Leap, tacacs+/radius fixed ip (pool)

dear,
Is there a way while using leap & mobile ip technology to make it happen when a users becomes associated to an ap (proxy mobile) he always obtains an ip adres from a predefined pool or just one personal ip-adress which we define on our tacacs+/radius server without it having configured statically on the user's computer.
Purpose is for some external consultants browsing around our wireless network, to home them in a segment behind our firewall using mobile ip, but giving the person an ip-adres based on his credentials (tacacs+/radius server) so based on that we can buld a rulebase on our firewall and allow only restricted access to intra or internet. So what we want is actually a user-to-ip mapping without need to configure it on computer or authenticate multiple times. We have something similar with dial-in routers, but I don't find any documentation if we could do something similar with our wireless infrastructure.
Any hints or info would be helpfull.
H.

No, this can't work - you can't use RADIUS to tell an AP which IP address to give to which client, because the AP is not directly involved in assigning layer 3 addresses to clients. It is (basically) only a layer 2 device.

Similar Messages

  • Waiting all threads in a fixed thread pool

    Hello, may I know how can I wait for all the threads in a fixed thread pool to be completed, without calling shutdownNow?
    Executor pool = Executors.newFixedThreadPool(nThreads);
    for(int i = 0; i < 10000;  i++)
        pool.execute(new StockHistoryRunnable(code));
    // blah blah blah
    // I would like to wait for all the 10000 task to be completed. There is a method named
    // awaitTermination. However, in order to use the method, I have to first call shutdownNow.
    // I do not want to do so, because I need to re-use the pool later.
    //

    You could retrieve all the "Future" instances returned by calling "submit" on your Executor and then have a Thread sequentially wait for the completion of all these individual tasks by using "get". Of course, this will require some synchronization if it is possible that new tasks get queued while you are already waiting for the original ones to be completed. But this way you can easily find out when all tasks have completed.

  • Programming tacacs &radius server-keys ?

    I'm having an issue programming the tacacs & radius server-keys. I'm not sure if I missed a step or my use of the syntax. I appreciate any help you can provide. It's a first time for me and I'm attempting to duplicate an existing switch which states server-key 7 <removed>. 
    Thanks
    Roy

    Roy
    I can appreciate that the first time doing this can seem daunting. But it really is not so difficult when you get right down to it.
    The first thing to understand is that in the existing config the key has already been encrypted for storage on the switch. So what you see in the running config is crypto text and not really the exact key.
    You have two options in how to configure your new switch:
    - you could cut and paste the server key from the existing config to the new switch. So you would be inputting the type 7 encrypted key directly to the new switch.
    - you could manually configure the key on the new switch. In this case you would configure
    server-key <key_value>
    where <key_value> is the clear text key to use. If you do this, and assuming that you have configured service password-encryption, then the switch will take the clear text key and will encrypt it for storage on the new switch.
    HTH
    Rick

  • Leap and Radius! Other brand cards that are compatible

    Our network guys are fixing to build a wireless network with the Cisco Leap and a Radius server for authenticity. I need to know if Cisco is going to make a wireless card for the Compact Flash slot. I have some Tablets and PDA's I would like to use but the don't have PCMCIA slots. If not are there other companys that have wireless cards that are compatible with this authenticity. I am currently working with Symbol Technologies. They say their card will work with this authenticity. The only authenticity I see in the settings on this card is for Kerbos. Does Kerbos work with a Radius server? If not can they build a Kerbos server to be a second way of authenticating the user on the wireless network?

    When symbol says their CF card will work within the LEAP architecture, they likely mean using MAC authentication. While it is possible to run LEAP and MAC authentication concurrently, it does significantly weaken the security provided by LEAP alone. It is relatively easy to capture and spoof a MAC address that is valid using simple tools.
    Symbol has recently licensed the LEAP architecture from Cisco, but does not yet have any products available supporting this. I have not heard of specific plans for supporting LEAP on their CF product.
    Symbol is, however, your best hope for CF/LEAP support. They are partnering with Cisco and, as stated earlier, they have already licensed the LEAP architecture.
    Cisco's current product line will not support the Symbol Kerberos security mechanism (at least not in any way I've seen).

