Cisco ISE 1.2.x with Posture Configuration - Windows Patches
Hi, Anybody has any experience in integrating Cisco ISE Posture with Microsoft SCCM?
With WSUS this works fine, but with SCCM I don't have any idea how to proceed. Anybody knows what it's included in the predefined rules
pr_WSUSRule and pr_WSUSCheck? I can't find any information in ISE Console or Cisco documentation.
Thanks.
Once agent performs the posture checks containing the windows hotfix checks, if the administrator configured the Launch Program Posture Remediation , agent will launch the script file which will initiate the windows hotfix updates via SCCM client configuration manager pre-installed/pre-configured on the box.
Similar Messages
-
Hello,
I am running Application using XP mode and Virtual PC on Windows 7. I have 8 GB RAM and more than 300 GB free disk space. When I launch application in XP, I receive following error
Required configuration:
- Windows must be configured in mode 800x600 minimum
- Windows must be configured in mode 'true colors'.
My screen resolution is 1024
× 768
and I do not see any other options to resolve this problem.
Any guidance is greatly appreciated.
GaneshThis is a thread that discusses your problem.
https://social.technet.microsoft.com/Forums/windows/en-US/12a17fa5-ddab-4480-8973-1a13bfb2e8fd/need-more-than-16bit-color-depth-on-windows-xp-mode?forum=w7itprovirt
Your app is probably calling for 32-bit color, and XP Mode with
integration features doesn't support that. There's 3 ways around it.
one, is to enable remote desktop in XP Mode and connect to the VM with
remote desktop.
2nd is to turn off the integration features and then you can set the XP
Mode desktop to 1024x7687 and 32-bit color
and 3rd, if you app supports 24-bit color, there's a registry hack to do
it. It's in the thread I posted above.
Bob Comer -
ISE reauthenticaiton in wireless with posture
Hi,
There is an issue which the wireless reauthentication in our environment. The posture feature has been used and everyone install the Cisco NAC agent. I found that if someone disconnect the wireless SSID, then reconnect the wireless SSID by authenticate the identity & compliant, can't be transfered to the correct the right SSID again. Can anyone help resolve this problem?Please follow this link to configure your settings
https://techzone.cisco.com/t5/Identity-Services-Engine-ISE/Configuring-posture-services-with-the-Cisco-Identity-Services/ta-p/221702
also check this for trouble shoot
https://techzone.cisco.com/t5/Identity-Services-Engine-ISE/ISE-Posture-Agent-Profile-Parameter-Details-NACAgentCFG-xml/ta-p/239024 -
Hi,
I want to access Cisco PI 2.1 GUI using my AD credentials, so on PI I've enabled RADIUS AAA Mode and added RADIUS servers (two ISE nodes in our case). On ISE I added PI as RADIUS client and configured the same keys. Next, on ISE I created authorization profile PRIME_ADMIN_ACCESS with only attribute settings defined:
My authentication and authorization rules relating that case are as on following screenshots:
So when I open GUI of PI and enter my AD credentials to log in I have no success and I receive following message:
Looking in ISE's Authentication section I can see following:
Time difference between these two authentication/authorizations is just 25 msecs and clicking on each of them reveals following:
So at first I can authenticate and authorize (authorization profile has necessary attributes defined for PI management access (NCS:role0=Root, NCS:virtual-domain0=ROOT-DOMAIN)) and after 25 msecs I am getting failure. So what could be cause of such things and how I can successfully log in to PI GUI authenticating via ISE using AD credentials?Hi,
-- Please Go to Administration > Logging > set the Message level to TRACE > Click save
-- Then try to add the ISE.
-- Once it fails, collect the logs from Administration > Logging >
check the "ncs-0-0.log" & search the file for "ERROR" & paste the results here. This will give us exact reason.
- Ashok
Please rate the post or mark as correct answer as it will help others looking for similar information -
Cisco ISE 1.2 - Problem with Device Onboarding of internal users using AD Credentials
Dear experts,
We have implemented ISE 1.2 with WLC 7.5 in our organization. We are using Device Onboarding by letting the users enter their AD Username and Passowrd on Guest portal which then redirects them to device registration portal where they simply register their device and they get internet access.
