumulation of logs in ACS
installation folder :
Please remove or relocate all the logs file from following location and then try to upgrade, :
\CSAuth\Logs
\CSRadius\Logs
\CSTacacs\Logs
\CSLog\Logs
\CSMon\Logs
\CSAdmin\Logs
\CSDbsync\Logs
Regards,
~JG

Similar Messages

  • ACS loses connection with AD occasionally after upgrade from 5.2 to 5.3.0.40

    ACS had been integrated with Active Directory before ACS upgrade to 5.3. After the ACS 5.3 upgrade users aren’t able to login to AAA devices occasionally. Error message is:
    {AuthenticationResult=Error; Type=Authentication; Authen-Reply-Status=Error; }
    24429 Could not establish connection with Active Directory
    At the same time, when this issue occurs, ACS connection to AD works fine (checked with Users and Identity Stores> External Identity Stores > Active Directory “Test Connection”)

    I had the same problem, I opened a Cisco TAC case and my issue was resolved.
    Sent: Tuesday, 14 August 2012 9:58 AM
    Subject: RE: 622739355 HelpDesk#SVR328332-2 : Troubleshoot Cisco ACS 1121 v5.3 With Windows Active Directory
    Hi Ramraj,
    Thanks for the link to the article, but from what I’ve seen in the logs I’m not sure that we’ve got the same root cause to the issue.
    From the ACSADAgent.log files I can see log messages like:
    Aug 11 11:10:56 CSSC-TPM-DC-ACS-1 adclient[5524]: DEBUG network.state NST: SniffList: postfailsort=mykulad11p.cssc.dksh.net
    Aug 11 11:10:56 CSSC-TPM-DC-ACS-1 adclient[5524]: DEBUG base.kerberos.adhelpers Encryption (id 1) is not supported by KDC. Try next in the list
    Aug 11 11:10:56 CSSC-TPM-DC-ACS-1 adclient[5524]: DEBUG base.osutil Module=Kerberos : KDC refused skey: KDC has no support for encryption type (reference base/adhelpers.cpp:216 rc: -1765328370)
    Aug 11 11:10:56 CSSC-TPM-DC-ACS-1 adclient[5524]: DEBUG base.adagent Unable to refresh computer credentials: KDC refused skey: KDC has no support for encryption type
    This lines up with the error message that we see in the TACACS+ Authentication logs:
    24493 ACS has problems communicating with Active Directory using its machine credentials.
    I have come across a NETBIOS limitation (it’s not an ACS bug, but a bug has been filed for tracking and documentation purposes) that prevents two ACSs from being connected to Active Directory at the same time if the first 15 characters of their hostnames are the same. The bug ID is CSCtj62342 and its externally visible details are available here: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtj62342
    The hostname of the primary ACS is : MYMY-TPM-DC-ACS-1
    The hostname of the secondary ACS is: MYMY-TPM-DC-ACS-2
    From the hostnames, we can see that the first 16 characters of the hostnames are the same. What this means is that once the primary is connected to AD, after some time passes (this will depend on when the secondary goes an talks to AD) the secondary will lose its connection to AD and any authentications hitting the secondary will fail with the same error: 24493 ACS has problems communicating with Active Directory using its machine credentials.
    To resolve this issue, the hostnames of the ACSs will need to be changed so that the first 15 characters of their respective hostnames are not the same. Please keep in mind that this is a NETBIOS limitation and not a software bug.

  • ACS 4.2 to 4.2.1 Upgrade Questions

    I have been tasked to upgrade our four ACS servers from
    4.2.1.15 to the latest version.  The ACS servers are
    applianced based.  I have browsed the download software page
    of cisco.com and have found this file:
    app/Acs_4.2.1.15.11.zip (ACS SE 4.2.1.15.11 cumulative
    patch).
    Can someone confirm if this is the latest/best file to download
    the latest 4.2 release of hardware based Cisco Secure ACS?
    For those who have upgraded to this latest release, can you
    comment on your experience regarding the upgrade process or
    ACS performance post-upgrade?  Any issues/caveats about the
    process or performance post-upgrade?
    Thanks in advance for any helpful information you can
    provide for this?
    Adil