  • Upgrade ACS V3.2 - V4.0 Tacacs/Radius Key Query

    Hi All
    I am in the process of upgrading my ACS server from V3.2 to V4.0
    I have a Production Server which will be replaced by the New Production Server and A Test Server for upgrading the ACS Database.
    I have successfully upgraded from V3.2 to V3.3 then to V4.0 on my test server.
    My original plan was to upgrade the database with my Test Server and Restore it to my New Production Server.
    just copy the new V4.0 database to the New Production Server and change the ip address to the old servers address.
    However looking through the database there are sections which are hardcode with the test servers hostname.
    This has forced me to rethink my original plan and to use the original servers hostname.
    This also got me thinking what else is hardcoded in the database.
    My question is - When I installed V3.2 on my test server
    Under the Tacacs+ or Radius Key section - do I need to put the same key as the original V3.2 database or will this key change when I come to restore the original database on the test server ?
    I am just concerned that my radius/tacacs clients will not authenticate with the new server when it is put in to production with the new V4.0 database.
    Thanks in Advanced

    Hi,
    The "hard-coded" things will change automatically once the database is restored on the new server.
    The only thing which you woul dneed to take care of is the change in Ip address such that the clients send the request to the right ACS.
    Regards,
    Vivek

  • ASA 5585-X TACACS+/RADIUS Server

    All,
    Can the ASA 5585-X's act as a AAA TACACS+ and/or RADIUS server for network infrastructure devices?
    I've used Cisco Secure ACS for TACACS and RADIUS AAA..
    My client has ordered a bunch of them.   They don't have an AAA solution and were just told they will need to implement AAA on network infrastructure devices.
    Thanks for any information.
    Stephanie

    Adding to Jan's correct answer.
    The current Cisco RADIUS offerings are either the ACS product (RADIUS and TACACS+) or Identity Services Engine (ISE - RADIUS only). Both are offered in both appliance and VM formats.
    Beside NPS on Windows server, there are also open source projects of both RADIUS and TACACS servers available.

  • Strange behaviour with Fixed thread pool

    Hi all
    I am trying to learn multithreading. I have written a small snippet of code. After running for around 30 minutes, this code ends up in a deadlock. I am trying to figure out a reason. any help will be really appreciated. Thanks. Following is the code. I am using Ubuntu 10.04 and jdk 1.6.
    package rollerdemo;
    //Simulate a roller coaster, as in exercise 3.5 of Magee and Kramer.
    import java.util.concurrent.CyclicBarrier;
    import java.util.concurrent.BrokenBarrierException;
    import java.util.concurrent.ExecutorService;
    import java.util.concurrent.Executors;
    //This thread deals with the passengers arriving at random intervals.
    class TurnstileBarrier implements Runnable
         private ControlBarrier controlBarrier;
         private CyclicBarrier cyclicBarrier;
         TurnstileBarrier(ControlBarrier controlBarrier, CyclicBarrier cyclicBarrier) { 
              this.controlBarrier = controlBarrier;
              this.cyclicBarrier = cyclicBarrier;
         public void run(){ 
              try {
                   controlBarrier.welcomePassenger();
                   cyclicBarrier.await();
              } catch (InterruptedException e) {
                   Thread.currentThread().interrupt();               
              } catch (BrokenBarrierException e) {
                   Thread.currentThread().interrupt();               
              } finally {
    class RollerBarrier
         public static int NUMBER_OF_PASSENGERS_PER_CAR = 20;
         public static void main(String[] args) throws InterruptedException
              final ControlBarrier controlBarrier = new ControlBarrier();
              Runnable carBarrier = new Runnable() {
                   public void run(){ 
                        controlBarrier.departCar();
              CyclicBarrier barrier = new CyclicBarrier(NUMBER_OF_PASSENGERS_PER_CAR, carBarrier);
              ExecutorService pool = Executors.newFixedThreadPool(NUMBER_OF_PASSENGERS_PER_CAR);
              while(true)
                   pool.execute(new TurnstileBarrier(controlBarrier,barrier));
    // The Control class represents the state of the controller, and the actions
    // which can be performed.
    class ControlBarrier
         private long queued = 0;
         private long carsSent = 0;
         private long numberOfPassengersTravelledToday = 0;
         ControlBarrier()
              queued = 0;
              carsSent = 0;
              numberOfPassengersTravelledToday = 0;
         synchronized void welcomePassenger() {
              System.out.format("Welcoming Passenger %d%n", ++queued);
              ++numberOfPassengersTravelledToday;
         synchronized void departCar() {
              queued = queued - RollerBarrier.NUMBER_OF_PASSENGERS_PER_CAR;
              System.out.format("The car %d is going now and the number of passengers travelled so far with us is %d%n", ++carsSent, numberOfPassengersTravelledToday);
    }Edited by: 858236 on May 12, 2011 2:35 AM

