IPv6 Network Management and IP SLA
Hi,
I have to plan a network infrastucture with MPLS-IPv4, IPv4 and IPv6 routing tables.
Since I have an hybrid network and dual stack IPv4/IPv6 routers I must manage both protocols for all boxes using SNMP and IP SLA.
Can the SNMP IPv4 traps from the router targeted to the network management station carry information about IPv6 interfaces ?
I found the IP SLA is supported in IPv6 networks for some measurements, is required IPv6 enabled on the IP connection between the management station and the responder?
Thanks
Massimiliano
First, traps can be sent over IPv4 transport and contain IPv6-related varbinds. Second, I'm not sure I understand why you would need IPv6 enabled between the management station and the responder. The management station will only perform IP SLA configuration options on the IP SLA source device.
Similar Messages
-
IPv6 Address Management and Security Questions
I'm trying to draft an IPv6-based version of our location's current routing configuration in anticipation of when our ISP will finally roll it out, and address management has been giving me the biggest headache - ironic, considering IPv6 was supposed to simplify address allocation.
My first config draft was made assuming that I would be getting a static /56 or /60 prefix from the ISP, and I was just going to insert the prefix into my DHCP pools and there would be no issues. That was before reading around and discovering that some ISPs are considering prefix delegation (PD) for both residential and business accounts instead of static blocks. Now I have questions about how to stick as close to the current IPv4 configuration as possible.
For the PD scenario, what I am looking at now are two addresses ranges for each network - a ULA /120 space that I want to control using stateful DHCPv6, and the global space which can be /64 and auto-configured. That way there will be a "private" address space for internal routing in the event of a prefix change or an extended outage. But I'm not sure how the config should look for such a scenario. What I have drafted so far is this:
ipv6 dhcp pool DHCP6_INTERNAL
address prefix FDAB::1:0/120
domain-name whatever.net
dns-server FDAB::1:1
ipv6 dhcp pool DHCP6_DMZ-WIFI
address prefix FDAB::2:0/120
domain-name guest.whatever.net
dns-server FDAB::2:1
interface GigabitEthernet0
description WAN-LINK
ipv6 enable
ipv6 address dhcp
no ipv6 unreachables
no ipv6 redirects
ipv6 flow ingress
ipv6 flow egress
ipv6 virtual-reassembly in
ipv6 nd autoconfig default-route
ipv6 dhcp client pd hint ::/56
ipv6 dhcp client pd ISP-PREFIX
zone-member security OUTSIDE
speed auto
duplex auto
no cdp enable
interface FastEthernet8.1
description VLAN_1-INTERNAL
encapsulation dot1Q 1 native
ipv6 enable
ipv6 address FDAB::1:1/120
ipv6 address ISP-PREFIX ::1:0:0:0:1/64
ipv6 flow ingress
ipv6 flow egress
ipv6 virtual-reassembly in
zone-member security INSIDE
ip tcp adjust-mss 1300
ipv6 dhcp server DHCP6_INTERNAL
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
interface FastEthernet8.2
description VLAN_2-DMZ-WIFI
encapsulation dot1Q 2
ipv6 enable
ipv6 address FDAB::2:1/120
ipv6 address ISP-PREFIX ::2:0:0:0:1/64
ipv6 flow ingress
ipv6 flow egress
ipv6 virtual-reassembly in
zone-member security DMZ
ip tcp adjust-mss 1300
ipv6 dhcp server DHCP6_DMZ-WIFI
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
Will this config work? By which I mean: will the DHCPv6 servers provide ULA addresses, and will SLAAC work for global address allocation? If not, what needs to be changed?
Also, another question. I found a few references to a prefix name (the "ISP-PREFIX") which can be used as part of a static IPv6 address on an interface, which is a good idea in case the prefix changes. But that brings up another concern - if the prefix changes, that will invalidate ACLs referencing the global addresses using the previous prefix. Is there anything similar to the prefix name string that can be used in ACLs to keep this from occurring?DHCPv6-PD is not necessarily dynamic the same way as DHCP was with the public IPv4 addresses in the IPv4 world.
