Adding a secure WLAN - WISM and WCS

Similar Messages

• 802.11 n support in Wism and WCS

  Is the new wless standard 802.11n is supported in current shipments of Cisco WLC 44XX and WiSM ( 6500 wireless controller card) ?
  Also I need to know whether is is supported in WCS 4.1 ?

  Hi Nalaka,
  Yes, 802.11n is supported on the WISM and WCS starting with the following releases in the 4.2 train;
  Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 4.2.61.0
  http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn4200.html#wp302677
  The following new features are available in WCS 4.2.62.0
  802.11n support-The introduction of the Cisco Aironet 1250 series access point, a business-class access point based on the IEEE 802.11n draft 2.0 standard. The access point offers combined data rates of up to 600 Mbps to meet bandwidth requirements. Cisco WCS display screens include a listing for configuring, managing, and monitoring 802.11n access points and their associated wireless LAN controllers.
  The newest WLC and WCS 5.0 trains are now released as well :)
  Hope this helps!
  Rob

• How to create guest access in wireless by WISM and WCS and ACS?

  dear sir
  i neeed to know the steps of how we can make guest access to our network like hotels by using our WISM v 7.0.220 and wireless control system and ACS ?

  You need to define your requirements a little bit. The WLC can do WebAuth and an employee can access either the WLC or WCS to put in the username and password credentials, but you would need to figure out what's best for you.
  Here is a support doc that you can reference.
  https://supportforums.cisco.com/docs/DOC-13954
  Sent from Cisco Technical Support iPhone App

• WiSM and WCS Issues

  1. WiSM code 4.1.171. When a user login using a wrong password and failed, WiSM still counts it as a login session. So when the same user try to login from another computer, he may get the error about too many login sessions. I think if the login fails, the WiSM should not count it as a login session.
  2. Just upgraded to WCS 4.1.83 on Windows 2003 server. Once log out from the console, the WCS stops. Anyone sees this problem?
  Zhenning

  RE #2. In case you haven't figured this one out yet, it's a bug. Seems WCS gets started as an app instead of service regardless of config. You'll sometime notice when you exit the console (or term svc console) that you briefly see a black dos box screen & then it closes. Then wcs is no longer running. Fixed in later versions supposedly.

• 1230 Series LAP and WCS 6.0.199.0 Heatmap Problem

  I recently upgraded from WLC 4.2.207.0 to 6.0.199.0 (WiSM), and WCS 5.2.130.0 to 6.0.196.0. All my heatmaps that contain 1231G LAPs are solid "maroon" (-35 dBm) in color. If I remove the 1231 APs from the heatmap selection on the right hand side, my coexisting 1131 and 1142's display their heatmaps properly. My maps are all CAD format (dwg) converted to .png's using WCS. My goal is to migrate to 802.11n in small steps which our Cisco rep said we could do. Any ideas?

  Unfortunately, this is a bug in 6.0.199.0.  The "fix" is to upgrade to 7.0.98.0 or 6.0.199.4.  As you figured out, it only affects 1230 series APs, and only on the 802.11b/g side.  Bug ID was
  CSCti05687
  Incorrect power unit was used on AIR-AP1231G-A-K9 and IR-AP1220-IOS-UPGRD.

• After adding 2nd WiSM and failing over AP's some apps don't work

  We have a dual core made up of 2 6513's. In 6513#1 we have WiSM#1 which we have had for sometime now. We have added a 2nd WiSM in 6513#2 for redundancy purposes also we are going to be re-configuring the WiSM in 6513#1 to more match that of the new WiSM in 6513#2. We have installed the new WiSM and failed over the AP's from 6513#1 so we can re-configure it's WiSM. The failover went great and no issues, with the exception that a web application or two didn't function from wireless clients and users were having issues getting to some mapped drives. The only difference from the new WiSM config vs the old WiSM is that on the old WiSM the AP's were in the same VLAN as the controller management interfaces. Now with the new WiSM it's configuration has the controllers AP mgt interfaces ip addresses in a different VLAN from the AP's, we are doing this based on Cisco best practices. If we revert the AP's back to the original WiSM/controllers the PC's where they are on the same vlan/subnet the applications and shares that were having issues the other way work. We have placed a call with Cisco TAC and they say our configs look good and we even sent them some packet captures and they said everything looks normal. The wireless clients can ping and resolve the server hosting the application database just fine.
  Thanks

