CCMP not encrypted violation
After upgrading our three WLC 5508 to version 7.5.102.0, the security log in Prime is flooded with:
MFP Anomaly Detected - 10 'CCMP Not Encrypted' violation(s) have
originated from the Client with MAC '04:f7:e4:d2:e7:11' while it was
associated to the BSS '84:78:ac:de:b4:3e'. This was detected by the
radio with Slot ID '1' of the AP with MAC '84:78:ac:de:b4:30' when
observing 'Association Response' frames.
MFP Anomaly Detected - 10 'CCMP Not Encrypted' violation(s) have
originated from the Client with MAC '04:f7:e4:d2:e7:11' while it was
associated to the BSS '84:78:ac:de:b4:3e'. This was detected by the
radio with Slot ID '1' of the AP with MAC '84:78:ac:de:b4:30' when
observing 'Association Response' frames.
The clients seems to connect without any problem though.
I have searched the support forum but haven't found anything about this. What is causing this messages ?
MFP traps are expected where clients go into power save mode and in busy environments (CSCsr20434 ) . Since this is as expected, logs are filled with unwanted traps with no way to disable.
An ENH (Enhancement) request is filed to correct this.
https://cdetsng.cisco.com/webui/#view=CSCtd34834CSCtd34834 MFP traps can not be disabled, filling logs on LWAPP/CAPWAP platforms
CSCtd34834 is an enhancement request and fix has not been implemented yet, so still valid on 7.5 code. You can request your TAC case to be marked on this bug and accounts team to push for bug resolution from BU if service impacting.
Similar Messages
-
SecurityMode.TransportWithMessageCredential Binding does not encrypt the message
When I send a message with SecurityMode.TransportWithMessageCredential Binding (over https), I can see the decrypted message in the service log file. Isn't the message supposed to be encrypted?
BobHi Bob12543,
In the TransportWithMessageCredential security mode, message security is used to authenticate the client and transport security is used to authenticate the server and provide message confidentiality and integrity, so the encryption
and signature are ensured at the transport layer. However the transport security mode secures the transfor not the message itself.
For more information, please try to refer to the following:
https://msdn.microsoft.com/en-us/library/ms735093.aspx .
A similar thread:
https://social.msdn.microsoft.com/Forums/vstudio/en-US/fb39d649-f28e-4803-83a7-6aa7c6ca3673/messages-not-encrypted-using-transportwithmessagecredential?forum=wcf
Best Regards,
Amy Peng
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
I am a new Firefox user. I have just installed Firefox 4 on my windows PC today, 5/27/11. I have two major questions:
1. Accidentally, I clicked some thing at random on the screen (I can't remember what it was) and this page, http://us.config.toolbar.yahoo.com/bh/v2/wp/?view=wc&intl=us&pc=yma3&dc=v2_upgd&cv=2.3., showed up under Yahoo! Toolbar. It informed me that the connection was not encrypted and that information sent over the Internet could be seen by other people. I am not sure what the warning is all about. Does it mean when I use Firefox as a browser to access the Yahoo! and other Internet sites, e.g., my bank, all my personal (username, password, etc.) and bank data will be seen by other unauthorized people? I have never seen a similar warning from other browsers, such as Internet Explorer and Safari? So, if Firefox does not offer protection of personal data, I wonder what's the point of using it. I could have misinterpreted the Firefox warning and would highly appreciated it if you can clarify.
2. During the installation process, a message showed that Firefox 4 was not compatible with certain features of some of the software already on my PC. I did not copy those features and do not remember what they were except one that was associated with my firewall ZoneAlarm. I could be wrong but I think the message also said Firefox had removed the incompatible features. Please tell me if I should be concerned about it, especially the one that was removed from ZoneAlarm. Will my PC become susceptible to hacker invasions when I use Firefox as the browser? I wish Firefox had given some written explanations along with the incompatibility and removal message so that a user can understand exactly what it is about.
I would appreciate to hearing from you at your earliest convenience. I have tentatively suspended using Firefox until I can be assured that it is safe to do so without potentially compromising my personal data.
Thank you.That is a generic warning message that you get if you submit a form via a normal HTTP connection (i.e not in via a secure HTTPS connection). That warning pop-up probably has a box to suppress this message in the future.
If you exchange data with your bank site then there should be a secure connection.
You can verify that by clicking the Site Identity Button (website's favicon) on the left end of the location bar.
* https://support.mozilla.com/kb/Site+Identity+Button
You need to check the ZoneAlarm website to see if they have an update of their software that is compatible with Firefox 4.0.1 -
IPSEC packets are not encrypted
Hello (and Happy Thanksgiving to those in the USA),
We recently swapped our ASA and re-applied the saved config to the new device. There is a site-to-site VPN that works and a remote client VPN that does not. We use some Cisco VPN clients and some Shrew Soft VPN clients.I've compared the config of the new ASA to that of the old ASA and I cannot find any differences (but the remote client VPN was working on the old ASA). The remote clients do connect and a tunnel is established but they are unable to pass traffic. Systems on the network where the ASA is located are able to access the internet.
Output of sho crypto isakmp sa (ignore peer #1, that is the working site-to-site VPN)
Active SA: 2
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA d
Total IKE SA: 2
1 IKE Peer: xx.168.155.98
Type : L2L Role : responder
Rekey : no State : MM_ACTIVE
2 IKE Peer: xx.211.206.48
Type : user Role : responder
Rekey : no State : AM_ACTIVE
Output of sho crypto ipsec sa (info regarding site-to-site VPN removed). Packets are decrypted but not encrypted.