While the outside network (PPPoE, DHCPv6, anything) might be truly dynamic and changing with possibly every login session, the DHCPv6 delegated prefix might be tied to your login credentials or DHCPv6 client's DUID after the first connection. A bit like a DHCP lease reservation.
If that is the case, there is some possibility that your ISP will run reverse route injection, and will always route your "fixed" prefix to the currently active dynamic "outside" address.
Talk to your ISP and have them confirm that, once the PD'd /48 or /56 is initially assigned, it won't change, and that the same prefix will be delegated every time. Then you can treat it as if it were fully static, and you won't have to go down the ULA path.
I contacted one of our local ISPs, and they're doing it exactly that way: PPPoE for IPv4 and IPv6 (fully dynamic), and DHCPv6-PD with the /48 tied to the PPPoE login credentials. I might change to that ISP sooner or later.
With my current ISP, my IPv6 access is 6RD based. I get a /60, with my current public ipv4 address (by DHCP) embedded into those 60 bits. Readressing is bound to happen sooner or later, and it happens every so often, and it breaks my IPv6 ACLs.
I'm also looking for a way to write IPv6 ACLs with wildcard bits, not prefix/mask, so I can use them with ZBFW. So far, no sign of it.
A few more comments:
ULA addressing:
It may look tempting, plausible and intuitive to use dual global and ULA addressing.
I started this way as well. However, it turns out that Windows 7 has (had?) some issues with proper source address selection. The "longest common prefix" rule never seemed to work properly. In some cases, it would pick the global address to talk to ULA hosts, or stubbornly insist to use the ULA address to talk to an IPv6 internet host. It was a frustrating experience. Be sure to test this to the full extent (and back, and again and then some more) with every operating system you intend to use.
Using /120:
Be sure to test this as well, and very thoroughly. Subnet masks longer than /64 are sometimes called "uncharted territory" in IPv6. Longer subnet masks will break SLAAC, and there may be (embedded) devices that will not react benevolently to a subnet mask other than /64, or simply lack support for DHCPv6.
adjust-mss
I see you have "ip tcp adjust-mss 1300". While PMTUd may be mandatory with IPv6, I found it being broken already :-( . "ipv6 tcp adjust-mss .... " is now a separate command since IOS 15.4(1). I would suggest considering it, depending with your experience with PMTUd on IPv6. -
I have a Broadcom 1390 mini wireless on a Compaq v3000 series laptop with AMD Turion64 processor.
I have been trying to activate it for some time now. bcm43xx did not work. i compiled ndiswrapper, blacklisted bcm43xx and managed to get wireless detected. I used wifi-radar to connect, but strangely the gnome network applet and wireless network manager showed as no network though wireless was connected and working. I had enabled wlan0 in rc.conf and all details entered as per the wiki.
I removed networkmanager from rc.conf daemons and added network. Now wireless connects at boot without a hitch. No need for wifi-radar. This is after so many reboots that this occurred to me, so I thought i should share this and perhaps find out if there is something wrong in my approach. I am new to Arch (about a few months) though I have been with Ubuntu, CentOS etc for a few years nowCoinago:
Your enc idea did not work...
How does one enter WEP key 10 digit hexadecimal in rc.conf etc. I tried it straight, then XXXX-XXXX-XX both as key and as enc. It did not work. Do I have to insert an "=" somewhere. I am a bit at sea. I got the wireless going thru wifi-radar. I use gnome, no KDE for me.
I would like to crack this so i have wireless at boot in my office. It was working fine with entries in rc.conf when there was no key. So it is obviously about entering the WEP key in the right format and place.. -
Network Manager and 802.1x
I dont have a problem with this I just would like to know where network manager stores the config files that contain the SSIDs.
