Authentication Failed and No Response VLAN

Documentation states:
I'm running 12.2(33)SXI. The documentation states:
With Cisco IOS Release 12.2(33)SXH and later releases, when you configure a guest VLAN, clients that are not 802.1X-capable are put into the guest VLAN when the server does not receive a response to its EAP request/identity frame. Clients that are 802.1X-capable but that fail authentication are not granted network access. When operating as a guest VLAN, a port functions in multiple-hosts mode regardless of the configured host mode of the port.
http://www.cisco.com/en/US/customer/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/dot1x.html#wp1135086
I've configured the following (in addition to the normal 802.1x commands) on the port to which the client is connected:
authentication event no-response action authorize vlan 100
authentication event fail action authorize vlan 100
Where vlan 100 is the guest VLAN--i.e. I want any client that has either 1) no 802.1x supplicant configured on the workstation or 2) does not have a valid login/password, to be placed on this VLAN. The problem I run into is that neither of these two things are happening. I can authenticate users with valid login credentials against AD and internal database but when a user without valid credentials attempts to log on or one without a supplicant attempts to connect, I see the debugs in the switch just sending EAP polls to the client. I would expect that it should put the client on the guest VLAN after the attempts time out or if the user provides invalid credentials. This doesn't happen. Please advise. Thanks.

It seems that the following command seemed to do the trick for us:
dot1x guest-vlan supplicant
Basically, even though I had the guest VLAN specified at the interface level, until I entered the above command at the global level, the client (that has no 802.1x supplicant or one that entered wrong credentials) was not being placed in the guest VLAN. Once I entered the above command, it seems to be getting placed in the guest VLAN.

Similar Messages

  • "Authentication Failed" and "Your session has timed out" messages

    Hi All,
    In our implementation, we are using Sun Access Manager 7.0 Patch 6. We noticed that sometimes when we enter invalid credentials, we receive "Authentication Failed" message which we understand is a correct behavior. But sometimes instead of "Authentication Failed", we get "Your session has timed out" message even though we did not go over the module timeout of 2 minutes(i.e. default timeout value in SUN Access Manager).
    Is this a known anomaly? Did anybody else have seen this kind of behavior?
    Thanks,
    Jaya

    I'm having issues too! Help!

  • 802.1x - Authentication failed

    Hello!
    There is a network layout: custom laptop, switch Cisco (model - Cisco WS-C3750-48PS-S, firmware version - 122-58.SE2) and Freeradius server.
    The user is authenticated by MAC-address (switch sends MAC-address of the server as username and password).
    On my computer, there is "Authentication failed".
    Port mirroring was made and  the traffic was checked by Wireshark.
    It can be seen that the server responds Accept-message (screenshot attached), which transmits the number of vlan.
    With the command "sh vlan" can be seen that the switch port assigned the desired vlan to port.
    Port is mirrored towards the user. There are three Start messages from the user (screenshot attached), but the message Request-Identity from the switch are absent (no screenshot).
    Therefore, the user does not receive a message from a switch that authentication passed, and does not work with the network (not sending a DHCP-query).
    If you disable 802.1x on a PC, the PC works with a network.
    The network was tested on 2 different switches with different firmware (). PCs are with Windows 7 and Windows 8.
    Fa 1/0/18 - to PC.
    Fa 1/0/47 - to Freeradius-server
    What could be the problem?
    Thanks in advance.
    p.s. I attach config-file.

    No problem! Yes, you are correct, a switchport can be configured to support both mab and dot1x authentications. I am still trying to understanding the following:
    1. When does authentication fail and when does it work. Please provide more details
    2. Can you post screenshots of the supplicant(Windows) configurations
    3. Please post the output of this command during both the failed and successful authentications:
    how authentication session interface_name_number detail
    4. I would also add the following commands to your access port:
    dot1x pae authenticator
    authentication event fail action next-method
    authentication violation restrict
    Thank you for rating helpful posts! 