    Thanks every one for the replies. Really very helpful. After doing the stack -l pid I have got into a confusion. It seems that there is no deadlock but why would all of a sudden the program stop to run. May be I am missing some thing. Just check the stack trace. What I read is that out of 20 threads, 3 threads are waiting on the cyclic barrier await function, while other 17 are waiting to get new tasks from the pool. Am I wrong here? Many thanks.
    2011-05-11 23:42:26
    Full thread dump OpenJDK Client VM (19.0-b09 mixed mode, sharing):
    "Attach Listener" daemon prio=10 tid=0x088fc000 nid=0x34d4 waiting on condition [0x00000000]
       java.lang.Thread.State: RUNNABLE
       Locked ownable synchronizers:
         - None
    "DestroyJavaVM" prio=10 tid=0xb4f21c00 nid=0x2c85 waiting on condition [0x00000000]
       java.lang.Thread.State: RUNNABLE
       Locked ownable synchronizers:
         - None
    "pool-1-thread-20" prio=10 tid=0xb4f20000 nid=0x2ca0 waiting on condition [0xb49ee000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-19" prio=10 tid=0xb4f1e800 nid=0x2c9f waiting on condition [0xb4a3f000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-18" prio=10 tid=0xb4f1d000 nid=0x2c9e waiting on condition [0xb4a90000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-17" prio=10 tid=0xb4f1b800 nid=0x2c9d waiting on condition [0xb4ae1000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-16" prio=10 tid=0xb4f19c00 nid=0x2c9c waiting on condition [0xb4b32000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-15" prio=10 tid=0xb4f18400 nid=0x2c9b waiting on condition [0xb4b83000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-14" prio=10 tid=0xb4f16c00 nid=0x2c9a waiting on condition [0xb4bd4000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-13" prio=10 tid=0xb4f15400 nid=0x2c99 waiting on condition [0xb4c25000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-12" prio=10 tid=0xb4f13c00 nid=0x2c98 waiting on condition [0xb4c76000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-11" prio=10 tid=0xb4f12400 nid=0x2c97 waiting on condition [0xb4cc7000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-10" prio=10 tid=0xb4f10c00 nid=0x2c96 waiting on condition [0xb4d18000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-9" prio=10 tid=0xb4f0f400 nid=0x2c95 waiting on condition [0xb4d69000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-8" prio=10 tid=0xb4f0dc00 nid=0x2c94 waiting on condition [0xb4dba000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a380108> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.CyclicBarrier.dowait(CyclicBarrier.java:227)
         at java.util.concurrent.CyclicBarrier.await(CyclicBarrier.java:355)
         at rollerdemo.TurnstileBarrier.run(RollerBarrier.java:25)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - <0x7a3808d8> (a java.util.concurrent.ThreadPoolExecutor$Worker)
    "pool-1-thread-7" prio=10 tid=0xb4f0c800 nid=0x2c93 waiting on condition [0xb4e0b000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-6" prio=10 tid=0xb4f0b400 nid=0x2c92 waiting on condition [0xb4e5c000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-5" prio=10 tid=0xb4f09800 nid=0x2c91 waiting on condition [0xb4ead000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-4" prio=10 tid=0xb4f08400 nid=0x2c90 waiting on condition [0xb4efe000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a380108> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.CyclicBarrier.dowait(CyclicBarrier.java:227)
