Help with Clean Access Architecture

Similar Messages

• Help with guided access

  I need help with guided access! My friend's ipod touch 4 used guided access. She can't turn off her ipod touch, and the home button won't work. When she uses the home button, it shows a message that says she needs to click it 3 times. How do i fix it? Please help!

  See:
  iOS: About Guided Access
  In case i forget my guided access...: Apple Support Communities
  SOS I cannot Exit Guided access: Apple Support Communities

• Problem with Clean Access Agent and Windows Updater

  I have a problem with a laptop when using Cisco Clean Access Agent. The agent keeps directing the laptop to get updates from the Windows Update site, but when I have connected the laptop via cable, windows updates tells me there are no updates either essential or optional. The laptop is a Sony VIVO VGN-FJ270 running XP Home Edition SP2 and the Clean Access Agent is version 4.0.2.1
  Any help is appreciated!!

  Verify the allowed hosts in CCA agent.
  Try these link:
  http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html
  http://www.cisco.com/en/US/products/ps6128/products_qanda_item09186a00803b7a81.shtml

• Need help with thinkvantage access connection

  Here a log file with new access connection:
  Connection status:  Disconnected
  Cause:  Driver disconnected while associating.
  Error code:  229378
  Recommended actions:
  Verify that the encryption settings (WEP/TKIP/AES) specified in this profile match those expected by the wireless network.
  Verify that the wireless adapter in your computer has not been restricted from accessing the radio channels being used by the wireless network.
  If the problem persists, contact your network administrator and provide the troubleshooting information below.
  Adapter Details
  Adapter name  11a/b/g Wireless LAN Mini PCI Express Adapter                  
  Adapter type  Wireless LAN                                                   
  Adapter speed  54.0 Mbps                                                      
  Driver/Firmware version  7.6.0.96/ N/A                                                  
  Adapter status  Enabled                                                        
  Connection Status  Disconnected                                                   
  Disable unused cards?  Yes                                                            
  TCP/IP Settings
  DHCP enabled?  Yes                                                            
  Append parent suffixes of the primary DNS suffix?  Yes                                                            
  Register connection's DNS suffix in registration?  Yes                                                            
  Register connection's DNS suffix in DNS registration?  Yes                                                            
  Enable LMHOSTS Lookup?  No                                                             
  NetBIOS setting  "Default"                                                      
  Wireless Settings
  Network name (SSID)  linksys                                                        
  Connection type  Access point                                                   
  Wireless mode  Auto                                                           
  Security encryption  None                                                           
  System Information
  System model  7732CTO                                                        
  BIOS version  7LETB7WW (2.17 )                                               
  Operating system version  Windows Vista,  Service pack 2                                 
  Access connections version  5.31                                                           
  Access Point scan list
  Network name (SSID)              Wireless mode  MAC address                   Signal strength Channel
  linksys                          802.11g        00:1C:10:54:65:B6              24%            11
  Global Settings
  Network
   Allow all users of this system to switch to any existing location profile  -> No
   Allow the wireless LAN radio to be turned off when inactive  -> No
   Allow selection of location profiles with Fn+F5 On Screen Display menu  -> Yes
   Enable autodeletion of unused profiles  -> Yes
  Notifications
   Show ThinkVantage Access Connections status icon in task tray  -> No
   Show wireless status icon in task tray  -> No
   Display the progress indicator window when a profile is being applied  -> Yes
  Preferences
   Enable sound effects  -> Yes
   Do not show balloon tips from the Access Connections system tray icon  -> Yes
   Show WiMAX page as default on Main GUI  -> No
  Automatic location profile switching list
   Include Ethernet connections in automatic switching and prompt me to save Ethernet ports  -> Yes
   When no other connections are available, connect through Wireless WAN or WiMAX  -> No
  Wireless priority list
  Selection    Priority     Location profile name                                            Connection order                 Connection details             
  No                  1     linksys                                                          Wireless LAN                     SSID: linksys                  
  Log File
  Debug Log is enabled
  It didn't happen when I use old version. Can anybody help me?

  Are you getting any error message while connecting to ds..?
  Are you able to go online on wired computer...?
  Are you able to go online on any wireless computer on your network..?
  Open the router setup page and under the wireless tab,Change the Channel width to 20MHz only and Channel to 11-2.462GHz and click on save settings...Under the Advanced Wireless Settings...Change the Beacon Interval to 75,Change the Fragmentation Threshold to 2304,Change the RTS Threshold to 2304 and Click on Save Settings... 
  Now,check.

