Issue authenticating on NBC olympics....

Similar Messages

• NBC Olympics Live Extra login loop.

  When trying to watch the NBC Olympics streaming I get stuck in a Login loop. You are asked to sign in to your provider which in my case is Dish and I enter my information and it goes away and then comes right back asking my provider again over and over. It works fine in IE and and Chrome and I have gotten it to work in Firefox only once but it quit working. When it did work it was MUCH better in Firefox (faster and smoother). I've tried reinstalling firefox, clearing history, reinstalling flash, clearing flash cache, tried without any addons in firefox all to no avail. I'm currently using the latest verison 14.0.1. Any ideas would be great as I much prefer Firefox to the other options.

  Done all that, that is always the first thing I try when a site is acting screwy. :(
  I also received the following from NBC support which also did nothing to help.
  Thank you for contacting us.
  We are aware of this issue and have identified that this is related to Flash Settings on your computer.
  Please go through the comprehensive list below. If the first two steps do not resolve your issue, please continue with the rest of the steps.
  1. Please make sure you are running the most recent version of flash. To confirm, please go to this page to download the most recent version:
  http://get.adobe.com/flashplayer/
  2. Go to the settings panel here http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager08.html and click "Reset License Files"
  IF THESE TWO OPTIONS DID NOT RESOLVE YOUR ISSUE, PLEASE CONTINUE WITH THE STEPS BELOW.
  3. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html and make sure "Allow third-party Flash content to store data on your computer" and "Store common Flash components to reduce download times" options are both checked.
  4. Move the "Specify the amount of disk space..." slider to 100 KB.
  5. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
  6. Clear the Flash Player Cache by pushing the "Delete all sites" button.
  7. Make sure your third party cookies are enabled:
  FIREFOX BROWSER (FOR PC USERS)
  --> Click on FIREFOX (top left of screen)
  --> Click on Options
  --> Click Privacy Tab
  --> Open drop down next to "Firefox will:" and set it to "Use custom settings for history"
  -->Make sure "accept cookies from sites" is checked
  --> Make sure "Accept third-party cookies" is checked
  --> Keep until: "they expire" (in drop down)
  --> Click “Ok” at bottom
  8. Close your browser and then reopen your browser.
  9. Start the verification process here: http://www.nbcolympics.com/liveextra/help/index.html
  If the steps up above do not resolve your issue, please uninstall and then reinstall Flash.
  Thank you.
  NBCOlympics.com Support

• Webservice Header Issue ( Authentication required )

  Dears I am developing client application to consume webservice, the webservice developer sent me the wsdl file and the sample SOAP request , all look fine for me
  the issue that when I am trying to call the webservice it returns an error message ( Authentication Required ) but I am sending the user name and the password in the header as expected.
  here is the Sample SOAP 
  <soapenv:Envelope xmlns:fax="http://fax.po.ws.apps.oracle.xxdof/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Header><wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-5A2B82D9EE5888AE0414252886487322"><wsse:Username>weblogic</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">weblogic1</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">jMqFQqEM30Yp+t3tP+8meg==</wsse:Nonce><wsu:Created>2015-03-02T09:30:48.732Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header>
  <soapenv:Body>
  <fax:faxStatus>
  <!--Optional:-->
  <arg0>0</arg0>
  <!--Optional:-->
  <arg1>0</arg1>
  <!--Optional:-->
  <arg2>0</arg2>
  <!--Optional:-->
  <arg3>0</arg3>
  <!--Optional:-->
  <arg4>0</arg4>
  <!--Optional:-->
  <arg5>0</arg5>
  </fax:faxStatus>
  </soapenv:Body>
  </soapenv:Envelope>"
  and below the request I am sending 
  <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <s:Header>
  <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <o:UsernameToken u:Id="uuid-90e0f212-3dc0-4913-96a8-175697d5240d-1" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <o:Username>username</o:Username>
  <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</o:Password>
  <o:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">JY+mppXhcmr+Rl/kzURVoYKFKa4=</o:Nonce>
  <u:Created>2015-03-18T09:43:26.248Z</u:Created>
  </o:UsernameToken>
  </o:Security>
  </s:Header>
  <s:Body>
  <faxStatus xmlns="http://fax.po.ws.apps.oracle.xxdof/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
  <arg0 xmlns="">0</arg0>
  <arg1 xmlns="">1</arg1>
  <arg2 xmlns="">2</arg2>
  <arg3 xmlns="">3</arg3>
  <arg4 xmlns="">4</arg4>
  <arg5 xmlns="">5</arg5>
  </faxStatus>
  </s:Body>
  </s:Envelope>
  Can you please point me what I am missing here
  thanks
  wasim

  Hi,
  In the Sample SOAP, the username and password are weblogic and
  weblogic1. But the request you are sending are
  username
  and password which are not the authenticated account.
  You need make sure that the username and password you passed are authenticated
  account.