         at java.util.concurrent.CyclicBarrier.await(CyclicBarrier.java:355)
         at rollerdemo.TurnstileBarrier.run(RollerBarrier.java:25)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - <0x7a382cd0> (a java.util.concurrent.ThreadPoolExecutor$Worker)
    "pool-1-thread-3" prio=10 tid=0xb4f07000 nid=0x2c8f waiting on condition [0xb5053000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "pool-1-thread-2" prio=10 tid=0xb4f05800 nid=0x2c8e waiting on condition [0xb50a4000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a380108> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.CyclicBarrier.dowait(CyclicBarrier.java:227)
         at java.util.concurrent.CyclicBarrier.await(CyclicBarrier.java:355)
         at rollerdemo.TurnstileBarrier.run(RollerBarrier.java:25)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - <0x7a382e00> (a java.util.concurrent.ThreadPoolExecutor$Worker)
    "pool-1-thread-1" prio=10 tid=0xb4f04800 nid=0x2c8d waiting on condition [0xb50f5000]
       java.lang.Thread.State: WAITING (parking)
         at sun.misc.Unsafe.park(Native Method)
         - parking to wait for  <0x7a387350> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
         at java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
         at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2043)
         at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:386)
         at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1043)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1103)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
         at java.lang.Thread.run(Thread.java:636)
       Locked ownable synchronizers:
         - None
    "Low Memory Detector" daemon prio=10 tid=0x08938000 nid=0x2c8b runnable [0x00000000]
       java.lang.Thread.State: RUNNABLE
       Locked ownable synchronizers:
         - None
    "CompilerThread0" daemon prio=10 tid=0x08936000 nid=0x2c8a waiting on condition [0x00000000]
       java.lang.Thread.State: RUNNABLE
       Locked ownable synchronizers:
         - None
    "Signal Dispatcher" daemon prio=10 tid=0x08934800 nid=0x2c89 runnable [0x00000000]
       java.lang.Thread.State: RUNNABLE
       Locked ownable synchronizers:
         - None
    "Finalizer" daemon prio=10 tid=0x0892c800 nid=0x2c88 in Object.wait() [0xb5339000]
       java.lang.Thread.State: WAITING (on object monitor)
         at java.lang.Object.wait(Native Method)
         - waiting on <0x7a383068> (a java.lang.ref.ReferenceQueue$Lock)
         at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:133)
         - locked <0x7a383068> (a java.lang.ref.ReferenceQueue$Lock)
         at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:149)
         at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:177)
       Locked ownable synchronizers:
         - None
    "Reference Handler" daemon prio=10 tid=0x0892b000 nid=0x2c87 in Object.wait() [0xb538a000]
       java.lang.Thread.State: WAITING (on object monitor)
         at java.lang.Object.wait(Native Method)
         - waiting on <0x7a3830f0> (a java.lang.ref.Reference$Lock)
         at java.lang.Object.wait(Object.java:502)
         at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:133)
         - locked <0x7a3830f0> (a java.lang.ref.Reference$Lock)
       Locked ownable synchronizers:
         - None
    "VM Thread" prio=10 tid=0x08929400 nid=0x2c86 runnable
    "VM Periodic Task Thread" prio=10 tid=0x08943c00 nid=0x2c8c waiting on condition
    JNI global references: 983