The problem is that some users are unable to authenticate using this portal while some can successfully authenticate and register their devices. All users are of the same group in AD. Also, we have enabled this check on two places. One is when users connects to the SSID where the security WPA2-Enterprise uses 802.1x and asks for AD username password. The other is on the portal.
All users are able to connect to the SSID using their AD credentials. However, 30% of the users are not being authenticated when they are redirected to the Guest portal for device registration. Also, it gives no error or event on either ISE or on the mobille device. When the users enters their credentials, the same guest portal page comes back blank with no errors or logs anywhere.
Can someone guide me if there is some configuration mistake that I may have done or have someone faced this same issue and were/weren't able to resolve it.
Thanks in advance.
JayOur problem got solved. It was related to a few user accounts in AD. Usually any authentication on AD User Account is carried out using the User ID. However, during Web Authentication, Login ID/Name is also checked by ISE and should be same as User ID.
The problem you are facing might also related be to AD since we had the similar issue. try to check this on a laptop as the mobile portal gives no error if the user is unknown or invalid. Also, you can enable logs for web authentication which are off by default. It will give you a pretty good idea where the problem lies. And yeah, do not keep the web authentications log on for long, it can hang your ISE.
Anyways, thanks for all the support. -
Cisco ISE or NAC Guest with web security (IronPort) integration
All,
We have a scenario where guests will be authenticated against the ISE or NAC Guest server, and customer will place an IronPort to provide web security, however, we can not find referentes whether IronPort can or cannot integrate with Guest Server, so that guests are not requested to be authenticated twice, one by the Guest Server, a one by the proxy. The idea is to keep it transparent for the guests with a single authentication.
Has anyone there implemented such scenario?
Thank you!I see. So, lets say we disable proxy authentication for the guest segment, can I still provide content filter for the segment, even though there is no proxy authentication? I assume customer will lose the reportinga and tracking granularity, but the scenario will work withou proxy authentication. This may be some sort of "man in the middle" only, but with content filter. Does it make sense?
Thank you! -
Deploying application: problem with deploying configuration window
Hi all,
I am using Jdev 11.1.1.0 and I am trying to deploy an application with customization classes.
I have followed the step of the manual (35.2 creating an Application Server Connection), then I have created the deployment profile (inserting my customization class in a jar file) and the deployment descriptor.
When I try to deploy my application, appears a popup with a window that has the title "Deployment Configuration" with only the "MDS" tab with two List Of Values that I can not compile/fill
I have this error:
MAR archive 'metadata1.mar' did not have any metadata content, not added to EAR (even if in application properties --> Deployment --> myEarFile --> application assembly --> I have checked the file MAR; if I check the file MAR I can compile an input text with the label PATH in EAR and I don't know what put in it).
Wrote Enterprise Application Module to C:\Users\acosta\Documents\Applicazioni java\DeployProva3\deploy\application1.ear
No metadata repositories found on target server. Using values found in adf-config.xml.
What is the problem?
Thanks
Edited by: user10799119 on 5-ago-2009 0.42
Edited by: user10799119 on 5-ago-2009 0.51Edwin Biemond has a couple of very useful blogs about MDS and Deployment here .
Timo -
Anybody having trouble with QT with the last Windows patch?
All QT is not working and won't even launch on vista.
I hope Apple contacts Microsoft and get this straightened out.I just put QT on a vista machine that had not had it before. Worked OK at first then when launched again shut down with a Data Execution Prevention error. Tried turning off DEP for QT but vista would not let me do it. Will run if started by "Run as Administrator". However if you set Run as Administrator" under Compatibility then it wont run - says it must have windows 2000 or later
-
Cisco ip phones authenticate 802.1x with cisco ise
Dears,
I want to configure ip phones authenticate from Cisco ISE with 802.1X with certificates. But i can not find any configuration guide about this solutions.
I find one config and this is about ACS. Please provide me any documentation guide on cisco ise.
Thanks.802.1x configuration for IP Phones
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/TrustSec_1-99/IP_Tele/IP_Telephony_DIG.html#69217 -
Cisco ISE with AD Problem: "Could not read groups data: Global catalog not found"
Hi all,
When I make the ActiveDirectory integration with Cisco ISE, I have complete with this integration. but when I try to read the Groups from Active Directory, ISE shows the message "Could not read groups data: Global catalog not found".
My Domain has multiple sites and subnets, each contains GC for local logon. I have set ISE to the correct site and subnet. Forward and Reverse DNS are working with no error.
