Getting Wireless Users onto LAN

Similar Messages

• Extremely high ping on lan, when aother wireless user uploads video

  When a user on wireless does anything intensive such as uploading a video, me on lan experiences ping of over 1000 on game servers, and voice servers. I also expericence slow web page loading.  This has been happening for a while now, and i want to to stop. I found disabling the wieless connection on the router stops the high ping for users on lan. Some infomation Manufacturer SkyModel SR102Firmware Version 2.1r.3761.RDSL Firmware VersionA2pv6F038m.d24jSystem Up Time: 361:42:01Broadband LinkDownstreamUpstreamConnection Speed18736 kbps2408 kbpsLine Attenuation29.5 dB0.0 dBNoise Margin6.9 dB6.6 dB     

  Hello, i too have random freeze without any "usable" info.
  The blame "may" (well i think it is) be a "baytay + i915 kernel drivers" fault, these thread are intresting :
  - https://bugs.freedesktop.org/show_bug.cgi?id=88012
  - https://github.com/OpenELEC/OpenELEC.tv/issues/3726
  what intresting is that there is path (for use of "legacy-turbo"), sory not remenber where i get it
  -- gpu-drm-i915-fix-vlv-crash.txt --
  Revert back to legacy turbo for vlv, fixes random crashes.
  Reported by Timothée Giet <[email protected]> on dev@ ml.
  https://bugs.freedesktop.org/show_bug.cgi?id=88012#c33
  --- linux/drivers/gpu/drm/i915/i915_irq.c.orig
  +++ linux/drivers/gpu/drm/i915/i915_irq.c
  @@ -4361,12 +4361,7 @@ void intel_irq_init(struct drm_i915_priv
      INIT_WORK(&dev_priv->rps.work, gen6_pm_rps_work);
      INIT_WORK(&dev_priv->l3_parity.error_work, ivybridge_parity_work);
  -    /* Let's track the enabled rps events */
  -    if (IS_VALLEYVIEW(dev_priv) && !IS_CHERRYVIEW(dev_priv))
  -        /* WaGsvRC0ResidencyMethod:vlv */
  -        dev_priv->pm_rps_events = GEN6_PM_RP_UP_EI_EXPIRED;
  -    else
  -        dev_priv->pm_rps_events = GEN6_PM_RPS_EVENTS;
  +    dev_priv->pm_rps_events = GEN6_PM_RPS_EVENTS;
      setup_timer(&dev_priv->gpu_error.hangcheck_timer,
              i915_hangcheck_elapsed,
  I did use the trik on a custom kernel, i do have freeze (none tomoroy but two today but only on using firefox, so may be another probleme (sna))  but not on video (well i had run 15 video same time, and two where running 2 hours after without crash). May be you should try it (i think it work better).
  note : link to make custom kernel -> https://wiki.archlinux.org/index.php/Ke … raditional

• WLC 4404 Wireless users getting disabled

  Currently Being Moderated
  Wireless users getting disabled
  Hi,
  I have WLC 4404 with 7.0.116.0 version. I was getting following messages for particular APs
  *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  *Dec 20 14:11:13.908: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
  *Dec 20 14:11:29.383: %LWAPP-5-RLDP: RLDP stopped on slot 0.
  *Dec 20 14:11:29.674: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
  *Dec 20 14:11:29.678: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  *Dec 20 14:11:29.700: %LWAPP-5-RLDP: RLDP started on slot 0.
  *Dec 20 14:11:29.707: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
  *Dec 20 14:11:29.752: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
  *Dec 20 14:11:29.757: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  *Dec 20 14:11:29.790: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
  *Dec 20 14:11:45.396: %LWAPP-5-RLDP: RLDP stopped on slot 0. *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  After seeing one of the cisco forum, I have disabled RLDP for that particular APs
  so above messages are rectified.
  But right now we are not able to identify Rogue IP and it is not contained.
  So please give any suggetion so that i can rectify the above messages as well as i can identify the rogue IP.
  Thanks & Regards
  Gaurav Pandya