  We did create the mobility groups, and we are using DHCP opt 43. The AP's find the 2nd WiSM#2 just fine and associate to the controllers and all the WLAN's work just fine. The only issue is that after the AP's are on the new WiSM and controllers there is an application or 2 that is having trouble locating it's database server and that some share's are not working. Again the only difference in this new setup in that now the AP's are on a different subnet/vlan from the controller mgt addresses where as before they were in the same subnet/vlan and the application and shares worked fine. It's almost like it is a bit of a routing issue?
  Thanks

• I just bought a new iPhone and added 25$ to my iTunes and it won't let me buy anything bc it says I have to type in my security questions answers but I don't rennet them what do I do?

  I just bought a new iPhone and added 25$ to my iTunes and it won't let me buy anything bc it says I have to type in my security questions answers but I don't rennet them what do I do? Please help me I don't want my 25$ to go to waste

  Click here and search the article for '2 out of 3' without the quotes; this generally involves either a message being sent to your rescue email address or contacting the iTunes Store staff directly.
  (74403)

• Java update (3 days ago) won't let me play yahoo games anymore.  I've tried moving java security to Medium and adding web address as "permissive use".  Still nothing.  I'd really like a fix.   Really, apple?  What's your beef with yahoo games?

  Installed Java update three days ago.  Now, can't play yahoo games as it's now blocked by security settings.  Already have tried moving Java security to Medium and adding yahoo.games.com (including web address of game) as a "Permissive exception".   Also tried removing java and installing older version.  Still nothing.  Really Apple?!?  What's your beef with yahoo games? 

  csnorth,
  all of the older update versions of Java SE 7 can be found here. If 7u45 also didn’t work with your Yahoo! games, you can choose from any of the even older versions there as well.

• HT5312 what about if you have added a rescue email address and verifyed it and the forgot your security question thing still doesnt show because i dont no my security questions ???????????????????????

  what about if you have added a rescue email address and verifyed it and the i forgot my security questions still doesnt show up and i dont no the answers !?!?!?!?!?!?!?! what do i do then because i dont want to phone up !?!?!?! please help !!??!?!?!

  If you have just added an address to your account then it will be an alternate email address - a rescue email address can only be added by answering 2 of your questions. You will need to contact iTunes Support or Apple to get the questions reset.
  e.g. you can try contacting iTunes Support : http://www.apple.com/support/itunes/contact/ - click on Contact iTunes Store Support on the right-hand side of the page, then Account Management , and then 'Forgotten Apple ID security questions'
  or try ringing Apple in your country and ask to talk to the Accounts Security Team : http://support.apple.com/kb/HE57
  When they've been reset you can then use the steps half-way down the page that you posted from to add a rescue email address for potential future use, or you could change to 2-step verification : http://support.apple.com/kb/HT5570

• I just added money to my account and i haven't bought apps in a long time and i forgot the answers to the security questions.

  I just added money to my account and i haven't bought apps in a long time and i forgot the answers to the security questions. How do i reset them?

  Alternatives for Help Resetting Security Questions and/or Rescue Mail
       1. If you have a valid rescue email address, then use this procedure:
           Rescue email address and how to reset Apple ID security questions.
       2. Fill out and submit this form. Select the topic, Account Security. You must
           have a Rescue Email to use this option.
       3. This is the only option if you do not already have a valid Rescue Email.
           These are telephone numbers for contacting Apple Support in your country.
           Apple ID- Contacting Apple for help with Apple ID account security. Select
           the appropriate country and call. Ask to speak to the Account Security Team.
       4. Account security issues almost always require you to speak directly to an
           Apple representative to securely establish your identity as the account holder.
           You can set it up so that Apple calls you, either immediately or at a time
           convenient to you.
              1. Go to www.apple.com/support.
              2. Choose Contact Support and click Contact Us.
              3. Choose Other Apple ID Topics and choose the appropriate topic for
                  your issue.
              4. Follow the onscreen instructions.
           Note: If you have already forgotten your security questions, then you cannot
           set up a rescue email address in order to reset them. You must set up
           the rescue email address beforehand.
  Your Apple ID: Manage My Apple ID.
                          Apple ID- All about Apple ID security questions.

• [svn] 1433: adding 'console' security constraint to MBeanServerGateway remote object for MBean tests and ds-console , used when running on Websphere with administrative security enabled.

