EA6400: Problems for wireless users
There are two router EA6400 (firmware version: 1.1.40.160989). Routers are configured in bridge mode. Routers are used for wireless devices/users. Wireless users have many problems with the quality of the connection and very high ping. Wired users don't have any problems with the quality of the connection and ping.
What's the problem?
Ping from user
Spoiler (Highlight to read)
user@pc:~$ ping yandex.ru
PING yandex.ru (93.158.134.11) 56(84) bytes of data.
64 bytes from yandex.ru (93.158.134.11): icmp_seq=1 ttl=56 time=6.66 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=2 ttl=56 time=1110 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=3 ttl=56 time=112 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=4 ttl=56 time=338 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=5 ttl=56 time=463 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=10 ttl=56 time=449 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=12 ttl=56 time=390 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=13 ttl=56 time=515 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=14 ttl=56 time=744 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=17 ttl=56 time=17.5 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=19 ttl=56 time=139 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=21 ttl=56 time=388 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=22 ttl=56 time=1440 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=23 ttl=56 time=433 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=24 ttl=56 time=1580 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=25 ttl=56 time=574 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=31 ttl=56 time=783 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=35 ttl=56 time=954 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=36 ttl=56 time=5.31 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=37 ttl=56 time=1110 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=38 ttl=56 time=103 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=39 ttl=56 time=225 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=40 ttl=56 time=761 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=41 ttl=56 time=157 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=43 ttl=56 time=10.0 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=44 ttl=56 time=1241 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=45 ttl=56 time=241 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=47 ttl=56 time=1020 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=48 ttl=56 time=946 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=49 ttl=56 time=5.29 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=51 ttl=56 time=1122 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=52 ttl=56 time=122 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=54 ttl=56 time=275 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=55 ttl=56 time=500 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=56 ttl=56 time=427 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=57 ttl=56 time=554 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=60 ttl=56 time=730 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=61 ttl=56 time=1062 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=62 ttl=56 time=66.3 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=63 ttl=56 time=390 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=64 ttl=56 time=526 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=73 ttl=56 time=944 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=77 ttl=56 time=123 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=81 ttl=56 time=325 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=89 ttl=56 time=626 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=92 ttl=56 time=701 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=94 ttl=56 time=852 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=102 ttl=56 time=1043 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=103 ttl=56 time=43.3 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=104 ttl=56 time=150 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=110 ttl=56 time=828 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=114 ttl=56 time=9.44 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=115 ttl=56 time=1154 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=116 ttl=56 time=155 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=119 ttl=56 time=435 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=127 ttl=56 time=734 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=134 ttl=56 time=81.6 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=135 ttl=56 time=100 ms
64 bytes from yandex.ru (93.158.134.11): icmp_seq=137 ttl=56 time=559 ms
^C
--- yandex.ru ping statistics ---
141 packets transmitted, 59 received, 58% packet loss, time 140168ms
rtt min/avg/max/mdev = 5.290/524.123/1580.880/407.470 ms, pipe 2
user@pc:~$