• Mac OS X help with share access on a windows 2003 server

  Hello everyone
  I am not too familiar with Mac OS X (Darwin) and so on and need a little help.
  We recently got a new windows 2003 standard server and I want to move my files to there so they get backed up and so on. I am able to access shares on the pc's on our network but when I try to access the server from finder i just get a box pop up saysing do you want to fix or delete the alias.
  When I try to access it via a terminal, because I am a bit more ok with the cmd line thanks to my linux capabilities, I get the following error:
  mount_smbfs: tree connect phase failed: syserr = Permission denied
  when i try:
  mount_smbfs //dan:[email protected]/General\ Files /BB-SERVER/General\ Files
  Is there anybody that has experienced this before and that can help me resolve this.
  Thank you in advance
  Kobus

  Hi Kobus Bensch,
  I'm sorry I am not able to help with your questions about sharing from your Mac to the server but wanted to suggest that you post back the exact Mac OS version you are using. Your specs below your post suggest 10.0.x which was barely a beta version of Mac OS X. This will surely help those who are seeing your topic and trying to help.
  To find the version you can simply click on the blue Apple in your top menu bar and select About This Mac.
  good luck,
  littleshoulders

• Windows Vista conflicting with Clean Access?

  When I try to log into Clean Access to use the internet, it gives me an error message saying that in order to fulfill all of my requirements and get into the system, I need to download windows defender. But Windows defender comes with Windows Vista, which is what I have...So when I try to download Windows Defender and install it, it gives me a popup saying that I already have it on my comnputer and that I don't need to download it. Any ideas? Anybody? Please? Am I even in the right place for this kind of question?

  If you using Windows Vista,You already have windows defender. Ensure the version of the defender because if Windows Defender informed you that an update is available, you are running an older version.
  Below are Windows Vista Supported Antispyware Product as of the latest release of the Cisco Clean Access software.
  Product version - 1.x
  AS Checks Supported
  (Minimum Agent Version Needed) are:
  Installation - (4.0.5.0)
  Spyware Definition - (4.0.5.0)

• Help with data access

  Hi,
  I am new to Java and stuck at a problem. Situation is like following-
  package X
  public abstract class A {
       A(int a) { this.a=p; }
       protected int p;
       abstract int func();
  package Y
  public class B extends A{
       B(int b) { super(b); }
       B() {}
       //p is accessible here
       int func() {
            D d=new D();
            d.func2();
      static void main() {
          func();
  public abstract class C extends B{
  public class D extends C implements interface{
       int func2() {}
  }Now my problem is when I try to access p from func2(), I am getting a NullPointerException error. I am not initialising p anywhere through D()'s and B()'s no argument constructor. Is that the problem?

  When you post code it doesn't help when the code doesn't actually reflect the problem.
  The code you posted isn't legal java so given that it won't even compile you certainly can't get a null pointer exception from that. And where you commented the usage of 'p' you can't use it there so that doesn't help with guessing what you actual code might have looked like.
  So all I can do is offer the following general advice.
  Null pointer exceptions occur because a reference is null and it is de-referenced.. Thus if you do a line like the following.
  xxx.p
  Then 'xxx' is the only possible thing that can be null.
  The stack trace of the exception will tell you the exact line that the problem occurred on.

• Mac OS X Leopard Fails with Clean Access Agent

  Hey All,
  I've had several students in my office saying that Leopard and Clean Access don't work together. I haven't seen a specific error, yet, but was wondering if anyone else is seeing this problem...?
  I'm using the 4.1.2.0 agent for Macs.
  Mike

  I am at Cal Poly SLO and we have this error "Agent user operating system is not supported" Part of our system has been changed back to allowing Mac users to Authenticate using the web browser instead of the agent. That should work until cisco updates the agent

• Help with Slow access or NAT to Inside Interface on ASA 9.1

  I am hoping someone can help me figure this out, I did this on the PIX and it worked like a charm, but I am having some difficulty translating the configuration to an ASA.
  In the PIX I performed NAT on outside traffic to a specific inside host (web server) to map to the inside interface so that return traffic would go to the same firewall the traffic came in through, The reason for this configuration was because the gateway of last resort was a different firewall and not the firewall the traffic came in through.
  Now to further give you some history, the gateway of last resort is an ASA running 9.1 (Now), prior to that it was a PIX with v8.0(4), traffic to the aforementioned web server came in through the gateway of last resort), which at the time was the PIX.
  However, for some reason after swapping the PIX for an ASA (same rules, updated NAT rules for 9.1) access to the same web server is slow. Not sure why, but it’s the case. To alleviate the slowness we experienced, and until I can figure out why this occurs on the ASA, I placed a PIX on the network that only listens for traffic for the web server in question. On this PIX I map to the inside interface so that traffic flow works and external clients can access the web server with no issues.
  So two questions, one I would like to use the configuration I have for the web server on the PIX on the ASA to see if that setup on the ASA works better, but having difficulty translating the rules to the ASA.
  Second question, has anyone experienced this type of issue (Slow access with ASA to a web server, but fast with PIX to the same web server)?
  Attached a diagram of what I am currently doing?
  Any help is appreciated.
  Thanks.
  P.S. Addresses in attached picture config are not real, but I know what they translate to.