Crypto map tag: SYSTEM_DEFAULT_CRYPTO_MAP, seq num: 65535, local addr: publi
c-ip
local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
remote ident (addr/mask/prot/port): (10.20.1.100/255.255.255.255/0/0)
current_peer: xx.211.206.48, username: me
dynamic allocated peer ip: 10.20.1.100
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 20, #pkts decrypt: 20, #pkts verify: 20
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: public-ip/4500, remote crypto endpt.: xx.211.206.48/4
500
path mtu 1500, ipsec overhead 82, media mtu 1500
current outbound spi: 7E0BF9B9
current inbound spi : 41B75CCD
inbound esp sas:
spi: 0x41B75CCD (1102535885)
transform: esp-aes esp-sha-hmac no compression
in use settings ={RA, Tunnel, NAT-T-Encaps, }
slot: 0, conn_id: 16384, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 28776
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
spi: 0xC06BF0DD (3228299485)
transform: esp-aes esp-sha-hmac no compression
in use settings ={RA, Tunnel, NAT-T-Encaps, Rekeyed}
slot: 0, conn_id: 16384, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 28774
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x000003FF 0xFFF80001
outbound esp sas:
spi: 0x7E0BF9B9 (2114714041)
transform: esp-aes esp-sha-hmac no compression
in use settings ={RA, Tunnel, NAT-T-Encaps, }
slot: 0, conn_id: 16384, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 28774
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
spi: 0xCBF945AC (3422111148)
transform: esp-aes esp-sha-hmac no compression
in use settings ={RA, Tunnel, NAT-T-Encaps, Rekeyed}
slot: 0, conn_id: 16384, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 28772
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
Config from ASA
: Saved
: Written by me at 19:56:37.957 pst Tue Nov 26 2013
ASA Version 8.2(4)
hostname mfw01
domain-name company.int
enable password xxx encrypted
passwd xxx encrypted
names
name xx.174.143.97 cox-gateway description cox-gateway
name 172.16.10.0 iscsi-network description iscsi-network
name 192.168.1.0 legacy-network description legacy-network
name 10.20.50.0 management-network description management-network
name 10.20.10.0 server-network description server-network
name 10.20.20.0 user-network description user-network
name 192.168.1.101 private-em-imap description private-em-imap
name 10.20.10.2 private-exchange description private-exchange
name 10.20.10.3 private-ftp description private-ftp
name 192.168.1.202 private-ip-phones description private-ip-phones
name 10.20.10.6 private-kaseya description private-kaseya
name 192.168.1.2 private-mitel-3300 description private-mitel-3300
name 10.20.10.1 private-pptp description private-pptp
name 10.20.10.7 private-sharepoint description private-sharepoint
name 10.20.10.4 private-tportal description private-tportal
name 10.20.10.8 private-xarios description private-xarios
name 192.168.1.215 private-xorcom description private-xorcom
name xx.174.143.99 public-exchange description public-exchange
name xx.174.143.100 public-ftp description public-ftp
name xx.174.143.101 public-tportal description public-tportal
name xx.174.143.102 public-sharepoint description public-sharepoint
name xx.174.143.103 public-ip-phones description public-ip-phones
name xx.174.143.104 public-mitel-3300 description public-mitel-3300
name xx.174.143.105 public-xorcom description public-xorcom
name xx.174.143.108 public-remote-support description public-remote-support
name xx.174.143.109 public-xarios description public-xarios
name xx.174.143.110 public-kaseya description public-kaseya
name xx.174.143.111 public-pptp description public-pptp
name 192.168.2.0 Irvine_LAN description Irvine_LAN
name xx.174.143.98 public-ip
name 10.20.10.14 private-RevProxy description private-RevProxy
name xx.174.143.107 public-RevProxy description Public-RevProxy
name 10.20.10.9 private-XenDesktop description private-XenDesktop
name xx.174.143.115 public-XenDesktop description public-XenDesktop
name 10.20.1.1 private-gateway description private-gateway
name 192.168.1.96 private-remote-support description private-remote-support
interface Ethernet0/0
nameif public
security-level 0
ip address public-ip 255.255.255.224
interface Ethernet0/1
speed 100
duplex full
nameif private
security-level 100
ip address private-gateway 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif management
security-level 100
ip address 192.168.0.1 255.255.255.0
management-only
ftp mode passive
clock timezone pst -8
clock summer-time PDT recurring
dns server-group DefaultDNS
domain-name mills.int
object-group service ftp
service-object tcp eq ftp
service-object tcp eq ftp-data
object-group service DM_INLINE_SERVICE_1
group-object ftp
service-object udp eq tftp
object-group service DM_INLINE_TCP_1 tcp
port-object eq 40
port-object eq ssh
object-group service web-server
service-object tcp eq www
service-object tcp eq https
object-group service DM_INLINE_SERVICE_2
service-object tcp eq smtp
group-object web-server
object-group service DM_INLINE_SERVICE_3
service-object tcp eq ssh
group-object web-server
object-group service kaseya
service-object tcp eq 4242
service-object tcp eq 5721
service-object tcp eq 8080
service-object udp eq 5721
object-group service DM_INLINE_SERVICE_4
group-object kaseya
group-object web-server
object-group service DM_INLINE_SERVICE_5
service-object gre
service-object tcp eq pptp
object-group service VPN
service-object gre
service-object esp
service-object ah
service-object tcp eq pptp
service-object udp eq 4500
service-object udp eq isakmp
object-group network MILLS_VPN_VLANS
network-object 10.20.1.0 255.255.255.0
network-object server-network 255.255.255.0
network-object user-network 255.255.255.0
network-object management-network 255.255.255.0
