IPv6 Network Management and IP SLA

Hi,
I have to plan a network infrastucture with MPLS-IPv4, IPv4 and IPv6 routing tables.
Since I have an hybrid network and dual stack IPv4/IPv6 routers I must manage both protocols for all boxes using SNMP and IP SLA.
Can the SNMP IPv4 traps from the router targeted to the network management station carry information about IPv6 interfaces ?
I found the IP SLA is supported in IPv6 networks for some measurements, is required IPv6 enabled on the IP connection between the management station and the responder?
Thanks
Massimiliano

First, traps can be sent over IPv4 transport and contain IPv6-related varbinds.  Second, I'm not sure I understand why you would need IPv6 enabled between the management station and the responder.  The management station will only perform IP SLA configuration options on the IP SLA source device.

Similar Messages

  • IPv6 Address Management and Security Questions

    I'm trying to draft an IPv6-based version of our location's current routing configuration in anticipation of when our ISP will finally roll it out, and address management has been giving me the biggest headache - ironic, considering IPv6 was supposed to simplify address allocation.
    My first config draft was made assuming that I would be getting a static /56 or /60 prefix from the ISP, and I was just going to insert the prefix into my DHCP pools and there would be no issues. That was before reading around and discovering that some ISPs are considering prefix delegation (PD) for both residential and business accounts instead of static blocks. Now I have questions about how to stick as close to the current IPv4 configuration as possible.
    For the PD scenario, what I am looking at now are two addresses ranges for each network - a ULA /120 space that I want to control using stateful DHCPv6, and the global space which can be /64 and auto-configured. That way there will be a "private" address space for internal routing in the event of a prefix change or an extended outage. But I'm not sure how the config should look for such a scenario. What I have drafted so far is this:
    ipv6 dhcp pool DHCP6_INTERNAL
     address prefix FDAB::1:0/120
     domain-name whatever.net
     dns-server FDAB::1:1
    ipv6 dhcp pool DHCP6_DMZ-WIFI
     address prefix FDAB::2:0/120
     domain-name guest.whatever.net
     dns-server FDAB::2:1
    interface GigabitEthernet0
     description WAN-LINK
     ipv6 enable
     ipv6 address dhcp
     no ipv6 unreachables
     no ipv6 redirects
     ipv6 flow ingress
     ipv6 flow egress
     ipv6 virtual-reassembly in
     ipv6 nd autoconfig default-route
     ipv6 dhcp client pd hint ::/56
     ipv6 dhcp client pd ISP-PREFIX
     zone-member security OUTSIDE
     speed auto
     duplex auto
     no cdp enable
    interface FastEthernet8.1
     description VLAN_1-INTERNAL
     encapsulation dot1Q 1 native
     ipv6 enable
     ipv6 address FDAB::1:1/120
     ipv6 address ISP-PREFIX ::1:0:0:0:1/64
     ipv6 flow ingress
     ipv6 flow egress
     ipv6 virtual-reassembly in
     zone-member security INSIDE
     ip tcp adjust-mss 1300
     ipv6 dhcp server DHCP6_INTERNAL
     ipv6 nd managed-config-flag
     ipv6 nd other-config-flag
    interface FastEthernet8.2
     description VLAN_2-DMZ-WIFI
     encapsulation dot1Q 2
     ipv6 enable
     ipv6 address FDAB::2:1/120
     ipv6 address ISP-PREFIX ::2:0:0:0:1/64
     ipv6 flow ingress
     ipv6 flow egress
     ipv6 virtual-reassembly in
     zone-member security DMZ
     ip tcp adjust-mss 1300
     ipv6 dhcp server DHCP6_DMZ-WIFI
     ipv6 nd managed-config-flag
     ipv6 nd other-config-flag
    Will this config work? By which I mean: will the DHCPv6 servers provide ULA addresses, and will SLAAC work for global address allocation? If not, what needs to be changed?
    Also, another question. I found a few references to a prefix name (the "ISP-PREFIX") which can be used as part of a static IPv6 address on an interface, which is a good idea in case the prefix changes. But that brings up another concern - if the prefix changes, that will invalidate ACLs referencing the global addresses using the previous prefix. Is there anything similar to the prefix name string that can be used in ACLs to keep this from occurring?