• Installation issue: Authentication: AWS for Windows NTLM returns error

  We are rebuilding our STG with Plumtree 5.0.4. After I installed Optional Enterprise Web Components, the Authentication: AWS for Windows NTLM returns error. I am wondering if anyone has the similar experience and could help to fix the issue. I have located error with the virtual directory but unable to fix it.
  <b>Symptons</b>
  When try to access
  http://servername/ntaws/RemoteSynchService.asp, got 404 page/folder not found error.
  <b>Log Error:</b>
  The message returned from the IIS creation of virtual directory ntaws on the Default Web Site
  web site for D:\Program Files\plumtree\ptntaws\5.0\webapp\ntaws\www is:
  <message>
  Error
  Error
  </message>
  <b>Solution Tried:</b>
  1. Manually Create the virtual directory - didn't work
  2. Reinstalled the Optionsal web service AWS portal, and re-migrate the ntaws.pte - didn't work.
  I appreciate your help.
  Hao Pan
  [email protected]

  from bi_server.out:
  default etypes for default_tkt_enctypes: 17 23 3 1 23.
  Pre-Authenticaton: find key for etype = 3
  AS-REQ: Add PA_ENC_TIMESTAMP now
  >>> EType: sun.security.krb5.internal.crypto.DesCbcMd5EType
  >>> KrbAsReq calling createMessage
  >>> KrbAsReq in createMessage
  >>> KrbKdcReq send: xxxx  timeout=30000, number of retries =3, #bytes=270
  >>> KDCCommunication: kdc=xxxx #bytes=270
  >>>DEBUG: TCPClient reading 106 bytes
  >>> KrbKdcReq send: #bytes read=106
  >>> KrbKdcReq send: #bytes read=106
  >>> KdcAccessibility: remove xxxxx
  >>> KDCRep: init() encoding tag is 126 req type is 11
  >>>KRBError:
           sTime is Wed Apr 15 13:32:41 EDT 2015 1429119161000
           suSec is 553936
           error code is 14
           error Message is KDC has no support for encryption type
           realm is xxxx
           sname is krbtgt/xxxxx
           msgType is 30
                  [Krb5LoginModule] authentication failed
  KDC has no support for encryption type (14)
  Any insight???

• IPad Authentication Issues

  Hi,
  We are trying to get iPads working with one time passwords, WPA2, PEAP-GTC (safeword token cards). The initial authentication works fine in this setup but if the iPAD is put to sleep we run into issues authentication when it wakes up. It looks like it tries to re-use the safeword one time pass and ends up locking the safeword card because to too many invalid tries. Is there any way around this?
  Thanks,
  Greg

  The only solution I can think of - is to set the iPad preferences to sleep never.

• NBC Sports Live Extra sign in issue

  Hello,
  I have a login issue with the NBC Sports Live Extra app on my ipad.
  I tried to watch Stanley Cup playoff games. After signing in with my Verizon login I got an error message saying that I could not get access to the content because subsription to the Golf channel was required. I don't have the Golf channel, my TV package is Prime HD but it does have the NBC Sports network which broadcast the NHL.
  Has anyone else the same issue?
  Thanks for your help,
  David

  I am continously having this same issue. Everything works fine on the website, so it isn't a credentailing issue.
  PLease help!

• Sign on for NBC Olympic premium content

  At nbcolympics.com they have live coverage of some events - but require you to sign on to you current provider.  FIOS is an option - but I can't seen to sign on to my account....  Anyone else having the same issue?
  Solved!
  Go to Solution.