network-object legacy-network 255.255.255.0
object-group service InterTel5000
service-object tcp range 3998 3999
service-object tcp range 6800 6802
service-object udp eq 20001
service-object udp range 5004 5007
service-object udp range 50098 50508
service-object udp range 6604 7039
service-object udp eq bootpc
service-object udp eq tftp
service-object tcp eq 4000
service-object tcp eq 44000
service-object tcp eq www
service-object tcp eq https
service-object tcp eq 5566
service-object udp eq 5567
service-object udp range 6004 6603
service-object tcp eq 6880
object-group service DM_INLINE_SERVICE_6
service-object icmp
service-object tcp eq 2001
service-object tcp eq 2004
service-object tcp eq 2005
object-group service DM_INLINE_SERVICE_7
service-object icmp
group-object InterTel5000
object-group service DM_INLINE_SERVICE_8
service-object icmp
service-object tcp eq https
service-object tcp eq ssh
object-group service RevProxy tcp
description RevProxy
port-object eq 5500
object-group service XenDesktop tcp
description Xen
port-object eq 8080
port-object eq 2514
port-object eq 2598
port-object eq 27000
port-object eq 7279
port-object eq 8000
port-object eq citrix-ica
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_8 any host public-ip
access-list public_access_in extended permit object-group VPN any host public-ip
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_7 any host public-ip-phones
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_1 any host public-ftp
access-list public_access_in extended permit tcp any host public-xorcom object-group DM_INLINE_TCP_1
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_2 any host public-exchange
access-list public_access_in extended permit tcp any host public-RevProxy object-group RevProxy
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_3 any host public-remote-support
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_6 any host public-xarios
access-list public_access_in extended permit object-group web-server any host public-sharepoint
access-list public_access_in extended permit object-group web-server any host public-tportal
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_4 any host public-kaseya
access-list public_access_in extended permit object-group DM_INLINE_SERVICE_5 any host public-pptp
access-list public_access_in extended permit ip any host public-XenDesktop
access-list private_access_in extended permit icmp any any
access-list private_access_in extended permit ip any any
access-list VPN_Users_SplitTunnelAcl standard permit server-network 255.255.255.0
access-list VPN_Users_SplitTunnelAcl standard permit user-network 255.255.255.0
access-list VPN_Users_SplitTunnelAcl standard permit management-network 255.255.255.0
access-list VPN_Users_SplitTunnelAcl standard permit 10.20.1.0 255.255.255.0
access-list VPN_Users_SplitTunnelAcl standard permit legacy-network 255.255.255.0
access-list private_nat0_outbound extended permit ip object-group MILLS_VPN_VLANS Irvine_LAN 255.255.255.0
access-list private_nat0_outbound extended permit ip object-group MILLS_VPN_VLANS 10.20.1.96 255.255.255.240
access-list private_nat0_outbound extended permit ip object-group MILLS_VPN_VLANS 10.90.2.0 255.255.255.0
access-list public_1_cryptomap extended permit ip object-group MILLS_VPN_VLANS Irvine_LAN 255.255.255.0
access-list public_2_cryptomap extended permit ip object-group MILLS_VPN_VLANS 10.90.2.0 255.255.255.0
pager lines 24
logging enable
logging list Error-Events level warnings
logging monitor warnings
logging buffered warnings
logging trap warnings
logging asdm warnings
logging mail warnings
logging host private private-kaseya
logging permit-hostdown
logging class auth trap alerts
mtu public 1500
mtu private 1500
mtu management 1500
ip local pool VPN_Users 10.20.1.100-10.20.1.110 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (public) 101 interface
nat (private) 0 access-list private_nat0_outbound
nat (private) 101 0.0.0.0 0.0.0.0
nat (management) 101 0.0.0.0 0.0.0.0
static (private,public) public-ip-phones private-ip-phones netmask 255.255.255.255 dns
static (private,public) public-ftp private-ftp netmask 255.255.255.255 dns
static (private,public) public-xorcom private-xorcom netmask 255.255.255.255 dns
static (private,public) public-exchange private-exchange netmask 255.255.255.255 dns
static (private,public) public-RevProxy private-RevProxy netmask 255.255.255.255 dns
static (private,public) public-remote-support private-remote-support netmask 255.255.255.255 dns
static (private,public) public-xarios private-xarios netmask 255.255.255.255 dns
static (private,public) public-sharepoint private-sharepoint netmask 255.255.255.255 dns
static (private,public) public-tportal private-tportal netmask 255.255.255.255 dns
static (private,public) public-kaseya private-kaseya netmask 255.255.255.255 dns
static (private,public) public-pptp private-pptp netmask 255.255.255.255 dns
static (private,public) public-XenDesktop private-XenDesktop netmask 255.255.255.255 dns
access-group public_access_in in interface public
access-group private_access_in in interface private
route public 0.0.0.0 0.0.0.0 cox-gateway 1
route private server-network 255.255.255.0 10.20.1.254 1
route private user-network 255.255.255.0 10.20.1.254 1
route private management-network 255.255.255.0 10.20.1.254 1
route private iscsi-network 255.255.255.0 10.20.1.254 1
route private legacy-network 255.255.255.0 10.20.1.254 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
ldap attribute-map admin-control
map-name comment Privilege-Level
ldap attribute-map allow-dialin
map-name msNPAllowDialin IETF-Radius-Class
map-value msNPAllowDialin FALSE NOACCESS
map-value msNPAllowDialin TRUE IPSecUsers