user@pc:~$ ping yandex.ruPING yandex.ru (93.158.134.11) 56(84) bytes of data.64 bytes from yandex.ru (93.158.134.11): icmp_seq=1 ttl=56 time=6.66 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=2 ttl=56 time=1110 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=3 ttl=56 time=112 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=4 ttl=56 time=338 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=5 ttl=56 time=463 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=10 ttl=56 time=449 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=12 ttl=56 time=390 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=13 ttl=56 time=515 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=14 ttl=56 time=744 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=17 ttl=56 time=17.5 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=19 ttl=56 time=139 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=21 ttl=56 time=388 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=22 ttl=56 time=1440 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=23 ttl=56 time=433 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=24 ttl=56 time=1580 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=25 ttl=56 time=574 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=31 ttl=56 time=783 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=35 ttl=56 time=954 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=36 ttl=56 time=5.31 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=37 ttl=56 time=1110 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=38 ttl=56 time=103 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=39 ttl=56 time=225 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=40 ttl=56 time=761 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=41 ttl=56 time=157 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=43 ttl=56 time=10.0 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=44 ttl=56 time=1241 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=45 ttl=56 time=241 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=47 ttl=56 time=1020 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=48 ttl=56 time=946 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=49 ttl=56 time=5.29 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=51 ttl=56 time=1122 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=52 ttl=56 time=122 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=54 ttl=56 time=275 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=55 ttl=56 time=500 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=56 ttl=56 time=427 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=57 ttl=56 time=554 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=60 ttl=56 time=730 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=61 ttl=56 time=1062 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=62 ttl=56 time=66.3 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=63 ttl=56 time=390 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=64 ttl=56 time=526 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=73 ttl=56 time=944 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=77 ttl=56 time=123 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=81 ttl=56 time=325 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=89 ttl=56 time=626 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=92 ttl=56 time=701 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=94 ttl=56 time=852 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=102 ttl=56 time=1043 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=103 ttl=56 time=43.3 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=104 ttl=56 time=150 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=110 ttl=56 time=828 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=114 ttl=56 time=9.44 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=115 ttl=56 time=1154 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=116 ttl=56 time=155 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=119 ttl=56 time=435 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=127 ttl=56 time=734 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=134 ttl=56 time=81.6 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=135 ttl=56 time=100 ms64 bytes from yandex.ru (93.158.134.11): icmp_seq=137 ttl=56 time=559 ms^C--- yandex.ru ping statistics ---141 packets transmitted, 59 received, 58% packet loss, time 140168msrtt min/avg/max/mdev = 5.290/524.123/1580.880/407.470 ms, pipe 2user@pc:~$
Traceroute from user
geekychix wrote:
What is the wireless channel set for your router? Flash the firmware of your router, reset and reconfigure it. Try playing around with channels 1,3,6 or 9. Security mode should be set to WPA2 Personal. Let me know how it goes.
Forgot to say that I only use 2GHz wireless network. A fifth channel to another 12th channel. Channels I specifically chose not to overlap with neighboring networks. I've already tried to reset the settings on the defaul and reconfigure the router again. I only use WPA2 PSK-CCMP. Have any ideas?
Lun wrote:
EA6400 works really good for me with the current firmware. On 2.4ghz, channel 9 is solid and at 5.0ghz, channel 157 is strong too. Try that.
Forgot to say that I only use 2GHz wireless network. A fifth channel to another 12th channel. Channels I specifically chose not to overlap with neighboring networks.
Saffronfs7 wrote:
Your WiFi network is possibly prone to wireless interference which causes high latency and slow/intermittent connection. Adjust the wireless settings on your EA6400 routers. Use Non-overlapping Channels like 1 or 6 or 11. Use a WiFi scanner to check which Channels are crowded and which ones are not. Although 5GHz network uses non-overlapping Channels I recommend using Channel 161.
I advance it all already made. Have any ideas?
Lun wrote:
Everyone in my area are using channel 1, 6, and 11 on 2.4ghz. Channel 9 work best for me.
Channels I specifically chose not to overlap with neighboring networks. Have any ideas?
Similar Messages
-
Problem authenticating Wireless users with peap
Good afternoon,
I am currently trying to authenticate wireless users using PEAP and an external RADIUS server. The problem is when I try to authenticate I get this error :
AAA/AUTHEN/PPP : Pick method list 'Permanent Local'
DOT11-7-AUTH_FAILED : Station ... Authentication failed
It shouldn't use local authentication, but the aaa server I configured.
I looked on the internet but didn't find a working solution.
Does anyone know why it is not working ?
