ISE Issue with DNS
Hello Techies,
I am facing challenge while configuring ISE to join AD. Domain Name lookup fails. DNS is working perfectly fine;
nslookup works fine on ISE for simple domain names, but on long domain names it fails while throwing the following error;
;; Truncated, retrying in TCP mode.
;; connection timed out; no servers could be reached
Upon searching on google, may threads discuss that it a common issue with linux, when multiple IP's are returned for DNS query. Solution is to make static entries in;
/etc/resolv.conf
Not able to find it in ISE, as it does not give access to the OS. I am running it on VMware.
Looking forward to get your valuable inputs to resolve this.
Thanks
Thanks for your response. Port 53(TCP) was opened on firewall & voila........nslookup was able to resolve the hostname.
Now there is another challenge because of huge environment. Active Directory forest contains more than 50+ child domain controllers. Policy is open for one particular hostname/ip. But authentication is not successful & ISE is not able to join domain. CISCO forums says that ports for all server should be open for ISE on the intermediate firewall, but it is a huge challenge for testing.
While I tried to give the FQDN of specific server(from whom ports are open on firewall), it is not getting resolved again.
Please sugeest
Similar Messages
-
Issue with dns service in Oracle 6.4
Hi. I have tried to do everything like here setting hostname,domainname and static IP address but it did not help me and i still have issue with resolving DNS names.
[root@node1 etc]# ping 192.168.226.128
PING 192.168.226.128 (192.168.226.128) 56(84) bytes of data.
64 bytes from 192.168.226.128: icmp_seq=1 ttl=64 time=0.049 ms
64 bytes from 192.168.226.128: icmp_seq=2 ttl=64 time=0.053 ms
64 bytes from 192.168.226.128: icmp_seq=3 ttl=64 time=0.068 ms
^C
--- 192.168.226.128 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2320ms
rtt min/avg/max/mdev = 0.049/0.056/0.068/0.011 ms
[root@node1 etc]# nslookup 192.168.226.128
Server: 192.168.226.2
Address: 192.168.226.2#53
** server can't find 128.226.168.192.in-addr.arpa.: NXDOMAIN
[root@node1 etc]# nslookup node1.node.com
Server: 192.168.226.2
Address: 192.168.226.2#53
Non-authoritative answer:
*** Can't find node1.node.com: No answer
[root@node1 etc]# nslookup node1
Server: 192.168.226.2
Address: 192.168.226.2#53
Non-authoritative answer:
*** Can't find node1: No answer
[root@node1 etc]# nslookup node.com
Server: 192.168.226.2
Address: 192.168.226.2#53
Non-authoritative answer:
*** Can't find node.com: No answer
Meanwhile:
[root@node1 etc]# nslookup oracle.com
Server: 192.168.226.2
Address: 192.168.226.2#53
Non-authoritative answer:
Name: oracle.com
Address: 137.254.120.50
[root@node1 etc]#
my resolv.conf file is:
[root@node1 etc]# cat /etc/resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain node.com
nameserver 192.168.226.2
[root@node1 etc]#
and
[root@node1 etc]# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.226.128 node1.node.com node1
[root@node1 etc]#
[root@node1 etc]# hostname -a
node1
[root@node1 etc]# hostname -d
node.com
[root@node1 etc]# hostname
node1.node.com
DNS configuration RGhost — файлообменник
[root@node1 etc]# rpm -q bind
package bind is not installed
but:
[root@node1 etc]# rpm -q bind-utils
bind-utils-9.8.2-0.17.rc1.0.2.el6.x86_64
and:
[root@node1 etc]# ps -ef | grep -i bind
rpc 1947 1 0 Dec21 ? 00:00:00 rpcbind
nobody 2831 1 0 Dec21 ? 00:00:00 /usr/sbin/dnsmasq --strict-order --local=// --domain-needed --pid-file=/var/run/libvirt/network/default.pid --conf-file= --except-interface lo --bind-interfaces --listen-address 192.168.122.1 --dhcp-range 192.168.122.2,192.168.122.254 --dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases --dhcp-lease-max=253 --dhcp-no-override --dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile --addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts
root 8237 19846 0 04:18 pts/2 00:00:00 grep -i bind
so i can not understand why dns is not able to resolve ip or whole name for mentioned hostname?As I understand it..
nslookup does a Name Server Lookup - which means asking the DNS to resolve a hostname to an IP address. Which it only can do if it has that hostname/IP mapping.
In your case, that hostname/IP mapping only exists in /etc/hosts - not in the DNS. Thus the DNS cannot resolve it. -
MBAM 2.5 SPN Issue with DNS alias and reporting
We have one server with administration and monitoring website and self-service portal setup on it. We have another server with the Databases and the reports running on it. When I initially set it up I set it up with a SPN that matched the host name. At this
point reporting worked.