    Hi Adil
    ACS  provides a migration utility to transfer data from migration-supported  versions of ACS 4.x to any ACS 4.x machine. The ACS migration process  requires, in some cases, administrative intervention to manually resolve  data before you import it to ACS.
    The Migration utility completes the data migration process in two phases:
    •Analysis and Export
    •Import
    In  the Analysis and Export phase, you identify the objects that you want  to export into 4.x. The Migration utility analyses the objects,  consolidates the data, and exports it.
    After  the Analysis and Export phase is complete, the Migration utility  generates a report that lists any data compatibility errors, which you  can manually resolve to successfully import these objects into new ACS.
    The  Analysis and Export phase is an iterative process that you can rerun  many times to ensure that there are no errors in the data to be  imported. After you complete the Analysis and Export phase, you can run  the import phase to import data into ACS.
    For complete step by step configuration, please go through this link:
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/common_scenarios.html

  • Cisco Secure ACS 3.3(1) - 4.0(1) upgrade problems

    Hi all!
    I'm having problems upgrading my primary ACS from version 3.3 -> 4.0
    I always get the following error message while it's doing the upgrade:
    "The CiscoSecure ACS folder appears to be locked by another application: C:\Program Files\CiscoSecure ACS v3.3
    Please close any applications...blabla.."
    The thing is, I upgraded my backup ACS first and that upgrade worked like a charm.
    In both cases, both for the primary and backup I do a remote takeover with Dameware, copied the ACS 4 folder to the hard drive of the server and do the upgrade from that folder.
    As I said, the backup server upgrade worked without a hitch.
    This is what I've tried:
    1. I've verified that NO application is using the ACS 3.3 folder and no explorer window is open on that folder or subfolders.
    I verified this by using a small program called Filemon.exe from Sysinternals. According to that program nothing was accessing said folder.
    I also verified it again by actually renaming the ACS 3.3 folder after I shut down all the ACS services. I could not rename the folder if the services were started.
    2. I've tried to stop the ACS services first and then do the setup, got the same error.
    3. I disabled the antivirus software, got the same error.
    I'm basically at my wits end now...
    I have two options though:
    1. Un-install ACS 3.3, do a clean install of ACS 4.0 and import the all data from the backup ACS.
    Wouldn't that bring up the primary ACS with the backup ACS config? So I'm guessing I would need to go over it afterwards and do changes where appropriate ?
    2. Do a backup of the ACS 3.3 with csutil -b
    Uninstall ACS 3.3, do a clean install of ACS 4.0 and import all the data with csutil -r
    Would that work? I've seen conflicting information here in this forum, some say it works, other say it doesn't.
    I'm pretty much confused why this worked so well on the backup ACS but fails on the primary ACS.
    Any help would be greatly appreciated!
    Thanks!
    Ivar Thorolfsson

    Hi,
    The folder lock message is often seen if the logs in the ACS directory are too big.
    Move the Logs from the following Directories :-
    CSAdmin\Logs
    CSAuth\Logs
    CSDBSync\Logs
    CSLog\Logs
    CSMon\Logs
    CSRadius\Logs
    CSTacacs\Logs
    Logs
    Then try to upgrade.
    Regards,
    Vivek

  • Upgrade 4.2.0 Build(124) Patch17 to 4.2.1 - ACS folder locked

    I try to upgrade ACS 4.2.0 to 4.2.1. When installation program tries to uninstall current version of ACS it fails with message "The CiscoSecure ACS folder appears to be locked by another application"
    - ACS is installed on Win 2003R2 server.
    -There is no antivirus program installed on the server
    -All application windows (Explorer,...) are closed
    -I'm the only user working on this server
    -ACS log files are reduced to 3 days history.
    ACS is integated with RSA SecurID. Could this be the cause? Should I unistall RSA SecurID?
    Petr

    As per my experience, we generally see this error due to huge accumulation of logs  in ACS installation folder / Install directory.
    Please remove or relocate all the file from following location of ACS install directory and then try to upgrade again
    Once deleted, we can recover these logs again.
    \CSAuth\Logs
    \CSRadius\Logs
    \CSTacacs\Logs
    \CSLog\Logs
    \CSMon\Logs
    \CSAdmin\Logs
    \CSDbsync\Logs
    Also, did we have ACS set to full logging in past?
    Jatin Katyal
    - Do rate helpful posts -

  • ACS SE upgrade

    Hi,
    We have an existing ACS running 4.1.4.13 and have purchased a new device running 4.1.1.23. I understand that to replicate they need to be the same version. Can someone please clarify the upgrade path from 4.1.1.23? Do I need to request the software from TAC or is it here -http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des ?
    TIA

    Certain Software Downloads/Upgrades from Cisco requires Additional access/Valid Service contract. Availing this contract would gives you access to most of the tools and to the Encrypted Software's.
    To know more details about Cisco service contract choose from the following:
    a) Contact your Cisco Account team if you have a Direct Purchase Agreement.
    b) Contact a Cisco Partner or Reseller to purchase a service agreement:
    http://tools.cisco.com/WWChannels/LOCATR/jsp/partner_locator.jsp
    c) Use the Profile Manager to update your Cisco.com profile and request association to service agreement:
    http://tools.cisco.com/RPF/profile/edit_entitlement.do?Tab=3
    d) Also you can contact your Cisco Representative or Cisco Accounts Manager for more detail
    Cisco does provide a warranty period where you could obtain software. However to get access to the software you need to contact TAC using the following link http://tools.cisco.com/ServiceRequestTool/create/launch.do for additional help. They would be in a position to assist you better.