  • Jcshell: Error code: -5 (Authentication failed)

    Hey guys,
    I need help with my JC project. I want to deploy/download a simple applet onto a real card which actually developed by some company and has some applet. Firstly, I got the following error:
    Status: No Error
    jcshell: Error code: -8 (Failed (no diagnosis))
    jcshell: Command failed: No such key: 1/1
    Unexpected error; aborting executionThe Shane explained a solution to the problem in another thread (Which are the keys for JCOP31C232 used in command "init-update" Now I get another error:
    cm> /term "winscard:4|OMNIKEY CardMan 5x21 0"
    /card -a a000000003000000 -c com.ibm.jc.CardManager
    ATR: 3BF81800FF8131FE454A434F507632343143
    ATR:
    T = 1
    cm> set-key 1/1/DES-ECB/404142434445464748494a4b4c4d4e4f 1/2/DES-ECB/404142434445464748494a4b4c4d4e4f 1/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    cm> init-update 1
    jcshell: Error code: -5 (Authentication failed)
    jcshell: Wrong response APDU: 00000353021436954415010200020090758652BBBB0F31871AC812479000
    Unexpected error; aborting executionIs it possible that the card is locked for changes?
    Thanks for any help.
    Regards,
    errno

    is it possible for the card owner company to add additional key(s) which is then only for me useable? Not really. In GP 2.2 it may be possible to have multiple security domains where different developers can load applets but there is still a main issuer than can delete your applets (or security domain). I have not had much of a chance to look at cards that support GP 2.2 so I do not have all the details on this. In GP 2.1.1 it is not possible. If you have the keys for the ISD you can do what ever you like to the card.
    Is this process of authentication described some where? Yes. It is in the GP card spec. Look for the appendix on secure channel protocol 02.
    Is it not possible to protect a single applet slots - why should I lock the card for new deployments when the security of my applet is not a problem?Secured is a card manager state that doesn't look you out of the card, it just means some things are not possible (like starting a secure channel without MAC'ing). When you are developing you can keep the card in OP_READY or INITIALIZED.
    Shane

  • Cisco1941W error massage "%DOT11-7-AUTH_FAILED: Station 0011.f596.eecb Authentication failed"

    I am using Cisco1941W.
    When I connect CliantPC to Wireless(1941W) I got bellow massage from 1941AP.
    "%DOT11-7-AUTH_FAILED: Station 0011.f596.eecb Authentication failed"
    And I couldn't ping from my PC to AP and Router.
    Its possible communication from AP to Router.
    I show 1941AP configration.
    Could you find wrong?
    By the way, my PC connected to AP by 108Mbps.
    But my PC supported only 802.11a/b/g .
    My PC use Static IP Address and use TEST-2  ssid.
    I couldn't find error from my PC.
    (start)
    hostname TEST
    enable secret test
    aaa new-model
    aaa group server radius rad_eap
    server 10.73.12.2 auth-port 1645 acct-port 1646
    aaa session-id common
    dot11 syslog
    dot11 ssid TEST-1
       vlan 100
       authentication open eap eap_methods
       authentication key-management wpa
       mbssid guest-mode
    dot11 ssid TEST-2
       vlan 200
       authentication open
       authentication key-management wpa
       mbssid guest-mode
       wpa-psk ascii testtesttesttesttest
    dot11 aaa csid ietf
    username Cisco password 7 05280F1C2243
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    no shut
    encryption vlan 100 mode ciphers aes-ccm
    encryption vlan 200 mode ciphers aes-ccm
    ssid TEST-1
    ssid TEST-2
    mbssid
    antenna gain 0
    station-role root
    interface Dot11Radio0.100
    encapsulation dot1Q 100 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.200
    encapsulation dot1Q 200
    no ip route-cache
    bridge-group 2
    bridge-group 2 subscriber-loop-control
    bridge-group 2 block-unknown-source
    no bridge-group 2 source-learning
    no bridge-group 2 unicast-flooding
    bridge-group 2 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    no shut
    encryption vlan 100 mode ciphers aes-ccm
    encryption vlan 200 mode ciphers aes-ccm
    ssid TEST-1
    ssid TEST-2
    antenna gain 0
    no dfs band block
    channel 5180
    station-role root
    interface Dot11Radio1.100
    encapsulation dot1Q 100 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio1.200
    encapsulation dot1Q 200
    no ip route-cache
    bridge-group 2
    bridge-group 2 subscriber-loop-control
    bridge-group 2 block-unknown-source
    no bridge-group 2 source-learning
    no bridge-group 2 unicast-flooding
    bridge-group 2 spanning-disabled
    interface GigabitEthernet0
    description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
    no ip address
    no ip route-cache
    bridge-group 5
    no bridge-group 5 source-learning
    bridge-group 5 spanning-disabled
    no shut
    interface GigabitEthernet0.100
    encapsulation dot1Q 100 native
    no ip route-cache
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface GigabitEthernet0.200
    encapsulation dot1Q 200
    no ip route-cache
    bridge-group 2
    no bridge-group 2 source-learning
    bridge-group 2 spanning-disabled
    interface BVI1
    ip address 10.73.12.7 255.255.255.0
    no ip route-cache
    ip default-gateway 10.73.12.1
    ip http server
    no ip http secure-server
    radius-server deadtime 1440
    bridge 1 route ip
    (end)
    I guess errer massage is telling Radio Frequency error.
    I tried to change configuration "speed".
    But still get error massage and I couldn't ping from my PC.