My problem is that Im trying to connect my motorola droid that is running a custom froyo rom to my Universitites secured Wifi since its a pain in the butt to keep logging in every time on my droid. Whats really bugging me is that my friend has a nexus one running the same rom and he can connect to it but I cant!
I figured I'd rip the settings from wpa_supplicant.conf and copy it to my droid but I'm not using wpa_supplicant on arch :-/I dont have a problem with this I just would like to know where network manager stores the config files that contain the SSIDs.
My problem is that Im trying to connect my motorola droid that is running a custom froyo rom to my Universitites secured Wifi since its a pain in the butt to keep logging in every time on my droid. Whats really bugging me is that my friend has a nexus one running the same rom and he can connect to it but I cant!
I figured I'd rip the settings from wpa_supplicant.conf and copy it to my droid but I'm not using wpa_supplicant on arch :-/ -
IPv6 for management and control plane on WLCs and LWAPs
Good morning, everybody!
I am trying to find answer to a question that has been previously asked by people but never successfully answered
The question is about IPv6 support on Cisco Wireless LAN Controllers and access points... Does Cisco have a roadmap to include support for IPv6 used in CAPWAP, control plane and management? There are couple of posts on this topic that do not unfortunately provide any answer to this point.
https://supportforums.cisco.com/message/3018843
https://supportforums.cisco.com/docs/DOC-15667
Infamous "Cisco IPv6 Solution" at http://www.cisco.com/en/US/partner/technologies/collateral/tk648/tk872/tk373/technologies_white_paper_09186a00802219bc_ps6553_Products_White_Paper.html briefly states "Wireless Solutions... In future, IPv6 control plane features may get added to those components."
Has anyone heard of any more specific roadmap for IPv6 support for CAPWAP, control plane and management on WLCs and LWAPs?Full ipv6 support will never be available on the Wism and 440x controllers because they have a NPU to forward traffic and it was not designed with ipv6 in mind.
The 5508 and Wism2 and all new controllers all have CPU based forwarding and ipv6 is coming in next releases.
WLC 8.0 is only for december 2011/2012 and I have to say I don't know if it will support native ipv6.
my 2 cents -
Are you open to SAAS Network management and monitoring?
How comfortable are you with the idea of managing your network switches/routers/Wireless AP/DNS/DHCP from outside your network?
What happens when your Internet connection fails?
Even with encryption (VPN/SSH Tunnel/SSL), can it ever truly be safe?
What environments would this be ideal for?
What are you're thoughts?How comfortable are you with the idea of managing your network switches/routers/Wireless AP/DNS/DHCP from outside your network?
What happens when your Internet connection fails?
Even with encryption (VPN/SSH Tunnel/SSL), can it ever truly be safe?
What environments would this be ideal for?
What are you're thoughts? -
I am having a hell of a time getting my wireless working. I have gotten it working in an 802.11x network and an open network. My wireless card is the Dell 1505 draft-n card in my dell vostro 1400. I am using ndiswrapper with bcmwl5.inf driver. The router I am connecting to is a draft-n network but I am not sure if that would matter since it broadcasts b/g signal anyway.
I do not get any errors when entering my password in the gnome prompt, but it just times out. I have also tried the wpa_supplicant config (the manual way) with the same outcome. Any ideas on what to try?
I am launching networkmanager and networkmanager-dispatcher in the rc.d with !networkPlease try netcfg2 - it is in testing, but as far as I'm concerned it is stable as a rock. Your problem might be related to WPA2 (I don't know if WPA-supplicant supports this)
Check the 'announcements'-section or the wiki for news/info about netcfg2
Zl. -
[SOLVED] Network Manager / nm-applet problems on fresh installation
I have just carried out a fresh re-installation of Arch on my old netbook, following a self-inflicted crash!
Previously, networking worked perfectly, but since the new installation, nm-applet is behaving strangely.