  Hi Scott,
  You are right i am not able to detect rogue APs because i disabled the RLDP. but when i enable the RLDP for that particular AP. i got the following messages with interface go up and down
  *Dec 20 14:11:13.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  *Dec 20 14:11:13.908: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
  *Dec 20 14:11:29.383: %LWAPP-5-RLDP: RLDP stopped on slot 0.
  *Dec 20 14:11:29.674: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
  *Dec 20 14:11:29.678: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  *Dec 20 14:11:29.700: %LWAPP-5-RLDP: RLDP started on slot 0.
  So please suggest me the mid way so that i can enable the RLDP (Detect the rogue APs) with out interface going up and down frequently.
  Regards
  Gaurav

• Reauthencation of Wireless User does not get prompt

  Hi Sir,
  I set up a Radius server(Cisco ACS) to authenticate wireless users via 802.1x. The EAP protocol deployed is Microsoft PEAP as most of the clients OS is XP. The users might be sharing the same laptops. When a user select the wireless network to connect to, he was prompted a window for him to enter the Username, Password and Domain field. After successful authentication, he was able to access the network resources.
  However, the user is not prompted the Username, Password and Domain after he has done so the first time. I understand that XP cached the user credentials in the registry. But my customer would like the window prompt to appear when the following scenario happens to reauthenticate
  a) Session timeout (Notice options in Group profile in ACS but didnt seem to work). What is this session timeout in ACS?
  b) Idle timeout to reauthenticate the current wireless user as the user might leave his workspace for a short period of time and someone might have use his credential to access the network illegitimately
  c) When he shuts down the PC and the laptop is passed to another user but the previous user credential is used rather than the second user credentioal is used.
  How can I disable the automatic cached user credentials? Is there a way to prompt the user after a period of time for him to enter Username, Password and Domain field again? Is the option available in the XP client? I search through the AP configuration options but found none.
  Please advise. Thank you
  Delon

  Try this link
  http://www.cisco.com/en/US/tech/tk59/technologies_configuration_example09186a0080094671.shtml#cswin

• How do I get another user's music onto my ITunes (from the same computer)?

  Hey everyone.. I'm new to Macs and definitely new to iPods. I just got an iPod nano, but my husband has had an iPod for a while. He has built up a really great music collection and I'd like to get his music onto my iTunes (without erasing his of course). We have separate accounts and I'm not sure how to go about getting his muisc.
  Please help! Thanks in advance!

  Kirstin, this document should be of some help with that:
  iTunes: How to share music between different accounts on a single computer

• Manage Wireless Users

  Not sure if this in in the right place, but I work in a school, and up until now we have been using open directory and network homes to manage users. As we have been getting laptops for kids with special needs, we have been increasing our number of wireless users. I understand that network home folders work for wireless, but I found it is quite slow. I havn't messed around too much with mobile accounts, but I am currently looking at that for my mac laptops. My question is, is there anyway with Tiger server that I can make users autheniticate before they are allowed on the network? I don't need to manage the PC laptops (or the mac laptops for that matter) I just need to authenticate them so that not everybody has access.
  Thanks

  Various WiFi devices can use IEEE 802.1x or RADIUS authentication as part of (dis)allowing a user access to a wireless network, and Mac OS X Server can field and can respond to those access requests via Open DIrectory.
  Check your particular WiFi router(s) for details and options and features.
  The Apple WiFi devices I've worked with have options here.
  If your devices do not offer authentication support, either consider an upgrade or check to see if they offer Access Point (AP) features or some other authentication mechanism, and report back here.
  Tossing large wads of (disk) data around can be rather bandwidth-intensive, and that usually means upgrades to 802.11n 5 GHz dual-slot, or more WiFi sites and faster back-haul links from those, or distributing the files outwards into the targets or into local caches. The approach toward resolving bandwidth issues usually starts with calculating how much bandwidth you're using and that you expect to need, and working through your configuration to identify bottlenecks (eg: 100 Mb LAN segments, overloaded NICs) and removing or augmenting those connections. Toward identifying and removing the bottlenecks. Or toward lowering loads. Or spreading and smoothing out the peak load. Or a combination of these.