  Hi,
  To me you it would seem that you are looking for a NAT configurations something like this
  object network SERVER-PUBLIC
  host 197.162.127.6
  object network SERVER-LOCAL
  host 10.0.1.25
  nat (outside,inside) source dynamic any interface destination static SERVER-PUBLIC SERVER-LOCAL
  It will do a NAT for both the source and destination address in a single NAT configurations. It defines that a Dynamic PAT to the "inside" interface will be done for "any" traffic entering from the "outside" WHEN the destination is the SERVER-PUBLIC IP address. Naturally the SERVER-PUBLIC will untranslated to the SERVER-LOCAL in the process as this configuration handles 2 translations.
  I dont know if this changes the situation at all but it should be the configuration format to handle the translation of external host to the internal interface IP address and only apply when this single public IP address is conserned.
  Hope this helps
  Remember to mark the reply as the correct answer if it answered your question. And/or rate helpfull answers.
  Ask more if needed
  - Jouni

• Help with clean Windows 8.1 install Yoga 2 Pro

  Hey guys,
  I purchased a Yoga 2 Pro about 4 months ago as a secondary computer for college. I've been a Mac user for most of my life, and was intersted in learning more about the Windows ecosystem. While messing around in the partition settings, I must have made a mistake, and deleted a partition. I've been trying to follow this guide from the forums, and have the PBR_DRV partition and a "Drive 0 Unallocated Space", as per the walkthrough, but I'm not able to install Windows 8.1 on the "Unallocated Space" from a flash drive. An error with a different code appears everytime. Could anyone help?
  http://forums.lenovo.com/t5/Idea-Windows-based-Tablets-and/Guide-Windows-8-1-PRO-RTM-clean-install-o...

  What do you mean by clean install?  Are you simply restoring a backup image of the pre-installed OS, or are you really installing with a new copy of Windows?

• Help with remote access to blog/wiki/webcalendar

  Greetings, righteous Mac community.
  I write to you as a brand-newbie in the Leopard server world, and I have found many posts here invaluable in helping me get setup and running. I have been unable to figure out getting the blog/wiki/webcalendar working completely, though, and any aid would be most welcome. Please keep in mind that 1 week ago I knew exactly nothing about running/configuring a server, so the simplest/dumbest/plainest answers would probably work best.
  First, my setup. We are a small (4-client + server) network. Server is successfully configured with: shares all network clients can access; iChat & iCal servers; and Retrospect backing up everything.
  We have an Airport Extreme routing our dynamic-IP DSL connection from Verizon. Static IPs on the LAN for all the clients along with port-mapping on the AEBS & DynDns service has enabled successful afp and vnc connections to the clients & server from outside the network as well as internal and external use of the iCal server through iCal. Also added a CNAME record at my domain host (MediaTemple) to point server.mydomain.com to the DynDns URL - so to do those afp and vnc connections I can type, for example, afp://server.mydomain.com:port in the Finder's Connect to Server window.
  The sole remaining service I'd like to setup for now would be the wiki/blog/webcalendar. This seems to work fine now on the LAN when you type server.mydomain.com into Safari.
  But no dice from outside the network. Verizon blocks port 80, so I've got to type server.mydomain.com:8080 into Safari, and I've mapped the 8080 port on the router to point at the webserver. So far so good - the browser displays the default home page, and shows a link in the right sidebar to the single group blog/wiki/calendar. But when I click on this, I am directed to server.mydomain.com:8080/groups/mygroup, but instead of the blog, I get a page with an error: Not Found, 404: No group with that name (mygroup) hosted on this server.
  Any ideas about how to fix this? I've tried running the webserver on port 8080 and pointing the router to that to no avail. The fellow who's been helping me set this up wonders if the problem is that the URL still has that pesky :8080 in it, gumming up the works somehow. If so, is there a way to do some sort of Apache URL rewrite or DNS alias or something to fix it? By the way, that previous sentence demonstrates the entirety of my Apache/DNS knowledge (I know some terms, but not how to do anything), so please be super simple with any explanations!
  Or is there something else I can try?
  As a secondary concern, I'd like to make it possible to type server.mydomain.com from outside the network rather than server.mydomain.com:8080. I think you can do this too through DynDns, but I have not been able to figure that out. Priority, though, is on getting the wiki running well first...
  Thanks so much in advance, wise friends. I'm excited to hear what you think.
  Sincerely,
  Willhaus