  Revision: 1433
  Author: [email protected]
  Date: 2008-04-28 13:13:12 -0700 (Mon, 28 Apr 2008)
  Log Message:
  adding 'console' security constraint to MBeanServerGateway remote object for MBean tests and ds-console, used when running on Websphere with administrative security enabled. Should call setCredentials("bob","bob1") to use this RO.
  Modified Paths:
  blazeds/branches/3.0.x/qa/apps/qa-regress/WEB-INF/flex/remoting-config.mods.xml
  blazeds/branches/3.0.x/qa/apps/qa-regress/WEB-INF/flex/services-config.mods.xml

  Hi,
  It seems that you were using Hyper-V Remote Management Configuration Utility from the link
  http://code.msdn.microsoft.com/HVRemote, if so, you can refer to the following link.
  Configure Hyper-V Remote Management in seconds
  http://blogs.technet.com/jhoward/archive/2008/11/14/configure-hyper-v-remote-management-in-seconds.aspx
  By the way, if you want to perform the further research about Hyper-V Remote Management Configuration Utility, it is recommend that you to get further
  support in the corresponding community so that you can get the most qualified pool of respondents. Thanks for your understanding.
  For your convenience, I have list the related link as followed.
  Discussions for Hyper-V Remote Management Configuration Utility
  http://code.msdn.microsoft.com/HVRemote/Thread/List.aspx
  Best Regards,
  Vincent Hu

• Can't get secure wlan to work with new guest wlan

  Dear Support,
  I'm having a nightmare! where I can seem to get either one wlan to work or the other but not both together.
  I posted previously and reconfigured as per the suggestion, however the problem I get is that the secure wlan client associates, then de-associates after roughly 30 seconds with both a guest (no security) and secure (eap using ms ias as radius server)
  my previous post is;
  http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Wireless%20-%20Mobility&topic=Security%20and%20Network%20Management&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddcfe12
  and the log shows the following, obviously the client is set to connect automatically.
  *Mar 1 00:04:35.105: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:04:51.391: %DOT11-6-ASSOC: Interface Dot11Radio0, Station 000e.35f8
  .5d13 Associated KEY_MGMT[NONE]
  *Mar 1 00:04:51.506: %DOT11-4-MAXRETRIES: Packet to client 000e.35f8.5d13 reach
  ed max retries, removing the client
  *Mar 1 00:04:51.506: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 000e.35f8.5d13 Reason: Previous authentication no longer valid
  *Mar 1 00:05:15.176: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:05:32.703: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 0013.cefd.48ca Reason: Sending station has left the BSS
  *Mar 1 00:05:58.780: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:06:16.141: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 0013.cefd.48ca Reason: Sending station has left the BSS
  *Mar 1 00:06:40.759: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:06:58.145: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 0013.cefd.48ca Reason: Sending station has left the BSS
  *Mar 1 00:07:00.560: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:07:18.020: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 0013.cefd.48ca Reason: Sending station has left the BSS
  *Mar 1 00:07:43.902: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:08:01.254: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 0013.cefd.48ca Reason: Sending station has left the BSS
  *Mar 1 00:08:16.172: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:08:16.737: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 0013.cefd.48ca Reason: Sending station has left the BSS
  *Mar 1 00:08:37.397: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AP-CDC#2 00
  13.cefd.48ca Associated KEY_MGMT[NONE]
  *Mar 1 00:08:54.732: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating
  Station 0013.cefd.48ca Reason: Sending station has left the BSS
  *Mar 1 00:08:57.193: %DOT11-4-MAXRETRIES: Packet to client 0013.cefd.48ca reach
  ed max retries, removing the client
  Thanks in advance for your assistance.
  Any prompt reply will be greatfully received. I also rate responses.
  Thanks again, regards, Adrian