  Hi folks --
  I hate to bust into a thread that's already labeled solved, especially after it was moved to the FiOS TV board. Mods, please feel free to move this post if that would be more appropriate -- this seems to be the only discussion of the NBC Olympic premium content.
  Brian couldn't sign in to the NBC Olympics video participating cable/satellite/IPTV paywall with his Verizon FiOS log-in. But my problem is one step back. I have Verizon High Speed Internet (FiOS isn't available in my area), and that isn't even an option on the list of providers.
  The thing is, this Verizon press release ((http://newscenter.verizon.com/press-releases/verizon/2010/verizon-brings-customers-nbc.html) says that Verizon High Speed Internet customers are supposed to have access to the premium Olympics video.
  (The relevant bit: “Verizon's FiOS Internet and High Speed Internet customers will have access to more than 400 hours of live event competition and more than 1,000 hours of on-demand access to full-event replays from Vancouver, as well as extensive highlights such as event recaps, best-of montages, commentator analysis and athlete-specific clips.")
  I tried a chat with Verizon tech support -- useless. I also had a long phone call with customer service; an agent called David did his best but couldn't find out what the story is.
  So -- I'd be very grateful if someone can tell me if Verizon High Speed Internet customers are getting access to the premium video -- and if not, why not. (PS -- I don't believe that it's slow download speeds, since NBC claims that users will have a "good" experience even with download speeds as slow as 900Kbps).
  Liv

• How do I use my own Custom Auth/Authentication/Entitlement (Token)?

  [ Background ]
  Adobe Access DRM provides for 3 authentication mechanisms:
  Anonymous - Licenses are issued irregardless on if there is/isn't a valid authentication token attached to the license request.
  UsernamePassword - Licenses are ONLY issued if the license request has a valid Adobe-Access-Server-Issued authentication token.
  Custom - Licenses are ONLY issued if there is a valid cusom authentication token attached to the license request.
  Typically, customers already have some authentication scheme in place and choose to re-use that system, instead of leveraging Adobe Access' built-in usernamePassword support.  For this to succeed, accomodations must be made during packaging time, on the client device, and at the Adobe Access license server endpoint.
  [ More Background ]
  Here's a forum thread that prompted this thread: http://forums.adobe.com/message/5085330#5085330
  [ Recipe ]
  1. Adobe Access DRM Policy is created that specifies a "custom" authentication token.  As of Adobe Access 4.0, the tools that ship with the Java SDK cannot create a DRM policy with "custom" authentication out the box; a small Java application will have to be written to do this, which is covered in the thread posted above.
  2. Content is packaged using this custom_auth policy.
  3. Client device performs authentication via whatever channel already exists for you to perform authentication (e.g. SAML tokens, etc...)
  4. Client device sets the authentication token: DRMManager.setAuthenticationToken()
  5. Client device attempts to acquire a license for the content created in step #2: DRMManager.loadVoucher();
  5a) Because step #4 set the authentication, all license requests going forward will automatically have this custom auth token appended to it
  6. License server receives request & extracts custom auth token to parse & perform additional entitlement checks
  7. Licnese server generates a license to return to client device.
  [ Server Code Snippet (RefImplLicenseReqHandler.java) ]
  try {
    ServletInputStream in = request.getInputStream();
    ServletOutputStream out = response.getOutputStream();
    HandlerConfiguration context = super.getHandlerContext();
    ServerCredential licenseServerCred = getLicenseParams().getLicenseServerCred();
    licenseHandler = new LicenseHandler(context, in, out, licenseServerCred);
    licenseHandler.parseRequest();
    List<? extends LicenseRequestMessage> requests = licenseHandler.getRequests();
    // Multiple request in one message is not supported in FAXS 2.0 or 3.0 client.
    for (LicenseRequestMessage licenseReq : requests) {
       try {
    // TODO: If custom authentication is specified in the DRM policy, here is where
    // you can retrieve the custom authentication token and perform custom parsing to
    // determine further business rules and entitlement before issuing a license.
    // The "Custom Authentication" will look like:
    // 1. Client device obtains auth token using some other channel
    // 2. Client device sets auth token by calling DRMManager.setAuthenticationToken()
    // 3. Client makes a license request by calling DRMManager.loadVoucher()
    // 4. Adobe Access Server receives request and:
    // 4a) Determines Custom Auth is required by DRM Policy: licenseReq.getContentInfo().getContentMetadata().getPolicies()[0].getLicenseServerInfo(). getAuthenticationType();
    // 4b) Retrieves Custom Auth token for custom parsing/handling: licenseReq.getRawAuthenticationToken()
    // 5. If there are no errors when parsing the custom token, Adobe Access Server generates a license.
                                                    V2ContentMetaData metadata = licenseReq.getContentInfo().getContentMetadata();
                                                    ApplicationProperties applicationProperties = null;
                                                    String usageModelString = null;
                                                    if (metadata != null) {
                                                              applicationProperties = metadata.getCustomProperties();
                                                              if (applicationProperties != null) {
                                                                        usageModelString = applicationProperties.getSingleValueAsUTF8String(DEMOMODE);
  cheers,
  /Eric.