    DHCPv6-PD is not necessarily dynamic the same way as DHCP was with the public IPv4 addresses in the IPv4 world.
    While the outside network (PPPoE, DHCPv6, anything) might be truly dynamic and changing with possibly every login session, the DHCPv6 delegated prefix might be tied to your login credentials or DHCPv6 client's DUID after the first connection. A bit like a DHCP lease reservation.
    If that is the case, there is some possibility that your ISP will run reverse route injection, and will always route your "fixed" prefix  to the currently active dynamic "outside" address.
    Talk to your ISP and have them confirm that, once the PD'd /48 or /56 is initially assigned, it won't change, and that the same prefix will be delegated every time. Then you can treat it as if it were fully static, and you won't have to go down the ULA path.
    I contacted one of our local ISPs, and they're doing it exactly that way: PPPoE for IPv4 and IPv6 (fully dynamic), and DHCPv6-PD with the /48 tied to the PPPoE login credentials. I might change to that ISP sooner or later.
    With my current ISP, my IPv6 access is 6RD based. I get a /60, with my current public ipv4 address (by DHCP) embedded into those 60 bits. Readressing is bound to happen sooner or later, and it happens every so often, and it breaks my IPv6 ACLs.
    I'm also looking for a way to write IPv6 ACLs with wildcard bits, not prefix/mask, so I can use them with ZBFW. So far, no sign of it.
    A few more comments:
    ULA addressing: 
    It may look tempting, plausible and intuitive to use dual global and ULA addressing. 
    I started this way as well. However, it turns out that Windows 7 has (had?) some issues with proper source address selection. The "longest common prefix" rule never seemed to work properly. In some cases, it would pick the global address to talk to ULA hosts, or stubbornly insist to use the ULA address to talk to an IPv6 internet host. It was a frustrating experience. Be sure to test this to the full extent (and back, and again and then some more) with every operating system you intend to use.
    Using /120:
    Be sure to test this as well, and very thoroughly. Subnet masks longer than /64 are sometimes called "uncharted territory" in IPv6. Longer subnet masks will break SLAAC, and there may be (embedded) devices that will not react benevolently to a subnet mask other than /64, or simply lack support for DHCPv6.
    adjust-mss
    I see you have "ip tcp adjust-mss 1300". While PMTUd may be mandatory with IPv6, I found it being broken already :-( . "ipv6 tcp adjust-mss .... " is now a separate command since IOS 15.4(1). I would suggest considering it, depending with your experience with PMTUd on IPv6.

  • Network Manager and Wireless

    I have a Broadcom 1390 mini wireless on a Compaq v3000 series laptop with AMD Turion64 processor.
    I have been trying to activate it for some time now. bcm43xx did not work. i compiled ndiswrapper, blacklisted bcm43xx and managed to get wireless detected. I used wifi-radar to connect, but strangely the gnome network applet and wireless network manager showed as no network though wireless was connected and working. I had enabled wlan0 in rc.conf and all details entered as per the wiki.
    I removed networkmanager from rc.conf daemons and added network. Now wireless connects at boot without a hitch. No need for wifi-radar. This is after so many reboots that this occurred to me, so I thought i should share this and perhaps find out if there is something wrong in my approach. I am new to Arch (about a few months) though I have been with Ubuntu, CentOS etc for a few years now

    Coinago:
    Your enc idea did not work...
    How does one enter WEP key 10 digit hexadecimal in rc.conf etc. I tried it straight, then XXXX-XXXX-XX both as key and as enc. It did not work. Do I have to insert an "=" somewhere. I am a bit at sea. I got the wireless going thru wifi-radar. I use gnome, no KDE for me.
    I would like to crack this so i have wireless at boot in my office. It was working fine with entries in rc.conf when there was no key. So it is obviously about entering the WEP key in the right format and place..