  • ACS 4.2

    Hello,
    My company bought a product
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    CSACS-1120-K9    
    And also
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    CSACS-4.2-WIN-K9
    why i need a DVD when i have a ACS Engine.??
    Can anybody help me to understand, As what i know is that ACSE is a appliance with a preinstalled ACS
    AND
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    CSACS-4.2-WIN-K9  
    is a DVD which is installed on Server according to the prerequisite on cisco website.
    Thanks

    Thomas,
    1120 Secure Access Control System (CSACS 1120) comes with preloaded version 5.x and on the other side you have ACS windows CD for version 4.2.0.124 so they both have different ACSs version. There is no point running two different version running in the same network because that would not allow you to do replication or syncronization. Also both have different  architecture and functionality.
    I think you would be required a Recovery DVD of ACS version 4.2 so that you can downgrade the 1120 to 4.2 and use one as primary and other as secondary or backup ACS.
    Why we have only option to downgrade because ACS windows 4.2 can not be upgraded to 5.x. You always have an option to migrate because 5.x only supports linux OS.
    Regds,
    JK
    Do rate helpful posts-

  • Upgrade from ACS3.3.2 to 3.3.4

    I have a pair of 3.3.2 windows servers that need to be upgraded to 3.3.4. Is there any issues that I should know about before I do this upgrade. I assume I should do the backup servers first.
    Thanks in advance.
    Mike

    Hi mike,
    You need to take backup of your ACS 3.3.2 first.
    The following link is the release note for ACS 3.3.4. ACS 3.3.2 can be directly upgraded to ACS 3.3.4.
    Please have a look into the release note for any open issues.
    http://www.cisco.com/en/US/products/sw/secursw/ps2086/prod_release_note09186a008079fc44.html#wp49712

  • ACS 5.4 experiences?

    I'm planning to upgrade from ACS 5.3 to 5.4 in a couple of weeks in order to take advantage of the IPv6 support. Is there anyone running 5.4 that can provide any info on 5.4 experiences/issues/caveats, etc?  Thanks!

    There are a couple of points that should be taken into consideration before upgrading:
    (taken from release notes)
    If you have either ACS 5.2 or ACS 5.3 installed on your machine, you can upgrade to ACS 5.4 using one of the following two methods:
    •Upgrading an ACS Server using the Application Upgrade Bundle
    •Reimaging and Upgrading an ACS Server
    You can only perform an application upgrade bundle, on either a Cisco appliance or a virtual machine, if the disk size is greater than or equal to 500 GB. If you have a smaller disk size, you need to reimage to ACS 5.4 followed by a restore of the backup taken in ACS 5.2 or ACS 5.3 version to trigger the upgrade.
    When you upgrade from ACS 5.3 to 5.4, it is mandatory to install ACS 5.3.0.40.8 prior to the upgrade or the upgrade may fail. If you use the version prior to ACS 5.3.0.40.6, then you might hit an error and the upgrade will not proceed. Note that ACS 5.4 does not include all fixes that are included in 5.3.0.40.8. Therefore, if any of these fixes in 5.3.0.40.8 are required in your deployment, then you should install patch 5.4.0.46.1 after you upgrade to ACS 5.4.
    Will be interested to hear feedback on the TACACS+ IPv6 support

  • Iphone4 upgrade from 4.1 to 4.2 phone crash

    decided to upgrade my op system from 4.1 to 4.2
    followed instructions but now phone is not reconised by computer and phone has link to iplayer massage on screen.
    Apple fayult finding recomended removing latest version of its self and tthen reinstallation which was performed ok (has this deleted my origional phone back up apple?).
    iphone 4 iss still us any one got any suggestions as apples online help is realy quite poor on this matter and shurly i cannot be the first to encounter this problem...