Does anyone get this problem, please help.
I have check into the ISE CLI Reference Guide 1.1.x
You are about to configure Active Directory settings.
Are you sure you want to proceed? y/n [n]: y
Parameter Name: dns.servers
Parameter Value: 10.77.122.135
Active Directory internal setting modification should only be performed if approved by ISE
support. Please confirm this change has been approved y/n [n]: y
What shoud I set in the Parameter Name ? dns.servers or my dns hostname ?
Please suggest for this too.
Thanks and Regards,
Pongsatorn M.Hi Pongsatorn,
Thanks for the reply!
I've attached the results of the ISE detailed AD test. As you can see, there is a fair number of domain controllers in the AD forest.
It seems everything works correctly until it gets to testing the AD connectivity on port 3268. Then I get this:
Testing Active Directory connectivity:
Global Catalog: pdascdc02.xyz.com
gc: 3268/tcp - refused
Testing Active Directory connectivity:
Global Catalog: pdascdc02.xyz.com
gc: 3268/tcp - refused
For some reason, the request to the controllers on port 3268 is being refused.
Any thoughts you might have are greatly appreciated.
Cheers,
Greg -
Cisco ISE - General Info. & capabilities
Hello All,
I've read quiet a bit of ISE features, but would like to know the following:
1. Can ISE provide/track details of user activity, like which servers/websites he accessed over a period of time?
2. Can it provide details of how much data was transferred from a particular server to a specific client?
3. For a 1500 user env. (1000 desktops and 500 wireless devices) which model of ISE would be appropriate?
4. How would having ISE be different from already deployed authentication services like Active Directory or built-in application authentication for solutions like Oracle ERP systems?
5. I see ISE as being marketed primarily for wireles devices (BYOD), but how would it help for wired devices (or does it become and unecessary authentication level apart from AD, switch based 802.1x, etc)
Thank you.
Regards,
AdnanCisco ISE is a consolidated policy-based access control system that incorporates a superset of features available in existing Cisco policy platforms. Cisco ISE performs the following functions:
•Combines authentication, authorization, accounting (AAA), posture, and profiler into one appliance
•Provides for comprehensive guest access management for the Cisco ISE administrator, sanctioned sponsor administrators, or both
•Enforces endpoint compliance by providing comprehensive client provisioning measures and assessing device posture for all endpoints that access the network, including 802.1X environments
•Provides support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network
•Enables consistent policy in centralized and distributed deployments that allows services to be delivered where they are needed
•Employs advanced enforcement capabilities including security group access (SGA) through the use of security group tags (SGTs) and security group access control lists (SGACLs)
•Supports scalability to support a number of deployment scenarios from small office to large enterprise environments
The following key functions of Cisco ISE enable you to manage your entire access network.
Provide Identity-Based Network Access
The Cisco ISE solution provides context-aware identity management in the following areas:
•Cisco ISE determines whether users are accessing the network on an authorized, policy-compliant device.
•Cisco ISE establishes user identity, location, and access history, which can be used for compliance and reporting.
•Cisco ISE assigns services based on the assigned user role, group, and associated policy (job role, location, device type, and so on).
•Cisco ISE grants authenticated users with access to specific segments of the network, or specific applications and services, or both, based on authentication results.
ISE 3315 can support 1500 users with appropriate license. -
Hi all,
Would like to find out on patching process on inline posture node.
My topology is one ISE appliance node type is Admin/Policy Service Node; while another unit is inline posture node.
Both appliance have the identical software versiona and patch, namely 1.1.3.124, patch 2
I would like to update it to patch version 4.
My question:
01. If i apply the patch on the Admin/Polic Service Node using GUI patch maangement, will this also apply the patch to Inline Posture node?
02. Or should i use console into Inline Posture node and using CLI way to update the patch? Anything i should mention in this process, example: stop application etc?
Please advice, million thanks
NoelResolved Issues in Cisco ISE Version 1.1.0.665—Cumulative Patch 4
Lists the issues that are resolved in Cisco Identity Services Engine Maintenance Release 1.1.0.665 cumulative patch 4.
You must deploy this patch on Cisco Identity Services Engine Maintenance Release 1.1.0.665 (with or without patch 1, 2, and 3 applied), otherwise the patch install will fail and Cisco ISE will return an error message stating, "This patch is intended to be installed on ISE 1.1.0.665."