  • Network Manager and 802.1x

    I dont have a problem with this I just would like to know where network manager stores the config files that contain the SSIDs.
    My problem is that Im trying to connect my motorola droid that is running a custom froyo rom to my Universitites secured Wifi since its a pain in the butt to keep logging in every time on my droid. Whats really bugging me is that my friend has a nexus one running the same rom and he can connect to it but I cant!
    I figured I'd rip the settings from wpa_supplicant.conf and copy it to my droid but I'm not using wpa_supplicant on arch :-/

    I dont have a problem with this I just would like to know where network manager stores the config files that contain the SSIDs.
    My problem is that Im trying to connect my motorola droid that is running a custom froyo rom to my Universitites secured Wifi since its a pain in the butt to keep logging in every time on my droid. Whats really bugging me is that my friend has a nexus one running the same rom and he can connect to it but I cant!
    I figured I'd rip the settings from wpa_supplicant.conf and copy it to my droid but I'm not using wpa_supplicant on arch :-/

  • IPv6 for management and control plane on WLCs and LWAPs

    Good morning, everybody!
    I am trying to find answer to a question that has been previously asked by people but never successfully answered
    The question is about IPv6 support on Cisco Wireless LAN Controllers and access points... Does Cisco have a roadmap to include support for IPv6 used in CAPWAP, control plane and management? There are couple of posts on this topic that do not unfortunately provide any answer to this point.
    https://supportforums.cisco.com/message/3018843
    https://supportforums.cisco.com/docs/DOC-15667
    Infamous "Cisco IPv6 Solution" at http://www.cisco.com/en/US/partner/technologies/collateral/tk648/tk872/tk373/technologies_white_paper_09186a00802219bc_ps6553_Products_White_Paper.html briefly states "Wireless Solutions... In future, IPv6 control plane features may get added to those components."
    Has anyone heard of any more specific roadmap for IPv6 support for CAPWAP, control plane and management on WLCs and LWAPs?

    Full ipv6 support will never be available on the Wism and 440x controllers because they have a NPU to forward traffic and it was not designed with ipv6 in mind.
    The 5508 and Wism2 and all new controllers all have CPU based forwarding and ipv6 is coming in next releases.
    WLC 8.0 is only for december 2011/2012 and I have to say I don't know if it will support native ipv6.
    my 2 cents

  • Are you open to SAAS Network management and monitoring?

    How comfortable are you with the idea of managing your network switches/routers/Wireless AP/DNS/DHCP from outside your network?
    What happens when your Internet connection fails?
    Even with encryption (VPN/SSH Tunnel/SSL), can it ever truly be safe?
    What environments would this be ideal for?
    What are you're thoughts?

    How comfortable are you with the idea of managing your network switches/routers/Wireless AP/DNS/DHCP from outside your network?
    What happens when your Internet connection fails?
    Even with encryption (VPN/SSH Tunnel/SSL), can it ever truly be safe?
    What environments would this be ideal for?
    What are you're thoughts?

  • Network Manager and WPA

    I am having a hell of a time getting my wireless working. I have gotten it working in an 802.11x network and an open network. My wireless card is the Dell 1505 draft-n card in my dell vostro 1400. I am using ndiswrapper with bcmwl5.inf driver. The router I am connecting to is a draft-n network but I am not sure if that would matter since it broadcasts b/g signal anyway.
    I do not get any errors when entering my password in the gnome prompt, but it just times out. I have also tried the wpa_supplicant config (the manual way) with the same outcome. Any ideas on what to try?
    I am launching networkmanager and networkmanager-dispatcher in the rc.d with !network

    Please try netcfg2 - it is in testing, but as far as I'm concerned it is stable as a rock. Your problem might be related to WPA2 (I don't know if WPA-supplicant supports this)
    Check the 'announcements'-section or the wiki for news/info about netcfg2
    Zl.