• How can I get Wireless N 5MHZ Capabilities Dual Band up to 300MHZ on my DV7 Laptop?

  How can I get Wireless N 5MHZ Capabilities Dual Band up to 300MHZ on my DV7 Laptop?
  Question for 4/18 experts ...
  Or specifically, how can I replace my wireless card on a DV7-6B32US and upgrade to Intel Centrino 6230?
  I have a relatively new DV7-6B32US puchased on 11/2011.  Still under warranty. purchased 2 of the laptops. (also own 3 hp desktops and 1 HP All in One)
  Existing card is wireless N but does not support 5GHZ or dual band.  It is Broadcom 4313 wifi card and I am just realizing that the Broadcom card does not do the dual band  5GHZ wireless N.   I have Linksys e4200 router which supports 5GHZ and dual band speeds up to 300 Mbps.
  I called tech support and with their help identified Intel Centrino 6230 as the correct upgrade, and with their help ordered 631956-001.  In the Maintenance Manual for DV7 laptop, this part number was listed for Intel Centrino 6230.  Turns out HP sends an Intel Wireless N 1030 card, which is no better than my existing card.   I called HP and they acknowledged that some manuals use part number 631956-001 for Centrino 6230 and some use 631956-001 for INtel 1030.  So HP support said they would give refund but case manager was of no help in solving the upgrade problem.  Said it was unavailable but here is your money back.
  So after more searching, I see others have used part number 636672-001 to order Intel Centrino 6230, specifically for HP ProBook 4530s, 4230s, 4730s.   And if I use part number 636672-001 and go thru parts store at HP, I can purchase it. 
  But will it work??
  First, will the Intel Centrino 6230 with part number 636672-001 from HP parts,  work in my HP DV7-6B32US, even though the part number is NOT listed in the Maintenance and Service Guide for my specific  laptop.  I see postings about whitelists and changing bios, etc, and am hoping someone can provide some guidance.   I have been thru 2 tech support calls and one case manager and have gotten 3 different feedback from HP, from yes it will work and ordering the part, to buy it on amazon, to it will not work and here is your money back.
  Second, I see some postings about Centrino 6230 and multiple antenna's.  When I replaced the Broadcom 4313 with the Intel 1030 card, I simply unattached 2 wires and reattached the wires.  And it worked.   I am wondering if the reason HP doesn't list the 6230 card for DV7 is that DV7 does not have the antennas required to support 6230.   Does the Centrino 6230 require 3 antennas?
  Thanks for any suggestions.  The existing cards do work but I paid extra for the Linksys e4200 Router and just assumed a winter 2011 $700 laptop from HP would use the latest wireless n technology, otherwise I would just keep existing cards. 

  I have went thru the exact same problems trying to upgrade the wireless card in my DV7.  It is very frustrating that the wireless card can't be upgrade to one that supports 5Ghz.  Here is my post from the network forum. http://h30434.www3.hp.com/t5/Wireless-Internet-Home/Unsupported-Wireless-LAN-6230/td-p/1419595 Doesn't sound like it is possible to upgrade to the Centrino 6230 without it being added the the "white list".  Sound like HP doesn't update the list after shipping the notebook. I feel your pain. HP needs to help out the consumer in upgrading the wireless cards.  I see we are not the only ones that have had this problem. 

• I bought a relative's original iPad. I want to leave the apps on it and add my own pdfs to read. My itunes account is really for my iPod. the computer says that if I "Sync" the iPad will be erase, and become like my iPods. how can I just get my files onto

  I am a first-time iPad owner/user. I bought a relative's original iPad. I want to leave the apps on it and add my own pdfs to read. My itunes account is really for my iPod. iTunes message says that if I "Sync" the iPad will be erase, and become like my iPods. If I make a new iTunes account, would the apps be erased when I tried to use it?
  How can I just get my files onto this iPad, and still have the apps that my relative left there for me?
  Thank you.

  iPads sync to 1 computer only.
  All media and apps are tied to the Apple ID that purchased them.
  Without your relatives ID and password, you cannot update any of the Apps.
  I am pretty certain he is also violating Apples terms of service by giving you the apps.

