Cisco ISE Block URL Access
Hello, Everyone
Is there a way to deny access to an URL in Cisco Identity Services Management. I want to deny all users http accesses to the default Portal
"https://<ip_of_ise>:8433/guestportal/Login.action".
This URL is redirecting the users to the DefaultGuestPortal.
Thank you For help.
For this question according to my understanding to do this task usually we use Authorization policy to restrict access by using downloadable ACL (or even by VLAN) , We have “Webtype” ACL(ostname(config)# access-list acl_company webtype deny url http://*.company.com) but these type of ACL are not supported on Switch I guess , they are for 5500 ASA. So this is not possible using ISE but Iron Port can be used for the same and customer’s requirement can be meet. Please follow the link below it may be of Help
https://supportforums.cisco.com/thread/2149968
Similar Messages
-
Cisco ISE and WLC Access-List Design/Scalability
Hi,
I have a scenario whereby wireless clients are authenticated by the ISE and different ACLs are applied to it based on the rules on ISE. The problem I seems to be seeing is due to the limitation on the Cisco WLC which limit only 64 access-list entries. As the setup has only a few SVI/interfaces and multiple different access-lists are applied to the same interface base on the user groups; I was wondering if there may be a scalable design/approach whereby the access-list entries may scale beside creating a vlan for each user group and applying the access-list on the layer 3 interface instead? I have illustrated the setup below for reference:
User group 1 -- Apply ACL 1 --On Vlan 1
User group 2 -- Apply ACL 2 -- On Vlan 1
User group 3 -- Apply ACL 3 -- On Vlan 1
The problem is only seen for wireless users, it is not seen on wired users as the ACLs may be applied successfully without any limitation to the switches.
Any suggestion is appreciated.
Thanks.Actually, you have limitations on the switch side as well. Lengthy ACLs can deplete the switch's TCAM resources. Take a look at this link:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series-switches/68461-high-cpu-utilization-cat3750.html
The new WLCs that are based on IOS XE and not the old Wireless/Aironet OS will provide the a better experience when it comes to such issues.
Overall, I see three ways to overcome your current issue:
1. Shrink the ACLs by making them less specific
2. Utilize the L3 interfaces on a L3 switch or FW and apply ACLs there
3. Use SGT/SGA
Hope this helps!
Thank you for rating helpful posts! -
Dear guys,
I deployed Cisco ISE for Network Access Control. My topology as described as attached image. I configured Cisco ISE as Radius Server for Client Access Control. But, I got some problems such as:
No Accounting Start. (I have configured accouting on Switch 2960).
Radius Request Dropped (attached image). These NAS IP Address are Servers on same subnet with Cisco ISE.
I would greatly appreciate any help you can give me in working this problem.
Have a nice day,
Thanks and Regrads,Sorry for late reply.
Here is my switch config.
Current configuration : 8630 bytes
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Switch
boot-start-marker
boot-end-marker
no logging console
enable password ******************
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting delay-start all
aaa accounting auth-proxy default start-stop group radius
aaa accounting dot1x default start-stop group radius
aaa accounting network default start-stop group radius
aaa server radius dynamic-author
client A.B.C.D server-key keystrings
aaa session-id common
system mtu routing 1500
vtp mode transparent
ip dhcp snooping
ip device tracking
crypto pki trustpoint TP-self-signed-447922560
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-447922560
revocation-check none
rsakeypair TP-self-signed-447922560
crypto pki certificate chain TP-self-signed-447922560
certificate self-signed 01
xxxxx
dot1x system-auth-control
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
vlan 139,153,401-402,999,1501-1502
interface FastEthernet0/11
switchport access vlan 139
switchport mode access
authentication host-mode multi-auth
authentication open
authentication port-control auto
authentication periodic
authentication timer inactivity 180
authentication violation restrict
mab
interface FastEthernet0/12
switchport access vlan 139
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action authorize vlan 139
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication open
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication timer inactivity 180
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