  Google Search: '''firefox create a persona'''
  * '''Personas for Firefox''' | How to Create Personas<br>https://www.getpersonas.com/en-US/demo_create
  * '''Personas for Firefox''' | Frequent Questions<br>http://www.getpersonas.com/en-US/faq
  * '''Personas for Firefox''' | Getting Started<br>http://www.getpersonas.com/en-US/getting_started
  '''I think you'd have a lot more fun with Styles though''', personas tend to hide things on toolbars, styles can be more helpful (or just as bad)
  * '''Stylish''' :: Add-ons for Firefox<br>https://addons.mozilla.org/en-US/firefox/addon/stylish/
  * '''Restyle the web with Stylish!''' - userstyles.org<br>http://userstyles.org/
  * '''Scrollbar Context Menu''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/54
  * '''Scrollbar Menu''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/52
  * '''Link Warning''' - Themes and Skins for Mozilla - userstyles.org<br>http://userstyles.org/styles/1301
  * '''Tabs, Enlarge list-all-tabs button''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/18553
  * '''Tabs Bar Minimal Size''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/9043
  * '''Tab Color Underscoring active/read/unread (Fx3.6)''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/24728

• AP 1200 print issue

  We have a Cisco AP 1200 that has been configured with the standard config. Users have no issues authenticating and associating with the AP, however, they can't seem to print from it. They can print with a wired connection and I can ping the printer from the AP. Can you anyone pls help? The
  Thanks.

  If you can't ping the printer from the wireless station, then it is a vlan issue. You might have your backbone network setup so you can ping everything on your network, i.e. you can ping the printer from the access point. However, a ping from the computer would fail. Check your vlan setup or let me know if you can ping from the wireless clients.
  Thanks,
  Alex

• Apple Remote Desktop 3.4 issue

  Hi there,
  In Apple Remote Desktop 3.4 server I added a client computer by doing a scan by IP. Once the computer was added to a group I was able to take remote control, however after a few minutes I noticed the ARD console was having issues authenticating to it (Even though I authenticated properly to get the machine in ard). The ARD console was reporting that the computer was offline, but I was still able to observe and take control of the machine.
  I then noticed that the MAC address was the incorrect address. It was displaying another computer mac address that is on campus.
  My question: is ARD getting the Ethernet ID/MAC address from DHCP? WINS? DNS? Open Directory? LDAP? or from the client it's self? or do I have corruption in my ARD database?
  I am seeing this on a hand full of computers around campus (out of 500+ computers)
  (If I remove the client - the same thing occurs)

  Yes I've tried to ping the IP address and I get a reply.
  I've just discovered this morning that the issue appears to be with Apple remote desktop.
  The issue came up again this morning...I ended up shutdown ARD completely then loaded it back up, and guess what! The MAC address was showing up properly. I've discovered this is working for SOME of my issues. For the ones that weren't displaying properly I deleted the computer account out of ARD and then manually added the computer though a scanner import via single network address. The scanner finds the computer and it displays the correct Ethernet ID.
  So I’m guessing there is a bug with ARD and its mixing up/displaying the wrong Ethernet ID of some machines....
  Q

• Can anybody explain what is support for ADF Project and to solve the Issues

  Hi,
  I am new to ADF and i am currently associated to ADF Support Project.
  Can anybody explain what is support for ADF Project and to solve the Issues when the ADF Project is in Live.
  we are getting the Tickets for the Issues.
  Thanks in advance.