    Thanks, leolaohoo.
    > My PC use Static IP Address and use TEST-2  ssid.
    so I use TEST-2.
    in this case, ignore TEST-1.
    I just paste real configuration.
    I tried to connect again.
    But still I can't ping from PC to AP.
    I use other PC.
    I configured bellow.
      -interface dot11Radio0
      -speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    It was same resault.
    Is cisco1941w broken?
    I'd like to know one more.
    I configured bellow, but I couldn't use 802.11a.
      -interface dot11Radio0
      -shutdown
    how to use 802.11a(5GHz)?

  • VPN - CHAP authentication failed

    I am currently running a Mac mini server with 10.8.2 installed. I can connect to my VPN when connected to the internal network with the same credentials I'm trying when connecting externally, however I am not able to connect externally. The VPN server log says...
    Wed Jan  9 19:05:45 2013 : PPTP incoming call in progress from 'XXX.XXX.XXX.XXX'...Wed Jan  9 19:05:45 2013 : PPTP connection established.
    Wed Jan  9 19:05:45 2013 : using link 0
    Wed Jan  9 19:05:45 2013 : Using interface ppp0
    Wed Jan  9 19:05:45 2013 : Connect: ppp0 <--> socket[34:17]
    Wed Jan  9 19:05:45 2013 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x41729571> <pcomp> <accomp>]
    Wed Jan  9 19:05:45 2013 : rcvd [LCP ConfReq id=0x1 <mru 1400> <asyncmap 0x0> <magic 0x76af3698> <pcomp> <accomp>]
    Wed Jan  9 19:05:45 2013 : lcp_reqci: returning CONFACK.
    Wed Jan  9 19:05:45 2013 : sent [LCP ConfAck id=0x1 <mru 1400> <asyncmap 0x0> <magic 0x76af3698> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x41729571> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x41729571> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : sent [LCP EchoReq id=0x0 magic=0x41729571]
    Wed Jan  9 19:05:48 2013 : sent [CHAP Challenge id=0xcc <1b0470764c2477634532244f7056405b>, name = "server.robertsteeter.private"]
    Wed Jan  9 19:05:48 2013 : rcvd [LCP ConfReq id=0x2 <mru 1400> <asyncmap 0x0> <magic 0x5fbceae0> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : sent [LCP ConfReq id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0x772dcec9> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : lcp_reqci: returning CONFACK.
    Wed Jan  9 19:05:48 2013 : sent [LCP ConfAck id=0x2 <mru 1400> <asyncmap 0x0> <magic 0x5fbceae0> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x41729571> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0x772dcec9> <pcomp> <accomp>]
    Wed Jan  9 19:05:48 2013 : sent [LCP EchoReq id=0x0 magic=0x772dcec9]
    Wed Jan  9 19:05:48 2013 : sent [CHAP Challenge id=0x6a <65334e292e400860457a3e710278142e>, name = "server.robertsteeter.private"]
    Wed Jan  9 19:05:48 2013 : rcvd [LCP EchoRep id=0x0 magic=0x5fbceae0]
    Wed Jan  9 19:05:48 2013 : rcvd [CHAP Response id=0x6a <3c2c0bb90568f62f5ada84294038e828000000000000000032bf450620bf278e54e8d70b5ed48a 4a5567f528df9194bd00>, name = "matt"]
    Wed Jan  9 19:05:48 2013 : DSAuth plugin: unsupported authen authority: recved ShadowHash;HASHLIST:<SMB-NT,CRAM-MD5,RECOVERABLE,SALTED-SHA512-PBKDF2>, want ApplePasswordServer
    Wed Jan  9 19:05:48 2013 : DSAuth plugin: MPPE key required, but its retrieval failed.
    Wed Jan  9 19:05:48 2013 : sent [CHAP Failure id=0x6a "S=D43D9FBA673744184953601DBB181A5E9B2FF9C9 M=Access granted"]
    Wed Jan  9 19:05:48 2013 : CHAP peer authentication failed for matt
    Wed Jan  9 19:05:48 2013 : sent [LCP TermReq id=0x3 "Authentication failed"]
    Wed Jan  9 19:05:48 2013 : Connection terminated.
    Wed Jan  9 19:05:48 2013 : PPTP disconnecting...
    Wed Jan  9 19:05:48 2013 : PPTP disconnected
    2013-01-09 19:05:48 EST    --> Client with address = 192.168.100.241 has hungup
    Not sure what the issue is, however I'm sure I have the username/password and shared secret all correct since I can connect internally. Any suggestions?