• HT1918 how  can i get the user manual  info back  which has  been  erased  from my  settings  icon  pafe  after  a restore from itunes

  how  can i   get  my user  manual info  back onto  my  settings   menu 
  this  heading  did  not  appear  on the settings  menu following  a  restore  necessitated  bt  a  freezing screen  glitch  thanks

  I'm not entirely sure what you are referring to, there isn't a user manual section in the iPad's Settings app. If you want an iPad then you can either download it from here : http://support.apple.com/manuals/ipad/
  Or if you download the iBooks app then there should be a copy in the ibookstore in it

• Is there a way to get a user login record after sleep?

  I know that by opening terminal and typing in "last" (without the quote marks) that it will give me about a 3 week record of who has logged on my computer after shutdowns and restarts.
  What I want to know is this:
  a) Is there a way to get a user login record after the computer only goes to sleep?
  b) is there a way to get the terminal to go back further than just 3 weeks or so for the shutdown/restart records?
  Is there software that might do this???
  Thanks in advance, this is important for me.

  bikinijack wrote:
  Thanks, Dave: so this is what I type in the terminal? "ls -l /var/log/wtmp*" (without the quotes). And how do you unzip something that has been "gzipped"?
  "man gzip" will give you the details for using gzip
  My first question can be explained this way: To get into the computer when it is coming out of sleep you need to type in a password, then it opens to the desktop. Is there a way I can find out the times over the course of a day/week/month that this is being done? i.e., is there a log being made somewhere of when the computer is being opened and signed onto after being asleep?
  When you wake the computer from a sleep, you are not logging in again so there will be
  no record of the event as a "login"
  My computer possibly could be used by a few other people that have access to my computer password (don't ask why) and I basically want to know if they are signing on when I am away from my desk.
  You may want to look at /var/log/asl.log or /var/log/secure.log which contain details of
  authentication attempts (which is what you are doing) and failures.
  I am not asking why you have multiple people accessing your computer with your password --
  but consider setting up separate username, it is a lot easier to manage and you will probably
  not be asking questions like this one.
  Dave

• HP all in one ms237 cant get wireless drivers to work

  Hi i have a HP all in one PC, ive had this PC for a very long time, we upgraded to windows 8 and i dont remember how but i did manage to get wireless drivers on it at one point. the PC's hard drive went out and so i bought a new one and re-installed windows 8 (64 bit) onto it and now i cant get wireless drivers to get installed on it. I tried running the drivers with windows 7 compatability but no dice. I also tried different versions of the driver and still no luck, device manager will see the wireless card but says its not working properly (driver issue) the weird thing is that when i uninstall the drivers for it i can see the adapter in adpater settings, however when i install newer drivers and it goes back to being non existent lol. Any ideas?

  Hello @rapid3642,
  I understand that you are having issues getting your wireless to work on your HP Pavilion All-in-One MS237 Desktop PC running Windows 8. As you probably have already figured out there are no Windows 8 drivers for your computer. I can see why you would have issues installing Windows 7 drivers on a Windows 8 computer. What you probably did initially was upgrade your Windows 7 to Windows 8 with the driver already installed. Unlike a new Windows 8 installation where you need to install the drivers an upgrade will already have drivers installed and the operating system is simply replacing what is needed without having to go through the installation process.
  I would recommend that you either install your original Windows 7 and then upgrade to Windows 8 or you may want to look at replacing the 802.11 b/g/n PCI express wireless half-length mini card with one that is compatible with Windows 8.
  I hope this helps. Thank you for posting on the HP Forums. Have a great day!
  Please click the "Thumbs Up" on the bottom right of this post to say thank you if you appreciate the support I provide!
  Also be sure to mark my post as “Accept as Solution" if you feel my post solved your issue, it will help others who face the same challenge find the same solution.
  Dunidar
  I work on behalf of HP
  Find out a bit more about me by checking out my profile!
  "Customers don’t expect you to be perfect. They do expect you to fix things when they go wrong." ~ Donald Porter