  • [SOLVED] Network Manager / nm-applet problems on fresh installation

    I have just carried out a fresh re-installation of Arch on my old netbook, following a self-inflicted crash!
    Previously, networking worked perfectly, but since the new installation, nm-applet is behaving strangely.
    All connections (wired and wireless) seem to work OK, but when connected wirelessly, the nm-applet constantly shows the "searching" icon, and hovering over it, the message "Requesting a Wi-Fi network address for '<wlan name>'" is displayed. The Network Connections screen says that the Wi-Fi connections has never been used, despite the fact that it works!
    I have tried re-configuring the connections, disabling IPV6 (this stops everything working) and completely uninstalling/re-installing Network Manager and nm-applet, but all without success.
    I would be very grateful fo any ideas of how to tackle this problem
    Many thanks in advance.
    Last edited by myrlin (2014-08-20 19:42:44)

    I have fixed the wpa_supplicant problem (changed the .conf file), but the problem still persists. I have even carried out a full re-installation in case I did something stupid.
    Nnmtui shows "connecting" permanently, and nm-applet shows  "Requesting a Wi-Fi network address for '<wlan name>'" with the cycling connecting icon.
    Despite this, the wireless connection seems to work!
    Can anyone suggest what else to try?

  • ORACLE NETWORK MANAGER 기본적인 사용방법

    제품 : SQL*NET
    작성날짜 : 2002-04-12
    ORACLE NETWORK MANAGER 기본적인 사용방법
    ========================================
    I. TERMINOLOGY TO KNOW BEFORE USING THIS GUIDE
    A. community - a set of nodes that use the same network protocol.
    B. listener - a service that waits for incoming requests from client
    and server nodes.
    C. system identifier - (SID) name of the Oracle database instance,
    which is usually the same as the database name
    II. NETWORK CONFIGURATION STEPS
    A. Develop a pictorial representation of the network.
    B. Provide configuration data to Network Manager.
    C. Save the network configuration data and generate the configuration files.
    Step A. Develop a pictorial representation of the network.
    The sample network is a single protocol TCP/IP network with two
    databases. Each node has one listener.
    Step B. Provide configuration data to Network Manager.
    Network Manager requires information about the objects in the
    network before it creates the configuration files. There is an
    on-line walk-through which leads you through the creation of a
    network definition from the beginning (specification of definitions)
    to the end (generation of the configuration files). The walk-through
    provides information in pop-up boxes before each step. During the
    walk through, a series of object property sheets, which gather the
    data about network objects, appear with values which you may need
    to alter.
    ** Tasks **
    1. Launch Network Manager and click OK to store the network definition
    in a file. In the Open window click Cancel.
    2. Choose New from the File pull-down menu to start a new network
    definition. Use the on-line walk through and click OK in the Network
    Description dialog box.
    3. In the Community property sheet, enter TCP as the name of the
    community and choose TCP/IP from the protocol list box. Close the
    community property sheet by clicking OK.
    4. a. To define a node, enter the node name, TCP_node1, in the Node
    property sheet.
    b. Specify UNIX as the type of operating system in the drop-down
    list.
    c. Click on the community folder tab. Add TCP.WORLD to the node
    community list (Note:WORLD is a default suffix) and close the
    node property sheet by clicking OK.
    5. Click OK to close the Node property sheet. To create the node,
    TCP_node2, repeat step 4 and specify the type to be OS/2.
    6. Create a listener in the Listener property sheet, by entering
    TCP_listener1 as the name and choosing TCP_node1 in the node
    pull-down menu to indicate what node TCP_listener1 will listen to.
    Select the addresses folder tab and click Create. This defines the
    address of the listener. A service address property sheet appears
    with the address information as default values. Click OK.
    7. Click the database folder tab to define a database for the listener.
    In the Database property sheet, click Create to specify information
    about the Oracle database that will be included in the network.
    Enter TCP_DB1 as the name of the database. Click TCP_node1 as the
    node. Enter the SID: db1. In the Operating System Specific Details
    field, enter the directory path of the Oracle executables, i.e.
    /usr/oracle for Unix or c:\oraos2\ for OS/2. Click OK to close the
    Database property sheet.
    8. Click OK to close the listener property sheet. To create
    TCP_listener2, repeat steps 6-7 and substitute TCP_node2, TCP_DB2,
    and db2 for the node, database, and SID, respectively.
    Note: The on-line walk-through automatically validates the network configuration.
    Step C. Save the network configuration data and generate configuration files.
    1. Save the network definition.
    2. Click File System in the Export Network Definition dialog box and
    click OK. Choose the directory and click OK. The network definition
    is now complete and the configuration files are generated.
    III. OTHER INFORMATION
    A. About the configuration files
    If the network definition is saved to the file system,
    Network Manager creates two types of subdirectories within the
    directory chosen to store the network definition.
    These are: a node specific directory, which has the same name as the
    node and contact configuration files for the service the node provides,
    and a client profile directory, which has the same name as the client
    community and contains configuration files for each client.
    B. Hardware and Software Requirements
    PC with 6Mb disk, IBM or 100% compatible with an 80386 processor
    or higher one CD-ROM drive
    MS-DOS Version 5.0 or later and Windows 3.1