Here is my running configuration :
Current configuration : 4276 bytes
! Last configuration change at 00:45:40 UTC Mon Mar 1 1993
! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap
logging rate-limit console 9
enable secret 5 $1$QVC3$dIVAarlXOo52rN3ceZm1k0
aaa new-model
aaa group server radius rad_eap
server 192.168.2.2 auth-port 1812 acct-port 1813
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
no ip routing
no ip cef
dot11 syslog
dot11 ssid test
authentication open eap eap_list
authentication key-management wpa version 2
guest-mode
eap profile peap
method peap
crypto pki token default removal timeout 0
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid test
antenna gain 0
stbc
beamform ofdm
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
antenna gain 0
no dfs band block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
dot1x pae authenticator
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface BVI1
ip address 192.168.3.10 255.255.255.0
no ip route-cache
ip default-gateway IP
ip forward-protocol nd
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.168.2.2 auth-port 1812 acct-port 1813 key 7 140441081E501F0B7D
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
transport input all
end
Thank youI haven't setup autonomous APs before but I think I might see the problem. You are defining an authentication list called "eap_methods" but you never call for it in your SSID settings. Instead there you call a list named "eap_list" In addition, I think you might be missing one more command. So perhaps try this:
dot11 ssid test
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa version 2
guest-mode
Hope this helps!
Thank you for rating helpful posts! -
EAP-TLS on ACS v4 for wireless users
Hi,
I?m trying to deploy EAP-TLS authentication method on ACS v4.0 for my local wireless users; really I stuck with the certificate issue and need your assistance to understand the required procedures to accomplish the task.
As mentioned on the ACS configuration guide I have to have CA server to generate certificates for both ACS and wireless users, but I found an option on the ACS under System configuration tab then ACS Certificate Setup a Generate Self-Signed Certificate, I generated a certificate and uploaded a copy to my PC, installed and followed the recommended steps to configure the Microsoft XP client configuration but still I got the error ?Windows was unable to find a certificate to log you on to the network SSID? . Honestly I don?t know if this is possible but I gave it a try but failed.
Kindly advice what is the appropriate and easiest way to accomplish the task, if you could provide me with helpful documents I?ll appreciate it.
Regards,
BelalI am currently using EAP-TLS authentication on my wireless users using ACS 3.2. I have had that problem before. This is what I did...
Setup a Microsoft Certificate server as my
CA. You can use same machine wih your ACS and CA.
Then, generate certificate signing request from ACS then request a server certificate from CA then copy and install a certificate to ACS. On the ACS, go to global authentication setup check the EAP-TLS cetificate. If it failed to respond means that the server certificate is not properly setup.
On the windows xp clients, connect your machine using wired LAN, then request a certificate from CA(the same CA that you have use to your ACS) using IE (ex. http://CAip/certsrv), but this time request a client certificate. The name you should put when requesting the cert must be you local windows user, use 1024, choose microsoft base cryptographic provider 1.0. then installl the certificate on the client. Verify you client certificate it i was installed properly.
At that poit you should be able to connect you r wireless client using EAP-TLS. -
Hi experts,
In KM we created a folder for BW report links. The user start the report and the BW report is shown in the language selected in the IE settings (SAP user language is empty). This works fine, but for one user the BW reports always displayed in French. I set the SAP user language to English (the welcome text is English, portal menu is English etc), but the reports are still displayed in French. Cache are emptied, tried another pc, change IE langaue to English, but still the same problem.
When I check the source, the next 2 lines are always ending with xx_fr.js instead of xx_en.js or another selected langauge
javascript "/irj/portalapps/com.sap.ip.bi.web.portal.mimes/unifiedrendering/resources/js/languages/urMessageBundle_fr.js
sapbi_page.registerInclude "/irj/portalapps/com.sap.ip.bi.web.portal.mimes/unifiedrendering/resources/js/languages/urMessageBundle_fr.js
How to solve this?
thanks in advance.
Vo.Pproblem is solved, user had set the personal property language to French.
-
ALV grid Refresh problem for one user
Have an ALV with editable columns. Validation and save works for all columns for one user but not for the other. The user with the issue is able to modify the values and save to the database fine.The problem is it doesn't display in the ALV once refreshed. Please suggest any ideas of how to look into this issue as it works for one and not other user.
Strange work for one user not for other.
Once you save the data, rebind the data to table. so that new data will display. ( that use set_initial_elements as true, so that old values not display ).