• Problem authenticating Wireless users with peap

  Good afternoon,
  I am currently trying to authenticate wireless users using PEAP and an external RADIUS server. The problem is when I try to authenticate I get this error :
  AAA/AUTHEN/PPP : Pick method list 'Permanent Local'
  DOT11-7-AUTH_FAILED : Station ... Authentication failed
  It shouldn't use local authentication, but the aaa server I configured.
  I looked on the internet but didn't find a working solution.
  Does anyone know why it is not working ?
  Here is my running configuration :
  Current configuration : 4276 bytes
  ! Last configuration change at 00:45:40 UTC Mon Mar 1 1993
  ! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
  ! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
  version 15.2
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname ap
  logging rate-limit console 9
  enable secret 5 $1$QVC3$dIVAarlXOo52rN3ceZm1k0
  aaa new-model
  aaa group server radius rad_eap
   server 192.168.2.2 auth-port 1812 acct-port 1813
  aaa group server radius rad_mac
  aaa group server radius rad_acct
  aaa group server radius rad_admin
  aaa group server tacacs+ tac_admin
  aaa group server radius rad_pmip
  aaa group server radius dummy
  aaa authentication login eap_methods group rad_eap
  aaa authentication login mac_methods local
  aaa authorization exec default local
  aaa accounting network acct_methods start-stop group rad_acct
  aaa session-id common
  no ip routing
  no ip cef
  dot11 syslog
  dot11 ssid test
     authentication open eap eap_list
     authentication key-management wpa version 2
     guest-mode
  eap profile peap
   method peap
  crypto pki token default removal timeout 0
  bridge irb
  interface Dot11Radio0
   no ip address
   no ip route-cache
   encryption mode ciphers aes-ccm
   ssid test
   antenna gain 0
   stbc
   beamform ofdm
   station-role root
   bridge-group 1
   bridge-group 1 subscriber-loop-control
   bridge-group 1 spanning-disabled
   bridge-group 1 block-unknown-source
   no bridge-group 1 source-learning
   no bridge-group 1 unicast-flooding
  interface Dot11Radio1
   no ip address
   no ip route-cache
   shutdown
   antenna gain 0
   no dfs band block
   channel dfs
   station-role root
   bridge-group 1
   bridge-group 1 subscriber-loop-control
   bridge-group 1 spanning-disabled
   bridge-group 1 block-unknown-source
   no bridge-group 1 source-learning
   no bridge-group 1 unicast-flooding
  interface GigabitEthernet0
   no ip address
   no ip route-cache
   duplex auto
   speed auto
   dot1x pae authenticator
   bridge-group 1
   bridge-group 1 spanning-disabled
   no bridge-group 1 source-learning
  interface BVI1
   ip address 192.168.3.10 255.255.255.0
   no ip route-cache
  ip default-gateway IP
  ip forward-protocol nd
  ip http server
  ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface BVI1
  radius-server attribute 32 include-in-access-req format %h
  radius-server host 192.168.2.2 auth-port 1812 acct-port 1813 key 7 140441081E501F0B7D
  radius-server vsa send accounting
  bridge 1 route ip
  line con 0
  line vty 0 4
   transport input all
  end
  Thank you

  I haven't setup autonomous APs before but I think I might see the problem. You are defining an authentication list called "eap_methods" but you never call for it in your SSID settings. Instead there you call a list named "eap_list" In addition, I think you might be missing one more command. So perhaps try this:
  dot11 ssid test
  authentication open eap eap_methods
  authentication network-eap eap_methods
  authentication key-management wpa version 2
  guest-mode
  Hope this helps!
  Thank you for rating helpful posts!