To obtain the patch file necessary to apply the patch to Cisco ISE Release 1.1, log into the Cisco Download Software site at http://www.cisco.com/cisco/software/navigator.html?a=a&i=rpm (you might be required to provide your Cisco.com login credentials), navigate to Security > Access Control and Policy > Cisco Identity Services Engine > Cisco Identity Services Engine Software, and save a copy of the patch file to your local machine. Then refer to the "Installing a Software Patch" section of the "Administering Cisco ISE" chapter of the Cisco Identity Services Engine User Guide, Release 1.1. for instructions on how to apply the patch to your system.
If you experience problems installing the patch, please contact Cisco Technical Assistance Center.
Cisco ISE Patch Version 1.1.0.665—Patch 4 Resolved Caveats
Caveat
Description
CSCui22841
Apache Struts2 command execution vulnerability
Cisco ISE includes a version of Apache Struts that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2013-2251. This fix addresses the potential impact on this product.
Managing Software Patches
You can install patches on ISE servers in your deployment from the primary administration node. ISE patches are usually cumulative; however, any restrictions on the patch installation will be described in the README file that will be included with the patch. Cisco ISE allows you to perform patch installation and rollback from either the command-line interface (CLI) or GUI.
Standalone Deployment
When you install or roll back a patch from a standalone or primary administration node, ISE restarts the
Application. You might have to wait for a few minutes before you can log back in.
Distributed Deployment
When you install or roll back a patch from the primary administration node that is part of a distributed deployment, Cisco ISE installs the patch on the primary and all the secondary nodes in the deployment. If the patch installation is successful on the primary node, Cisco ISE then proceeds to the secondary nodes. If it fails on the primary node, the installation is aborted. However, if the installation fails on any of the secondary nodes for any reason, it still continues with the next secondary node in your deployment.
Installing a Software Patch.
Please check the below link for step by step installation.
http://www.cisco.com/en/US/docs/security/ise/1.1/user_guide/ise_admin.pdf -
Cisco ISE authentication failed because client reject certificate
Hi Experts,
I am a newbie in ISE and having problem in my first step in authentication. Please help.
I am trying to deploy a standalone Cisco ISE 1.1.2 with WLC using 802.1x authentication. The user authentication configured to be checked to ISE's internal user database for early deployment. But when the user try to authenticate, they failed with error message in ISE :
Authentication failed : 12321 PEAP failed SSL/TLS handshake because the client rejected the ISE local-certificate
I've generate a certificate for ISE using Windows Server CA and replace ISE's self-signed certificate with the new certificate but authentication still failed with the same error message. Must I generate a certificate for WLC also? Please help me in solving this problem.
Regards,
RatnaCertificate-Based User Authentication via Supplicant Failing
Symptoms or
Issue
User authentication is failing on the client machine, and the user is receiving a
“RADIUS Access-Reject” form of message.
Conditions (This issue occurs with authentication protocols that require certificate validation.)
Possible Authentications report failure reasons:
• “Authentication failed: 11514 Unexpectedly received empty TLS message;
treating as a rejection by the client”
• “Authentication failed: 12153 EAP-FAST failed SSL/TLS handshake because
the client rejected the Cisco ISE local-certificate”
Click the magnifying glass icon from Authentications to display the following output
in the Authentication Report:
• 12305 Prepared EAP-Request with another PEAP challenge
• 11006 Returned RADIUS Access-Challenge
• 11001 Received RADIUS Access-Request
• 11018 RADIUS is reusing an existing session
• 12304 Extracted EAP-Response containing PEAP challenge-response
• 11514 Unexpectedly received empty TLS message; treating as a rejection by the
client
• 12512 Treat the unexpected TLS acknowledge message as a rejection from the
client
• 11504 Prepared EAP-Failure
• 11003 Returned RADIUS Access-Reject
• 11006 Returned RADIUS Access-Challenge
• 11001 Received RADIUS Access-Request
• 11018 RADIUS is re-using an existing session
• 12104 Extracted EAP-Response containing EAP-FAST challenge-response
• 12815 Extracted TLS Alert message
• 12153 EAP-FAST failed SSL/TLS handshake because the client rejected the
Cisco ISE local-certificate
• 11504 Prepared EAP-Failure
• 11003 Returned RADIUS Access-Reject
Note This is an indication that the client does not have or does not trust the Cisco
ISE certificates.