Regards
Srinivas -
Authorization-problem for standard users when running WDR_TEST_ZCI
hi
we've developed a WDA application incorporating several interactive forms. it all runs fine in QA--environment when a user with developer-role are running the application, but when standard users are running it, it fails.
the same happens with the demo-app WDR_TEST_ZCI.
i so belive this to be caused by missing authorizations for the users. can anyone shed any light on which these might be?
the error as reported in the browser:
The following error text was processed in the system Q97 : Access via 'NULL' object reference not possible.
The error occurred on the application server xx-x168_Q97_05 and in the work process 0 .
The termination type was: RABAX_STATE
The ABAP call stack was:
Method: PARSE_XML_SCHEMA of program CL_WD_ADOBE_SERVICES==========CP
Method: GET_SCHEMA_VERSION of program CL_WD_ADOBE_SERVICES==========CP
Method: CONSTRUCTOR of program CL_WD_ADOBE_SERVICES==========CP
Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/LADOBE==================CP
Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/LADOBE==================CP
Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L7STANDARD==============CP
Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
any input appreciated.
cheers
tomHi Tom,
When you are familiar with authorizations in PFCG trabsaction you are finaliar with S_DEVELOP if not ask the authorization team on your project.
Basically this authorization object handles the read/write etc authorization related to devlopment objects. If you implement Adobe forms you will probably develop your own forms or at least copy the SAP forms to customer namespace.
For Adobe you will therefore have 2 custom development objects (1 for the form and 1 for the interface that is automatically generated). The end-user shoulf have at least READ access to these objects. If not the portal will trow an error on this.
To determine the tech names of the objects find the form and related interface in transaction SFP. These should be inserted in the object S_DEVELOP in the role for the end users.
You may want to consider to put the value Z* in the object which will give authorization for all the custom developed objects.
If you can't find the object reply again and i will send a screenshot.
Finally, make use of the splended transaction ST01!! It will make your life a lot more easy in portal! It traces all the authorizations needed and missing for any user you specify. After activating the trace and running a portal scenario the log will tell you want went OK and what not on an authorization object level.
Good luck,
Thomas
ps. Thanks for the appreciation you gave in my other thread. Now we have the answers in both threads as well. Take Care. -
PEAP authentication failed for wireless users
Dears
Hello
i'm receiving this error when i'm trying to authenticate wireless users using PEAP MSCHAPv2. can anyone please support me.
thanksDear Neno
the customer has sent me this in aruba
aaa authentication dot1x "dot1xProfile"
termination eap-type eap-peap
termination inner-eap-type eap-mschapv2
aaa authentication-server radius "SERVER"
host x.x.x.x
key xxxx
nas-ip x.x.x.x
aaa server-group "RADIUS-GROUP"
auth-server “SERVER”
aaa profile "KSAU-JED-AAA-Profile"
authentication-dot1x "dot1xProfile"
dot1x-server-group "RADIUS-GROUP"
wlan virtual-ap "SSID-NAME"
aaa-profile "KSAU-JED-AAA-Profile"
ssid-profile "SSID-NAME"
vlan <VLAN ID> -
Flash install problem for multiple users
Working on an home PC trying to set up Flash. Go through
install logged in as myself (systemadmin access) and install goes
fine. Flash pages load on IE Other users on system, also Admin
access, can not get same Flash pages to load. Running WinXp. Have
tried both IE 6 and 7. Firefox is running fine for all users
Thanks for any help you can provideDuring install, you should be prompted whether you want to install the loops for the current user only or for every user. In the latter case, the loops should end up in HD/Library/Audio/Apple Loops
-
POP3 and IMAP problem for one user
Hi All,
One of my users has recently connected her iPhone4 to our GW7. We set her up just like numerous other of our users, and she is having some issues. When set up as IMAP using the default application on her iPhone, she can see all her folders and all her mail up to December 21, 2011, but nothing after that. If she asks to download more messages, it successfully shows earlier messages, but still nothing more recent than December. When set up as POP, she is able to download recent messages, but there are wide gaps in what she can see. Whole days are missing. I can send her a new message, and she can POP it right away, but messages that came in just hours before will not come over. None of our other users have any such issues--including at least one with the same iPhone.