  Hi Ben,
  Please find attached AP config, I can access the switch at the moment, but the config is fairly basic, trunk port with two vlans and vlan 1 as the native.
  here's the ap config.
  AP-CDC#2#sh startup-config
  Using 2989 out of 32768 bytes
  version 12.3
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname AP-CDC#2
  enable secret 5 $1$LQ1O$NKYZoYAeiahKw0805kLHg0
  clock timezone GMT 0
  clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00
  ip subnet-zero
  ip domain name wlan.internal
  aaa new-model
  aaa group server radius rad_eap
  server 10.10.10.2 auth-port 1645 acct-port 1646
  aaa group server radius rad_mac
  aaa group server radius rad_acct
  aaa group server radius rad_admin
  aaa group server tacacs+ tac_admin
  aaa group server radius rad_pmip
  aaa group server radius dummy
  aaa authentication login eap_methods group rad_eap
  aaa authentication login mac_methods local
  aaa authorization exec default local
  aaa accounting network acct_methods start-stop group rad_acct
  aaa session-id common
  dot11 vlan-name dmz vlan 2
  dot11 ssid Secure
  vlan 1
  authentication open eap eap_methods
  authentication network-eap eap_methods
  dot11 ssid Guest
  vlan 2
  authentication open
  guest-mode
  username Cisco password 7 062506324F41
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption vlan 1 mode wep mandatory
  ssid Secure
  ssid Guest
  speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
  54.0
  no preamble-short
  channel 2412
  station-role root
  interface Dot11Radio0.1
  encapsulation dot1Q 1 native
  no ip route-cache
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio0.2
  encapsulation dot1Q 2
  no ip route-cache
  bridge-group 2
  bridge-group 2 subscriber-loop-control
  bridge-group 2 block-unknown-source
  no bridge-group 2 source-learning
  no bridge-group 2 unicast-flooding
  bridge-group 2 spanning-disabled
  interface FastEthernet0
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  hold-queue 160 in
  interface FastEthernet0.1
  encapsulation dot1Q 1 native
  no ip route-cache
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface FastEthernet0.2
  encapsulation dot1Q 2
  no ip route-cache
  bridge-group 2
  no bridge-group 2 source-learning
  bridge-group 2 spanning-disabled
  interface BVI1
  ip address 10.10.10.49 255.255.255.0
  no ip route-cache
  ip default-gateway 10.10.10.253
  ip http server
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface BVI1
  radius-server attribute 32 include-in-access-req format %h
  radius-server host 10.10.10.2 auth-port 1645 acct-port 1646 key 7 xyz
  radius-server vsa send accounting
  control-plane
  bridge 1 route ip
  line con 0
  line vty 0 4
  end
  AP-CDC#2#
  Thanks again, regards, Adrian

• How do i copy text added to a protected pdf and save in word.

  how do I copy text added to a protected pdf and save in word?

  More details would be helpful. What security restrictions are there, exactly? Do you know the password? Do you want to copy all of the text in a document, or just some?

• Security attributes, qfp and un-authenticated users

  Hi,
  I have some observations regarding security attributes, query filter plugins and un-authenticated users that I would like your comments on.
  I am developing a custom crawler, a will be using OID for authentication. Not all users will be authenticated (hence they should only have access to content considered public). Authorization is done by the document source (using the option "ACLs controlled by the source").
  I am quite sure that I have read somewhere that not adding a security attribute for a certain document leads to the document being treated as public.
  Observations:
  A) Query filter plugins will only be called for authenticated users
  B) At crawl-time, not adding a defined security attribute leads to the document not being indexed
  Observation B means that my security attribute has to be added for every document (for the public documents populated with a value representing public access). Observation A means that the query filter will not be invoked for un-authenticated users (hence, they won't see any of the indexed documents, since all have security attributes).
  Question:
  How should I ensure that the documents considered public are available for unauthenticated users?
  Regards,
  Rune

  Hi all,
  I seem to have had inaccurate logging , so my assumption A is false.
  Then I have a simple workaround (add a special security attribute value for public documents), and you can forget about my question.
  regards,
  Rune

• I can't remember my security question answers, and my account won't let me reset them either. Please help!

  I just received my new iPad, and I've been buying songs and apps with no problems until iTunes asked me my security questions... I totally forgot the answers! I've already reset my password, and that didn't help. I also tried adding a new email address and that didn't help either. Can anyone help?

  If you have a rescue email address (which is not the same thing as an alternate email address) set up on your account then you can try going to https://appleid.apple.com/ and click 'Manage your Apple ID' on the right-hand side of that page and log into your account. Then click on 'Password and Security' on the left-hand side of that page and on the right-hand side you might see an option to send security question reset info to your rescue email address.
  If you don't have a rescue email address then see if the instructions on this user tip helps : https://discussions.apple.com/docs/DOC-4551