We found that HTTP SPN that matches host/FQDN name ibreaks WINRM to the server (powershell remoting). See this: https://connect.microsoft.com/PowerShell/feedback/details/751307/psremoting-breaks-because-it-used-spn-name-with-class-http-instead-of-using-wsman
To fix that we created a DNS alias, mbam.ourdomain.com, and created http SPN's for that account mapped to our MBAM ID
When we did this we initially got stuck even logging on with single sign-on. we made a change to the endpoint address in the web.config and pointed it to the alias -- this resolved that issue.
However now when trying to open any one of the reports we get the resource can not be found http 404 error.
Is this fixable by changing something in a config file somewhere or do I need rebuild the servers and reinstall?Yes, We set both of those. We also set the delegation for the apppooluser to "trust this user for delegation to any service".<o:p></o:p>
Today we uninstalled and reinstalled/configured IIS, the Administration and Monitoring website, and the self-service portal.<o:p></o:p>
We no longer get an error when clicking on one of the 3 reports. Instead it does nothing. If I choose to open it in another tab or window it
opens an about:blank page.<o:p></o:p> -
Delivery delayed possibly because of Exchange Online issue with DNS check
http://social.technet.microsoft.com/Forums/exchange/en-US/newthread?category=microsoftonlineservices&forum=onlineservicesexchange
I'm troubleshooting extremely late (3+ days) delivery emails FROM a domain hosted by Microsoft TO systemid.com. Microsoft Remote connectivity analyzer
https://testconnectivity.microsoft.com/ shows that it cannot get MX record for systemid.com. HOWEVER, other tools like Mxtoolbox (http://mxtoolbox.com/) shows the
MX lookup is successful.
When sending FROM Google / Yahoo to the same email address at systemid.com, the emails go through right away.
I was able to reproduce the issue by sending an email FROM my personal Hotmail email to systemid.com. The next morning I got a delayed Delivery Status Notifcation:
Reporting-MTA: dns;BAY004-OMC1S14.hotmail.com
Received-From-MTA: dns;BAY169-W65
Arrival-Date: Tue, 30 Sep 2014 11:38:10 -0700
Final-Recipient: rfc822;[email protected]
Action: delayed
Status: 4.4.7
Will-Retry-Until: Thu, 2 Oct 2014 11:38:17 -0700
I think the root issue is that Exchange Online does not like something about MX record for systemid.com, although other tools say the MX records are fine.
Can you see why emails from Hotmail or one of your Exchange Online customers cannot reach systemid.com although emails from Google / Yahoo go in just fine? Please PM me if you need the name of the domain hosted by Microsoft or an email address at systemid.com
for testing.If you open a service request via your O365 tenant, and explain the issue, they'll respond quite quickly.
I've created some tickets at O365 support for about the same problems in the past, and you usually get a call from an EOP/EO engineer the day after. -
I am setting up time capsule and have issues with DNS
Can't get internet connected and says DNS server not identified
Technicolor TG789vn is a gateway, which is a modem and router in one package. Please verify by checking the Technicolor information on this model below:
http:///en/solutions-services/connected-home/modems-gateways/xdsl-modems-gateway s/tg789vn-bonded
Assuming that things are working correctly, AirPort Utility should be able to set up the Time Capsule correctly with this type of device.
Shut down your Mac and then restart the device.
Power off the Technicolor gateway, wait a minute, then power it back up and let it run a few minutes.
Power up the Time Capsule for a few minutes, then hold in the reset button on the back of the Time Capsule for 8-10 seconds and release. Allow a full minute for the Time Capsule to restart to a slow, blinking amber light status.
Connect an Ethernet cable....that you have tested to make sure that it is working....from one of the LAN <--> ports on the Technicolor gateway to the WAN "O" port on the Time Capsule
On your Mac....open Macintosh HD > Applications > Utilities > AIrPort Utility
Click on Other WiFi Devices
Click on Time Capsule
The setup utility will open up with a configuration window mentioning that the Time Capsule will be set up to create a network
For Network Name......Enter a simple, short name that you want to call your wireless network.
For Base Station.......Enter a simple, short name that you want to call the Time Capsule. Mine is TC, for example
For Password.........Enter a password that will be used for the wireless network and base station
For Verify Password.....Enter the same password to confirm
Click Next
The utility will set up everything for you. When you see the message of Setup Complete, click Done and you should have a green light on the Time Capsule.
Select the wireless network that you created and enter the password to connect. You should be all set. -
Issue with very slow DNS lookup. SBS 2008 R2.
(Preface: sorry if this is the wrong forum...new at this! X-posted from Reddit)
I'm stumped with this one. Last week, the server installed a few updates, no problem, a handful of security stuff. Since then, I've been having issues with DNS lookups on every computer on the network. It will hang on "looking up <domain>.com..."
and then after 20-30 seconds, it will show a "can't find the server" error. BUT THEN! When you click try again, it loads right up. And then it works fine. For a day or so. Then, the next day, or maybe just a few hours later, sometimes while browsing
the same site, it will do the same thing. It's like the DNS server just forgets the lookups it's already done after a time.
Things I've tried:
restarting server (duh)
rolling back updates
reinstalling said updates
restarting all network hardware from the gateway outwards
restarting the service itself while the server is running
The only thing the event log shows is a single error during startup - event ID 4015. The text reads:
"The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is ' '."