The user swears that she has no other e-mail program POPing mail--and even if she did, I don't think it would explain the IMAP issue--but I may be wrong about that. This user does have an incredibly large online mail account--over 20,000 messages in her Mailbox folder alone. I have examined her POA indexes, and they show nothing un-indexed.
I have used my own phone (Droid Bionic) to connect to her GWise account and I see the same behavior from her account.
We are using GWIA 7.0.2, and I can see her phone making connections successfully. I see no errors, but I have not yet studied a Verbose display when she connects.
Any suggestions about how to proceed to troubleshoot this?
What could I do if I wanted to reset whatever information her account stores as to what messages have been POP'ed off or to reset whatever info about IMAP is maintained?
Thanks in advance,
Peter.On 1/12/2012 3:16 PM, pgsmick wrote:
>
> Many, or shall I say /imapreadlimit -10, thanks to you Michael.
> Preumably there is a reason for this limit, and I don't feel like caving
> in to pressure from users who refuse to clean out their mailboxes, but
> what are the specific downsides to raising the limit? And does this
> shed any light on the other issue with using the POP3 method?
>
> Again, you're a gem.
>
> Peter.
>
>
My understanding is as you raise it, the memory usage of the POA and the
CPU hit on the POA will increase. It's been explained to me that the
IMAP standard requires certain correlations and bufferings to made
between the different items, so the memory usage increases. (IMAP is
fairly complex, so I doubt I can explain it all since I doubt I
understand it all). For example IMAP requires synthetic UIDS to be
correct for all the items in the mailbox during the session. There is
room for improvement here, but it hasn't been a super-high priority is
what I was told just this past BrainShare. It will never be a completely
low memory "streaming" kind of solution though - a lot of state has to
be built and maintained during the IMAP session.
POP, I'm not sure about. I do know GW can get confused. Have her specify
her pop UserID differently. For example if her normal gwmailbox is
jsmith, have her try jsmith:v=2 .
Also see other whacky POP switches
you can set affect the date range, and #. The "v","l",and "t" are the
most important.
User ID Login Options
With POP3 clients, users can add the options listed in the table below
to the login name (GroupWise user ID) to control management of their
mailbox messages. If used, these options override the POP3 settings
assigned through the user’s class of service (see Section 47.1.2,
Creating a Class of Service).
Login options are appended to the user ID name with a colon character
(:) between the user ID name and the switches:
Syntax: user_ID:switch
Example: User1:v=1
You can combine options by stringing them together after the user ID and
the colon without any spaces between the options:
Syntax: user_ID:switch1switch2
Example: User1:v=1sdl=10
The syntax for the user ID options is not case sensitive. Login options
are not required. If you do not want to include any login options, just
enter the user ID name in the text box, or following the USER command if
you are using a Telnet application as your POP3 client.
Table 46-1 User ID Login Options
Option
Explanation
Example
v=number between 1-31
The v option defines the POP3 client’s view number. If multiple POP3
clients access the same GroupWise mailbox, each client must use a
different view number in order to see a fresh mailbox.
For example, if two POP3 clients access a mailbox and the first client
downloads the unread messages, the second client cannot download the
messages unless it is using a different view number than the first client.
If this option is not used, the default value is 1.
User_ID:v=1
d
The d option deletes the messages from the GroupWise mailbox after they
have been downloaded to the POP3 client.
User_ID:d
p
The p option purges the messages from the GroupWise mailbox after they
have been downloaded to the POP3 client.
User_ID:p
t=1-1000
The t option defines the download period, starting with the current day.
For example, if you specify 14, then only messages that are 14 days old
or newer are downloaded. If this option is not used, the default value
is 30 days.
User_ID:t=14
n
The n option downloads messages in RFC-822 format rather than the
default MIME format.
User_ID:N
m
The m option downloads messages in MIME format. This is the default.
User_ID:M
s
The s option presets the file size when the STAT command is executed. If
the user mailbox contains a lot of messages or large messages, it can
take a long time to calculate the file size. With this option, the STAT
command always reports an artificial file size of 1, which can save time.
User_ID:S
l=1-1000
The l option limits the number of messages to download for each POP3
session. For example, if you want to limit the number of messages to 10,
you enter l=10. If this option is not used, the default value is 100
messages. -
Report exection problem for one user - not able to see the data.