ldap attribute-map mills-vpn_users
map-name msNPAllowDialin IETF-Radius-Class
map-value msNPAllowDialin FALSE NOACCESS
map-value msNPAllowDialin True IPSecUsers
ldap attribute-map network-admins
map-name memberOf IETF-Radius-Service-Type
map-value memberOf FALSE NOACCESS
map-value memberOf "Network Admins" 6
dynamic-access-policy-record DfltAccessPolicy
aaa-server Mills protocol nt
aaa-server Mills (private) host private-pptp
nt-auth-domain-controller ms01.mills.int
aaa-server Mills_NetAdmin protocol ldap
aaa-server Mills_NetAdmin (private) host private-pptp
server-port 389
ldap-base-dn ou=San Diego,dc=mills,dc=int
ldap-group-base-dn ou=San Diego,dc=mills,dc=int
ldap-scope subtree
ldap-naming-attribute cn
ldap-login-password *
ldap-login-dn cn=asa,ou=Service Accounts,ou=San Diego,dc=mills,dc=int
server-type microsoft
ldap-attribute-map mills-vpn_users
aaa-server NetworkAdmins protocol ldap
aaa-server NetworkAdmins (private) host private-pptp
ldap-base-dn ou=San Diego,dc=mills,dc=int
ldap-group-base-dn ou=San Diego,dc=mills,dc=int
ldap-scope subtree
ldap-naming-attribute cn
ldap-login-password *
ldap-login-dn cn=asa,ou=Service Accounts,ou=San Diego,dc=mills,dc=int
server-type microsoft
ldap-attribute-map network-admins
aaa-server ADVPNUsers protocol ldap
aaa-server ADVPNUsers (private) host private-pptp
ldap-base-dn ou=San Diego,dc=mills,dc=int
ldap-group-base-dn ou=San Diego,dc=mills,dc=int
ldap-scope subtree
ldap-naming-attribute cn
ldap-login-password *
ldap-login-dn cn=asa,ou=Service Accounts,ou=San Diego,dc=mills,dc=int
server-type microsoft
ldap-attribute-map mills-vpn_users
aaa authentication enable console ADVPNUsers LOCAL
aaa authentication http console ADVPNUsers LOCAL
aaa authentication serial console ADVPNUsers LOCAL
aaa authentication telnet console ADVPNUsers LOCAL
aaa authentication ssh console ADVPNUsers LOCAL
http server enable
http 0.0.0.0 0.0.0.0 management
http 0.0.0.0 0.0.0.0 public
http 0.0.0.0 0.0.0.0 private
snmp-server host private private-kaseya poll community ***** version 2c
snmp-server location Mills - San Diego
snmp-server contact Mills Assist
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp private
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map public_map 1 match address public_1_cryptomap
crypto map public_map 1 set pfs
crypto map public_map 1 set peer xx.168.155.98
crypto map public_map 1 set transform-set ESP-3DES-MD5 ESP-AES-128-SHA
crypto map public_map 1 set nat-t-disable
crypto map public_map 1 set phase1-mode aggressive
crypto map public_map 2 match address public_2_cryptomap
crypto map public_map 2 set pfs group5
crypto map public_map 2 set peer xx.181.134.141
crypto map public_map 2 set transform-set ESP-AES-128-SHA
crypto map public_map 2 set nat-t-disable
crypto map public_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map public_map interface public
crypto isakmp enable public
crypto isakmp policy 1
authentication pre-share
encryption aes
hash sha
group 5
lifetime 86400
crypto isakmp policy 10
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash md5
group 1
lifetime 28800
telnet 0.0.0.0 0.0.0.0 private
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 public
ssh 0.0.0.0 0.0.0.0 private
ssh 0.0.0.0 0.0.0.0 management
ssh timeout 5
console timeout 0
dhcpd address 192.168.0.2-192.168.0.254 management
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp authenticate
ntp server 216.129.110.22 source public
ntp server 173.244.211.10 source public
ntp server 24.124.0.251 source public prefer
webvpn
enable public
svc enable
group-policy NOACCESS internal
group-policy NOACCESS attributes
vpn-simultaneous-logins 0
vpn-tunnel-protocol svc
group-policy IPSecUsers internal
group-policy IPSecUsers attributes
wins-server value 10.20.10.1
dns-server value 10.20.10.1
vpn-tunnel-protocol IPSec
password-storage enable
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPN_Users_SplitTunnelAcl
default-domain value mills.int
address-pools value VPN_Users
group-policy Irvine internal
group-policy Irvine attributes
vpn-tunnel-protocol IPSec
username admin password Kra9/kXfLDwlSxis encrypted
tunnel-group VPN_Users type remote-access
tunnel-group VPN_Users general-attributes
address-pool VPN_Users
authentication-server-group Mills_NetAdmin
default-group-policy IPSecUsers
tunnel-group VPN_Users ipsec-attributes
pre-shared-key *
tunnel-group xx.189.99.114 type ipsec-l2l
tunnel-group xx.189.99.114 general-attributes
default-group-policy Irvine
tunnel-group xx.189.99.114 ipsec-attributes
pre-shared-key *
tunnel-group xx.205.23.76 type ipsec-l2l
tunnel-group xx.205.23.76 general-attributes
default-group-policy Irvine
tunnel-group xx.205.23.76 ipsec-attributes
pre-shared-key *
tunnel-group xx.168.155.98 type ipsec-l2l
tunnel-group xx.168.155.98 general-attributes
default-group-policy Irvine
tunnel-group xx.168.155.98 ipsec-attributes
pre-shared-key *
class-map global-class
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global-policy
class global-class
inspect dns
inspect esmtp
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect sip
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect xdmcp
service-policy global-policy global
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 3 mode exec command packet-tracer
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command asp
privilege show level 3 mode exec command cpu
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command ipv6
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command module
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:5d5c963680401d150bee94b3c7c85f7a
Maybe my eyes are glazing over from looking at this for too long. Does anything look wrong? Maybe I missed a command that would not show up in the config?