  • IKEv2 AnyConnect and Pool allocation via RADIUS

    I am configured a CSR1000V (03.09.00a.S.153-2.S) for AnyConnect with IKEv2. I am storing username and IKEv2 authorization policy on the RADIUS server. Clients are dropped into their own iVRFs through RADIUS attributes passed back to the NAS.
    e.g. in FreeRadius (2.1.12), the following is defined (home is the 'group') in username@group format.
    home                    Cleartext-Password := "cisco"
                                 Cisco-AVPair += "ip:interface-config=vrf forwarding CUST-A",
                                 Cisco-AVPair += "ip:interface-config=ip unnumbered loopback100",
                                  Framed-Pool = "CUST-A-POOL"
    matt@home               Cleartext-Password := "test123"
    Group and user authorization information is then merged and cloned onto the virtual template:
    crypto ikev2 name-mangler EXTRACT-GROUP
    eap suffix delimiter @
    crypto ikev2 profile FlexVPN-IKEv2-Profile-1
    match fvrf IPSEC-FVRF
    match identity remote key-id FlexAnyConnect
    identity local dn
    authentication remote eap query-identity
    authentication local rsa-sig
    pki trustpoint cacert.org
    dpd 60 2 on-demand
    aaa authentication eap FlexVPN-AuthC-List1
    aaa authorization group eap list FlexVPN-AuthZ-List-1 name-mangler EXTRACT-GROUP
    aaa authorization user eap cached
    virtual-template 1
    interface Virtual-Template1 type tunnel
    no ip address
    tunnel mode ipsec ipv4
    tunnel vrf IPSEC-FVRF
    tunnel protection ipsec profile FlexVPN-IPsec-Profile-1
    However, it appears that the RADIUS attribute specifying the pool is ignored; I can see the RADIUS attribute (IETF 88) passed back to the NAS in the RADIUS debugs:
    *Aug 16 21:36:39.384 BST: RADIUS:  Framed-IP-Pool      [88]  13  "CUST-A-POOL"
    However, the crypto debugs state that an IP address cannot be assigned:
    *Aug 16 21:36:39.435 BST: IKEv2:Failed to allocate IP addr
    <snip>
    Payload contents:
    AUTH NOTIFY(INTERNAL_ADDRESS_FAILURE)
    If the Framed-Pool is removed and a Framed-IP-Address defined instead for the user, then the address is assigned. The CUST-A-POOL is defined locally on the NAS. Is there anything I am missing? Can any more detailed debugs be generated?
    Cheers,
    Matt

    Marcin,
    Thank you for your response; sending "ipsec:addr-pool" does work. I did a bug scrape, but didn't find this (if I try to view it in the new Bug Tool, I get "Insufficient Permissions to View Bug"), but it was possible to paste the Bug ID into the old Bug Toolkit to get the detail.
    As an aside, I also found that "include-local-lan" doesn't appear to work with IKEv2 AnyConnect and isn't likely to be fixed; according to CSCud65859, the workaround is to use split-tunneling ("ipsec:route-set=prefix prefix/len").
    Cheers,
    Matt

  • LEAP Radius proxy with PEAPv0

    I'm doing a lab using Cisco ACS 4.1 LEAP Proxy RADIUS External User Databaser, and works fine but I don't understand why. So, I don't know if it's a stable solution.
    I have the following scenario:
    WinXP SP2
    PEAPv0 (EAP-MSCHAPv2)
    |
    v
    Cisco 3640
    802.1x Wired Port Access Control
    |
    v
    Cisco ACS 4.1
    External User Database
    LEAP Proxy RADIUS
    |
    v
    Freeradius 2.0.1
    MS-CHAPv1 user + MPPE MS Extension
    I'm using the native WinXP SP2 802.1x supplicant client (EAP-MSCHAPv2), to link a Cisco 3640 FE port protected by dot1x. The IOS is configured to authenticate with a Cisco ACS 4.1, where I'm created a user that use as External User Database a LEAP Proxy RADIUS, with destination a Freeradius in the Backend.
    Then, I configured the Freeradius to authenticate the user using MSCHAPv1 (+ MS-CHAP-MPPE-Keys with the use_mppe parameter option set in the config). And it works!
    So, my question are:
    1) Does the Cisco ACS LEAP Proxy RADIUS feature work also with PEAPv0?
    3) Does the ACS internally translate the MSCHAPv2 challenge response to a MSCHAPv1 challenge response? Are they compatible?
    2) Is this a stable solution?
    Regards
    FP

