ISE Profiling for Wireless Devices (WLC 5508) like Laptops and Mobile Devices

Similar Messages

• Search for wireless devices display

  Some how I managed to get up the circular display screen with a rotating line which displayed all available devices. Now its gone, and I cannot get it up. I left click on the taskbar icon and 'search for wireless devices' but only get the small display. anyone help please?

  Hi again
  I think that it is not the reason why you can not start this application. You can configure the wireless connection on two simply ways. First one is to use windows settings (like in your case) or you can use some client to do this. In this way the windows option must be disabled.
  As far as I know the ConfigFree tool is no a client. This tool can help you to get more precise information about your LAN or wireless connection. Like you can see there you can create some profiles and enable or disable all hardware components that your unit use for communication with other external devices.

• Satellite M35: Configfree search for wireless devices

  I have a satellite M35. The icon for search for wireless devices in configfree stopped appearing in my desktop.

  Hi Enrique,
  you could look up if the Configfree software is already installed on your unit. You can then create a new shortcut on the desktop by right clicking the "cfmain.exe" program. It should works now!!
  or
  you deinstall the software and re-install it from your Toshiba Tools and Utilities CD. If you do not have the CD, you can download the newest Version from Toshiba Amerika
  at http://www.csd.toshiba.com/cgi-bin/tais/su/su_sc_home.jsp
  (I think the Satellite M35 is an US product)then do a reinstall of the software.
  I hope this will help you.
  cu Sammy23

• WebtoGo for laptop and mobile device - urgent

  Hi,
  I need to develop a web to Go application for both laptop and mobile device. The code which i generate for laptop should work on mobile device too.
  ie the single application should work for both mobile and laptop devices.
  Now coming to lightweight framework and small footprints what technologies should i use in J2EE.
  If i use struts is that going to be mess in mobile device. Some one guide me here about choosing the technologies.
  Thanks

  our java app that we have just ported from PDA to laptop uses AWT components as these work on the PDA. need to go for what will work on the windows mobile device, abnd this may restrict you to older and less functional components.
  NOTE platform is defined within the application on the server side (the name of the database on the client), and therefore you will need two applications in terms of oracle lite publications, so define the database name external to the code in some kind of a properties/config file

• Configuration Profile for Apple Devices with ISE

  Hi,
  is there any possibility to put configuration profiles on apple device with the ise? I need to disable the dataroaming function in forgein countries for ipads.
  Best regards
  Felix

  Nice. Only trouble there seems to be multiple entry for same mac address there for same resource id.
  So when I try to get them as substring i get multiple copies of same mac address.
  But looks like this will work as solution to this problem.
  So far I was doing it this way (And i am sure there is clearer way to do it.)
  SUBSTRING((SELECT ',' + CAST(t2.MACAddress0 AS VARCHAR(40))
              FROM (SELECT DISTINCT ResourceID, MACAddress0 FROM  v_GS_NETWORK_ADAPTER) t2
              WHERE t2.ResourceID = ResourceID
              ORDER BY t2.ResourceID, t2.MACAddress0
              FOR XML PATH ('')
          ), 2, 100) [MACAddresses]

• ISE profiling on Apple-Device, Apple-iPhone and Apple-iPad

  hi,
  I have a question on ISE profiling, espcially on Apple-device.
  My testing environment: when i use iphone to connect, by default the result profiled me as apple-device.
  But when i try to get it more specific, i mark the identity store as apple-iphone on the authorization rule, it fail somehow. It seem it cannot go deeper to analyze it's iphone, instead of Apple-Device.
  The default of the apple-iphone porfiler condition for apple-iphone is checking the hostname and user-agent. So when i try to use the safari browser to get online, it won't bounce me as apple-iphone profile somehow..
  Question:
  01. what should i do in order the profiler can analyze directly it was the apple-iPhone, or any thing need to configure ? say like authorization rule?
  Thanks
  Noel

  Are you getting redirected to the web portal in ISE? That is the most common way the ISE can get the user agent of the browser in order to profile the device as the apple-iphone. Give that a try and then see if the user agent is learned, you should get a message to refresh your browser momentarily. Then coa should trigger and the wireless controller should get the new authorization profile that you configured for your apple-iphone endpoints.
  Thanks
  tarik Admani