This error has only occurred once that I saw and did not occur on the most recent startup, but the issue is still present
Active directory seems to be fine. No errors or warnings in it and no info from the event log is showing anything that seems to be helpful.
I've looked around the KB but every article seems to be troubleshooting a much more specific problem or a different problem altogether, such as a misnamed, stuck, or incorrect DNS zone, or a DNS lookup that fails to complete altogether.Hi Craigglesofdoom,
Would you please let us know current situation of this issue? Did you refer to above suggestions and solve this problem? If any update, please feel free to let us know.
Please also run SBS BPA tool and check if find relevant issues.
For Event ID 4015, please refer to following article and check if can help you.
Event ID 4015 — DNS Server Active Directory Integration
-->The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly.
Please use dcdiag command-line tool. Any find?
Domain Controller Diagnostics Tool (dcdiag.exe)
Dcdiag for DNS: Test details explained
Hope this helps.
Best regards,
Justin Gu
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Networking issues with MacBook Pro
I have tried to find this issue on line and in the forums and couldn't I have seen many people have similar issues using VPN connections or Citrix but nothing what I am seeing. I have 3 MacBook Pros that connect fine to our company network. They have the DNS settings from our DHCP server and I can see their leases and everything. We can connect to network drives however we can't connect any of them to the company's intranet sites. If we type in http://companysite and hit enter both Safari and Firefox come back stating that they can't find the server companysite. Not sure why it is looking for a server by the name of companysite when our DNS servers point to the servers that are hosting the sites.
If I type in the IP address of any company site then it works however using the name doesn't. So it sounds like an issue with DNS but again the DNS servers are in the network settings and Windows machines have no issues with using the http://companysite instead of using http://IP Address. Any assistance would be appreciated.OK, figured out that if I added my company's domain to the search domain list in Network Settings this would allow the MacBook to use http://companysite instead of the IP Address. However now I need to figure out the authentication issue. We use the end user's network credentials for access to the company intranet sites. Using http://companysite I get access denied. Using the IP address allows the end user to enter in their network credentials.
-
BYOD Onboarding issue with Redirects on ISE 1.2
Hi there,
I'm having intermittent issues with onboarding endpoints (both wired and wireless) with ISE 1.2 (Patch 12).
I get three differing scenarios upon attempting:
1). I get redirected to the ISE Self Registration Portal, register, download the supplicant OK and then can browse with no problems.
2) I dont get redirected at all and so never see the Self Registration portal. All browsing tries to go to the selected website and fails (presumably as the redirect URL is in place even if the browser is not "seeing" it). If I force the browser URL to to ISE I get the Self Registration Portal displayed but with no MAC details present so I can get no further.
3) I get redirected, and seemingly Register OK, download the profiles etc...but after a "Registered Sucessfully" message, any attempt to browse to external website is again redirected to the Portal. I can then re-register again (it lets me do that as if the first time) but I just end up in that loop forever.
These problems are mostly seen wirelessly (I have a WLC 5508) but also wired clients via 3850 wired ports. I am using a collection of endpoints (Andorid, IPads, Laptops) to test and de-registering them between attempts and the results are entirely random among the three scenarios.
I am not changing any policies in between attempts so they are working fine at times, and not at others.
Any help welcome!Hi Neno,
Thanks for your reply. I have attached some info as requested. For AuthZ rules they should first hit an EAP-MSCHAPv2 rule via the secure SSID which redirects them to the NSP process and gives them an ACL on the WLC that only allows DHCP, DNS and traffic to from ISE.
Afterward registration they should then get a certificate and then after a COA reauthenticate using EAP-TLS.
All this works fine at times, but at other times Web traffic NEVER gets redirected to ISE to begin the registration process or alternatively endpoints are STUCK in a circle of registration in that the th redirect works OK and you register OK but the redirect is permanently on and you keep getting asked to re-register your device despite the fact you have already done it once.
If you can avoid either of these scenarios, it works absolutely fine. It feels like the endpoints themselves are the issue, as I am using a small set of test devices to register (and then de-register) to test with.
However the same device that wont work at all for many many attempts, will eventually suddenly work OK and the BYOD process completes. I do however seem to have a permanent problem with Surface Pro's in that I can never get them to see the redirect at all. -
Windows 7 Pro DNS issue with static IP
0
down vote
favorite
I have been unable to solve a DNS problem I am having as follows:
I have a Windows 7 Professional (64 bit) computer running VirtualBox with a couple of Windows XP guests (not sure if this bit is relevant). After heavy file copying/transfer on both of the Windows XP machines, both the guest machines AND the host loose anything
DNS related, so I cannot call anything by name, but by direct IP works fine. The only resolution is to reboot the (host) machine and it will then work OK for a while until it happens again. The only trigger to make it seem to happen quicker is to re-initiate
the heavy file transfer and this then causes the DNS resolution to stop working again.
The machine has a fixed IP address, so it isn't related to DHCP.
I've tried the machine connected wired and wireless, no difference.