Thanks in advance to all who take a look.Marius,
I connected via my VPN client at home and pinged a remote server, attempted to RDP by name and then attempted to RDP by IP address. All were unsuccessful. Here is the packet capture:
72 packets captured
1: 09:44:06.304671 10.20.1.100.137 > 10.20.10.1.137: udp 68
2: 09:44:06.304885 10.20.1.100.54543 > 10.20.10.1.53: udp 34
3: 09:44:07.198384 10.20.1.100.51650 > 10.20.10.1.53: udp 32
4: 09:44:07.300353 10.20.1.100.54543 > 10.20.10.1.53: udp 34
5: 09:44:07.786504 10.20.1.100.137 > 10.20.10.1.137: udp 68
6: 09:44:07.786671 10.20.1.100.137 > 10.20.10.1.137: udp 68
7: 09:44:07.786855 10.20.1.100.137 > 10.20.10.1.137: udp 68
8: 09:44:08.198399 10.20.1.100.51650 > 10.20.10.1.53: udp 32
9: 09:44:09.282608 10.20.1.100.61328 > 10.20.10.1.53: udp 32
10: 09:44:09.286667 10.20.1.100.137 > 10.20.10.1.137: udp 68
11: 09:44:09.286926 10.20.1.100.137 > 10.20.10.1.137: udp 68
12: 09:44:09.287201 10.20.1.100.137 > 10.20.10.1.137: udp 68
13: 09:44:09.300491 10.20.1.100.54543 > 10.20.10.1.53: udp 34
14: 09:44:10.199193 10.20.1.100.51650 > 10.20.10.1.53: udp 32
15: 09:44:10.282150 10.20.1.100.61328 > 10.20.10.1.53: udp 32
16: 09:44:11.286865 10.20.1.100.137 > 10.20.10.1.137: udp 68
17: 09:44:12.302993 10.20.1.100.61328 > 10.20.10.1.53: udp 32
18: 09:44:12.785054 10.20.1.100.137 > 10.20.10.1.137: udp 68
19: 09:44:13.301101 10.20.1.100.54543 > 10.20.10.1.53: udp 34
20: 09:44:14.204029 10.20.1.100.51650 > 10.20.10.1.53: udp 32
21: 09:44:14.287323 10.20.1.100.137 > 10.20.10.1.137: udp 68
22: 09:44:14.375331 10.20.1.100 > 10.20.10.1: icmp: echo request
23: 09:44:16.581589 10.20.1.100.137 > 10.20.10.1.137: udp 50
24: 09:44:18.083842 10.20.1.100.137 > 10.20.10.1.137: udp 50
25: 09:44:18.199879 10.20.1.100.137 > 10.20.10.1.137: udp 50
26: 09:44:19.224063 10.20.1.100 > 10.20.10.1: icmp: echo request
27: 09:44:19.582367 10.20.1.100.137 > 10.20.10.1.137: udp 50
28: 09:44:19.704019 10.20.1.100.137 > 10.20.10.1.137: udp 50
29: 09:44:20.288193 10.20.1.100.137 > 10.20.10.1.137: udp 68
30: 09:44:21.200307 10.20.1.100.137 > 10.20.10.1.137: udp 50
31: 09:44:21.786321 10.20.1.100.137 > 10.20.10.1.137: udp 68
32: 09:44:23.289535 10.20.1.100.137 > 10.20.10.1.137: udp 68
33: 09:44:24.204777 10.20.1.100 > 10.20.10.1: icmp: echo request
34: 09:44:29.219440 10.20.1.100 > 10.20.10.1: icmp: echo request
35: 09:44:29.287460 10.20.1.100.137 > 10.20.10.1.137: udp 68
36: 09:44:30.787617 10.20.1.100.137 > 10.20.10.1.137: udp 68
37: 09:44:32.287887 10.20.1.100.137 > 10.20.10.1.137: udp 68
38: 09:45:00.533816 10.20.1.100.137 > 10.20.10.1.137: udp 50
39: 09:45:02.018019 10.20.1.100.137 > 10.20.10.1.137: udp 50
40: 09:45:03.160239 10.20.1.100.52764 > 10.20.10.1.53: udp 34
41: 09:45:03.350354 10.20.1.100.53948 > 10.20.10.1.53: udp 38
42: 09:45:03.521960 10.20.1.100.137 > 10.20.10.1.137: udp 50
43: 09:45:04.158408 10.20.1.100.52764 > 10.20.10.1.53: udp 34
44: 09:45:04.344342 10.20.1.100.53948 > 10.20.10.1.53: udp 38
45: 09:45:06.160681 10.20.1.100.52764 > 10.20.10.1.53: udp 34
46: 09:45:06.358593 10.20.1.100.53948 > 10.20.10.1.53: udp 38
47: 09:45:10.159125 10.20.1.100.52764 > 10.20.10.1.53: udp 34
48: 09:45:10.345227 10.20.1.100.53948 > 10.20.10.1.53: udp 38
49: 09:45:14.550478 10.20.1.100.59402 > 10.20.10.1.53: udp 32
50: 09:45:15.536166 10.20.1.100.59402 > 10.20.10.1.53: udp 32
51: 09:45:17.546144 10.20.1.100.59402 > 10.20.10.1.53: udp 32
52: 09:45:21.882812 10.20.1.100.137 > 10.20.10.1.137: udp 50
53: 09:45:23.379222 10.20.1.100.137 > 10.20.10.1.137: udp 50
54: 09:45:24.893386 10.20.1.100.137 > 10.20.10.1.137: udp 50
55: 09:45:41.550035 10.20.1.100.137 > 10.20.10.1.137: udp 50
56: 09:45:43.029875 10.20.1.100.137 > 10.20.10.1.137: udp 50
57: 09:45:44.541979 10.20.1.100.137 > 10.20.10.1.137: udp 50
58: 09:46:10.767782 10.20.1.100.137 > 10.20.10.1.137: udp 68
59: 09:46:12.261934 10.20.1.100.137 > 10.20.10.1.137: udp 68
60: 09:46:13.776250 10.20.1.100.137 > 10.20.10.1.137: udp 68
61: 09:46:19.848970 10.20.1.100.137 > 10.20.10.1.137: udp 68
62: 09:46:20.113183 10.20.1.100.49751 > 10.20.10.7.3389: S 3288428077:3288428077(0) win 8192
63: 09:46:21.331251 10.20.1.100.137 > 10.20.10.1.137: udp 68
64: 09:46:22.831423 10.20.1.100.137 > 10.20.10.1.137: udp 68