    Hi Steve,
    1) PL/SQL API for Network Analysis is coming in Oracle 10g Release 2.
    2) In Oracle 10g Release 1 it is a requirement to load the entire network. Loading the entire street network of new york city on my 1 Ghz laptop requires about 1 minute. In Oracle 10g Release 2 you can specify a predicate on the load network so you do not have to load the entire network.
    3) Source code for elocation will be available as an Oracle 10g Release 2 feature (I'm not sure what the "name" of the feature is, but it is a bundling of geocoding and routing, and when combined with MapViewer is a complete "elocation in a box" type of feature.
    Hope this helps.

  • [SOLVED] Network manager only works as root

    Hello everyone,
    I am brand new to arch and have been quite impressed over the past few days over all it has to offer.  Everything has been running quite smoothly and I am now in the process of setting up wireless.  I installed network manager and was able to connect to a wireless network as root.  For my regular user, however, I am running into some issues.  First one was that the nm-applet could not be opened in fluxbox.  I received the following error:
    ** (nm-applet:1576): WARNING **: <WARN> request_name(): Could not acquire the NetworkManagerUserSettings service.
    Error: (9) Connection ":1.27" is not allowed to own the service "org.freedesktop.NetworkManagerUserSettings" due to security policies in the configuration file
    I "fixed" this by adding the following to /etc/dbus-1/system.d/nm-applet.conf.  Original credit goes to the user in this thread (I only slightly modified his code): https://bbs.archlinux.org/viewtopic.php?id=63576
    <!-- hack -->
    <policy user="myusername">
    <allow own="org.freedesktop.NetworkManagerUserSettings"/>
    <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/>
    <allow send_interface="org.freedesktop.NetworkManagerUserSettings"/>
    <deny send_interface="org.freedesktop.NetworkManagerSetting.Secrets"/>
    </policy>
    <!-- end of hack -->
    Now the applet shows up for my regular user, the problem being that it doesn't connect to the wireless networks (only wired).  Whenever I try to connect to wireless, nothing happens (the symbol doesn't change in any way, i.e. the green spheres should start circling); I am still able to succesfully connect to wireless using root.  Does anyone know what the source of this issue may be?  Thank you very much in advance.
    Last edited by Ipozya (2011-01-20 04:49:55)