  Hi MrHoffman,
  Thanks again for the reply.
  I hear you about Verizon. I checked in with them and they are indeed blocking port 80 and gave no indication that that would change without a considerably bigger package - not realistic or reasonable for our small studio. But the DynDns strategy seems to work well - I can successfully access the network remotely in many ways: vnc, afp, web, etc...
  I got you about web clients needing to add the port to the URL. That's how I've been remotely browsing to the server to get the error I'm encountering.
  VPN: Originally I wanted to set this up, but read some things about VPN not working through an AEBS. Maybe I'll return to it, but for now I want to focus on a non-VPN strategy. Partly b/c of the hassle (one thing at a time...) and partly b/c we'll probably be accessing this stuff from a variety of computers and wouldn't want VPN hassles to get in the way of simple web access.
  As for the redirect, I tried your suggestions. What seems to happen, though, is that the browser just gets redirected to a new URL without the port reference, thereby resending the user to the Verizon-blocked port 80. That's why I was messing around with the proxy method before - I thought it might reroute the traffic to the correct port on the server machine without running into trouble with Verizon. I believe I was getting the Gateway error both in the browser and the logs (can't find it in the logs now, though). Anything else I could try with the RewriteRule method? It seems like once a user gets past Verizon and has access to the server, it ought to be possible to redirect that traffic to the correct Apache port to get the wiki to work. But I can't for the life of me figure it out.
  I have new suspicion too: that this might have to do with the DNS setup on the server. I wonder because: when I go on the server machine itself and try to browse to server.mydomain.com or even www.mydomain.com (which should take you outside the LAN to the internet to deliver our website running on our host), I get a "Safari can't find the server server.mydomain.com" error. But if I input one of 2 IPs (10.0.1.201 and 127.0.0.1) I'll get taken to the proper server homepage. But it breaks on the group page just like remote access does.
  So it seems to me that there must be something wrong with the DNS settings if browsing from the server itself doesn't find our externally hosted domain nor point itself to the wiki site that it hosts that works fine for clients on LAN. Maybe patching that up will fix my problem? Does it make sense that a DNS error might break the wiki but not break the personal blogs? Could anyone walk me through a simple DNS setup for the small network situation I mentioned in my original post? Please keep in mind that I know nothing about Primary/secondary zones, reverse lookup, reverse mapping, etc. Is there a simple way to describe everything I should see in the DNS section of Server Admin?
  Thanks a million,
  W

• Urgent Help with network access to FileOutputStream

  URGENT HELP NEEDED GUYS...I am stuck on this past 2 days. I tried several alternatives but to vain.
  I am trying to access a Folder on a user's computer which is lying in a different Domain.
  For accessing this folder, I have the following information with me.
  Domain name, PC name, folder name, windows username, windows password.
  Note: This username and password will give me rights to read + write to that folder.
  How to use these information to open a fileoutputstream ? Does the java.io package allow programs to pass a username, password , domainname, pcname and then the folder and filename to create/read/write files..
  Pls. suggest code examples. Sometime back I posted this query but didnt get an answer to my satisfaction. I have tried at my end but unsuccessful yet. Help would be appreciated.
  I am trying this on a Windows File System and Network domain
  THIS IS V. URGENT
  Thanks,

  Hi HJK,
  I am referring to the last reply of yours.
  " Hi, there are three approaches I can think of offhand:
  1) make sure the user-context under which you run the java app has the right to access the remote drive.
  2) Do the network connection in a batch or c program and call that at the start of your java app with Runtime#exec.
  3) Write some c/c++ code to open the connection and integrate that via JNI.
  Let me know what (other) solution you came up with in the end!
  Regarding the 1st.
  I am supposed to write a remote installation utility actually. There are around 200 PC(s) in a network on which I need to copy these java class files. My problem statement is such that at runtime I only have username, passwords, domain access. I am not supposed to map any drives. Its supposed to be done dynamically. No manual intervention required. :(
  How do I do the network connection in a batch mode ? Let me know that?
  If 2nd option can be done, probably I can think of action-3 at the moment I am quite blurr :(

• Help with database access

  I was installing Oracle 8i Lite in my Win ME box, but when I try to access to POLITE database, there is an error like this:
  ERROR: OCA-30002: ubofcsr: function not supported. If I cancel the mesage then another error appear:
  ORA - 12203: TNS: can't connect with the destinity (or something like that)
  Whats matter???

  you may need to verify that WinME is a supported platform for Oracle Lite. I know that there were some issues installing on Win2K which may also affect WinME. try to reinstall but first clear your machine of Oracle specific items in your registry. there are some documents on metalink.oracle.com that go over the procedure to clearing your machine of oracle products - Document numbers 103213.1 and 74790.1 go through the procedures to follow to remove and install.
  hope this helps.