Possible Causes The supplicant or client machine is not accepting the certificate from Cisco ISE.
The client machine is configured to validate the server certificate, but is not
configured to trust the Cisco ISE certificate.
Resolution The client machine must accept the Cisco ISE certificate to enable authentication. -
CIsco ISE - HP Openview monitoring.
Hi guys,
I have a doubt about monitoring Cisco ISE services in the network.
We can send some alarms notifications to a multiple e-mails, but my doubt is if I can monitoring ISE services with a network monitoring software like HP Open View.
I didn't find any documentation about it yet.
Someone knows if I can do this?Hi Tarik, How are you?
The doubt is.... my customer have ise in vmware and he need monitoring availability for cisco ISE. The question is: How can I do that? I did found any document informing if I can send snmp traps or something like that to a Monitoring Server.
About "link down" and "link Up" he can monitoring the ESX Vmware appliance right?
There are something that I can do with Cisco ISE. I need to pass a answer to my client if the Cisco ISE can support this kind of configuration.
Thanks for your help. -
Do I need Cisco ISE VM Part # L-ISE-VM-K9= for ESXi installation
Hi there,
Do I need the L-ISE-VM-K9 license to install Cisco ISE on an ESXi ?
Actually, Cisco ISE can be downloaded with an Eval License for 90 days.
I know, ISE license (e.g. Base License) is needed.
Thanks a lot.
Greetings,
NorbertJust in case you you would like to see the specification of each licence.
License Type
Features Supported
Deployment Type Supported
License Prerequisite
License Term(s)
Base License
AAA
Guest Provisioning
Link Encryption Policies
Wired
Wireless
VPN
Perpetual
Advanced License
Device Onboarding/Provisioning
Device Profiling and Feed Service*
Host Posture
Security Group Access
Integrated Vendor MDM Support*
Wired
Wireless
VPN
Base License
3- and 5-Year Terms
Wireless License
Device Onboarding/Provisioning
AAA
Guest Provisioning
Link Encryption Policies
Device Profiling and Feed Service*
Host Posture
Security Group Access
Integrated Vendor MDM Support*
Wireless
3- and 5-Year Terms
Wireless Upgrade License
Device Onboarding/Provisioning
Authentication/Authorization
Guest Provisioning
Link Encryption Policies
Device Profiling
Host Posture
Security Group Access
Wired
Wireless
VPN
Wireless License
3- and 5-Year Terms
Cisco ISE Functionality-Based License Options
License Tiers (T)
Number of Endpoints Supported
Base License
Advanced 3-Year License
Advanced 5-Year License
Wireless 3-Year License
Wireless 5-Year License
Wireless Upgrade 3-Year License
Wireless Upgrade 5-Year License
100
100 Endpoints
L-ISE-BSE-100=
L-ISE-ADV3Y-100=
L-ISE-ADV5Y-100=
L-ISE-AD3Y-W-100=
L-ISE-AD5Y-W-100=
L-ISE-W-3UPG-100=
L-ISE-W-UPG-100=
250
250 Endpoints
L-ISE-BSE-250-
L-ISE-ADV3Y-250=
L-ISE-ADV5Y-250=
L-ISE-AD3Y-W-250=
L-ISE-AD5Y-W-250=
L-ISE-W-3UPG-250=
L-ISE-W-UPG-250=
500
500 Endpoints
L-ISE-BSE-500=
L-ISE-ADV3Y-500=
L-ISE-ADV5Y-500=
L-ISE-AD3Y-W-500=
L-ISE-AD5Y-W-500=
L-ISE-W-3UPG-500=
L-ISE-W-UPG-500=
1000
1000 Endpoints
L-ISE-BSE-1K=