Hello Friends ,
Need some help . I have got the one ticket from bussniess side about the report execution .
Unfortunately , I am also not having authorisation of that report due to sensible data.
Problem - User is executing the report but some how he is not ABLE TO see the data for one company code Hierachy .
I executed the same report through RSSMQ via his user id , and I got the below message.
All value were selected . Hierachy Authorisation cannot be used.
A displayed hierachy requier a hierachy authorisation .
But when i checked his authorisation , I am able to see that he should have authorisation to all the hireachy .
could you please let me know , how can I check more ?
Regards,after accessing the report , u go to su53 tcode and check the authorization and u can see what is problem in authorization for the that user and u can send the details to secuity team to rectify the issue ,
-
10.5.5 Active directory problem for mobile users
I an running 10.5.5 on a MBP 2.4. The computer is attached to Active Directory for authentication. The accounted is setup as a mobile user with automatic home sync. Below is the problem I'm experiencing after 10.5.5.
Upgrade worked fine, everything went through as expected. When I got home with computer, couldn't login. I did eventually get logged in, computer became extremely unresponsive at intermittent times.
At work next day, everything worked fine.
I believe this is a problem with 10.5.5 computers that are bound to AD, when AD is not available (but internet is.) Some type of weird priority locking or timeout setting? It seems to fail immediately if no network is available, but if the internet is available it is like it gets "hung" waiting for a response.
Anybody else having similar problems?
Below are the details on the specific tests that brought me to this conclusion.
1) Boot with work network cable connected - Works fine
2) Boot with work wifi network enabled - works fine
3) Boot with public wifi network enabled and work cable - works fine.
4) Boot with only public wifi - appears "frozen" (turned off after 5 minutes of trying to login)
5) Boot without network or wifi - works fine using cached mobile account info
6) Boot with network cable and public wifi, remove network cable after login- works fine for a period becomes periodically frozen. attempts to do anything become queued, when computer starts responding queue emptys out (can see menus / applications switch around to correspond with clicks.)
7) Change account to Manual sync of mobile account, again boot with network cable and public wifi, remove network cable- no freezing responds normaly.
All steps repeated after rebinding computer to AD - same results.First rule of installing an upgrade, run permissions repair both before & after. Did you do that?
I'm using a Mac dual bound to AD & OD, works perfectly. I can't speak for the exact setup of your network but I personally would be suspicious of AD. I had a similar issue some time back where my processor would go crazy with the net directory authentication running like crazy. Turned out AD had somehow forgotten my computer. It only happened away from work where my Mac couldn't contact the AD server (not exactly sure why). I'd try the following.
1. While at work create a local administrative account on your Mac (you should always have a backup account anyway).
2. Login as local admin account.
3. open Directory Utility from the Applications/Utilities folder & remove the AD server (you'll need an account that can bind machines to AD).
4. re-add your Mac to AD.
This may resolve your issue & shouldn't hurt anything in the least. -
LDAP access levels for wireless users
How is it possible if I want my Directory Server 5.2 to authenticate only few number of users to have wireless and dial-up access. LDAP should not permit the other users when they try to login by wireless or dial-up. But everyone should be authenticated when they try to login through a direct ethernet connection. Currently all my users are under ou=people.
JoshuaHi,
Directly-connected APs are supported in 7.4 code, if you are not on that code then
The PoE Ports are not for the APs
Ports 3 and 4 are PoE only ports; do not connect access point devices to these ports. The ports can be used for infra-switch connection using multiple an AP-Manager or data interface
Connect port 1 to a trunk port on the switch.
configure the native vlan ON THE TRUNKPORT only eg vlan 10
Let's assume your wireless is on vlan 10 and your WLC2504 is 10.10.10.20 /24 gateway 10.10.10.1
Enable and Configure DHCP scope for vlan 10
The APs are then connected to a vlan 10 access port on the switch
Configure the SSID
DHCP server tips
- enable bridging mode if using the controller as the DHCP server, otherwise disable it.