    I have a similar problem:
    OS X Server 10.3.9 running on a G3; clients running OS X 10.4.8.
    I used Server Admin to set up the server with L2TP and set the shared secret[1]; I used Internet Connect to try to get a client to connect to the server. The result is always the same: The client says "Authentication Failed" and the server's logs record the conversation (Here's the relevant part):
    ...Tue Jan 16 15:55:08 2007 : sent [CHAP Challenge id=0x1 <c9af9d6375c13e5657d49c44c6ab8259>, name = "inside"]
    Tue Jan 16 15:55:08 2007 : rcvd [LCP EchoReq id=0x0 magic=0x9101c22f]
    Tue Jan 16 15:55:08 2007 : sent [LCP EchoRep id=0x0 magic=0xf01aa2]
    Tue Jan 16 15:55:08 2007 : rcvd [LCP EchoRep id=0x0 magic=0x9101c22f]
    Tue Jan 16 15:55:08 2007 : rcvd [CHAP Response id=0x1 <f27c5a611e1e9cf68c17d04d37448b6d00000000000000000f035bba35b5a714589e7292c1fba0 78d57fb3640b62a08e00>, name = "timberwoof"]
    Tue Jan 16 15:55:08 2007 : sent [CHAP Failure id=0x1 "E=691 R=1 C=C9AF9D6375C13E5657D49C44C6AB8259 V=0 M=Access denied."]
    Tue Jan 16 15:55:08 2007 : CHAP peer authentication failed for remote host timberwoof
    Tue Jan 16 15:55:08 2007 : sent [LCP TermReq id=0x2 "Authentication failed"]
    Tue Jan 16 15:55:08 2007 : rcvd [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]
    The user 'timberwoof' exists on the server. I tried changing password type to Advanced, but there's a catch-22 situtation: no user is set up with Advanced password, and it can only be changed to that by a user using Advanced password.
    [1] Has anyone else noticed that the dialog box for setting this in Server Admin 10.4.7 is broken? It always forgets the shared secret and then complains that none has been entered.

  • Configurator: app authentication failed

    Using Itunes 11 I have downloaded the updates for all my apps, I then re-import the apps into apple configurator so that the updated versions of the apps get pushed to my ipads. when it's time to apply the updated apps I get an error message of "checking pairing" then it says "app authentication failed" and none of the new apps are applied and no updates are applied. 

    Hi
    I have had the same problem as well.
    I unplugged the usb then re plugged and it repeated the process and worked.
    This is just one of a long list of problems I have with Apple Configurator
    Ipad2 x34, ios6

  • Relogin into the application once the authentication fails

    Hi,
    We are using java web start to start our application. As we are refering to a secured resource in the weblogic environment we gets a JWS authentication popup screen.
    If we supply an invalid user/password combination the authentication fails and we have to restart the application.
    We thougt of putting the piece of code which does the authentication in a while(true) loop but it seems that the JWS uses the old user name and password next time also and so the application goes into an infinete loop.
    Answer to any of these two queries can solve our problem:
    1. Is there a way by which we can make the authentication dialog box to popup again in case of failure so that we don't have to restart the application.
    2. Is there any way by which we can clear the past values of user name and password from JWS authentication Dialog box. I guess in this way JWS will pop the Authentication Dialog again..
    Pl. reply to these at the earliest as our project is in critical state...
    thanx in advance
    Shashi