The IP settings are manual and I have tried giving it the DNS settings of the router (normal settings) and I have also tried giving it Google's DNS servers (8.8.8.8 & 8.8.4.4). No difference.
It seems to happen (sooner) during heavy traffic.
Other Windows 7 machines in the network work fine (though they are Home version, not Pro).
ONLY DNS fails, direct IP works OK.
Reboot seems only solution at the moment.
I am now lost as to what to try to resolve this issue, I do not really want to reload Windows 7 as it is a relatively new install... I have read about issues with wired connections on my router (BT Home Hub 2.0) so tried a wireless connection, still the
same.
Here is my ipconfig /all (it shows the BT Home Hub router DNS settings, but it also failed with Google's 8.8.8.8 and 8.8.4.4 entered here and also with the routers 192.168.1.254 (default).
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\G>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : e1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 30-85-A9-AD-07-81
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::59f:484a:827f:42ba%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.87(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 238060969
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-39-2B-4D-30-85-A9-AD-07-81
DNS Servers . . . . . . . . . . . : 217.32.171.21
213.120.234.30
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VirtualBox Host-Only Network:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-28-56
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8d2d:7418:381b:8dc0%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 336068647
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-39-2B-4D-30-85-A9-AD-07-81
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{486D4DCC-9CB7-417E-A796-596E0E6B1D54}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{67455999-75A5-436E-9EAC-12B093363132}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\G>
Any ideas where to look, or what other info to provide for any assistance?
Many thanks in advance.Hi,
This has just happened again, here is the content of the netstat results as requested...
If I kill the VirtualBox virtual machines, it starts working again. It is as if there are no ports left, but I am not occupying that many? Surely Windows 7 can cope with this?
I feel I am missing something important, but cannot put my finger on it...
Further below, I have re-run the netstat command AFTER I have closed the VirtualBox machines and the system works OK.
netstat results DURING ISSUE:
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 1444
[FileZilla Server.exe]
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING 1692
[MESMTPC.EXE]
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:110 0.0.0.0:0 LISTENING 1660
[MEPOPS.EXE]
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 752
RpcSs
[svchost.exe]
TCP 0.0.0.0:143 0.0.0.0:0 LISTENING 1524
[MEIMAPS.exe]
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:1221 0.0.0.0:0 LISTENING 4796
[VirtualBox.exe]
TCP 0.0.0.0:2199 0.0.0.0:0 LISTENING 4820
[VirtualBox.exe]
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING 1756
[mysqld.exe]
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 1104
CryptSvc
[svchost.exe]
TCP 0.0.0.0:6901 0.0.0.0:0 LISTENING 4636
[WinVNC.exe]
TCP 0.0.0.0:6901 0.0.0.0:0 LISTENING 4636
[WinVNC.exe]
TCP 0.0.0.0:8300 0.0.0.0:0 LISTENING 3464
[sc_serv.exe]
TCP 0.0.0.0:8301 0.0.0.0:0 LISTENING 3464
[sc_serv.exe]
TCP 0.0.0.0:8360 0.0.0.0:0 LISTENING 3080
[sc_serv.exe]
TCP 0.0.0.0:8361 0.0.0.0:0 LISTENING 3080
[sc_serv.exe]
TCP 0.0.0.0:9022 0.0.0.0:0 LISTENING 4804
[VirtualBox.exe]
TCP 0.0.0.0:9023 0.0.0.0:0 LISTENING 4804
[VirtualBox.exe]
TCP 0.0.0.0:9080 0.0.0.0:0 LISTENING 4804
[VirtualBox.exe]
TCP 0.0.0.0:10001 0.0.0.0:0 LISTENING 4828
[VirtualBox.exe]
TCP 0.0.0.0:10002 0.0.0.0:0 LISTENING 4828
[VirtualBox.exe]
TCP 0.0.0.0:10003 0.0.0.0:0 LISTENING 4828
[VirtualBox.exe]
TCP 0.0.0.0:10011 0.0.0.0:0 LISTENING 4780
[VirtualBox.exe]
TCP 0.0.0.0:10012 0.0.0.0:0 LISTENING 4780
[VirtualBox.exe]
TCP 0.0.0.0:10013 0.0.0.0:0 LISTENING 4780
[VirtualBox.exe]
TCP 0.0.0.0:25566 0.0.0.0:0 LISTENING 3648
[TerrariaServer.exe]
TCP 0.0.0.0:30001 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30002 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30003 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30004 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30005 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30006 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30007 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30020 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30021 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30039 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30080 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30081 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30082 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30083 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30084 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30085 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30086 