    Solved: Had to install consolekit and add "ck-launch-session" to my .xinitrc file when starting fluxbox.
    Edit: Please note that this also allowed me to remove the previous change to nm-applet.conf (no longer necessary)!
    Last edited by Ipozya (2011-01-20 04:54:20)

  • [SOLVED] Network Manager with iPhone 3G S

    OK, so work got me a shiny new iPhone 3G S today. When I'm being paid to play with it, I'll give it a shot
    Anyway, I've successfully paired the iPhone over bluetooth with Arch on my laptop, which creates the bnep0 network interface. If I run dhcpcd on this interface, the iPhone gives me a DHCP lease in the 192.168.20.x subnet, and after configuring the opendns nameservers, I'm successfully tethered to the iPhone with full network connectivity
    Is there a way I can get Network Manager to do the 'dhcp' and 'nameserver' parts for me? In the nm-applet GUI, there's no option for specifying interfaces or anything just "wired" (eth0) and "wireless" (wlan0) as well as the VPN, 3G etc tabs.
    Also (I know someone wants to mention this), I am already aware that bluetooth is going to be speed limiting, but this connection will generally only be used for SSH sessions back to the office, so I don't really care about that. I'm happy to use bluetooth to reduce the number of cables required - already have external mouse, external hard drive, power supply and serial cable when I'm at a client site, I don't really want a USB cable to the iPhone as well. Unless Network Manager can't do this over bluetooth, but it can over USB, then I'll concede on the extra cable.
    Last edited by fukawi2 (2009-10-01 02:38:02)

    Here's instructions for Ubuntu, I doubt there will be many discrepancies between Ubuntu and Arch though. Just translate the apt-get crap with the appropriate yaourt or pacman command.
    http://undulynoted.net/2009/06/tether-i … -required/
    Ubuntu:
    Why oh why does apple hardware suck so hard with linux. You will get constant disconnects if your phone is more than a few feet away from the computer. But alas, it is still faster than pdanet or iphonemodem2.
    If you are not on a mac congratulations, you have had fewer headaches.
    Open the terminal and type:
    sudo apt-get install blueman bluez-compat
    This will remove wcid which hopefully isn't a problem for most of you.
    It will ask you to restart, please do.
    Once Ubuntu is back up click on your bluetooth icon in the upper right (which is now managed by blueman)
    IMPORTANT: Right click on the bluetooth icon and choose local services. Make sure to click the radio box that says "Network manager" instead of "blueman" under the network pane. This will allow Network Manager to take over the controlling of your connection (which is good). REBOOT AFTER THIS STEP!
    Go to the bluetooth settings in your iphone (Settings > General > Bluetooth) and make sure they are on.
    Hit the search button in blueman and you should see your iphone after a few seconds.
    WARNING: This is where it gets flaky on the macbook pro. Best results I have has is to highlight the phone in blueman and hit "Bond"
    Choose to auto generate a pass on the next option. Next. Now wait for the iPhone to ask you to type in the passphrase. Type in the 4 digit one that blueman gives you. VERY IMPORTANT. While they are joining eachother keep you eye on the computer. It will ask you if you always want to trust the iPhone (device name). Hit Always or else you will have trouble.
    Always initiate the connection from the iPhone. In the bluetooth settings on the iphone you will now see your computer name listed and the words "not conencted" next to it. Click it. Wait a few and it will hopefully say connected. Look back to blueman and you will now see status bars on the iphone. Right click on your iphone in blueman. Choose "Setup". Network access point is click by default so just hit "Next".
    Now head over to Network Manager and you should see "Auto benp0″. Click it to connect and give it a few to generate an IP. DONE enjoy surfing the internet through your data plan without jailbreaking. I have noticed quite a few speed gains over pdanet. Also, i noticed I got better results when i used openDNS's servers (208.67.220.220 and 208.67.222.222).
    If you have done everything correctly and Network Manager won't take over the connection of you can see it and it says "not managed" or something of the sort you need to check out the following:
    Open terminal and type: sudo gedit /etc/network/interfaces
    see if you have bnep0 located there. if you do, comment out or delete that line. and reboot your machine.