interface GigabitEthernet0/1
switchport mode trunk
interface GigabitEthernet0/2
interface Vlan1
no ip address
interface Vlan139
ip address E.F.G.H 255.255.255.0
ip default-gateway I.J.K.L
ip http server
ip http secure-server
ip access-list extended ACL-ALLOW
permit ip any any
ip access-list extended ACL-DEFAULT
remark Allow DHCP
permit udp any eq bootpc any eq bootps
remark Allow DNS
permit udp any any eq domain
permit icmp any any
permit tcp any host A.B.C.D eq 8443
permit tcp any host A.B.C.D eq 443
permit tcp any host A.B.C.D eq www
permit tcp any host A.B.C.D eq 8905
permit tcp any host A.B.C.D eq 8909
permit udp any host A.B.C.D eq 8905
permit udp any host A.B.C.D eq 8909
deny ip any any
ip access-list extended ACL-WEBAUTH-REDIRECT
permit tcp any any eq www
permit tcp any any eq 443
deny ip any any
ip radius source-interface Vlan139
snmp-server community keystrings RW
snmp-server enable traps snmp linkdown linkup
snmp-server enable traps mac-notification change move
snmp-server host A.B.C.D version 2c keystrings mac-notification
radius-server attribute 6 on-for-login-auth
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server dead-criteria time 5 tries 3
radius-server host A.B.C.D auth-port 1812 acct-port 1813 key STRINGSKEY
radius-server vsa send accounting
radius-server vsa send authentication
line con 0
line vty 5 15
end
My switch version is
WS-2960 12.2(55)SE5 C2960-LANBASEK9-M
I would greatly appreciate any help you can give me in working this problem. -
Cisco ISE deployment with HP Swithes
Is there any compatibility matrix of cisco ISE with HP access swithes or there is any features restriction on HP access layer. The HP switches do support 802.1x.
Thanks
QasimQasim,
The only compatibility with network access devices is all related to Cisco gear. It would be best to stick with a full supported solution for the sake of support. In my opinion this will be a nightmare to manage if an issue was to occur.
Thanks,
Tarik Admani
*Please rate helpful posts* -
Cisco ISE guest portal redirect not working after successful authentiation and URL redirect.
Hi to all,
I am having difficulties with an ISE deployment which I am scratching my head over and can't fathom out why this isn't working.
I have an ISE 3315 doing a captive webportal for my guest users who are on an SSID. The users are successfully redirected by the WLC to the following URL:https://x.x.x.x:8443/guestportal/Login.action?portalname=XXX_Guest_Portal
Now when the user passes through the user authentication splash screen they get redirected to https://x.x.x.x:8443/guestportal/guest/redir.html and recieve the following error:
Error: Resource not found.
Resource: /guestportal/
Does anyone have any ideas why the portal is doing this?
Thanks
PaulHello,
As you are not able to get the guest portal, then you need to assure the following things:-
1) Ensure that the two Cisco av-pairs that are configured on the authorization profile should exactly match the example below. (Note: Do not replace the "IP" with the actual Cisco ISE IP address.)
–url-redirect=https://ip:8443/guestportal/gateway?...lue&action=cpp
–url-redirect-acl=ACL-WEBAUTH-REDIRECT (ensure that this ACL is also defined on the access switch)
2) Ensure that the URL redirection portion of the ACL have been applied to the session by entering the show epm session ip command on the switch. (Where the session IP is the IP address that is passed to the client machine by the DHCP server.)
Admission feature : DOT1X
AAA Policies : #ACSACL#-IP-Limitedaccess-4cb2976e
URL Redirect ACL : ACL-WEBAUTH-REDIRECT
URL Redirect :
https://node250.cisco.com:8443/guestportal/gateway?sessionId=0A000A72
0000A45A2444BFC2&action=cpp
3) Ensure that the preposture assessment DACL that is enforced from the Cisco ISE authorization profile contains the following command lines:
remark Allow DHCP
permit udp any eq bootpc any eq bootps
remark Allow DNS
permit udp any any eq domain
remark ping
permit icmp any any
permit tcp any host 80.0.80.2 eq 443 --> This is for URL redirect
permit tcp any host 80.0.80.2 eq www --> Provides access to internet
permit tcp any host 80.0.80.2 eq 8443 --> This is for guest portal
port
permit tcp any host 80.0.80.2 eq 8905 --> This is for posture
communication between NAC agent and ISE (Swiss ports)
permit udp any host 80.0.80.2 eq 8905 --> This is for posture
communication between NAC agent and ISE (Swiss ports)
permit udp any host 80.0.80.2 eq 8906 --> This is for posture
communication between NAC agent and ISE (Swiss ports)
deny ip any any
Note:- Ensure that the above URL Redirect has the proper Cisco ISE FQDN.