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30087 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30088 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30089 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30090 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30091 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30092 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30093 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30094 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30095 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30096 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30097 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30098 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30099 0.0.0.0:0 LISTENING 4788
[VirtualBox.exe]
TCP 0.0.0.0:30101 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30102 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30103 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30104 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30105 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30106 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30107 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30108 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30109 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30110 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30111 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30112 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30113 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30114 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30115 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30116 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30117 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30118 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30119 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30120 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30121 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30139 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30180 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30181 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30182 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30183 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30184 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30185 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30186 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30187 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30188 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30189 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30190 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30191 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30192 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30193 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30194 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30195 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30196 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30197 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30198 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30199 0.0.0.0:0 LISTENING 4812
[VirtualBox.exe]
TCP 0.0.0.0:30201 0.0.0.0:0 LISTENING 4796
[VirtualBox.exe]
TCP 0.0.0.0:30239 0.0.0.0:0 LISTENING 4796
[VirtualBox.exe]
TCP 0.0.0.0:33306 0.0.0.0:0 LISTENING 4796
[VirtualBox.exe]
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 440
[wininit.exe]
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 880
eventlog
[svchost.exe]
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 1000
Schedule
[svchost.exe]
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 508
[lsass.exe]
TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING 500
[services.exe]
TCP 0.0.0.0:49158 0.0.0.0:0 LISTENING 3048
PolicyAgent
[svchost.exe]
TCP 127.0.0.1:8361 127.0.0.1:49364 ESTABLISHED 3080
[sc_serv.exe]
TCP 127.0.0.1:14147 0.0.0.0:0 LISTENING 1444
[FileZilla Server.exe]
TCP 127.0.0.1:14147 127.0.0.1:49162 ESTABLISHED 1444
[FileZilla Server.exe]
TCP 127.0.0.1:49162 127.0.0.1:14147 ESTABLISHED 3156
[FileZilla Server Interface.exe]
TCP 127.0.0.1:49212 127.0.0.1:49213 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49213 127.0.0.1:49212 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49214 127.0.0.1:49215 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49215 127.0.0.1:49214 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49216 127.0.0.1:49217 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49217 127.0.0.1:49216 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49218 127.0.0.1:49219 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49219 127.0.0.1:49218 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49220 127.0.0.1:49221 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49221 127.0.0.1:49220 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49222 127.0.0.1:49223 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49223 127.0.0.1:49222 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49224 127.0.0.1:49225 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49225 127.0.0.1:49224 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49226 127.0.0.1:49227 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49227 127.0.0.1:49226 ESTABLISHED 4288