• TC Looses connection to the Internet for wireless device & new Apple TV

  I have a new TC (1 TB) that I got within the last month or two, I use it as my Internet router behind my DSL modem. TC gets a DHCP address from my DSL modem then does NAT to both Ethernet and Wifi devices behind it. After a short period of time I have noticed that my Wifi devices (New Apple TV, Macbook Pro, & 2 Iphones) will loose connectivity to the Internet, although they never loose their Wifi connection. What is strange is that I have several hard wired Ethernet devices that can still access the Internet going through the TC at the same time the wireless devices can not.
  In order to get the wifi devices back working I have done a few things, disconnected and reconnected the Ethernet cable between the TC and my DSL modem, power cycled the TC, power cycled my DSL modem. It seems like the most reliable method is power cycling the TC.
  This seems to happen pretty frequently however with no pattern or cause I can detect. The only interesting thing is that I just installed my New Apple TV and prior to that I do not recall having to recycle the TC. I am inclined to think the TCP video streaming might be overloading the TC and causing the wireless process to crap out while the ethernet ports are fine.
  Any thoughts or comments would be appreciated. Will do some more troubleshooting and will contact Apple support at some point. I will also update this thread when I find out more.

  I have a similiar problem - but I don't have Apple TV - and when the TC looses internet connection it is for wired and wireless devices. WLAN and LAN still working.
  At the same time i cannot access the configuration of the TC thru Airport - are you able to do this?
  I also have the feeling that high data loads provokes the error more often.

• Apple should do something for the equipment stolen something like block and only activated by key words given to register the device on the apple's website

  Apple should do something for the equipment stolen something like block it(them) and only activated by key words given to register the device on the apple's website

  Tell Apple:
  http://www.apple.com/feedback
  Doubtful that this would happen.  Privacy laws would likely be tested with this.
  No manufacturer does this.

• Internet connectivity for wireless devices on homefusion

  I am having an issue with my homefusion router.  I can connect my wireless device (smartphone, kindle, etc.) but I cannot get internet connectivity.  Anybody have any suggestions before I have to call support?
  Thanks

      Hi JLovell,
  It's great that you're able to get devices connected to the HomeFusion. This means the device is broadcasting the service to you. By not being able to actually browse the web, this means that the service is being stopped by something else. We will need to verify the account is setup right on our end of the system (activation successful and right plan setup). Once that's done on our end, you can reboot and that's the only step that can be done on your end.
  Thanks,
  MariaC_VZW
  Please follow us on Twitter @VZWSupport

• EAP-TLS with WLC 5508, Microsoft NPS and custom EKU OID´s

  We are trying to implement EAP-TLS with client certificates that have a custom EKU OID to distinguish the WLAN clients. The Microsoft Press Book
  Windows Server 2008 PKI and Certificate Security gives an example on how to configure a policy in NPS that matches specific EKU OID´s. At the moment we have two policies that have an allowed-certificate-oid configured that matches the OID´s in our certificates, but our setup is not working as expected. Authentications will only be successful, if the client authenticates with the certificate that is matched by the first policy rule.
  For example:
  Policy 1: allowed-certificate-OID --> corporate
  Policy 2: allowed-certificate-OID --> private
  Client authenticates with EKU corporate --> success
  Client authenticates with EKU private --> reject
  My expectation was, that if Policy 1 will not match the NPS goes over to Policy 2 and tries to authenticate the client.
  Has anyone a simmilar setup or can help to figure out what is going wrong?
  We have a WLC 5508 with Software Version                 7.4.100.0 and a NPS on a Windows Server 2008 R2
  regards
  Fabian

  The policy rejects and the NPS goes to the next policy, only if the user does not belong to the configured group.
  This means I need to have one AD group per application policy, but that will not solve my problem. A user could belong to more than one group, depending on how many devices he/she has. It will work with one group only for each user, because the first policy that matches a AD group, the user belongs to, could have a OID that is not in the certificate. This would cause a recejct with reason code 73:
  The purposes that are configured in the Application Policies extensions, also called Enhanced Key Usage (EKU) extensions, section of the user or computer certificate are not valid or are missing. The user or computer certificate must be configured with the Client Authentication purpose in Application Policies extensions. The object identifier for Client Authentication is 1.3.6.1.5.5.7.3.2.
  The certificate does include this OID but not the custom EKU.