65: 09:46:23.101511 10.20.1.100.137 > 10.20.10.1.137: udp 50
66: 09:46:23.123254 10.20.1.100.49751 > 10.20.10.7.3389: S 3288428077:3288428077(0) win 8192
67: 09:46:24.591705 10.20.1.100.137 > 10.20.10.1.137: udp 50
68: 09:46:26.115976 10.20.1.100.137 > 10.20.10.1.137: udp 50
69: 09:46:28.834276 10.20.1.100.137 > 10.20.10.1.137: udp 68
70: 09:46:29.125817 10.20.1.100.49751 > 10.20.10.7.3389: S 3288428077:3288428077(0) win 8192
71: 09:46:30.342816 10.20.1.100.137 > 10.20.10.1.137: udp 68
72: 09:46:31.840746 10.20.1.100.137 > 10.20.10.1.137: udp 68
72 packets shown -
Hi Everyone,
I'm running a net-new ZCM 11.3 install and am having trouble with FDE.
I have a simple FDE policy, configured without PBE enabled, associated to a single Win7 workstation. Current Novell Client and ZENworks Adaptive Agent are installed and all current Windows Updates have been applied.
The drives will not encrypt though. When the policy is applied to the workstation it goes through all the motions and appears to be successful. FDE on the client though usually gets stuck at "Policy Being Applied" (even after the reboot forced by the policy) although will sometimes fall back to "No Policy Enforced" if I let it sit long enough.
I've tried this with multiple workstations (though all built from the same image... this image encrypts fine on our old 11.2.4 ZCM), multiple versions of the policy, and even completely different policies.
In each case, the following errors and warnings get logged on the client each time the policy is applied. I don't see any reference to these errors in the documentation...
Has anyone seen this?
Thanks,
Ian
Error:
Full Message:
Could not find a Handler associated with the following type: Full Disk Encryption Policy.
Additional Information:
None
Severity: Error
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.HandlerNotFound
Probable Cause URL: None
Log ID: 2bf5842476f04b842475dcc454a6ce25
Related Objects: None
Error:
Full Message:
Could not find a Handler associated with the following type: Full Disk Encryption Policy.
Additional Information:
None
Severity: Error
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.HandlerNotFound
Probable Cause URL: None
Log ID: 6cc2b17e5a1776386db7ac9580fa8b89
Related Objects: None
Warning:
Full Message:
The action Full Disk Encryption Policy (ID:Full Disk Encryption Policy) failed due to the reason : Could not find a Handler associated with the following type: Full Disk Encryption Policy., however the action is set to continue on failure.
Additional Information:
None
Severity: Warning
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.ActionContinueOnFailure
Probable Cause URL: None
Log ID: 0fed43d717b6ad0d50f0e85b516a8308
Related Objects: None
Warning:
Full Message:
The handler [NULL] was not found.
Additional Information:
None
Severity: Warning
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.ExeHandlerNotFound
Probable Cause URL: None
Log ID: 0eb0a5dc9637602f4367fa5c8fa7aabf
Related Objects: /Policies/Win7/Staff Encryption (No PBE)
Warning:
Full Message:
Could not find a Handler associated with the following type: Full Disk Encryption Policy.
Additional Information:
None
Severity: Warning
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.HandlerNotFound
Probable Cause URL: None
Log ID: a87d1a6e792b3fd8d298f891edf84083
Related Objects: /Policies/Win7/Staff Encryption (No PBE)
Warning:
Full Message:
The action Full Disk Encryption Policy (ID:Full Disk Encryption Policy) failed due to the reason : Could not find a Handler associated with the following type: Full Disk Encryption Policy., however the action is set to continue on failure.
Additional Information:
None
Severity: Warning
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.ActionContinueOnFailure
Probable Cause URL: None
Log ID: de434906afb9fdb4b33dc65ffb6aabdb
Related Objects: None
Warning:
Full Message:
Could not find a Handler associated with the following type: Full Disk Encryption Policy.
Additional Information:
None
Severity: Warning
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.HandlerNotFound
Probable Cause URL: None
Log ID: be711a0108c144bee714d6576872657d
Related Objects: None
Warning:
Full Message:
The handler [NULL] was not found.