[java.exe]
TCP 127.0.0.1:49364 127.0.0.1:8361 ESTABLISHED 3100
[Instore_Radioboss.exe]
TCP 192.168.1.87:139 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 192.168.1.87:3389 217.156.134.12:22971 ESTABLISHED 1104
CryptSvc
[svchost.exe]
TCP 192.168.1.87:8360 81.148.248.221:1026 ESTABLISHED 3080
[sc_serv.exe]
TCP 192.168.1.87:25565 0.0.0.0:0 LISTENING 4288
[java.exe]
TCP 192.168.1.87:50644 37.139.0.151:8233 ESTABLISHED 4796
[VirtualBox.exe]
TCP 192.168.1.87:51019 81.27.96.46:21 TIME_WAIT 0
TCP 192.168.1.87:53126 192.168.1.86:445 ESTABLISHED 4
Can not obtain ownership information
TCP 192.168.1.87:60462 192.168.1.86:445 CLOSE_WAIT 4
Can not obtain ownership information
TCP 192.168.1.87:65029 37.139.0.151:8231 ESTABLISHED 4796
[VirtualBox.exe]
TCP 192.168.56.1:139 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP [::]:21 [::]:0 LISTENING
1444
[FileZilla Server.exe]
TCP [::]:25 [::]:0 LISTENING
1692
[MESMTPC.EXE]
TCP [::]:80 [::]:0 LISTENING
4
Can not obtain ownership information
TCP [::]:135 [::]:0 LISTENING
752
RpcSs
[svchost.exe]
TCP [::]:445 [::]:0 LISTENING
4
Can not obtain ownership information
TCP [::]:3306 [::]:0 LISTENING
1756
[mysqld.exe]
TCP [::]:3389 [::]:0 LISTENING
1104
CryptSvc
[svchost.exe]
TCP [::]:30239 [::]:0 LISTENING
4796
[VirtualBox.exe]
TCP [::]:49152 [::]:0 LISTENING
440
[wininit.exe]
TCP [::]:49153 [::]:0 LISTENING
880
eventlog
[svchost.exe]
TCP [::]:49154 [::]:0 LISTENING
1000
Schedule
[svchost.exe]
TCP [::]:49156 [::]:0 LISTENING
508
[lsass.exe]
TCP [::]:49157 [::]:0 LISTENING
500
[services.exe]
TCP [::]:49158 [::]:0 LISTENING
3048
PolicyAgent
[svchost.exe]
TCP [::1]:14147 [::]:0 LISTENING 1444
[FileZilla Server.exe]
UDP 0.0.0.0:123 *:*
964
W32Time
[svchost.exe]
UDP 0.0.0.0:500 *:*
1000
IKEEXT
[svchost.exe]
UDP 0.0.0.0:3702 *:*
964
EventSystem
[svchost.exe]
UDP 0.0.0.0:3702 *:*
964
EventSystem
[svchost.exe]
UDP 0.0.0.0:4500 *:*
1000
IKEEXT
[svchost.exe]
UDP 0.0.0.0:5355 *:*
1104
Dnscache
[svchost.exe]
UDP 0.0.0.0:53274 *:*
4780
[VirtualBox.exe]
UDP 0.0.0.0:53727 *:*
4788
[VirtualBox.exe]
UDP 0.0.0.0:54111 *:*
4828
[VirtualBox.exe]
UDP 0.0.0.0:54112 *:*
4828
[VirtualBox.exe]
UDP 0.0.0.0:54113 *:*
4780
[VirtualBox.exe]
UDP 0.0.0.0:55421 *:*
964
EventSystem
[svchost.exe]
UDP 0.0.0.0:58596 *:*
964
EventSystem
[svchost.exe]
UDP 0.0.0.0:59838 *:*
4812
[VirtualBox.exe]
UDP 0.0.0.0:62498 *:*
4796
[VirtualBox.exe]
UDP 127.0.0.1:1900 *:*
4172
SSDPSRV
[svchost.exe]
UDP 127.0.0.1:55045 *:*
4172
SSDPSRV
[svchost.exe]
UDP 192.168.1.87:137 *:*
4
Can not obtain ownership information
UDP 192.168.1.87:138 *:*
4
Can not obtain ownership information
UDP 192.168.1.87:1900 *:*
4172
SSDPSRV
[svchost.exe]
UDP 192.168.1.87:55043 *:*
4172
SSDPSRV
[svchost.exe]
UDP 192.168.56.1:137 *:*
4
Can not obtain ownership information
UDP 192.168.56.1:138 *:*
4
Can not obtain ownership information
UDP 192.168.56.1:1900 *:*
4172
SSDPSRV
[svchost.exe]
UDP 192.168.56.1:55044 *:*
4172
SSDPSRV
[svchost.exe]
UDP [::]:123 *:*
964
W32Time
[svchost.exe]
UDP [::]:500 *:*
1000
IKEEXT
[svchost.exe]
UDP [::]:3702 *:*
964
EventSystem
[svchost.exe]
UDP [::]:3702 *:*
964
EventSystem
[svchost.exe]
UDP [::]:4500 *:*
1000
IKEEXT
[svchost.exe]
UDP [::]:5355 *:*
1104
Dnscache
[svchost.exe]
UDP [::]:55422 *:*
964
EventSystem
[svchost.exe]
UDP [::]:58597 *:*
964
EventSystem
[svchost.exe]
UDP [::1]:1900 *:*
4172
SSDPSRV
[svchost.exe]
UDP [::1]:55042 *:*
4172
SSDPSRV
[svchost.exe]
UDP [fe80::59f:484a:827f:42ba%11]:1900 *:*
4172
SSDPSRV
[svchost.exe]
UDP [fe80::59f:484a:827f:42ba%11]:55040 *:*
4172
SSDPSRV
[svchost.exe]
UDP [fe80::11a6:2283:bc40:c0cb%16]:1900 *:*
4172
SSDPSRV
[svchost.exe]
UDP [fe80::11a6:2283:bc40:c0cb%16]:55041 *:*
4172
SSDPSRV
[svchost.exe] -
An issue with authentication and authorization on ISE 1.2
Hi, I'm new to ISE.
I have an issue with authentication and authorization.
I have ISE 1.2 plus patch 6 installed on VMware.
I have built-in Windows XP supplicant and 2960 cisco switch with IOS c2960-lanbasek9-mz.150-2.SE5.bin
On supplicant I use EAP(PEAP) with EAP-MSCHAP v2.
I created authentication and authorization rules with Active Directory as External Identity Source. Also I applied authorization profile with DACL.I login on Windows XP machine under different Active Directory accounts. Everything works fine (authentication, authorization ), but only for several hours. After several hours passed , authentication and authorization stop working . I can see that ISE trying authenticate and authorize users, but ISE always use only one account for authentication and authorization . Even if I login under different accounts ISE continue to use only one last account.
I traied to reboot switch and PC,but it didn’t help. Only rebooting of ISE helps. After ISE rebooting, authentication and authorization start to work properly for several hours.
I don’t understand is it a glitch or I misconfigured ISE or switch, supplicant?
What should I do to resolve this issue?
Switch configuration:
testISE#sh runn
Building configuration...