  I agree with Timo.
  It depends on the size of the project, user base, technologies, etc. We use lot of technologies in fusion middleware stack. We get tickets in many areas.
  In your case, it could be anything like user training issues (user may not know how to use the some system features), browser issues like blank screen, bugs in code like JBO errors (failed to validate, another user has changed row, failed to lock the record, NullPointerException, IllegalArgumentException etc), business logic issues, page may not render properly, performance issues, partial commit issues, application server issues, authentication issues. If you use web services you might get web services related problems.

• Wirelss AP1140 Radius authentication with Microsoft IAS

  Hi,
  I have a Cisco C1140 Ap. I have cnfigured the device. Initially for testing i used WPA and authenticated locally. I have now setup a radius server and added my AP in as a client etc. I have changed my SSID's to authenticate with the radius server and i am having issues authenticating.
  I can connect via a PC and an iphone. They say that i am connected but i get no ip address and the debugs state that the authentication fails:
  000466: Sep 5 14:33:07.074 AEST: %DOT11-7-AUTH_FAILED: Station 40a6.d967.8b13 Authentication failed
  000467: Sep 5 14:33:28.368 AEST: %DOT11-7-AUTH_FAILED: Station bc77.3771.b15f Authentication failed
  000468: Sep 5 14:33:39.837 AEST: %DOT11-7-AUTH_FAILED: Station 40a6.d967.8b13 Authentication failed
  I can see the Radius server as connected
  imc-syd-ap1#show aaa servers
  RADIUS: id 4, priority 1, host 10.10.0.2, auth-port 1645, acct-port 1646
  State: current UP, duration 4337s, previous duration 0s
  Dead: total time 0s, count 0
  Authen: request 0, timeouts 0
  Response: unexpected 0, server error 0, incorrect 0, time 0ms
  Transaction: success 0, failure 0
  Author: request 0, timeouts 0
  Response: unexpected 0, server error 0, incorrect 0, time 0ms
  Transaction: success 0, failure 0
  Account: request 0, timeouts 0
  Response: unexpected 0, server error 0, incorrect 0, time 0ms
  Transaction: success 0, failure 0
  Elapsed time since counters last cleared: 1h12m
  The debugs show:
  000474: Sep 5 14:36:00.969 AEST: %DOT11-7-AUTH_FAILED: Station bc77.3771.b15f Authentication failed
  000475: Sep 5 14:36:01.485 AEST: AAA/BIND(00000109
  show dot11 associations:
  imc-syd-ap1#show dot11 associations
  802.11 Client Stations on Dot11Radio0:
  SSID [IMC-Wireless-Data] :
  MAC Address IP address Device Name Parent State
  bc77.3771.b15f 0.0.0.0 ccx-client DAVID self AAA_Auth
  Any ideas or recomendations would be greatly appreciated
  Thanks
  Below is a copy of my wireless config:
  version 12.4
  no service pad
  service timestamps debug datetime msec localtime show-timezone
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  service sequence-numbers
  hostname xxxxxxxxxxxxxx
  logging buffered 40960 debugging
  enable secret 5 xxxxxxxxxxxxx
  aaa new-model
  aaa group server tacacs+ IMC
  server 172.16.100.3
  aaa group server radius AUTHVPN
  server 10.10.0.2 auth-port 1645 acct-port 1646
  server 10.11.0.24 auth-port 1645 acct-port 1646
  aaa authentication login default group IMC local enable
  aaa authorization exec default group IMC local if-authenticated
  aaa session-id common
  clock timezone AEST 10
  clock summer-time AEDT recurring 1 Sun Oct 2:00 1 Sun Apr 3:00
  no ip domain lookup
  ip domain name imc.net.au
  dot11 syslog
  dot11 ssid IMC-Wireless-Data
  vlan 10
  authentication open eap AUTHVPN
  authentication network-eap AUTHVPN
  guest-mode
  mbssid guest-mode
  infrastructure-ssid optional
  information-element ssidl
  dot11 ssid IMC-Wireless-Voice
  vlan 14
  authentication open eap AUTHVPN
  authentication network-eap AUTHVPN
  mbssid guest-mode
  information-element ssidl
  dot11 aaa authentication attributes service login-only
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption mode wep mandatory
  ssid IMC-Wireless-Data
  ssid IMC-Wireless-Voice
  antenna gain 0
  mbssid
  station-role root
  interface Dot11Radio0.10
  encapsulation dot1Q 10 native
  no ip route-cache
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio0.14
  encapsulation dot1Q 14
  no ip route-cache
  bridge-group 14
  bridge-group 14 subscriber-loop-control
  bridge-group 14 block-unknown-source
  no bridge-group 14 source-learning
  no bridge-group 14 unicast-flooding
  bridge-group 14 spanning-disabled
  interface Dot11Radio1
  no ip address
  no ip route-cache
  encryption mode wep mandatory
  ssid IMC-Wireless-Data
  ssid IMC-Wireless-Voice
  antenna gain 0
  no dfs band block
  mbssid
  channel dfs
  station-role root
  interface Dot11Radio1.10
  encapsulation dot1Q 10 native
  no ip route-cache
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio1.14
  encapsulation dot1Q 14
  no ip route-cache
  bridge-group 14
  bridge-group 14 subscriber-loop-control
  bridge-group 14 block-unknown-source
  no bridge-group 14 source-learning
  no bridge-group 14 unicast-flooding
  bridge-group 14 spanning-disabled
  interface GigabitEthernet0
  description IMC-Wireless-Data
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  no keepalive
  interface GigabitEthernet0.10
  description IMC-Wireless-Data
  encapsulation dot1Q 10 native
  no ip route-cache
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface GigabitEthernet0.14
  description IMC-Wireless-Voice
  encapsulation dot1Q 14
  no ip route-cache
  bridge-group 14
  no bridge-group 14 source-learning
  bridge-group 14 spanning-disabled
  interface BVI1
  description IMC-Wireless-Data
  ip address 10.10.0.245 255.255.255.0
  no ip route-cache
  ip default-gateway 10.10.0.254
  ip http server
  ip http authentication local
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface BVI1
  access-list 111 permit tcp any any eq telnet
  access-list 111 permit tcp any any eq www
  access-list 111 permit tcp any any eq 22
  snmp-server community public RO
  snmp-server enable traps tty
  tacacs-server host 172.16.100.3 key 7 xxxxxxxxxxxxxxxxxxx
  tacacs-server directed-request
  radius-server host 10.10.0.2 auth-port 1645 acct-port 1646 key 7 xxxxxxxxxxxxxxxxxxx
  bridge 1 route ip
  wlccp wds aaa authentication attributes service login-only
  line con 0
  line vty 0 4
  access-class 111 in
  exec-timeout 5 0
  line vty 5 15
  access-class 111 in
  exec-timeout 5 0
  sntp server 10.10.0.254
  end