All connections (wired and wireless) seem to work OK, but when connected wirelessly, the nm-applet constantly shows the "searching" icon, and hovering over it, the message "Requesting a Wi-Fi network address for '<wlan name>'" is displayed. The Network Connections screen says that the Wi-Fi connections has never been used, despite the fact that it works!
I have tried re-configuring the connections, disabling IPV6 (this stops everything working) and completely uninstalling/re-installing Network Manager and nm-applet, but all without success.
I would be very grateful fo any ideas of how to tackle this problem
Many thanks in advance.
Last edited by myrlin (2014-08-20 19:42:44)I have fixed the wpa_supplicant problem (changed the .conf file), but the problem still persists. I have even carried out a full re-installation in case I did something stupid.
Nnmtui shows "connecting" permanently, and nm-applet shows "Requesting a Wi-Fi network address for '<wlan name>'" with the cycling connecting icon.
Despite this, the wireless connection seems to work!
Can anyone suggest what else to try? -
ORACLE NETWORK MANAGER 기본적인 사용방법
제품 : SQL*NET
작성날짜 : 2002-04-12
ORACLE NETWORK MANAGER 기본적인 사용방법
========================================
I. TERMINOLOGY TO KNOW BEFORE USING THIS GUIDE
A. community - a set of nodes that use the same network protocol.
B. listener - a service that waits for incoming requests from client
and server nodes.
C. system identifier - (SID) name of the Oracle database instance,
which is usually the same as the database name
II. NETWORK CONFIGURATION STEPS
A. Develop a pictorial representation of the network.
B. Provide configuration data to Network Manager.
C. Save the network configuration data and generate the configuration files.
Step A. Develop a pictorial representation of the network.
The sample network is a single protocol TCP/IP network with two
databases. Each node has one listener.
Step B. Provide configuration data to Network Manager.
Network Manager requires information about the objects in the
network before it creates the configuration files. There is an
on-line walk-through which leads you through the creation of a
network definition from the beginning (specification of definitions)
to the end (generation of the configuration files). The walk-through
provides information in pop-up boxes before each step. During the
walk through, a series of object property sheets, which gather the
data about network objects, appear with values which you may need
to alter.
** Tasks **
1. Launch Network Manager and click OK to store the network definition
in a file. In the Open window click Cancel.
2. Choose New from the File pull-down menu to start a new network
definition. Use the on-line walk through and click OK in the Network
Description dialog box.
3. In the Community property sheet, enter TCP as the name of the
community and choose TCP/IP from the protocol list box. Close the
community property sheet by clicking OK.
4. a. To define a node, enter the node name, TCP_node1, in the Node
property sheet.
b. Specify UNIX as the type of operating system in the drop-down
list.
c. Click on the community folder tab. Add TCP.WORLD to the node
community list (Note:WORLD is a default suffix) and close the
node property sheet by clicking OK.
5. Click OK to close the Node property sheet. To create the node,
TCP_node2, repeat step 4 and specify the type to be OS/2.
6. Create a listener in the Listener property sheet, by entering
TCP_listener1 as the name and choosing TCP_node1 in the node
pull-down menu to indicate what node TCP_listener1 will listen to.
Select the addresses folder tab and click Create. This defines the
address of the listener. A service address property sheet appears
with the address information as default values. Click OK.
7. Click the database folder tab to define a database for the listener.
In the Database property sheet, click Create to specify information
about the Oracle database that will be included in the network.
Enter TCP_DB1 as the name of the database. Click TCP_node1 as the
node. Enter the SID: db1. In the Operating System Specific Details
field, enter the directory path of the Oracle executables, i.e.
/usr/oracle for Unix or c:\oraos2\ for OS/2. Click OK to close the
Database property sheet.
8. Click OK to close the listener property sheet. To create
TCP_listener2, repeat steps 6-7 and substitute TCP_node2, TCP_DB2,
and db2 for the node, database, and SID, respectively.