Current configuration : 7103 bytes
! Last configuration change at 12:20:15Tue Apr 15 2014
! NVRAM config last updated at 10:35:02 Tue Apr 15 2014
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname testISE
boot-start-marker
boot-end-marker
no logging console
logging monitor informational
enable secret 5 ************
enable password ********
username radius-test password 0 ********
username admin privilege 15 secret 5 ******************
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting update periodic 5
aaa accounting dot1x default start-stop group radius
aaa server radius dynamic-author
client 172.16.0.90 server-key ********
aaa session-id common
clock timezone 4 0
system mtu routing 1500
authentication mac-move permit
ip dhcp snooping vlan 1,22
ip dhcp snooping
ip domain-name elauloks
ip device tracking probe use-svi
ip device tracking
epm logging
crypto pki trustpoint TP-self-signed-1888913408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1888913408
revocation-check none
rsakeypair TP-self-signed-1888913408
crypto pki certificate chain TP-self-signed-1888913408
dot1x system-auth-control
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
ip ssh version 2
interface FastEthernet0/5
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication open
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/6
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/7
interface Vlan1
ip address 172.16.0.204 255.255.240.0
no ip route-cache
ip default-gateway 172.16.0.1
ip http server
ip http secure-server
ip access-list extended ACL-ALLOW
deny icmp any host 172.16.0.1
permit ip any any
ip radius source-interface Vlan1
logging origin-id ip
logging source-interface Vlan1
logging host 172.16.0.90 transport udp port 20514
snmp-server community public RO
snmp-server community ciscoro RO
snmp-server trap-source Vlan1
snmp-server source-interface informs Vlan1
snmp-server enable traps snmp linkdown linkup
snmp-server enable traps mac-notification change move
snmp-server host 172.16.0.90 ciscoro
radius-server attribute 6 on-for-login-auth
radius-server attribute 6 support-multiple
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server dead-criteria time 5 tries 3
radius-server vsa send accounting
radius-server vsa send authentication
radius server ISE-Alex
address ipv4 172.16.0.90 auth-port 1812 acct-port 1813
automate-tester username radius-test idle-time 15
key ******
ntp server 172.16.0.1
ntp server 172.16.0.5
endYes. Tried that (several times) didn't work. 5 people in my office, all with vers. 6.0.1 couldn't access their gmail accounts. Kept getting error message that username and password invalid. Finally solved the issue by using Microsoft Exchange and "m.google.com" as server and domain and that the trick. Think there is an issue with imap.gmail.com and IOS 6.0.1. I'm sure the 5 of us suddently experiencing this issue aren't the only ones. Apple will figure it out. Thanks.
-
ISE 1.2 issue with CWA (Error : Your session has expired)
Hii
we have ISE deployment with two administration nodes and two service policy nodes running 1.2.1.198 , with CWA for wireless guest users (Cisco WLC) . Suddenly , many guest users faced an issue where login page is redirected but after inserting user/password it gave ""Your session has expired. Sign on again""
authentication logs on ISE shows:
Event 5418 Guest Authentication Failed
Failure Reason 86017 Session Missing
Resolution Please contact your Administrator
Root cause SessionID is missing. Please contact your System Administrator
we suspected the bug CSCul10677 , but it is fixed in 1.2.1.198 . We reloaded the two service policy nodes and that resolved the issue temporarily , but it showed back after couple of hours . The issue appeared with some users not all , and with no specific devies or operating systems.
Any idea ?
Regards,
MohammadPlease refer the link : https://supportforums.cisco.com/discussion/12131531/ise-12-guest-access-session-expired
Workaround:
Terminate session from admin UI and type in the original URL to redirect to guest portal with a new session-id.
Disconnect SSID, wait for a few minutes, reconnect and enter the original URL to redirect to guest portal with the new session-id. -
DNS issues with replaced domain controllers
I have slight issue I hope some one can help with.
We recently replaced some domain controllers in our 2 core sites the process we followed is as below:-
moved FSMO roles to different already working servers
demoted the old domain controllers and decommissioned.
built virtual machine replacements with the same names.
depromo'd the servers
ran all the tests and it reported everything was fine.
moved the fsmo roles to the new servers.
repeated this for the remaining servers.
this was our 2003 domain to free up physical space but our new 2013 domain what will exist separately until all our applications our tested.
however the problem we now have is that non domain controllers have issues registering against the new servers despite being able to do look-ups against them all (replication testing looks fine). one of our regional DC's seems to have taken over as the primary
replica. as changes made else where disappeared but changes made there got replicated out perfectly.
I have managed to resolve this particular issue by added the domain controllers back into several locations in DNS manually (maining forward lookup zones>my domain>_tcp )but we still experience the odd issue with servers not registering in DNS properly
(although it's a lot better since the I did the above)
so basically does any one have a idea on what could have caused this issue and how I can resolve?should the demotion not automatically remove it from sites and services automatically (it could well be this if not) the question then becomes how do we resolve the issues we have now.
Hello,
NO, as you can demote a DC and it still may run site-aware services like DFS and for this reason a DC is NOT automatically removed from AD sites and services during demotionprocess.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://blogs.msmvps.com/MWeber
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Twitter: -
DNS Issues with Hyper-V 2012 R2 VDI Pooled Desktop Deployment
Good afternoon all!
We are running a POC VDI deployment on a Nutanix system, and I am having a DNS issue. I would appreciate some help trying to figure this out. Two situations that are causing issues that I can see:
1. VMs go into a saved state if not being used: This in itself is not an issue, and I see it as a way to save resources not being used; however, if a VM is saved for a few days, the DHCP address often gets reassigned. Now if users are connecting, and that
saved VM with the stale address is called to wake up, the VM is not found.
2. Recreating the pool after updating the golden image: This is the bigger issue. After a couple days of running smoothly, I was asked by my pilot users to add Firefox. I installed it and recreated all the VMs in the pool. When this happened, they all got
new IPs, but the old DNS records were not updated. This made the broker unable to find a single VM in the pool. I could not ping a single one.