    Here's something we did. Not perfect, but it seems to be working. At least until the API provides better support!
    We worked to "preempt" the built-in authentication dialog. By that I mean we displayed our own dialog when the client application started (just a dialog, not an extension to java.net.Authenticator). Then for each and every URLConnection, we attach the "Authorization" request header. In our case, we're using Apache's Tomcat application server, so we grabbed their implementation of Base64 encoding (see org.apache.catalina.util.Base64.encode). So we collected username/password information from the user via our own dialog, used Catalina's base64 encoding method, and attached the "Authorization" request header for each and every URLConnection request. This prevents the Java Web Start default Authenticator from ever coming into play.
    One other problem (and our solution). If the user typed an invalid username/password, the server challenged our request (with the built-in Authenticator). To get around this issue, we created an unprotected servlet that accepted the specified username/password (via an HTTP tunnel) and returned a boolean (again, via tunneling). This servlet, while unprotected, was directed (in web.xml) to use SSL for security of the password. It validated the specified username/password. Our own authentication dialog worked with this servlet to give the user some specified number of chances to specify a valid username/password. Only if this servlet returned TRUE would the application continue, and make further URLConnection connections using the now-validated username/password.
    As I said earlier - this is NOT an optimal solution. What we really need is some API help from the Java Web Start team (they did say they looked at this board when we met at this year's JavaOne). The "correct" solution would be to have the Java Web Start default Authenticator act more like the authentication dialog box of any web browser, popping back up if an invalid username/password was specified.
    Anyways, I hope this helped. Good luck!

  • Sync Now - Authentication failed - Premiere Pro CC

    I am logged into the Creative Cloud.  When I am in Premiere and I try to sync settings, I get prompted to enter my Adobe ID (email) and password.  When I do this, I get a message that the authentication failed and that I should try again.  I am using a protected network at work, but I have entered the proxy information on the Creative Cloud app.  Is there somewhere else I should enter the proxy information?

    That may be a question for one of the Cloud forums
    Cloud Forum http://forums.adobe.com/community/creative_cloud
    -and http://forums.adobe.com/community/creative_cloud/creative_cloud_connection

  • Sony NSZ-GS7/GS8 - Google Talk Authentication Failed

    I just did a factory data reset on my Sony NSZ-GS7/GS8 because I was having a couple of minor issues and the forums I read said a factory reset was the best option. Well after doing a factory reset all my issues were cured but I have a whole host of new issues. After it comes on I get an error message stating "Google Talk Authentication Failed" and the error details are (Google Talk failed to login. If this is a Google Apps account, confirm that Chat service is enabled for this account.) After I clear that error, I tried to download all my apps and the app updates for the apps installed from the “Google Play Store”. Immediately after clicking on the update button I get “error downloading “name of app etc…” I have tried a hard reset using the connect button under the device.I have tried clearing the data and cache in the Google Play Store, Google Network Frame Services, Download Manager, re-setting, rebooting, etc. etc. etc. Based on the error it’s got to be something with the sony/gmail account sign in. I have been all over the internet and I can’t find a solution. I love this device I’d hate to have to toss it and find something else. Plus I don’t wanna spend another couple hundred dollars. Please Help!!!Any ideas would be appreciated.Thank You in Advance

    Attention akulac! Thank you! Thank you! Thank you! I called Sony back and raised a little ******. I told them everything about my units errors and what I've done to try and fix it and all the trouble shooting including what I went through contacting Google. I told them what you said in your post. And sure enough this is a known issue with this Sony model. My unit is 2 years and 10 months old and has been out of warranty for 1 year and 10 months yet, Sony is replacing my unit for free. Not repairing but replacing with a new unit. So for anyone else who experiences this issue contact Sony. It can't be fixed.

  • Authentication Failed :  BPEL Console and BPEL Admin

    Hi ,
    I am trying to log in to BPEL Console repeatedly. I am using the user oc4jadmin. I have logged in successfully previously using oc4jadmin.
    I read somewhere that a workaround is
    "Workaround is you take login_error.jsp off from URL http://<host>:<port>/BPELConsole/login_error.jsp, So your URL would look like http://<host>:<port>/BPELConsole/. This will automatically log you in. Since the problem was with redirection and not with your credentials"
    This is also not working for me.
    Could it be possible that I have locked this account ? Is so, how can I unlock it .
    Any suggestions on why I get repeatedly Authentication Failed ?