Note: The on-line walk-through automatically validates the network configuration.
Step C. Save the network configuration data and generate configuration files.
1. Save the network definition.
2. Click File System in the Export Network Definition dialog box and
click OK. Choose the directory and click OK. The network definition
is now complete and the configuration files are generated.
III. OTHER INFORMATION
A. About the configuration files
If the network definition is saved to the file system,
Network Manager creates two types of subdirectories within the
directory chosen to store the network definition.
These are: a node specific directory, which has the same name as the
node and contact configuration files for the service the node provides,
and a client profile directory, which has the same name as the client
community and contains configuration files for each client.
B. Hardware and Software Requirements
PC with 6Mb disk, IBM or 100% compatible with an 80386 processor
or higher one CD-ROM drive
MS-DOS Version 5.0 or later and Windows 3.1Hi Steve,
1) PL/SQL API for Network Analysis is coming in Oracle 10g Release 2.
2) In Oracle 10g Release 1 it is a requirement to load the entire network. Loading the entire street network of new york city on my 1 Ghz laptop requires about 1 minute. In Oracle 10g Release 2 you can specify a predicate on the load network so you do not have to load the entire network.
3) Source code for elocation will be available as an Oracle 10g Release 2 feature (I'm not sure what the "name" of the feature is, but it is a bundling of geocoding and routing, and when combined with MapViewer is a complete "elocation in a box" type of feature.
Hope this helps. -
[SOLVED] Network manager only works as root
Hello everyone,
I am brand new to arch and have been quite impressed over the past few days over all it has to offer. Everything has been running quite smoothly and I am now in the process of setting up wireless. I installed network manager and was able to connect to a wireless network as root. For my regular user, however, I am running into some issues. First one was that the nm-applet could not be opened in fluxbox. I received the following error:
** (nm-applet:1576): WARNING **: <WARN> request_name(): Could not acquire the NetworkManagerUserSettings service.
Error: (9) Connection ":1.27" is not allowed to own the service "org.freedesktop.NetworkManagerUserSettings" due to security policies in the configuration file
I "fixed" this by adding the following to /etc/dbus-1/system.d/nm-applet.conf. Original credit goes to the user in this thread (I only slightly modified his code): https://bbs.archlinux.org/viewtopic.php?id=63576
<!-- hack -->
<policy user="myusername">
<allow own="org.freedesktop.NetworkManagerUserSettings"/>
<allow send_destination="org.freedesktop.NetworkManagerUserSettings"/>
<allow send_interface="org.freedesktop.NetworkManagerUserSettings"/>
<deny send_interface="org.freedesktop.NetworkManagerSetting.Secrets"/>
</policy>
<!-- end of hack -->
Now the applet shows up for my regular user, the problem being that it doesn't connect to the wireless networks (only wired). Whenever I try to connect to wireless, nothing happens (the symbol doesn't change in any way, i.e. the green spheres should start circling); I am still able to succesfully connect to wireless using root. Does anyone know what the source of this issue may be? Thank you very much in advance.
Last edited by Ipozya (2011-01-20 04:49:55)Solved: Had to install consolekit and add "ck-launch-session" to my .xinitrc file when starting fluxbox.
Edit: Please note that this also allowed me to remove the previous change to nm-applet.conf (no longer necessary)!
Last edited by Ipozya (2011-01-20 04:54:20) -
[SOLVED] Network Manager with iPhone 3G S
OK, so work got me a shiny new iPhone 3G S today. When I'm being paid to play with it, I'll give it a shot
Anyway, I've successfully paired the iPhone over bluetooth with Arch on my laptop, which creates the bnep0 network interface. If I run dhcpcd on this interface, the iPhone gives me a DHCP lease in the 192.168.20.x subnet, and after configuring the opendns nameservers, I'm successfully tethered to the iPhone with full network connectivity
Is there a way I can get Network Manager to do the 'dhcp' and 'nameserver' parts for me? In the nm-applet GUI, there's no option for specifying interfaces or anything just "wired" (eth0) and "wireless" (wlan0) as well as the VPN, 3G etc tabs.