Additional Information:
None
Severity: Warning
Date: April 8, 2014 10:22:47 AM
Acknowledged Date: None
Source: /Devices/Workstations/tor-ianp
Message ID: ActionMan.ExeHandlerNotFound
Probable Cause URL: None
Log ID: 4b8a73ef1677139ac9208ead88941767
Related Objects: NoneOriginally Posted by chalmerst
zzzzzzzzzzzzzzzzzzzz
On my virtual machines, it is enabling fine. On physical hardware, we am seeing the same issue. It starts when first applying policy with an event viewer message stating
Code:
Faulting application name: PBAInit.EXE, version: 9.7.3.1, time stamp: 0x53a1b6eb
Faulting module name: PBAInit.EXE, version: 9.7.3.1, time stamp: 0x53a1b6eb
Exception code: 0xc0000005
Fault offset: 0x00000000001ea01d
Faulting process id: 0x1b78
Faulting application start time: 0x01d08126d284cb5d
Faulting application path: C:\Windows\NAC\SBS\PBAInit.EXE
Faulting module path: C:\Windows\NAC\SBS\PBAInit.EXE
Report Id: 36feb7d3-ed1a-11e4-9dc7-8019348456dd
After this reboot, we are seeing the same "Could not find a Handler associated with the following type: Full Disk Encryption Policy" message. -
Help! (Please?)
That is the Site Identity Button
* https://support.mozilla.org/kb/Site+Identity+Button
That button only has useful information if there is a secure HTTPS connection like this forum uses.<br />
With a regular HTTP connection you will see the "The connection to this web site is not encrypted" message.
Do you have problems with visiting websites? -
OWSM gateway : Message not encrypted error
Hi,
I have a BPEL process which invokes a web service via partner link. Both BPEL and service are secured with OWSM gateway.In the policy defined for BPEL I'm doing Sign Message And Encrypt using XPath expression( which is working). In the policy for webservice I'm doing a Decrypt and Verify Signature . But its not invoking the service and throws a Client:GenericFault saying Message is not encrypted.
In fact the logs from BPEL after encryption shows encrypted data. But logs in service does not contain the same data.
Am I doing something wrong? Should I copy something ? I'm using the same keystore for both the policies. The version is 10.1.3.1
Please help me
Thanks
MeerAll of them are running with Win XP SP2 at work. NAT-Traversal: is Disabled. DMZ is enabled. Thanks
-
Hi,
I am taking an online class. I need to asses this URL address and I dont know why I am not able to connect now, it is telling me there is an error. That the connection is not encrypted? Not sure what that means. However have been able to connect to this link since
Monday 7/11 till now! The only thing I did this morning was clear my history and cookies. I am not sure if this had anything to do with this. Please help me correct this problem, for I need to be able to access this link for my class. ThanksYes. It works for me as well. So it looks that they corrected the problem.
I see a very large image of 3,564.59 KB (3,650,138 bytes) that is scaled down 2,048px × 3,072px (scaled to 65px × 75px).
That is usually not a good idea as that requires to download that image.<br />
Firefox is also not very good at scaling down images, but with such a large reduction that probably wouldn't matter. -
Connection Not Encrypted..
A reply to correct this would be very appreciated!!!
Thank you.
Have a great day !It is normal for pages accessed using the http:// protocol (rather than the secure sockets https:// protocol) to show the connection not being encrypted.
Generally speaking, when you have a problem with one particular site, a good "first thing to try" is clearing your Firefox cache and deleting your saved cookies for the site.
(1) Bypass Firefox's Cache
Use Ctrl+Shift+r to reload the page fresh from the server.
(You also can clear Firefox's cache completely using:
orange Firefox button ''or'' Tools menu > Options > Advanced
On the Network mini-tab > Cached Web Content : "Clear Now")
(2) Remove the problem site's cookies (save any pending work first) using either of these. While viewing a page on the site:
* right-click and choose View Page Info > Security > "View Cookies"
* Alt+t (open the classic Tools menu) > Page Info > Security > "View Cookies"
Then try reloading the page. Does that help? -
ERROR: Could not encrypt password for Connection
Hi
I am trying to create and run demo application for 'Dveloping RIA using ADF and JDeveloper 11g'.
When I try to run the application it throws the error- ERROR: Could not encrypt password for Connection 'MyDatabaseConnection'.
Anyone please guide me how to resolve this issue.
ThanksCan you try delete the Connection and re-create another one to see if it fixes the issue?
-Arun -
How to unblock youtube website? in page info states "connection not encrypted"
a few months ago i blocked youtube then i want to unblock it but i don't know how. i see in the page info that states
(website identity)
website: www.youtube.com
owner: this website does not supply ownership information.
verified by: not specified
(technical details)
Connection not encrypted
The website does not support encryption for the page you are viewing. Information sent over the Internet without encryption can be seen by other people while it is in transit.I blocked youtube with this application http://downloads.phpnuke.org/en/download-item-view-y-y-m-b-v-a/YOUTUBE%2BBLOCKER.htm. I reset firefox but it doesn't work. is there another way to unblock youtube?
-
The first message after Firefox fails to connect says "This website does not supply ownership information." Then is says "Connection Not Encrypted."
Yet my previous Firefox version connected readily to this same site.I appreciate this option, to go back to an earlier version, but I really want to use the latest FF, so the counsel from cor-rel, about dealing with cache and cookies, is the solution I pursued. And it worked!