    Thanks four your reply, but I'm sure the ACS can internaylly translate the challenges, because my lab works. Please remember, my WinXP is configured to use MSCHAPv2, and my Freeradius is configured to use MSCHAPv1. The only restrinctions they have, are that the Freeradius have to send the MS-CHAP-MPPE-Keys, and the Cisco ACS has to be configured to use LEAP Proxy RADIUS as External Database User.
    Another interesting test I did, was modify in the freeradius response the MS-CHAP-MPPE-Keys (changing the rlm_mschap module). Normally it's composed by 8 bytes from LM-Password (a hash of the plain password) and 16 bytes from NT-Password (another hash of the plain password). Changing with zeros the LM-Password portion, the authentication still works! But changing one byte of the NT-Password portion, the authentication fails... so, only the NT-Password is needed to proxy MSCHAPv2 to MSCHAPv1..
    My problem is, that my backend RADIUS only support MSCHAPv2, and I need to put the Cisco ACS in the Frontend. So, the question is, is teorically possible to proxy MSCHAPv1 to MSCHAPv2? If it's possible, probably I will use a Freeradius to work as a proxy between them...

  • Combining the fixed and cached thread pools

    Is there a way to 'combine' the behavior of cached and fixed thread pools ? I have a requirement where
    - at startup, I need to execute a fixed number of short-lived tasks at the background
    - after startup, on demand, I need to run one short-lived task at a time
    If I use a fixed thread pool for my startup processing, it creates the fixed number of threads to process the tasks. But subsequently, those many threads are not required since my task submission is going to be one at a time. The remaining (n-1) threads therefore are really sitting idle & useless.
    If I use a cached thread pool, then I cannot constrain the number of threads to run at startup (since it creates one for each task). Though it ends up taking those threads out after they are idle for a fixed period. But I'm worried that it might create many threads and possibly slowing down the startup ?
    Is there a way to create a pool with a fixed number of threads but 'remove' a set of threads when they are idle ?
    TIA

    v_bala wrote:
    Thanks. The SynchronousQueue worked as expected. But I tried a LinkedBlockingQueue with size 1 hoping that would cause the second task submission to cause a new thread creation. It didn't. Instead it queues up the request (maybe the doc in ThreadPoolExecutor says that when it mentions "If corePoolSize or more threads are running, the Executor always prefers queuing a request rather than adding a new thread"). I suppose if I were to try another it would create another thread ? (I was testing with only two tasks - the first one ended up creating a thread for the task and the next got queued since the queue capacity is 1)yes, the TPE will not start adding threads until the queue starts rejecting them. kind of odd in my opinion, but that's how it works.
    Btw, that was an interesting idea to add a task that scale the core pool number down ! Currently it comes back down to just the one thread (my core pool size is one) after the idle timeout but your idea may give me a slightly better response since it will scale down the core pool size quicker....I suppose if there was a task submission before that idle time there maybe a performance hit (but I don't anticipate that in my case )?actually, that won't scale things down any faster. changing the core pool size will not ditch the other threads immediately, they will still stick around until they idle timeout. changing the core pool size allows you to not worry about the queue implementation (the first solution). you can set the initial core pool size to your "max" size on startup, then drop it down for the normal processing, all the while using a linkedblockingqueue of unlimited size.

  • Thread pool rejecting threads when I don't think it should, ideas?