Also (I know someone wants to mention this), I am already aware that bluetooth is going to be speed limiting, but this connection will generally only be used for SSH sessions back to the office, so I don't really care about that. I'm happy to use bluetooth to reduce the number of cables required - already have external mouse, external hard drive, power supply and serial cable when I'm at a client site, I don't really want a USB cable to the iPhone as well. Unless Network Manager can't do this over bluetooth, but it can over USB, then I'll concede on the extra cable.
Last edited by fukawi2 (2009-10-01 02:38:02)Here's instructions for Ubuntu, I doubt there will be many discrepancies between Ubuntu and Arch though. Just translate the apt-get crap with the appropriate yaourt or pacman command.
http://undulynoted.net/2009/06/tether-i … -required/
Ubuntu:
Why oh why does apple hardware suck so hard with linux. You will get constant disconnects if your phone is more than a few feet away from the computer. But alas, it is still faster than pdanet or iphonemodem2.
If you are not on a mac congratulations, you have had fewer headaches.
Open the terminal and type:
sudo apt-get install blueman bluez-compat
This will remove wcid which hopefully isn't a problem for most of you.
It will ask you to restart, please do.
Once Ubuntu is back up click on your bluetooth icon in the upper right (which is now managed by blueman)
IMPORTANT: Right click on the bluetooth icon and choose local services. Make sure to click the radio box that says "Network manager" instead of "blueman" under the network pane. This will allow Network Manager to take over the controlling of your connection (which is good). REBOOT AFTER THIS STEP!
Go to the bluetooth settings in your iphone (Settings > General > Bluetooth) and make sure they are on.
Hit the search button in blueman and you should see your iphone after a few seconds.
WARNING: This is where it gets flaky on the macbook pro. Best results I have has is to highlight the phone in blueman and hit "Bond"
Choose to auto generate a pass on the next option. Next. Now wait for the iPhone to ask you to type in the passphrase. Type in the 4 digit one that blueman gives you. VERY IMPORTANT. While they are joining eachother keep you eye on the computer. It will ask you if you always want to trust the iPhone (device name). Hit Always or else you will have trouble.
Always initiate the connection from the iPhone. In the bluetooth settings on the iphone you will now see your computer name listed and the words "not conencted" next to it. Click it. Wait a few and it will hopefully say connected. Look back to blueman and you will now see status bars on the iphone. Right click on your iphone in blueman. Choose "Setup". Network access point is click by default so just hit "Next".
Now head over to Network Manager and you should see "Auto benp0″. Click it to connect and give it a few to generate an IP. DONE enjoy surfing the internet through your data plan without jailbreaking. I have noticed quite a few speed gains over pdanet. Also, i noticed I got better results when i used openDNS's servers (208.67.220.220 and 208.67.222.222).
If you have done everything correctly and Network Manager won't take over the connection of you can see it and it says "not managed" or something of the sort you need to check out the following:
Open terminal and type: sudo gedit /etc/network/interfaces
see if you have bnep0 located there. if you do, comment out or delete that line. and reboot your machine. -
Network Manager driving me crazy (3 issues)
Hey guys I'm new here, hope you can help me
nm-applet is driving me crazy!
First issue: when I boot nm-applet doesn't appear in my tint2 eventhough I'm connected. This don't appear all the time, it's random. I have to kill it and restart it to be able to see it.