4) Ensure that the ACL with the name "ACL-WEBAUTH_REDIRECT" exists on the switch as follows:
ip access-list extended ACL-WEBAUTH-REDIRECT
deny ip any host 80.0.80.2
permit ip any any
5) Ensure that the http and https servers are running on the switch:
ip http server
ip http secure-server
6) Ensure that, if the client machine employs any kind of personal firewall, it is disabled.
7) Ensure that the client machine browser is not configured to use any proxies.
8) Verify connectivity between the client machine and the Cisco ISE IP address.
9) If Cisco ISE is deployed in a distributed environment, make sure that the client machines are aware of the Policy Service ISE node FQDN.
10) Ensure that the Cisco ISE FQDN is resolved and reachable from the client machine.
11) Or you need to do re-image again. -
Remote Access VPN posturing with Cisco ISE 1.1.1
Hi all,
we would like to start using our ISE for Remote VPN access.
We have run a proof of concept with the ISE & IPEP with a Cisco ASA5505. We got the authentication working however posturing of the client did not work.
That was a few months ago and so I was wondering whether any design document is available specifically around Using the Cisco ISE for Authenticating & Posturing Remote Access VPN clients.
I understand that version 9 of the ASA code is supposed to eliminate the need for Inline Posture, does anyone know whether this will also allow posturing too?
We do intend to by Cisco ASR's aswell, but I am sceptical of this as i do not know how many VPN licenses you get out of the box. The ASA's we have allow up to 5000 IPSec VPNs without having to purchase any licensing. What I do not want to do is to switch to SSL VPNs as this again will increase cost.
I know ISR's are support NADs but what about ASRs? There is no mention.
Any advise will be appreciated!
MarioOK, I have come accross the Cisco Validated design for BYOD and in there it has a section about Authenticating VPNs.
thats great... however it does not mention using the Inline posture node. Does anyone know if there is a limitation using Inline Posture and SSL VPNs...?
essentially my requirements are
2-factor authentication VPN using a Certificate & RSA Token
Posturing of the VPN endpoint.
Ideally i would like to use IPSec VPNs as i have licenses already for these on my ASAs. But if it will only work with SSL & AnyConnect, then so be it.
Can anyone help?
Mario -
Cisco ISE - Not use FQDN in url-redirect parameter
Hi,
I am using Cisco ISE Central Web Authentication for Guest Wireless. Clients are redirected for web authentication to: https://ip:port/guestportal/gateway?sessionId=SessionIdValue&action=cwa as it is specified by the url-redirect parameter in the Authorization Profile.
The “ip” field in the url is now replaced by the FQDN of the Cisco ISE, but I want to use the IP address instead of the FQDN. Is there any way to do that?
As far as I know in version 1.2 you can use the “ip host/no ip host” command to indicate what you want to use in the URL. However my Cisco ISE is running version 1.1.1.268.
Thank you very much.
Joana.Available in 1.2, and available as a "bit of a bodge" in 1.1.x (read "a lot of a bodge")
If you only have one PSN then you may be able to get it to work, but after that you lose the ability to get the session to be pointed automatically at whichever PSN they hit initially so it would break.
Copy the settings that are applied when you use CWA, then create your own based on the same settings but using the ip address pasted in there instead. -
Problem to get Web admin access on cisco ISE
Hi,
We are currently having problems to access via Web admin UI to cisco ISE. after we put the password, we get this message on screen:
authentication failed due to zero RBAC group.
The ISE version that we are using is: 1.1.2.145 path 3
Do you have any idea about that?
Thank you for your attention on this matter.