But thanks for responding to me. It's great to know that such support is out there. -
IKEpacket from x.x.x.x was not encrypted and it should have been
New to the group and I do have a situation that I hope someone can help me with. I am trying to set up a lab for one of my courses and I am using XP with Cisco VPN Client 5.0.0.3, a Cisco 2621XM router and Cisco Secure ACS version 4.2 configured for RADIUS.
My problem is this, when I open the VPN client and click connect I get the following message back.
*Mar 1 01:21:49.935: %CRYPTO-6-IKMP_NOT_ENCRYPTED: IKE packet from 11.11.11.14 was not encrypted and it should've been. The packet is not getting past the router so I cannot even see if the ACS is working.
I have searched high and low and have not been able to find an answer to the problem. Can someone here give me a hand?I used the configuration from an example from the Cisco website. I will post it here. I also followed the setup outlined in the example for the ACS but it doesn't seem to get that far. Thanks for the help.
!--- Enable AAA for user authentication and group authorization.
aaa new-model
!--- In order to enable extended authentication (Xauth) for user authentication,
!--- enable the aaa authentication commands.
!--- "Group radius" specifies RADIUS user authentication.
aaa authentication login userauthen group radius
!--- In order to enable group authorization,
!--- enable the aaa authorization commands.
aaa authorization network groupauthor group radius
ip subnet-zero
ip audit po max-events 100
!--- Create an Internet Security Association and
!--- Key Management Protocol (ISAKMP) policy for Phase 1 negotiations.
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
!--- Create the Phase 2 policy for actual data encryption.
crypto ipsec transform-set myset esp-3des esp-sha-hmac
!--- Create a dynamic map and
!--- apply the transform set that was created.
crypto dynamic-map dynmap 10
set transform-set myset
!--- Create the actual crypto map,
!--- and apply the AAA lists that were created earlier.
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
fax interface-type fax-mail
mta receive maximum-recipients 0
!--- Apply the crypto map on the outside interface.
interface Ethernet0/0
ip address 10.1.1.1 255.255.255.0
half-duplex
crypto map clientmap
interface Serial0/0
no ip address
shutdown
interface Ethernet0/1
ip address 172.18.124.159 255.255.255.0
no keepalive
half-duplex
!--- Create a pool of addresses to be assigned
to the VPN Clients.
ip local pool ippool 10.16.20.1 10.16.20.200
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.2
ip http server
ip pim bidir-enable
!--- Specify the IP address of the RADIUS server,
!--- along with the RADIUS shared secret key.
radius-server host 172.18.124.96 auth-port 1645 acct-port 1646 key cisco123
radius-server retransmit 3
call rsvp-sync -
Weblogic 10.3 deployException: Could not encrypt password for connection
Well, I guess this is my first time posting in a forum.
My problem is that, when trying to run my servlet, using a jdbc:odbc connection
to an Access-database, I get the following error in the server log:
Running dependency analysis...
2009-03-27 16:59:40.106: Writing WAR file to C:\Program Files\JDeveloper\jdeveloper\system\system11.1.1.0.31.51.56\o.j2ee\drs\TableViewApplication\TableViewApplication-tableviewproj-webapp
2009-03-27 16:59:40.12: Wrote WAR file to C:\Program Files\JDeveloper\jdeveloper\system\system11.1.1.0.31.51.56\o.j2ee\drs\TableViewApplication\TableViewApplication-tableviewproj-webapp
ERROR: Could not encrypt password for Connection TBLViewConnect.
The connection I'm using works fine when testing it with the JDeveloper's SQL editor.
It's properties are:
Connection Name: TBLViewConnect
Connection Type: JDBC-ODBC Bridge
as well as username, password and a local datasource
I'm running JDeveloper 11.1.1 on Vista 32bit
Besides, it's my first time using a database-connection with a servlet
thanks for your helpguess I could have found that earlier ;)
I just had to uncheck the "save password" option in the connection menu and write it in the getConnection() method instead. -
Message warns that website is not encrypted and not safe. Why would this happen and what is the danger?
Is that message in a pop-up?
Can you attach a screenshot?
*http://en.wikipedia.org/wiki/Screenshot
*https://support.mozilla.org/kb/how-do-i-create-screenshot-my-problem
Use a compressed image type like PNG or JPG to save the screenshot.
Maybe you are looking for
-
How to use Windows formatted iPod nano to move music to a new Mac?
Hi all, I need to transfer my iPhone's musics, songs, apps and photo, etc to the Mac and I came across this http://support.apple.com/kb/HT1329" guide at Apple Support site since I owned a iPod nano. My questions is since my iPod nano is configured fo
-
Itunes doesn't see my ipod shuffle and I want to reset it to factory default
I have a 1st gen ipod shuffle, iTunes does not see it but my computer does, I am running windows 7 and I just want to restore the shuffle to factory default
-
Can you assign Time Machine to back up ONLY the starup drive?
MacPro Desktops. OS 10.5.7 and 10.5.8. I want Time Machine only to back up the startup drive. We do have other internal hard drives and also an external RAID on these machines that all contain audio/video data only, and we back these up separately to
-
IDVD won't play the audio right for the movie
Hi. I'm having a problem with iDVD 6. I made a movie I want to burn on DVD. The sound is fine on iMovie, but when I previewed it on iDVD 6 it was messed up. Does anyone know what to do? iMac G4 Mac OS X (10.4.5)
-
"Missing" rendered files when quicktime exporting
Hello, when finished a project, everything rendered, everything looking fine, I go to File > Export > Using Quicktime Conversion... (to go to idvd and mount de dvd). But then, he tells me a file (a render file) cannot be fount and, thus, cannot expor