    Hi,
    I have a server application in which I only want a specific number of simultaneous requests. If the server gets more then this number it is suppose to close the connection (sends an HTTP 503 error to the client). To do this I used a fix thread pool. When I start the server and submit the max number of requests I get the expected behavior. However if I resubmit the request (within a small period of time, e.g. 1-15 seconds after the first one) I get very odd behavior in that some of the requests are rejected. For example if I set the max to 100 the first set of requests will work fine (100 requests, 100 responses). I then submit again and a small number will be rejected (I've seen it range from 1 to 15 rejected)....
    I made a small app which kind of duplicates this behavior (see below). Basically when I see is that the first time submitting requests works fine but the second time I get a rejected one. As best as I can tell none should be rejected....
    Here is the code, I welcome your thoughts or if you see something I am doing wrong here...
    <pre>
    import java.util.concurrent.*;
    import java.util.concurrent.atomic.AtomicInteger;
    public class ThreadPoolTest {
         static AtomicInteger count = new AtomicInteger();
         public static class threaded implements Runnable {
              @Override
              public void run() {
                   System.out.println("In thread: " + Thread.currentThread().getId());
                   try {
                        Thread.sleep(500);
                   } catch (InterruptedException e) {
                        System.out.println("Thread: " + Thread.currentThread().getId()
                                  + " interuptted");
                   System.out.println("Exiting run: " + Thread.currentThread().getId());
         private static int maxThreads = 3;
         private ThreadPoolExecutor pool;
         public ThreadPoolTest() {
              super();
              pool = new java.util.concurrent.ThreadPoolExecutor(
                        1, maxThreads - 1, 60L, TimeUnit.SECONDS,
                        new ArrayBlockingQueue<Runnable>(1));
         public static void main(String[] args) throws InterruptedException {
              ThreadPoolTest object = new ThreadPoolTest();
              object.doThreads();
              Thread.sleep(3000);
              object.doThreads();
              object.pool.shutdown();
              try {
                   object.pool.awaitTermination(60, TimeUnit.SECONDS);
              } catch (InterruptedException e) {
                   // TODO Auto-generated catch block
                   e.printStackTrace();
         private void doThreads() {
              int submitted = 0, rejected = 0;
              int counter = count.getAndIncrement();
              for (int x = 0; x < maxThreads ; x++) {
                   try {
                        System.out.println("Run #: " + counter + " submitting " + x);
                        pool.execute(new threaded());
                        submitted++;
                   catch (RejectedExecutionException re) {
                        System.err.println("\tRun #: " + counter + ", submission " + x
                                  + " was rejected");
                        System.err.println("\tQueue active: " + pool.getActiveCount());
                        System.err.println("\tQueue size: " + pool.getPoolSize());
                        rejected++;
              System.out.println("\n\n\tRun #: " + counter);
              System.out.println("\tSubmitted: " + (submitted + rejected));
              System.out.println("\tAccepted: " + submitted);
              System.out.println("\tRejected: " + rejected + "\n\n");
    </pre>

    First thank you for taking the time to reply, I do appreciate it.
    jtahlborn - The code provided here is a contrived example trying to emulate the bigger app as best as I could. The actual program doesn't have any sleeps, the sleep in the secondary thread is to simulate the program doing some work & replying to a request. The sleep in the primary thread is to simulate a small delay between 'requests' to the pool. I can make this 1 second and up to (at least) 5 seconds with the same results. Additionally I can take out the sleep in the secondary thread and still see the a rejection.
    EJP - Yes I am aware of the TCP/IP queue, however; I don't see that as relevant to my question. The idea is not to prevent the connection but to respond to the client saying we can't process the request (send an "HTTP 503" error). So basically if we have, say, 100 threads running then the 101st, connection will get a 503 error and the connection will be closed.
    Also my test platform - Windows 7 64bit running Java 1.6.0_24-b07 (32bit) on an Intel core i7.
    It occurred to me that I did not show the output of the test program. As the output shows below, the first set of requests are all processed properly. The second set of requests is not. The pool should have 2 threads and 1 slot in the queue, so by the time the second "request" is made at least 2 of the requests from the first call should be done processing, so I could possibly understand run 1, submit #2 failing but not submit 1.
    <pre>
    Run #: 0 submitting 0
    Run #: 0 submitting 1
    Run #: 0 submitting 2
    In thread: 8
    In thread: 9
    Exiting run: 8
    Exiting run: 9
         Run #: 0
         Submitted: 3
         Accepted: 3
         Rejected: 0
    In thread: 8
    Exiting run: 8
    Run #: 1 submitting 0
    In thread: 9
    Run #: 1 submitting 1
         Run #: 1, submission 1 was rejected
         Queue active: 1
         Queue size: 2
    Run #: 1 submitting 2
         Run #: 1
         Submitted: 3
         Accepted: 2
         Rejected: 1
    In thread: 8
    Exiting run: 9
    Exiting run: 8
    </pre>