Regards.In Cisco ISE, RBAC policies are simple access control policies that use RBAC concepts to manage admin access. These RBAC policies are formulated to grant permissions to a set of administrators that belong to one or more admin group(s) that restrict or enable access to perform various administrative functions using the user interface menus and admin group data elements. I think there is problem with your RBAC policy configuration. Please follow the below link for help.
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html#wp1282656
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html#wp1283009 -
Cisco ISE - Guest Access With Google Chrome
We've implemented the self provisioning guest portal/Guest SSID and it seems to work great for internet explorer, if a user uses Google Chrome to go through the setup the password is generated, they login and accept the terms and conditions, but then they get hung up on the WLC URL and then have to start self provisioning again.
Any ideas?Please check the below browser requirements :
Supported Operating Systems and Browsers for Sponsor, Guest, and My Devices Portals
These Cisco ISE portals support the following operating system and browser combinations. These portals require that you have cookies enabled in your web browser.
Table 8 Supported Operating Systems and Browsers
Supported Operating System Browser Versions
Google Android 1 4.0.4, 4.0.3, 4.0, 3.2.1, 3.2, 2.3.6, 2.3.3, 2.2.1, 2.2
•Native browser
Apple iOS 6, 5.1, 5.0.1, 5.0
•Safari 5, 6
Apple Mac OS X 10.5, 10.6, 10.7, 10.8
•Mozilla Firefox 3.6, 4, 5, 9
•Safari 4, 5, 6
•Google Chrome 11
Microsoft Windows 82
•Microsoft IE 10
Microsoft Windows 73
•Microsoft IE 9
•Mozilla Firefox 3.6, 5, 9
•Google Chrome 11
Microsoft Windows Vista, Microsoft Windows XP
•Microsoft IE 6, 7, 8
•Mozilla Firefox 3.6, 9
•Google Chrome 5
Red Hat Enterprise Linux (RHEL) 5
•Mozilla Firefox 3.6, 4, 5, 9
•Google Chrome 11
Ubuntu
•Mozilla Firefox 3.6, 9 -
Permit only one access per user on guest portal Cisco ISE
Hi,
Could you please help me to figure it out if it´s possible to create a guest account on cisco ISE which permit only one concurrent access?
We don't want to have multiple devices registering with the same account, just one different account for each device.
Thanks,Hi Gino,
You can restrict guests to having only one device connected to the network at a time. When guests attempt to connect with a second device, the currently-connected device is automatically disconnected from the network.
This is a global setting affecting all Guest portals.
Step 1 Choose Administration > Web Portal Management > Settings > Guest > Portal Policy.
Step 2 Check the Allow only one guest session per user option.
Step 3 Click Save. -
How To Migrate Cisco Clean Access to Cisco ISE
We have a Cisco Clean Access 3.6.3 (3140 Appliance) in which we would love to migrate to Cisco ISE 1.1 (3315 Appliance). Does anyone have an idea on how to do this?
I was wondering if I need to upgrade the a later version of Cisco Clean Access and them back it up the CCA. Backup the CCA and then restore/import the backup to the ISE.
Any help will be greatly appreciated?
Thanks.Hi Mate,
Refer to below instructions for hosting licenses on ISRs:
http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/software-activation-on-integrated-services-routers-isr/white_paper_c11_556985.html#wp9001047
Rehosting a License
Prerequisites:
• Valid Cisco.com account (username/password)
• Retrieve Product Id and Serial Number with either the IOS "show license udi" command or label tray from both the source and destination devices.
• Retrieve Source Device Credentials by issue the following IOS commands in exec mode:
– license save credential flash0:CredentialFileName
– more flash0:CredentialFileName
• The source device has rehostable licenses.
Rehosting a License with Cisco's Licensing Portal
This process can be used when the source and the destination device cannot communicate directly with Cisco licensing portal
Summary Steps:
1. Obtain UDI and device credentials from the source and destination devices using IOS CLI commands
2. Contact the Product License Registration page on Cisco.com and enter the source Device Credentials and UDI into the license transfer portal tool.
3. The portal will display licenses that can be transferred from the source device.
4. Select the licenses that need to be transferred. A permission ticked is issued. You can use this permission ticket to start the rehost process using Cisco IOS c for any further help.ommands.