    Hi ,
    Thanks for the response .
    This the log from opmn/logs/default_group~oc4j_soa~default_group~1.log
    09/08/17 14:14:33 ############# statusFilter = ASSIGNED###########
    09/08/17 14:14:33 ############# session = oracle.portal.provider.v2.http.ServletProviderSession@1ee1212###########
    09/08/17 14:14:33 ############# wlCtxKey = _piref985378135.worklistContext###########
    09/08/17 14:14:33 ############# ctx = null###########
    09/08/17 14:14:33 ############# wlRmtUserKey = _piref985378135.remoteUser###########
    09/08/17 14:14:33 ############# sessionRemoteUser = null###########
    09/08/17 14:14:33 ############# currentRemoteUser = null###########
    09/08/17 14:14:33 ############# filterPredicate = ( wfn.State IN (?,?))############
    09/08/18 13:07:52 BI Beans Graph version [3.2.2.0.24]
    09/08/18 13:07:55 Tue Aug 18 13:07:55 CEST 2009 PROBLEM: In oracle.dss.thin.beans.graph.ThinGraph::setTabularData: all relational rows are null
    09/08/18 13:07:55 BI Beans Graph version [3.2.2.0.24]
    09/08/18 13:07:55 BI Beans Graph version [3.2.2.0.24]
    09/08/18 13:07:55 Tue Aug 18 13:07:55 CEST 2009 PROBLEM: In oracle.dss.thin.beans.graph.ThinGraph::setTabularData: all relational rows are null
    09/08/18 13:07:55 BI Beans Graph version [3.2.2.0.24]
    09/08/18 13:07:55 Tue Aug 18 13:07:55 CEST 2009 PROBLEM: In oracle.dss.thin.beans.graph.ThinGraph::setTabularData: all relational rows are null
    09/08/18 13:07:55 Tue Aug 18 13:07:55 CEST 2009 PROBLEM: In oracle.dss.thin.beans.graph.ThinGraph::setTabularData: all relational rows are null
    09/08/18 13:09:09
    ConnectionPoolManager uiauthpool intialized with url=jdbc:oracle:thin:@//SHK-ORADEVAPP02.HK.INDISKA.SE:1521/orcl.hk.indiska.se driver=oracle.jdbc.driver.OracleDriver user=ORAWSM maxConn=5
    [oraias@SHK-ORADEVAPP02 logs]$

  • Authentication failed using EAP-TLS and CSSC against ACS

    Hi.
    Playing with a trial version of CSSC (Cisco secure services client) I had a problem that really I don´t understand.
    Any 802.1x configuration work fine but when I use anything involving the use of certificates (EAP-TLS or PEAP using a certificate instead a password to autenticate) I always see the same log message in ACS:
    "Authen session timed out: Challenge not provided by client" It seems that my client supplicant does not repond to the ACS when the first one proposed an EAP method.
    First I discart a certificate error because the same certificate works fine with Intel Proset Wireless supplicant and Windows Zero Configuration. EAP Fast works fine using auto provisioning or manual provisioning.
    Any idea? I red the CSSC administration guide but I did not find anything that explains this behaviour or defines the right configuration for this EAP method.
    I´m using Windows XP SP3, Intel Wireless 4965AGN and CSSC 5.1.1.18; My CA is a Windows CA.ACS version 4.2
    Thanks in advanced.
    Best regards.