  Inside the ssid, when you put "authentication open" it's an eap_method that follows. You put your AUTHVPN aaa server group name. that's wrong.
  aaa authentication login  group AUTHVPN
  and adjust your "authentication open eap " to match with that method name.
  Also your group authvpn contains a 2nd server that is undefined in yoru global config ...
  Nicolas

• LDAP issue after upgrading to SP15 from SP7 for CUP 5.3

  Hello,
  We have recently upgraded our Sandbox from SP 7 to SP15 on GRC 5.3 and Now having issues authenticating users using LDAP.
  The connections and settings are exactly same as our Dev system which in on SP7 and the connection also says successful but when we go onto the request page and type in an id it says invalid credentials.
  Am i missing something or is there a special procedure after upgrade .
  Thanks
  Uday

  Hello Frank,
  Thanks for the reply.I forgot to do it and as you said once i performed those steps it actually solved my password reset link issues as it was erroring out with 500 error and now  it is working fine .
  But to fix LDAP issue SAP has a note which says after SP13 we don't need to fill in the user path field while creating LDAP connector.
  Thanks
  Uday

• EIGRP Authentication

  Hi All,
  As per the EIGRP Authentication steps:
  Key chain configuration steps:
  A) First we need to configure key chain in global configuration mode.
  B) Under key chain we need to configure key number. Key number must be match on both side of router and should be active. If multiple key numbers configure on router, then router select lowest number for authentication.
  C) Once you configure key number you need to issue authentication string. 
  Suppose if have a key chain have two key identifiers in R1 and in R2 like below ..will it work ?
  R1 - Key chain one
  Key 1
  key-string cisco
  key 2
  key-string admin
  and in R2 - Key chain two
  key 10
  key-string cisco
  key 15 
  key-string admin
  And also what is use / need for more than one key identifier in a key chain ..how eigrp will process this
  Regards,
  Gan