I use openbox and I have this in .config/openbox/autostart
(sleep 3 && /usr/bin/nm-applet --sm-disable) &
Second issue:
I selected the save option for the password of my vpn but it won't save it... Or wait, yes it will.. But not all the time. It asks me for the pass sometimes, and sometimes not
Third issue:
I thicked the "automatically connect to vpn for this connection" but guess what... It won't
Any idea about how to troubleshot this. I'm seriously considering pacman -R network-manager and pacman -S something else
Thank you
Last edited by Truc (2014-03-06 21:17:51)1st issue: run nm-applet from the command line (take it out of openbox's start file wherever that is) after you log in to see what's going on.
2nd issue: do you have gnome-keyring installed? I believe it should be started with by networkmanager when it's needed, but you may need to figure out how to start it on your own. I don't know how.
3rd issue: I believe the automatic connection to vpn on a specific network is triggered by networkmanager-dispatcher which is just part of the networkmanager package, but is its own separate service. When you enable/start NetworkManager via systemctl, it should enable/start 3 services - the dispatcher is one of them. Do you have that running?
I may be wrong about some of this; it's been a while since i've used NetworkManager. -
Network Manager Applet Cannot Edit Options/Connections As Normal User
Today I installed Network Manager, and Network Manager Applet in XFCE as a normal user. I followed the instructions on the Arch Network Manager Wiki to the best of my knowlage. The NM-Applet connects to my ethernet, and everything is fine. Untill that is, when I right click the NM Applet.
Once right clicked as a normal user, 'Enable Networking', and 'Enable Wireless' are greyed out and unselectable. Also, when I right click the applet and select 'Edit Connections' 90% of the clickable options are greyed out, including the options to 'Edit' or 'Delete' connections. The only clickable option not greyed out is 'Add' button.
Clicking Add brings up the 'Add New Connection Window', but again everything is greyed out. 'Available To All Users' is checked, but is greyed out also. But, starting XFCE as root, allows me to use the NM Applet with no restrictions, AKA none of the greyed out options. Everything works fine.This is my second day using Arch, so I am not sure where to go now.
It also may be of help ito say I haven't gotten a display manager, such as lightdm or gdm.
My guess is that root is listed under a group the 'jesse' isn't. Or maybe it has something to do with PolicyKit. I'm not sure. If someone could give me a set of clear instructions on how to fix this annoyance, it would be greatly appreciated. Thank You.
My Current Normal User Groups wrote: disk lp wheel uucp games network video audio optical storage scanner power users
My /etc/hosts file wrote:
# /etc/hosts: static lookup table for host names
#<ip-address> <hostname.domain.org> <hostname>
127.0.0.1 localhost.localdomain localhost jesse
::1 localhost.localdomain localhost jesse
# End of file
My /etc/rc.conf wrote:
# /etc/rc.conf - configuration file for initscripts
# Most of rc.conf has been replaced by various other configuration
# files. See archlinux(7) for details.
# For more details on rc.conf see rc.conf(5).
DAEMONS=(alsa dbus syslog-ng crond ifplugd networkmanager bluetooth avahi-daemon acahi-dnsconfd avahi-dnsconfd fa$
# Storage
# USEDMRAID="no"
# USELVM="no"
# Network
# interface=eth0
# address=
# netmask=
# gateway=
My /etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla wrote:Identity=unix-group:network
Action=org.freedesktop.NetworkManager.*
ResultAny=yes
ResultInactive=no
ResultActive=yes
Last edited by TriforceLZG (2012-09-02 13:43:23)I found the solution, I had to install a Display Manager. Now everything is fine.
-
Where does Network Manager get its "secrets?"
I am experimenting with PEAP authentication on a wireless network via Network Manager, and in the NM logs (journalctl -u NetworkManager), I keep seeing a line like this one:
Sep 11 10:56:26 anchor NetworkManager[1300]: <info> Activation (wlp2s0/wireless): connection 'foo' has security, and secrets exist. No new secrets needed.