    Today is not mmy day.
    It´s still failing and maybe I will open a TAC case.
    I´m looking at the log file of the CSSC and I don´t like what I have seen.
    2125: portable-9b7161: oct 28 2010 20:34:29.156 -0100: %CSSC-6-INFO_MSG: %[tid=344][mac=1,6,00:1d:e0:9f:05:ef]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: EAP suggested by server: leap
    2126: portable-9b7161: oct 28 2010 20:34:29.156 -0100: %CSSC-6-INFO_MSG: %[tid=2044][mac=1,6,00:1d:e0:9f:05:ef]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: EAP requested by client:  eapTls
    2127: portable-9b7161: oct 28 2010 20:34:29.156 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: EAP methods sent : sync=8
    2128: portable-9b7161: oct 28 2010 20:34:29.156 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: Credential Request completed, response sent : sync=8
    2129: portable-9b7161: oct 28 2010 20:34:29.156 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: Authentication state transition: AUTH_STATE_UNPROTECTED_IDENTITY_SENT_FOR_FULL_AUTHENTICATION -> AUTH_STATE_UNPROTECTED_IDENTITY_ACCEPTED
    2130: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=344]: Credential callback, type=AC_CRED_SERVER_VERIFY, sync=9
    2131: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=344]: Calling acCredDeferred
    2132: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=344]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: Credential Request deferred : sync=9
    2133: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: Server verification sent : sync=9
    2134: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: Credential Request completed, response sent : sync=9
    2135: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=344]: Credential callback, type=AC_CRED_USER_CERT, sync=10
    2136: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=344]: Calling acCredDeferred
    2137: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=344]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: Credential Request deferred : sync=10
    2138: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: Impersonating user
    2139: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: Loading client certificate private key...
    2140: portable-9b7161: oct 28 2010 20:34:29.171 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: Calling acCertLoadPrivateKey()...
    2141: portable-9b7161: oct 28 2010 20:34:29.187 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: ...acCertLoadPrivateKey() returned
    2142: portable-9b7161: oct 28 2010 20:34:29.187 -0100: %CSSC-3-ERROR_MSG: %[tid=140]: Internal error 204, contact software manufacturer
    2143: portable-9b7161: oct 28 2010 20:34:29.187 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: acCertLoadPrivateKey() error -20 [c:\acebuild\bldrobot_cssc_5.1.1.21_view\monadnock\src\ace\certificate\certificateimpl.cpp:239]
    2144: portable-9b7161: oct 28 2010 20:34:29.187 -0100: %CSSC-3-ERROR_MSG: %[tid=140]: Internal error 4, contact software manufacturer
    2145: portable-9b7161: oct 28 2010 20:34:29.187 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: CssException for function 'acCertLoadPrivateKey' => -20{error} [certificateimpl.cpp:240]
    2146: portable-9b7161: oct 28 2010 20:34:29.187 -0100: %CSSC-3-ERROR_MSG: %[tid=140]: Internal error 7, contact software manufacturer
    2147: portable-9b7161: oct 28 2010 20:34:29.187 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: Assertion 'CSS exception - should this be logged instead?' failed at [cssexception.cpp:114]
    2148: portable-9b7161: oct 28 2010 20:34:29.218 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: Client certificate private key has not been loaded
    2149: portable-9b7161: oct 28 2010 20:34:29.218 -0100: %CSSC-7-DEBUG_MSG: %[tid=140]: Deimpersonating user
    2150: portable-9b7161: oct 28 2010 20:34:29.218 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: Client certificate 239f43fdcde8e190540fab2416253c5660c0d959 has been processed: ERR_INTERNAL_ERROR(7)
    2151: portable-9b7161: oct 28 2010 20:34:29.218 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: Certificate 239f43fdcde8e190540fab2416253c5660c0d959 is unusable
    2152: portable-9b7161: oct 28 2010 20:34:29.218 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: {764C6E35-2FFF-47CF-A0CA-5B90E9483367}: Credential Request completed, no response sent : sync=10
    2153: portable-9b7161: oct 28 2010 20:34:30.078 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: Checking for new configuration
    2154: portable-9b7161: oct 28 2010 20:34:32.078 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: Checking for new configuration
    2155: portable-9b7161: oct 28 2010 20:34:34.078 -0100: %CSSC-7-DEBUG_MSG: %[tid=2044]: Checking for new configuration
    It seems that It found a valid certificate, starts the Authentication proccess and when it must request the ACS challenge it fails when loading the private key and crash the supplicant 
    Do you think the same??
    Thanks.
    Best Regards.

  • TS4002 Can you tell me if the smtp settings have changed recently?  I use me/ICloud mail with Outlook and can not receive emails but outgoing emails are no longer working.  Error message is: Authentication failed because Outlook doesn't support any of the

    I am able to receive messages on my IMac using Outlook but am unable to send.  I've had no trouble in the past but began receiving the following messages today.
    5.7.8 Bad username or password (Authentication failed).
    Authentication failed because Outlook doesn't support any of the available authentication methods.
    I am able to send messages using this account on my IPhone and IPad so the IMac is the only place I am having issues.  Any advice?

    Here are the correct settings. They have never changed since iCloud debuted a year ago.
    Server information
    IMAP (Incoming Mail Server) information:
    Server name: imap.mail.me.com
    SSL Required: Yes
    Port: 993
    Username: [email protected] (use your @me.com address from your iCloud account)
    Password: Your iCloud password
    SMTP (outgoing mail server) information:
    Server name: smtp.mail.me.com
    SSL Required: Yes
    Port: 587
    SMTP Authentication Required: Yes
    Username: [email protected] (use your @me.com address from your iCloud account)
    Password: Your iCloud password
    Note: If you receive errors using SSL, try using TLS instead. SSL is required for both IMAP and SMTP connection with iCloud. POP is not supported by iCloud. 