  Hi kazim,
  Just to make me understand, just in case if i am not configuring any life time value for a key string, then the lowest value key identifier sting is considered as the Key string for authentication.
  R1
  Key chain one
  Key 1
  Key-string cisco  ( this is key value will be considered by the eigrp packets for authentication) -- Sending EIGRP messages: Use the lowest key number among all currently valid keys.
  Key 2
  Key-sting admin
  Suppose in R2 ....
  I configured as below
  Key chain two
  Key 10
  Key-string admin
  Key 15
  Key-sting cisco
  So in the above the case the received EIGRP packets can be checked with the all the key identifiers / it will be only check the least valu key identifier value alone. - Receiving EIGRP message: Check the MD5 digest using ALL currently valid keys for match.
  Regards,
  Gan

• Problems authenticating

  Today I am having issues authenticating as an owner for my
  room. I am confident that the username and password is correct and
  was previously working. It also seems to work fine with the
  AFCSDevConsole.
  Here's the message I get:
  [SWF]
  Users:stefan:Desktop:CocomoSDK_0.91:examples:SharedCollection:bin-debug:SharedCollectionE xample.swf
  - 1,164,600 bytes after decompression
  AFCS Beta Build # : 0.91
  requestInfo
  http://connectnow.acrobat.com/flashcomguru/demoroom?mode=xml&x=0.4336960185319185
  getMeetingInfo: status=0
  Getting FMS at
  https://na2.connectnow.acrobat.com/fms?ticket=153pgl0yo7l10,
  attempt #1/3
  result: <fms>
  <origin>fms5.acrobat.com</origin>
  <proto_ports>rtmps:443</proto_ports>
  <retry_attempts>2</retry_attempts>
  </fms>
  #FMSConnector# Sat Feb 28 21:24:11 GMT+0000 2009 protocols:
  [object ProtocolPortPair]
  #FMSConnector# Sat Feb 28 21:24:11 GMT+0000 2009 [attempt 1
  of 2] Connecting to 0/0:
  rtmps://fms5.acrobat.com/cocomo/na2-sdk-bc8c04f1-df86-4669-a205-550fc23851af/demoroom
  #startProtosConnect#
  #FMSConnector# Sat Feb 28 21:24:12 GMT+0000 2009
  tempNetStatusHandler 0/1,NetConnection.Connect.Success
  #FMSConnector# Sat Feb 28 21:24:12 GMT+0000 2009 isTunneling?
  false
  #FMSConnector# Sat Feb 28 21:24:12 GMT+0000 2009 is using
  RTMPS? true
  RECEIVED LOGIN AT SESSION
  .user descriptor from server [object]
  .affiliation [number]= 5
  .role [number]= 10
  .displayName [string]= stoem
  .userID [string]= GUEST-E1B8C4D6-8E4F-4532-B219-D49A13DB3140
  RECEIVENODES UserManager
  receiveAllSynchData UserManager
  RECEIVENODES FileManager
  receiveAllSynchData FileManager
  checkManagerSync:[object FileManager]
  RECEIVENODES AVManager
  receiveAllSynchData AVManager
  checkManagerSync:[object StreamManager]
  RECEIVENODES RoomManager
  receiveAllSynchData RoomManager
  checkManagerSync:[object RoomManager]
  checkManagerSync:[object UserManager]
  RECEIVENODES _dataSharedModel
  receiveAllSynchData _dataSharedModel
  I think there are two problems here. Firstly I think I should
  authenticate as an owner with the credentials I pass. However maybe
  this is a temporary glitch with the service.
  The second issue (regardless of whether or not there is an
  issue with the service atm) is that I think the service should
  alert me of the fact that authentication failed. Simply logging me
  on to the room as Guest seems wrong as I am assuming that
  authentication succeeded using the credentials I passed, yet they
  did not and my role was downgraded which is not obvious to spot.
  Hope this makes sense.
  Regards,
  Stefan

  Hi Stefan,
  Likely the problem here is that you've gotten a session
  established as a guest, and your browser is holding on to it, and
  sending those session credentials no matter what. Try clearing
  sessions or re-starting your browser. We're trying to figure out
  how to avoid this for developers, but at least the good news is
  that your users should pretty much never hit this issue.
  thanks
  nigrl