5. Apply the permissions ticket to the source device using the license revoke command. The source device will then provide a rehost ticket indicating proof of revocation. A sixty day grace period license is also installed on the device to allow enough time to transfer the licenses to destination device.
6. Enter the rehost ticket into the license transfer portal tool on Cisco.com along with destination device UDI.
7. Receive the license key via E-mail
8. Install the license key on the destination device.
You can also email [email protected]
-Terry
Please rate all helpful posts -
Cisco ISE to block jailbroken or android specific versions
We have Cisco ISE deployed with Advanced subscription license. Is it possible to block IOS jailbroken devices and android devices with older OS version (or rooted) from joining the wireless network.
You cannot do that with ISE alone. You will need to purchase a supported MDM solution (Airwatch, MobileIron, Maas360, etc) and integrate that with ISE. The MDM can then be queried by ISE and check for things like rooted device, PIN, encryption, etc
Thank you for rating helpful posts! -
Cisco ISE 1.2 - BYOD Guest Access Error with Certificate
Hi all !
I'm running on Cisco ISE 1.2. I'm trying to setup BYOD (dual SSID).
Here's a walkthrough of what's happening:
1. I connect to open SSID, enter username/password and register MAC
2. I download WinSPwizard, get trust root CA but WinSPwizard error
This is spwprofilelog
[Wed Oct 01 11:27:17 2014] Installed [pvgas-DC-CA, hash: d0 ad c2 1e 19 b0 8b 61 8a 2d 81 88 da 8a a2 ca
da d3 ab e8
] as rootCA
[Wed Oct 01 11:27:17 2014] Warning - [HTTPConnection] InternetOpen() failed with code: [12038]
[Wed Oct 01 11:27:17 2014] Warning - [HTTPConnection] Abort the HTTP connection due to invalid certificate CN
[Wed Oct 01 11:27:17 2014] HttpWrapper::SendScepRequest - Retrying: [1] time, after: [4] secs , Error: [2]
[Wed Oct 01 11:27:21 2014] Warning - [HTTPConnection] InternetOpen() failed with code: [12038]
[Wed Oct 01 11:27:21 2014] Warning - [HTTPConnection] Abort the HTTP connection due to invalid certificate CN
[Wed Oct 01 11:27:21 2014] HttpWrapper::SendScepRequest - Retrying: [2] time, after: [4] secs , Error: [2]
[Wed Oct 01 11:27:25 2014] Warning - [HTTPConnection] InternetOpen() failed with code: [12038]
[Wed Oct 01 11:27:25 2014] Warning - [HTTPConnection] Abort the HTTP connection due to invalid certificate CN
[Wed Oct 01 11:27:25 2014] HttpWrapper::SendScepRequest - Retrying: [3] time, after: [4] secs , Error: [2]
[Wed Oct 01 11:27:29 2014] Warning - [HTTPConnection] InternetOpen() failed with code: [12038]
[Wed Oct 01 11:27:29 2014] Warning - [HTTPConnection] Abort the HTTP connection due to invalid certificate CN
[Wed Oct 01 11:27:29 2014] Failed to get certificate from server - Error: [2]
[Wed Oct 01 11:27:29 2014] Failed to generate scep request. Error code:
[Wed Oct 01 11:27:29 2014] ApplyCert - End...
[Wed Oct 01 11:27:29 2014] Failed to configure the device.
[Wed Oct 01 11:27:29 2014] ApplyProfile - End...
[Wed Oct 01 11:27:32 2014] Cleaning up profile xml: success
This is SCEP RA profiles
Other Cert
ACL On WLC
and policy
Please help me fix error.
Thanks.you could create an ISE local user with a GUEST membership and provided you have your ISE password policy set so that it doesn't expire accounts, etc it would be a "permanent" guest account. we do something similiar. sponsors make temporary accounts while long-term or test guest accounts are created in the ise local identity store as guests and are processed the same way. you just have to ensure that the internal user store is part of your guest identity source sequence.
-
Cisco ISE profiling - Split Corporate/Guest access
Hello all,
I currently deploying a Cisco ISE for my wireless network and I would like to split my WLAN in two different "authorization profile" : Guest and Corporate.