- if using other DHCP server and the DHCP server is in the same vlan as the controller, nothing further is needed.
- if DHCP server is on another vlan, you will need to configure option 43 (vendor specific into)
Check with these configuration it will hopefully fix your issue. -
Criticial VLAN for Wireless Users
Hi
I have a setup were all users (LAN & WIRELESS) Are being authenticated using Dot1x with ACS
In case of ACS failure (without a secondary one), I know i can configure the switch port on the LAN to have a critical VLAN, so in case ACS was detected as Dead, a new user being authenticated is assigned to the Critical VLAN,
Is there any Similar solutions for users connecting through the wireless connection? Can we do a critical VLAN in case of ACS Failure, or anything similar to it? knowing that there is a WLC in the setup with Light weight access points.
Thanks
Best regards,Hello,
Since in wireless network, the Radius server has an active part in the encryption key derivation, the WLC can't just grant network access to the end client when the radius server is down, as the client wouldn't have the necessary keying material (nor the WLC as well).
The best option would be to either have multiple radius servers, or to make the WLC act as a radius server and use it as a backup method, so that if your radius server is down, your WLC will handle the radius request and generate the keying material. The issue is that you will need to have a consistent user database on the WLC.
The easiest way would be to have a separate SSID with legacy WPA/WPA2 that are pre configured on clients computer, and allow network access to this SSID only when the primary SSID with Dot1x is down. This can be done manually, or on the layer 3 gateway using PBR/EEM...
For example with PBR, you can set output interface to null0 from traffic originating from the WPA SSID, only of Radius server is reachable, otherwise let the traffic flow. -
Reg: WorkItem & Mail Inbox Problem for Multiple users In workflow
Hi,
I have developed a wofkflow application to sent SAP mails and Workitems to multiple users. I Have a Container which has the property as multi line. and i mapped this container variable with expression of my mail step. This means i can send multiple mails at the sae time....Its working Fine. But the problem is,
Suppose I am sending mails to User1 & User2. Both are receiving the mail, But if user1 read the mail user2 mail is set as read document instead of unread doucument.....
How to Solve this? any solution ?Hi
See if this document is of any help to you.
<a href="https://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/c6456e89-0a01-0010-0189-a7961fe42034">An expert guide to new SAP workflow capabilities</a>
Regards,
Raj -
Added a BASE Station now Drop box's don't work for wireless users
We have a small business run out of a large home. Since Tiger came out we were using the drop box networking technology flawlessly. But recently we installed an Airport Base station replacing our Linksys router and now all the laptop users who connect wirelessly cannot be accessed remotely, we can use the drop box only with the people hardwired. Does anyone have any suggestions.
You might try making a Recovery set with the software included on your machine-though it may not work now either. Creating Recovery Media >> Windows 8
******Clicking the Thumbs-Up button is a way to say -Thanks!.******
**Click Accept as Solution on a Reply that solves your issue to help others**
Maybe you are looking for
-
Can I turn off the reflections in the slideshow?
Posted to .mac, the slideshow automatically puts a reflection under every photo. Can I turn it off? At least when posted to a different site, the slideshow function just puts up a big frame, and does not use a reflection. Mark
-
Using an output statement for a delete w/o affecting any oracle error msg
Dear all; I have a delete statement similar to this below delete from tbl_one t where t.tbl_one_location = location and location not in (select distinct p.issuearea from tbl_two p);the delete statement is within a package, however what i would
-
Outage in N. Bethesda - or maybe further?
My tv just went off too. NO stations what so ever. I'm in Clifton NJ. Verizon really aught to have an alert area on their home page to check for info on outages!!!
-
Div box shifted position when previewed on browsers??
Hi, Can anyone please advise why one of my div boxes (the third one) in Dreamweaver shifted position when previewed on Firefox and IE? My other two div boxes have no problem when previewed on browsers. #textBoxForDesignTitle { height: 40px;
-
Jrun server thread dump...... how to interpret?
i cannot find a good link any hwere on this subject..... which means i am not looking in the right place. If anyone knows of a tutorial or somthing that can help pleas let me know... thanks,