• PLZ HELP WITH N95 ACCESS INTERNET AND EATING MY MO...

  Hi could anyone shed some light on my problem? I have a n95 unlocked but was previouse on orange but had to get it unlocked to stop it going on the orange net every hour or so. Iv looked in the manuale and on page 128 it states that to stop this from appening turn off multimedia retrieval. having done this and thought it worked 8 hrs later back to square 1..still access internet and mulitimedia retrieval is turned off still :.( iv tried turning everything off to do with net incl wifi bluetooth ect ect taken the memory card out. reseting to factory settings..in the device mgr my device software is..v11.0.026...plz if anyone can help let me know many thanks...

  Do you have any unsent Multimedia messages in the outbox?
  Do you have installed any other applications that may use data? or have them running in the background?
  Some examples:
  Podcasting
  Browser
  Instant Messaging applications (Windows Live!, Yahoo Go!, etc.)
  VoIP or SIP applications (Fring, Gizmo, etc.)
  Streaming applications (virtual radio, video streaming, Video Center)
  Widsets
  etc.
  If you don't know what's running or what's installed in the device, I recommend that you do a reset to delete all installed applications. Then see if it still connects.
  Cheers!
  640K Should be enough for everybody
  El_Loco Nokia Video Blog

• Help with an access list please

  Hi guys, i have an access list applied inbound to an interface on a router at the edge of our LAN.Our LAN subnet is 10.10.x.x and the incoming subnet is 10.13.x.x both with a 16 bit mask. The ACL is applied inbound to the interface that the the 10.13.x.x subnet come in on. I want to only allow them to go to our internal webserver to run a corporate web app, resolve dns for this web server with our dns servers, and have full access to a server on the other side of our WAN for another 32 bit app they are running. Here is my ACL:(you will notice i have also configured a single ip full access in for us to use when we are on site)
  access-list 101 permit ip 10.10.0.0 0.0.255.255 any
  access-list 101 permit ip host 10.13.1.254 any
  access-list 101 permit udp 10.13.0.0 0.0.255.255 host 10.10.10.1 eq domain
  access-list 101 permit udp 10.13.0.0 0.0.255.255 host 10.10.10.2 eq domain
  access-list 101 permit tcp 10.13.0.0 0.0.255.255 host 10.10.10.2 eq domain
  access-list 101 permit tcp 10.13.0.0 0.0.255.255 host 10.10.10.1 eq domain
  access-list 101 permit ip 10.13.0.0 0.0.255.255 host 192.168.9.1
  access-list 101 permit tcp 10.13.0.0 0.0.255.255 host 10.10.10.24 eq www
  access-list 101 deny ip 10.13.0.0 0.0.255.255 10.0.0.0 0.255.255.255
  access-list 101 deny ip 10.13.0.0 0.0.255.255 172.16.100.0 0.0.0.255
  access-list 101 deny ip any any
  From the 10.13.x.x network this works like a charm but here is the key: i want to be able to remote admin their machines but cant. Even though the ACL is applied inbound only i cant get to their subnet, even with the first permit statement i still cant get to their subnet. I am assuming its allowing me in but the problem is lying with the return traffic. Is their a way for me to deny them access as in the list but for me to remote their subnet?
  Any help you could offer would be appreciated.

  I agree with you that the first line in the access list is incorrect. Coming in that interface the source address should never be 10.10.0.0. But if he follows your first suggestion then any IP packet from 10.13.anything to anything will be permitted and none of the other statements in the access list will have any effect.
  And I have a serious issue with what he appears to suggest which is that he will take his laptop (with a 10.10.x.x address), connect it into a remote subnet, and expect it to work. Unless he has IP mobility configured, he may be able to send packets out, but responses to 10.10.x.x will be sent to the 10.10.0.0 subnet and will not get to his laptop. He needs to rething this logic.
  I do agree with your second suggestion that:
  access-list 101 permit tcp 10.13.0.0 0.0.255.255 eq 5900 10.10.0.0 0.0.255.255
  should allow the remote administration to work (assuming that 5900 is the correct port and assuming that it uses tcp not udp).
  HTH
  Rick