• EAP-TLS on ACS v4 for wireless users

  Hi,
  I?m trying to deploy EAP-TLS authentication method on ACS v4.0 for my local wireless users; really I stuck with the certificate issue and need your assistance to understand the required procedures to accomplish the task.
  As mentioned on the ACS configuration guide I have to have CA server to generate certificates for both ACS and wireless users, but I found an option on the ACS under System configuration tab then ACS Certificate Setup a Generate Self-Signed Certificate, I generated a certificate and uploaded a copy to my PC, installed and followed the recommended steps to configure the Microsoft XP client configuration but still I got the error ?Windows was unable to find a certificate to log you on to the network SSID? . Honestly I don?t know if this is possible but I gave it a try but failed.
  Kindly advice what is the appropriate and easiest way to accomplish the task, if you could provide me with helpful documents I?ll appreciate it.
  Regards,
  Belal

  I am currently using EAP-TLS authentication on my wireless users using ACS 3.2. I have had that problem before. This is what I did...
  Setup a Microsoft Certificate server as my
  CA. You can use same machine wih your ACS and CA.
  Then, generate certificate signing request from ACS then request a server certificate from CA then copy and install a certificate to ACS. On the ACS, go to global authentication setup check the EAP-TLS cetificate. If it failed to respond means that the server certificate is not properly setup.
  On the windows xp clients, connect your machine using wired LAN, then request a certificate from CA(the same CA that you have use to your ACS) using IE (ex. http://CAip/certsrv), but this time request a client certificate. The name you should put when requesting the cert must be you local windows user, use 1024, choose microsoft base cryptographic provider 1.0. then installl the certificate on the client. Verify you client certificate it i was installed properly.
  At that poit you should be able to connect you r wireless client using EAP-TLS.

• Wireless Users In L2 Inband Virtual Mode

  /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}
  Hello
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin-top:0in;
  mso-para-margin-right:0in;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0in;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin-top:0in;
  mso-para-margin-right:0in;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0in;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  At present the Access point are just plugged into switch port on access vlan 10 and configured with vlan 10 SSID on Access point for wireless users Users are accessing the Network fine with no issues.I have setup a NAC in L2 inband virtual mode it is working fine when i tested for WIRED users.
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin-top:0in;
  mso-para-margin-right:0in;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0in;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  To enforce posture assement on wireless users i just have to change the switch port access vlan to authentication vlan where the Access point is connected  at present and change the SSID vlan 10 to authentication vlan. As i m using only 1 vlan so i don't have to create a trunk port on switch where the Access point is connected ?? Nothing else i have to do ?? Correct me if i m wrong
  Answers ???????

  Thank you for all the details.
  As some further details, the CAS should be configured with the following:
  1. Under the managed subnets, you should add an IP address (not used anywhere else) in the trusted vlan 10 subnet and link it to the untrusted vlan 20.
  2. Under the vlan mappings, it's OK to have the untrusted vlan 20 mapped to the trusted vlan 10. So the vlan mapping should be:
  20 (untrusted) ---> 10 (trusted)
  Wireless users should be connecting on vlan 20 and they should get an IP in trusted vlan 10's subnet.
  All the traffic should then flow through the CAS, which will take care of mapping vlan 20 to vlan 10 once the user is authenticated and certified.
  AD SSO for wireless users should also be possible.
  The AD SSO authentication through NAC regards only the authentication process through the NAC agent.
  As long as the rest of the configuration is correct, this should also be possible for wireless users.
  Regards,
  Fede
  If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

• How can i telnet or get access to other LAN members in LAN without using third party software?

  I have admin access to the main  router in our LAN, so how can i telnet or get access to other LAN  members in LAN without using third party software?
  its linksys3500 router and  i login as admin using the gateway address in address bar..
  i  want to access the c drive of my colleague in same subnet in same  office and i know his ip address.but he not configured telnet accept  request.so without it how can i open his telnet port and access him

  I think you are using the wrong terminology. You can browse the hidden share of any pc if you know the ip and have a valid user account on the pc by typing in the following \\computername\c$ or \\ipaddress\c$ . It should prompt you for a user account. You may have to allow this through the windows firewall (or disable it completely).