• WLCs 5508, HA enabled and Internal DHCP

  Hi:
  Designing a new project for a customer in which a pair of WLC-5508 and a bunch of AP-3602I will be deployed.
  Controllers running 7.4 image, and I'd also like to use them as internal DHCP servers for clients in different WLANs
  As for the redundancy mechanism I'd go for activating HA (AP-SSO) but I know HA and internal DHCP server can't coexist.
  So, my question is: does anyone know if Cisco is thinking of implementing both features in any new version to come? The goal would be the Active controller handing over all leases database in case of active to standby switchover.
  Thx!
  Juan.

  As you already know that HA and DHCP both cannot coexist on WLC. Till now there is no plan of cisco to implement this.

• Pavilion 8080 wireless not working. Cant find router but my laptop and mobile can. Think a hardware

  issue or possibly a wrong driver. Can anyone point me in the right direction? I can't use ethernet as the router and PC are not close enough. Thanks

  Hi,
  if you cannot  findt your router by your pc and mobile then you have issue with your router,
  try to staind near by to your router and see you can find your router in your phone if you able to find your router wifi singnals near by then
  use these steps
  for Wireless Issue
  try these steps to check internet connectivity of your laptop, desktop or phone
  go to RUN type cmd
  a black window will pop up
  type there ping www.google.com -t     (ping space www.google.com space -t)
  if you can ping the google then you are connected to internet if its not pinging to google then chk your router connectivity
  Try these steps to check connctivity with router
  go to RUN type cmd
  black pop window will open
  type there ipconfig /all
  there you will get an IP address assigned to your wifi network adaptor
  see the picture
  You have to ping your gateway it could be 192.168.0.1 or 192.168.1.1 or something etc.
  go to RUN tye cmd   type there  ping 192.168.xxx.xxx -t ( ping space 192.168.xxx.xxx space -t)
  as you can see mine is 172.90.91.1 and i am pinging it.
  if you are getting pings  with time=1 ms then you are getting good strength
  or your ping time is between 1 ot 99 then its ok if its 100 or above then you will get problem surfing internet.
  if need any help ask it..
  if you are not getting your router wifi signals while standing near by to your router then porblem could be your router, may be wireless is disabled or something else,
  try to reconfigure your router.
  Hope this helps!
  **Clicking on the Kudos! white star is a nice way to say thank you on any post that helped you or resolved the problem.**
  **Selecting "Accept as Solution" for a reply that solves your issue helps others who are searching the web for an answer**
  **Clicking on the Kudos! white star is a nice way to say thank you on any post that helped you or resolved the problem.**
  **Selecting "Accept as Solution" for a reply that solves your issue helps others who are searching the web for an answer**

• ISE profile / posture IOS device

  is there a way to profile or posture an IOS device as to wheather or not it has been rooted?
  our Corporate policy would like to say that if rooted, you get zero access.
  Thanks
  Scott

  No - future MDM integration that Cisco is working on should be able to bring is type of information to ISE. Cisco have indicated MDM integration is coming in Q4 2012.
  Sent from Cisco Technical Support iPad App

• OCR SDK for wireless devices using java?

  Dear Forum members,
  Can any one please sugest some OCR SDK for mobile devices which is compatible with java......
  Thanks in advance....
  ---Vidya

  Thanks.
  This makes our deployement script stop working.  We don't want to use the Webi Rich Client to deploy webi report manually to different servers (like Development, SIT, UAT, Production, etc.).  We use shell scripts calling Java programs  to deploy reports. 
  Is there any other way to deploy webi reports using Java SDK which can find the universe by name in the same CMS automatically and link to it?

• ISE AuthZ for Wireless Phones MIC EAP-TLS

  Hi all,
  Trying to authorise 7925G phones using MIC and EAP-TLS. My problem is that I can't seem to get the username in the MIC to match against an Internal Identity group on ISE AuthZ policies. If I remove the endpoint ID group I am able to auth no worries. Everything looks great including the username been in a specific User ID group but I just cannot get it to match a policy with this group selected (both as the ID Group and as an "Internal User:Identity Group" condition).
  Any ideas or is this just not possible?

  Out of curiousity why would you suggest MAB in this instance? These devices have MIC certs and are pretty much EAP-TLS ready out of the box? My problem simply lies with the apparent inability of ISE to match the Subject CN againt an internal group.