For the moment, I use my active Directory to authenticate users and profiling to authorize device with the hostname. I would like to classify by domain name with DHCP probe but I can't because there is alway a DHCP message response with the domain name given by the DHCP server, do you have a solution to separate device with domain name or with other attributes ?
Thanks in advance for your answer!Thanks for your answer salodh,
I've already done two authorization profiles (Guest and corporate) based on rule using Active Directory and profiling condition but I would more profiling conditions (not only hostname) to split clearly corporate and guest devices. -
ISE & Switch URL redirect not working
Dear team,
I'm setting up Guest portal for Wired user. Everything seems to be okay, the PC is get MAB authz success, ISE push URL redirect to switch. The only problem is when I open browser, it is not redirected.
Here is some output from my 3560C:
Cisco IOS Software, C3560C Software (C3560c405-UNIVERSALK9-M), Version 12.2(55)EX3
SW3560C-LAB#sh auth sess int f0/3
Interface: FastEthernet0/3
MAC Address: f0de.f180.13b8
IP Address: 10.0.93.202
User-Name: F0-DE-F1-80-13-B8
Status: Authz Success
Domain: DATA
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: multi-domain
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
URL Redirect ACL: redirect
URL Redirect: https://BYODISE.byod.com:8443/guestportal/gateway?sessionId=0A005DF40000000D0010E23A&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 0A005DF40000000D0010E23A
Acct Session ID: 0x00000011
Handle: 0xD700000D
Runnable methods list:
Method State
mab Authc Success
SW3560C-LAB#sh epm sess summary
EPM Session Information
Total sessions seen so far : 10
Total active sessions : 1
Interface IP Address MAC Address Audit Session Id:
FastEthernet0/3 10.0.93.202 f0de.f180.13b8 0A005DF40000000D0010E23A
Could you please help to explore the problem? Thank you very much.With switch IOS version later than 15.0 the default interface ACL is not required. For url redirection the dACL is not required as this ACL is part of traffic restrict for "guest" users.
In my experiece some users can not get the redirect correctly because anti-spoof ACL on management Vlan or stateful firewall blocks the TCP syn ack.
It is rare in campus network access layer switches have user SVI configured so the redirect traffic has to be sent from the netman SVI, but trickly the TCP SYN ACK from the HTTP server will be sent back from the netman Vlan without source IP changed. (The switch is spoofing the source IP in my understanding with changing only the MAC address of the packet). In most of the cases there should be a basic ACL resides on the netman SVI on the first hop router, where the TCP SYN ACK may be dropped by the ACL.
tips:
1. "debug epm redirect" can make sure your traffic matches the redirect url and will get intercepted by the switch
2. It will be an ACL or firewall issue if you can see epm is redirecting your http request but can not see the SYN ACK from the requested server.
Which can win the race: increasing bandwidth with new technologies VS QoS?
Maybe you are looking for
-
How to print JPG image retrieved from BLOB in a table using Forms10g
I create a database schema and a Form to maintain JPG to the table PHOTOS. I would like to add a button to PRINT just the PHOTO_IMAGE to its maximum size from a Form. How can I do that? Is thaere any built-in Forms functions to do that? If the client
-
SUS invoice Faliure in SXMB_MONI
Hi All, When we posted an ERS invoice from MM to SUS System. The XML messages falied in SUS. Please give your expert comments. We are getting the floowing error message: <?xml version="1.0" encoding="UTF-8" standalone="yes" ?> - <!-- Call Inbound Pro
-
Hi, Can some please Validate that whether Oracle is Supporting Dim adapter for Essbase or not. Can someone give me link or somethig as a Proof. Also can we see data in Dim Adapters or not.. A List of Pros and Cons will be Welcomed. Cheers Anubhav
-
hello i just bought the new 15'' retina macbook pro and i also own logic pro9. how do i transfer logic to my new macbook? do i have to some how ask apple to send me a download link? will apple try to get me to buy another copy? thanks for your reply.
-
HT201210 is anyone having trouble connecting to the activation server?
is anyone having trouble connecting to the activation server?