  • Network Manager driving me crazy (3 issues)

    Hey guys I'm new here, hope you can help me
    nm-applet is driving me crazy!
    First issue: when I boot nm-applet doesn't appear in my tint2 eventhough I'm connected. This don't appear all the time, it's random. I have to kill it and restart it to be able to see it.
    I use openbox and I have this in .config/openbox/autostart
    (sleep 3 && /usr/bin/nm-applet --sm-disable) &
    Second issue:
    I selected the save option for the password of my vpn but it won't save it... Or wait, yes it will.. But not all the time. It asks me for the pass sometimes, and sometimes not
    Third issue:
    I thicked the "automatically connect to vpn for this connection" but guess what... It won't
    Any idea about how to troubleshot this. I'm seriously considering pacman -R network-manager and pacman -S something else
    Thank you
    Last edited by Truc (2014-03-06 21:17:51)

    1st issue: run nm-applet from the command line (take it out of openbox's start file wherever that is) after you log in to see what's going on.
    2nd issue: do you have gnome-keyring installed? I believe it should be started with by networkmanager when it's needed, but you may need to figure out how to start it on your own. I don't know how.
    3rd issue: I believe the automatic connection to vpn on a specific network is triggered by networkmanager-dispatcher which is just part of the networkmanager package, but is its own separate service. When you enable/start NetworkManager via systemctl, it should enable/start 3 services - the dispatcher is one of them. Do you have that running?
    I may be wrong about some of this; it's been a while since i've used NetworkManager.

  • Network Manager Applet Cannot Edit Options/Connections As Normal User

    Today I installed Network Manager, and Network Manager Applet in XFCE as a normal user. I followed the instructions on the Arch Network Manager Wiki to the best of my knowlage. The NM-Applet connects to my ethernet, and everything is fine. Untill that is, when I right click the NM Applet.
    Once right clicked as a normal user, 'Enable Networking', and 'Enable Wireless' are greyed out and unselectable. Also, when I right click the applet and select 'Edit Connections' 90% of the clickable options are greyed out, including the options to 'Edit' or 'Delete' connections. The only clickable option not greyed out is 'Add' button.
    Clicking Add brings up the 'Add New Connection Window', but again everything is greyed out. 'Available To All Users' is checked, but is greyed out also. But, starting XFCE as root, allows me to use the NM Applet with no restrictions, AKA none of the greyed out options. Everything works fine.This is my second day using Arch, so I am not sure where to go now.
    It also may be of help ito say I haven't gotten a display manager, such as lightdm or gdm.
    My guess is that root is listed under a group the 'jesse' isn't. Or maybe it has something to do with PolicyKit. I'm not sure. If someone could give me a set of clear instructions on how to fix this annoyance, it would be greatly appreciated. Thank You.
    My Current Normal User Groups wrote: disk lp wheel uucp games network video audio optical storage scanner power users
    My /etc/hosts file wrote:
    # /etc/hosts: static lookup table for host names
    #<ip-address>   <hostname.domain.org>           <hostname>
    127.0.0.1              localhost.localdomain localhost jesse
    ::1                         localhost.localdomain localhost jesse
    # End of file
    My /etc/rc.conf wrote:
    # /etc/rc.conf - configuration file for initscripts
    # Most of rc.conf has been replaced by various other configuration
    # files. See archlinux(7) for details.
    # For more details on rc.conf see rc.conf(5).
    DAEMONS=(alsa dbus syslog-ng crond ifplugd networkmanager bluetooth avahi-daemon acahi-dnsconfd avahi-dnsconfd fa$
    # Storage
    # USEDMRAID="no"
    # USELVM="no"
    # Network
    # interface=eth0
    # address=
    # netmask=
    # gateway=
    My /etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla wrote:Identity=unix-group:network
    Action=org.freedesktop.NetworkManager.*
    ResultAny=yes
    ResultInactive=no
    ResultActive=yes
    Last edited by TriforceLZG (2012-09-02 13:43:23)

    I found the solution, I had to install a Display Manager. Now everything is fine.