In this case, I have mangled the network's settings in a way where it shouldn't be able to connect, and to the best of my knowledge, there are cached "secrets" that is still allowing NM to connect to the network. I would like to manage these secrets somehow, or flush them at the very least. How would I go about this?ok, worked on it a little bit more... the only thing left was an entry in the library file, when you opened the xml file in safari you could find the entry. I didn't dare playing around with the file itself, but found a script called: "super remove dead tracks" on this website, which does the trick: http://dougscripts.com/itunes/scripts/scripts01.php?page=1#removedeadsuper
it worked great, nothing is showing up in front row any. -
Hello guys..
this my first question for me at Cisco support forums..
I have couple of questions and I would like to get your views and answers..
Suppose that I am administrator of a university, and I created an excellent design for my network.
1)How can I manage my network from my office.. I mean what kind of software that helps me to monitor my entire network for faults, configuration, performance and security for medium enterprise like university with lowest cost possible.
does anyone have idea about how Cisco nac works??If you look at Cisco NAC from an overall perspective of network management and network security, you can consider the following:
Additional NAC Services
The Cisco NAC Solution can be optionally deployed with the Cisco Identity Services Engine for profiling services and the NAC Guest Server.
• Cisco Identity Services Engine (ISE): Cisco ISE provides profiling capabilities that can discover, analyze, and classify in real time all the endpoints connecting to the network. Cisco ISE comes with hundreds of built-in profiles for devices such as IP phones, printers, mobile devices (IPads, IPhones), scanners, and more, making it possible to identify the type of device connecting to the network. Cisco ISE provides the administrator full visibility into everything connected to the network in real time. It allows the administrator to control the access privileges associated with each type of endpoint.
Starting the Cisco ISE Version 1.0 MR and Cisco NAC Version 4.9, the Cisco ISE can integrate with the Cisco NAC to provide profiler capabilities to a NAC deployment. The combined deployment of the Cisco NAC with the Cisco ISE is the replacement for the Cisco NAC Profiler, which has reached end-of-life status.
To find out more about Cisco ISE, please visit:http://www.cisco.com/en/US/products/ps11640/products_data_sheets_list.html.
• Cisco NAC Guest Server: The optional Cisco NAC Guest Server streamlines the provisioning, notification, management, and reporting of guest users on wired and wireless networks. It offloads resources from IT staff who are charged with supporting corporate visitors. The secure NAC Guest Server enhances your ability to protect your assets, employees, and information while providing network access that fully meets your visitors' business needs. For more information about the Cisco NAC Guest Server data sheet, visit: http://www.cisco.com/en/US/products/ps10160/products_data_sheets_list.html.
and that requires planning....
alot...
and lab tests first before entering production.
In a network with approx 1000 users you will definitely need a few monitoring tools. For security , really study NAC concepts and ISE. Keep in mind , the more users you have, the longer it takes to implement ISE, but if you have that going, you have the network on lockdown at your fingertips.
Please rate if you find helpfull
Let me know if you have more questions
Isak
Maybe you are looking for
-
I want to generate a report with the report generation toolkit in LV7.1. In that report I use several report VIs to append text, titles and frontpanel images to a word document template (Office 2003). That works fine. Depending on the size and text o
-
Oracle forms --11g installation error
Hi All, Configuration: Oracle Database: 10.2.0.5 Oracle forms to be installed Version: 11.1.2.0.0 OS version: Windows 7, 64 Bit JDK version: java version "1.7.0_03" Java(TM) SE Runtime Environment (build 1.7.0_03-b05) Java HotSpot(TM) 64-Bit Server V
-
How to disable the Timeout error?
I can grab a image with my GigE camera, by using an external trigger. But I am always getting the timeout error after the millisec. i set as timeout - how can I set the time infinite? Thanx for ya help
-
Can you create cd sleeves in Photoshop Elements please?
Hi, Can you create cd sleeves in Photoshop Elements please? Or is there a software that can create cd sleeves, using a template perhaps? I can print my own cd inserts (jewel box) but want to create a card cd sleeve. Many thanks, Ric
-
any ideas as purpose ?