L-ISE-ADV3Y-1K=
L-ISE-ADV5Y-1K=
L-ISE-AD3Y-W-1K=
L-ISE-AD5Y-W-1K=
L-ISE-W-3UPG-1K=
L-ISE-W-UPG-1K=
1500
1500 Endpoints
L-ISE-BSE-1500=
L-ISE-ADV3Y-1500=
L-ISE-ADV5Y-1500=
L-ISE-AD3Y-W-1500=
L-ISE-AD5Y-W-1500=
L-ISE-W-3UPG-1500=
L-ISE-W-UPG-1500=
2500
2500 Endpoints
L-ISE-BSE-2500=
L-ISE-ADV3Y-2500=
L-ISE-ADV5Y-2500=
L-ISE-AD3Y-W-2500=
L-ISE-AD5Y-W-2500=
L-ISE-W-3UPG-2500=
L-ISE-W-UPG-2500=
3500
3500 Endpoints
L-ISE-BSE-3500=
L-ISE-ADV3Y-3500=
L-ISE-ADV5Y-3500=
L-ISE-AD3Y-W-3500=
L-ISE-AD5Y-W-3500=
L-ISE-W-3UPG-3500=
L-ISE-W-UPG-3500=
5000
5000 Endpoints
L-ISE-BSE-5K=
L-ISE-ADV3Y-5K=
L-ISE-ADV5Y-5K=
L-ISE-AD3Y-W-5K=
L-ISE-AD5Y-W-5K=
L-ISE-W-3UPG-5K=
L-ISE-W-UPG-5K=
10,000
10K Endpoints
L-ISE-BSE-10K=
L-ISE-ADV3Y-10K=
L-ISE-ADV5Y-10K=
L-ISE-AD3Y-W-10K=
L-ISE-AD5Y-W-10K=
L-ISE-W-3UPG-10K=
L-ISE-W-UPG-10K=
25,000
25K Endpoints
L-ISE-BSE-25K=
L-ISE-ADV3Y-25K=
L-ISE-ADV5Y-25K=
L-ISE-AD3Y-W-25K=
L-ISE-AD5Y-W-25K=
L-ISE-W-3UPG-25K=
L-ISE-W-UPG-25K=
50,000
50K Endpoints
L-ISE-BSE-50K=
L-ISE-ADV3Y-50K=
L-ISE-ADV5Y-50K=
L-ISE-AD3Y-W-50K=
L-ISE-AD5Y-W-50K=
L-ISE-W-3UPG-50K=
L-ISE-W-UPG-50K=
100,000
100K Endpoints
L-ISE-BSE-100K=
L-ISE-ADV3Y-100K=
L-ISE-ADV5Y-100K=
L-ISE-AD3Y-W-100K=
L-ISE-AD5Y-W-100K=
L-ISE-W-3UPG-100K=
L-ISE-W-UPG-100K=
Cisco ISE Functionality-Based License Options
License Type
License SKU
Base License
L-ISE-BSE-[T]=
Advanced 3-Year License
L-ISE-ADV3Y-[T]=
Advanced 5-Year License
L-ISE-ADV5Y-[T]=
3-Year Wireless License
L-ISE-AD3Y-W-[T]=
5-Year Wireless License
L-ISE-AD5Y-W-[T]=
3-Year Wireless Upgrade License
L-ISE-W-3UPG-[T]=
5-Year Wireless Upgrade License
L-ISE-W-UPG-[T]=
Replace [T] with the appropriate license tier from Table 5 and 6.
Jatin Katyal
- Do rate helpful posts -
Maybe you are looking for
-
How do I turn on closed caption on my apple tv for netflix
How do I turn on closed caption on my apple tv for netflx? I was able before I updated 2 days ago all I had to do was press the silver button in the middle of the circle with the arrows and it will bring me to audio/closed caption menu now I get noti
-
Article Deletion in SAP Retail
What is the process for deleting an article and then archiving the article in SAP Retail ECC6.0? So far what I have is to: 1. Go to MM46 and find layouts for article 2. Go to WLWBN and Delete Assignments 3. Go to Assortment in WSP6 and delist fro
-
IMac G4 will not start up from OS disk to upgrade
I am trying to upgrade the OS in a G4 iMac, the OS disk is recognized, am asked to restart, but it will not restart from the OS 10.5 disk.
-
Accented characters do not display correctly if there is a variable beside it
Hello, We are experiencing a problem when we have text with accented characters an a variable beside it within the same text box. The problem is that the accented characters in the text do not display correctly in the preview or publised course to Fl
-
How well does it stream?
I'm debating between buying the 40GB Apple TV and the 160GB. Answer honestly, it the extra 80GB really worth the extra hundred bucks? Has anyone had any problems or annoyances with streaming data? Another question, does it require iTunes be running t