  • Where does Network Manager get its "secrets?"

    I am experimenting with PEAP authentication on a wireless network via Network Manager, and in the NM logs (journalctl -u NetworkManager), I keep seeing a line like this one:
    Sep 11 10:56:26 anchor NetworkManager[1300]: <info> Activation (wlp2s0/wireless): connection 'foo' has security, and secrets exist. No new secrets needed.
    In this case, I have mangled the network's settings in a way where it shouldn't be able to connect, and to the best of my knowledge, there are cached "secrets" that is still allowing NM to connect to the network.  I would like to manage these secrets somehow, or flush them at the very least.  How would I go about this?

    ok, worked on it a little bit more... the only thing left was an entry in the library file, when you opened the xml file in safari you could find the entry. I didn't dare playing around with the file itself, but found a script called: "super remove dead tracks" on this website, which does the trick: http://dougscripts.com/itunes/scripts/scripts01.php?page=1#removedeadsuper
    it worked great, nothing is showing up in front row any.

  • Network management

    Hello guys..
    this my first question for me at Cisco support forums..
    I have couple of questions and I would like to get your views and answers..
    Suppose that I am administrator of a university, and I created an excellent design for my network.
    1)How can I manage my network from my office.. I mean what kind of software that helps me to monitor my entire network for faults, configuration, performance and security for medium enterprise like university with lowest cost possible.
    does anyone have idea about how Cisco nac works??

    If you look at Cisco NAC from an overall perspective of network management and network security, you can consider the following:
    Additional NAC Services
    The Cisco NAC Solution can be optionally deployed with the Cisco Identity Services Engine for profiling services and the NAC Guest Server.
    • Cisco Identity Services Engine (ISE): Cisco ISE provides profiling capabilities that can discover, analyze, and classify in real time all the endpoints connecting to the network. Cisco ISE comes with hundreds of built-in profiles for devices such as IP phones, printers, mobile devices (IPads, IPhones), scanners, and more, making it possible to identify the type of device connecting to the network. Cisco ISE provides the administrator full visibility into everything connected to the network in real time. It allows the administrator to control the access privileges associated with each type of endpoint.
    Starting the Cisco ISE Version 1.0 MR and Cisco NAC Version 4.9, the Cisco ISE can integrate with the Cisco NAC to provide profiler capabilities to a NAC deployment. The combined deployment of the Cisco NAC with the Cisco ISE is the replacement for the Cisco NAC Profiler, which has reached end-of-life status.
    To find out more about Cisco ISE, please visit:http://www.cisco.com/en/US/products/ps11640/products_data_sheets_list.html.
    • Cisco NAC Guest Server: The optional Cisco NAC Guest Server streamlines the provisioning, notification, management, and reporting of guest users on wired and wireless networks. It offloads resources from IT staff who are charged with supporting corporate visitors. The secure NAC Guest Server enhances your ability to protect your assets, employees, and information while providing network access that fully meets your visitors' business needs. For more information about the Cisco NAC Guest Server data sheet, visit: http://www.cisco.com/en/US/products/ps10160/products_data_sheets_list.html.
    and that requires planning....
    alot...  
    and lab tests first before entering production.
    In a network with approx 1000 users you will definitely need a few monitoring tools.  For security , really study NAC concepts and ISE.  Keep in mind , the more users you have, the longer it takes to implement ISE,  but if you have that going, you have the network on lockdown at your fingertips.
    Please rate if you find helpfull
    Let me know if you have more questions
    Isak

Maybe you are looking for