    David,
    ACS full software's are not listed on CCO (even if you have a valid contract)and can be provided via TAC.
    To upgrade ACS we need to have a software upgrade contract.
    I would suggest to open a case with TAC and most likely upgrade should be covered in your existing contract since it is a minor upgrade.
    You can also touch base with Cisco rep assigned to you site.
    Let me know if you have any question.
    Regards,
    ~JG
    Do rate helpful posts

  • Best authentication method for controlling DEVICE access to wlan

    Hello,
    I have a similar question to this thread ( https://supportforums.cisco.com/message/3927713 ) but I'm interested about device control on top of user control. Just like that thread, we are using WPA2-AES Enterprise with PEAP MSCHAPv2, which allow users to log on with their domain credentials. We wanted something simple for our users, so MSCHAPv2 with "single sign on" was optimal to us.
    Problem is, we have a new requirement and we need to implement it yesterday. We would like to allow only mobile devices and computers of our choice.
    Since we are using MSCHAPv2 which allow every domain user to connect using any device as long as their domain credentials are valid, is there a simple way to control this ?
    I guess we could go with MAC filtering, but we have about a thousand laptops. Not a big problem, we could do a regular MAC address inventory using SCCM. It's just that it looks like a brute force tactic to a simple problem. Would a Cisco ACE 4.1 RADIUS server tolerate well a MAC address table with a thousand entries ? What if it goes to two thousands ? Would this be easy to implement ? I'm a bit new to this, is there some documentation I could follow ?
    How do people usually do this in an elegant way ? How do you manage and control WLAN access to thousands of device ? I guess they go with TLS with certificates ?
    Thank you very much !
    Konnan

    Konnan,
    Just saw your PM:)
    Would it be possible to configure Access policies even if our Radius servers aren't joined to the domain ?
    > I really don't know... typically all my installs have the radius server joined to the domain.  I don't know what limitations you would have using the setup you currently are using.
    Still wondering if it would be a good path for us, because of the computer authentication issue where it happens only at logon in Windows if I read correctly and our users don't have the habit to log off frequently and we use only manual connection mode when the user already has his session open. I guess MAR will have to be set to a stupid high value... if it even works.
    > Well you need to sit down with everyone who is involved and really think out what works best for you.  Machine authentication works well, but then people wonder what happens if someone logs in that isn't authorized and that because the computer is a domain computer it automatically gets on the network.  Well your not going to get everything you want:)  So PEAP has issue because IT wants to limit the user to only be able to access using a company owned device... well, then ISE is your fix.  You can add a certificate that ISE can see and if that device has that or a registry value and the user is allowed to access the network, the authentication is allowed, or else it will not be.  EAP-TLS... well more work since you need a PKI infrastructure and both the radius and the clients need a cert...
    No matter what, you need to decide what works best and don't over complicate it with adding mac filter, etc.
    I'm wondering if EAP-TLS wouldn't be better for the long term, maybe with MAC Address restriction on the short term...
    > See above
    I'm also wondering if we could stay with PEAP MSCHAPv2 but use an NPS Radius server from Microsoft which allow to use complex policies instead of the Cisco ACS Radius server...
    > You need to know how to setup and configure the policies... either one will work, but if your on ACS 4.x, I would look at upgrading to 5.4.  ISE is replacing ACS as far as the radius portion, but tacacs isn't yet available on ISE.
    There's also the Cisco ISE, which seems to be equivalent to Microsoft NPS... a bit more costly OTOH.
    > ISE allows you to profile devices so you know what device is accessing your network.  Again, ISE is replacing ACS as far as the radius, but tacacs will soon be out and available for ISE.  If you really want to create crazy profiles, then ISE is the way to go.  You can specify that this user group is allowed wireless, but it has to be a domain computer.  The user isn't allowed access if its not a domain computer.  The same user group is allowed access with company iPads (certificate installed), but not have access with personal iPads, tablets or smartphones.
    Hope this helps.
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • EAP-TLS or PEAP authentication failed during SSL handshake error

    I have 2 Windows 2003 ACS 3.2 servers. I am in the process of upgrading them to ACS 4.0. I am using them for WPA2/PEAP wireless authentication in a WDS environment. I recently upgraded one to ACS 4.0 and ever since that time some (not all) of my Windows XP clients have started to not be authenticated and logging the error "EAP-TLS or PEAP authentication failed during SSL handshake" on the ACS 4.0 server. During the upgrade (which was successful) I did change the Certificate since the current one was going to expire November 2007.
    The clients that do not authenticate on the ACS 4.0 server I can point to the ACS 3.2 server and they successfully authenticate there. I am able to resolve the issue by recreating the Windows XP PEAP profile for the wireless network and by getting a new client Cert. But, I have a couple of questions:
    Is the "EAP-TLS or PEAP authentication failed during SSL handshake" error due to the upgrade to ACS 4.0 or to the fact that I changed the Certificate, or both?
    Can this error ("EAP-TLS or PEAP authentication failed during SSL handshake") be resolved without me touching every Windows XP client (we have over 250+)?
    Thanks for the help

    My experience suggests that the problem is the certificate.
    I'm running ACS 3.3.
    I received the same error message when my clients copied the certificate to the wrong location, or otherwise did not correctly follow the provided instructions.
    Correctly following the instructions led to a successful connection and no more error message.