Has anybody else run into these DNS issues with a VDI deployment? If so, what did you do to resolve it? If not, have any ideas on what is going on here?
Thank you in advance!
EricHi Eric,
As per my research, I can say that the default behavior. When we will recreate the VM it will change the IP address dynamically. But from your description it seems the DNS record is not getting update and due to that you can’t find your VM with hostname or
IP. But for this you can set one option under DNS server with which DNS record can update the new IP address. The option you need to set is “Dynamic updates>Nonsecure and Secure” under general properties in sites. You can check below snap.
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Dns issues with one domain (Resolved)
i'm currently having dns issues with one domain, in that it won't resolve when I use bt's dns servers.
The domain is owned by a friend in the US who runs his own server for irc, web, and I also have a server that is on his connection, and resolves fine from other machines on different networks, and also resolves fine when I set windows to use the opendns servers, but when it's set to either my routers ip (using bt's dns), or set to automatic (using bt's dns via the homehub), this one domain will not resolve.
I'm pretty certain it's not a windows issue, as it's a clean install of windows 7 that I did yesterday. I've tried rebooting the homehub, and also flushing my dns on windows, but this has not solved the issue.
As I say, it resolves fine on other networks, and also when I use the opendns servers, so I know it's definately a dns issue.
Using bt's dns servers:
C:\Users\admin>ping chatnsn.com
Ping request could not find host chatnsn.com. Please check the name and try agai
n.
Using opendns:
C:\Users\admin>ping chatnsn.com
Pinging chatnsn.com [68.51.24.74] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 68.51.24.74:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
(The timeouts are normal...he has his router set to not respond to ping requests).
Has anyone got any ideas on how to sort this out? Preferably without having to phone the helpdesk...lets just say i've done it in the past, and according to the poeple I spoke to in india, I knew nothing about my own systems, and it was a problem at my end...which was not the case, and I proved this several times.
Edit: This issue appears to have resolved itself, and the domain is now resolving again using the homehub for dns resolution.Hi,
When NSLOOKUP starts, before anything else, it checks the computer's network configuration to determine the IP address of the DNS server that the computer uses.
Then it does a reverse DNS lookup on that IP address to determine the name of the DNS server.
If reverse DNS for that IP address is not setup correctly, then NSLOOKUP cannot determine the name associated with the IP address.
http://support.simpledns.com/kb/a90/nslookup-cant-find-server-name___-default-server-unknown.aspx
Also refer to:
How to fix NSLOOKUP Default Server: UnKnown?
http://www.randika.info/2013/01/how-to-fix-nslookup-default-server.html
Regards.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
HI,
we have an SBS2008, has been working fine for a long time, don't know when or why this issue has started.
A user couldn't connect to PC using RWW - so I checked rdp to that pc from the server and also couldn't rdp to pc - checked ping and couldn't find host = no DNS (although there IS an entry in DNS). Ping by IP is fine 192.168.10.114
Added host entry for this PC and all works fine
BUT...
there are other users with the same problem, and when i ping other devices by name from the SBS it either can't see them, or it uses IPv6 - something i think i remeber us disabling (with the help of Microsofdt Support) year sago when the server went in,
and had internet DNS issues.
I have tried flushing dns cache on server to no avail.
All PCs show in the SBS console as status "unknown" which i have seen before with DNS issues.
can anyone help?
Thanks,
JJHi,
Lets make sure we are running Single NIC on the server. DNS pointing to Servers IP Address itself. Disable TaskOffloading and Receive Side Scaling on the NIC and reboot the server.
Note - Don't disable IPV 6
If you have any further queries you can call me - 214-347-7988214-347-7988
Binu Kumar - MCP, MCITP, MCTS , MBA - IT , Director Aarbin Technology Pvt Ltd - Please remember to mark the replies as answers if they help and unmark them if they provide no help.
Maybe you are looking for
-
. How to put Check box in every row in Table
Hi Friends, I have one doubt in Webdynpro with java. How to put Check box in every row in Table? For Exam My requirement is I am getting BAPI from ECC System. So I have to go given input details in first view and output details in SecondView. So in S
-
A function instead of UNBOUNDED PRECEDING (like "Last field with value=0")
Hello, I have a table with many rows. The attributes of the table are code, month and value. For each code there are 12 months and 12 values. No I want to add the gaps between the months... Is it possible to count the following gaps between the diffe
-
What do I do if my sound isn't working
As of this morning my sound is no longer working nor with or without the use of headphones. I have turned all the volume settings up to high and have not seen a result. Please help! Thanks
-
How to view the pl/sql for dbms_stats
Hi, Please can you help? From executing the code execute dbms_stats.gather_database_stats; , I have the following error: BEGIN dbms_stats.gather_database_stats; END; ERROR at line 1: ORA-01476: divisor is equal to zero ORA-06512: at "SYS.DBMS_STATS",
-
Need download for software NO CD DRIVE on computer
I need the download for the software. i have had this printer for a while but just purchased a new computer that does not have a cd drive. please help!