  • Remote procedure call failed and did not execute response after changing contents

    Hey Hey!
    I have reviewed the other posts related to this issue but have not found a solution.
    I have done myself quite a mischief and hope someone here can help me out!
    I'm running an old ACER laptop with Windows 7. This PC belonged to an old colleague and therefore all of the folders and user names were still under his name, so I decided to try to change them all to my name. The main issue was the USER folder which had
    the locked symbol next to it but it wasn't locked at all. I googled how to delete this folder and one bright spark suggested I create a new folder with my name, copy all of the folders from the other 'locked' user's folder into my folder, and then delete the
    old user's folder. 
    That was fine. All seemed well. When I tried to delete the old folder the computer sat around thinking saying it was 'moving' but not doing anything. So, I cancelled the operation in the Task Manager. When I attempted to open any folder from the start menu
    or desktop or task bar I was presented with a bunch of numbers and letters and the message "REMOTE PROCEDURE CALL FAILED AND DID NOT EXECUTE."
    I quickly googled the message realising I'd made a major error and the first response was to type in services.msc or something to that effect, so I typed that into the Start Menu search bar and hit enter and nothing came up. So, I tried again, but now I
    couldn't type anything into the search bar, I could not even select any programs from the Start Menu. 
    So, I can't access the Start Menu, search bar, or any of the folders unless I open uTorrent, select open containing folder, and from there I can access what I need.
    I'm too afraid to reboot the PC. I can't locate my copy of Windows 7 anywhere. I'm freaking out!!
    Before I pour my lowly student wage into getting a professional to fix it, could someone please offer some suggestions??
    Greatly appreciated in advance. 
    Paris, Texas. 

    Hi,
    Based on your description, for this question is more related to NetQueryDisplayInformation() API, in order to get better help, we may ask for suggestions in the following MSDN forum.
    MSDN Forum
    https://social.msdn.microsoft.com/Forums/en-US/home
    Besides, we can try to use a script to get all domain users. Regarding this point, the following script can be referred to as reference.
    How to list all active directory users in a particular domain using PowerShell
    https://gallery.technet.microsoft.com/office/How-to-list-all-active-0d9be7ce
    In addition, for scripts, we can also ask for help in the following forum.
    The Official Scripting Guys Forum
    https://social.technet.microsoft.com/Forums/scriptcenter/en-US/home?forum=ITCG
    Best regards
    Frank Shen 

  • HT4623 I have updated my Iphone 3 but unable to start it. It takes too much time on Authentication and than message appears that Authentication failed

    I have updated my Iphone 3 but unable to start it. It takes too much time on Authentication and than message appears that Authentication failed

    I don't know either its jailbroken or hacked otherwise.
    It was working properly before I have updated it through Itunes to update the OS. After the updation, this message occurs
    Authentication failed, please try after few minutes
    Please help

Maybe you are looking for

  • Problem with networking HP Laserjet 1100 with Leopard with new Intel iMac

    I have an HP Laserjet 1100 that I have used with my old iMac running Panther. I had used the HPIJS drivers in the past with the HP Laserjet 5 driver selected. It worked flawlessly. I use IPP to connect to the printer via a printer server. I have purc

  • Issue in Complete Refresh of a Materialized View

    Hello, We have an MV in the Datawarehouse that does a FAST REFRESH daily. Every Saturday, a COMPLETE REFRESH is done as part of the normal Database Activities. The Database is Oracle 9i. The MV contains a Join between a Dimension and Fact Table of a

  • Country of Origins - Pricing Tool

    Dear All, Currently under the drop down for country of origins in the pricing tool all countries in SAP are listed.  We need this to be limited to the countries we buy from. Please suggest, how this can be achieved. Thanking you in advance. Regards J

  • MEF E-line, E-LAN & E-tree services vs MPLS

    Dears Would like your assistance regarding below plz I was wondering how MEF  E-line, E-LAN & E-tree services are configured at Cisco ?? What come to my mind is that first we need to have MPLS network then implement these services as below E-line  --

  • Identifying EJB3 Application

    hi, how can i differenciate an EJB3 and EJB2 Applications without seeing the source code? regards, panneer