  • AAA help please

    I am trying to get a notification via syslog when someone enters configuration changes on a switch.
    I am using 12.4 ios with AAA and ACS.
    I know that I can see this information under the acs reports but I'd like it in syslog also.
    I have tried the following methods:
    1. I have configured the switch to send a syslog trap when a configuration change is made but there is very little inforamtion in it.
    A start/stop record time of the configuration change would be good.
    2. I am able to create an exec start/stop record and that gets sent to the syslog.
    I do not want this as it shows everytime a user logs onto a device.
    3. I can use ACS to generate a syslog on AAA accounting or administrator but this shows a syslog everytime a users enters a show commands and not just configuation commands.

    Hi,
    If everything that you need is to know when a command has been executed you need to have the following commands on the switch.
    aaa accounting commands 15 default start-stop group tacacs+
    aaa accounting commands 1 default start-stop group tacacs+
    You already have aaa accounting commands 15 default start-stop group tacacs+, you are just missing aaa accounting commands 1 default start-stop group tacacs+
    Once those commands are apply on the switch you should see the commands on the ACS under tacacs administration. If the commands don't show on the ACS let me know.
    What ACS version are you running? If you are running ACS version 4.1.1.23 a upgrade is need it.
    If you have any other question do not hesitate to reply back.

  • Enabling ICMP on cisco acs1120

    Hi All ,
                We have downgraded cisco acs appliance 1120 from ACS 5.0 to ACS 4.2.1.15 , when we perform ICMP ping request to acs appliance its not responding , But i can do ping test from acs appliance on console mode not  from GUI mode .
                 Is there any option to enable ICMP Ping response on cisco acs 1120 . else any patch to be upgraded to perform this action , my requirement is enable ICMP ping on acs appliance for troubleshooting . instead always check with telnet x.x.x.x 2002 for service responding

    Hi Santosh,
    The pathc available on cisco.com download page.
    The path is as follows:
    www.cisco.com > support > download software >Products > Security > Identity Management > Cisco Secure Access Control Server  Solution Engine > Cisco Secure Access Control Server  Solution Engine 4.2 > Secure Access Control Server (ACS)  Solution Engine > 4.2.0.124.
    the patches are as follows:
    appl_Acs4.x_PingTurnOff_With_CSAgentUpdate_1_Patch.zip
    appl_Acs4.x_PingTurnOn_With_CSAgentUpdate_1_Patch.zip
    You will need a valid software download contract to download the patches.
    Hope this helps.
    Regards,
    Anisha
    P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

  • Wireless Lan connection issue with Linux clients

    Hi
    In a large Wireless Lan enviroment for a university, we have 3 WISM moduls attached on a 6k hw - Manged by ACS v6.0.181.0
    We recently upgraded the software version of the controllers from 4.x to 7.0.98.0 - the Emergency Image version is 5.2.157.0
    Since then, the students with Linux clients have massive connection issue - repeated connection lost in a short time period.
    However the students with Windows clients have no problem at all.
    The studends report, that their linux clients getting so much of some kind of unnecessary broadcast traffic which can not be handled by the NIC - and the NIC goes down - and this happens all 5-10 minutes.
    Affected Linux clients are: Ubuntu v10.10 - also OpenSuse, Fedora and Arch-linx with latest OS version.
    Any Idea how I could solve this problem?
    Thanks in advance for your help

    Hi Nicolas
    Thanks for your reply. The broadcast forwarding is disabled on WLC's.
    Pls find below the attached picture, which shows the captured broadcast traffic on a linux client (sent by a student to me).
    I'm not sure, if its really only the broadcast traffic, which the linux clients can not handle.
    From my point of view, it seems also to be that the linux clients are somehow disadvantaged among the other clients like windows or mac, if they all trying to get a wireless connection.
    But the fact is only the linux clients are affected - and this happens to the linux clients only in our wireless infrastructure.
    Windows or Mac clients have no such problem at all
    regards
    Enis

Maybe you are looking for