  • Radius Authorization question

    Can you configure Radius authorization to access a router or not.
    I am confused because the Practical Studies book says "Use the local database for authorization instead of RADIUS because is incapable of understanding CLI":
    aaa new-model
    aaa authentication login default group radius
    aaa authorization default local
    Now in the Cisco website, says you can after configuring the following:
    Cisco Secure NT RADIUS
    Follow these steps to configure the server. http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a008009465c.shtml
    IETF, Service-type (attribute 6) = Nas-Prompt
    In the CiscoRADIUS area, check AV-Pair, and in the rectangular box underneath, enter shell:priv-lvl=7.
    aaa new-model
    aaa authentication login default tacacs+|radius local
    aaa authorization exec tacacs+|radius local
    username backup privilege xxx password xxxx
    radius-server host 171.x.x.x
    radius-server key xxxx
    privilege configure level 7 snmp-server host
    privilege configure level 7 snmp-server enable
    privilege configure level 7 snmp-server
    privilege exec level 7 ping
    privilege exec level 7 configure terminal
    privilege exec level 7 configure

    You can specify the exec privelege level for certain user on specific AAA client using RADIUS.
    Based on that certain user can run all the commands that are part of that particular Privelege exec level.
    Now if you want to allow certain set of commands from particular privilege exec level you need to use tacacs+ protocol
    and enable command authorization sets command on your AAA server.
    Check the following links as references on command authorization:
    http://www.cisco.com/en/US/partner/products/ps9911/products_configuration_example09186a0080bc8514.shtml
    http://www.cisco.com/en/US/partner/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml
    Please make sure to rate correct answers

  • Radius & wireless & IP address

    Hello, I''d like to use a Radius to dynamically authenticate wireless users, but I'd know if it's possible to assign dinamically address to the wireless port, when accesing to the RADIUS, or validaing it to avoid wireless clients of changing their IP address.
    Thanks

    Let me clarify more here..Cisco's aironet wireless clients associated with cisco's access points and authenticated via LEAP with RADIUS server, can't get ip address allocated via radius server..There is no way in LEAP that you can do it..Atleast cisco dosen't support it..Tejal

  • Socket in pooled thread

    I am using a ExecutorService (fixed thread pool) for client threads. Every client thread creates a socket connection. I was wondering if there is a way to keep the socket connection open for every pooled thread or if I have to have an extra pool for those socket connections.

    Yes, just put it somewhere where the Runnables can find it.

  • CiscoWorks Vs TACACS+ ??!! sw management problem--Pls help me out

    Hi Gurus,
    I have a query to ask on the software image management.Please help me out.
    There are many cisco devices in my client place, but only one device is creating a problem.
    it is 2950 catalyst switch. CiscoWorks is complaining that 'it has no image to import', when we run a job to fetch the image from the switch. but it has image under root directory of Flash. After going through RME troublshooting and tips , I came to know that the connection protocol is telnet and ssh. Then I add the following commands in TACACS+ (to allow CW2K) user which is a centralized authentication system for all user including CiscoWorks.
    Cisco has mentioned this error in following URL:
    http://www.cisco.com/en/US/products/sw/cscowork/ps2073/prod_troubleshooting_guide09186a008036dff2.html
    It looks like it is having difficulty to recognize the Flash (though it shows the files in the inventory) and at the same time, I am not sure whether the commands are complete.
    I allowed the following commands to be used by CiscoWorks through TACACS+:
    1. copy tftp flash
    2. copy flash tftp
    3. erase flash
    4. show version
    5. show flash
    Refer the URL: http://www.cisco.com/en/US/customer/products/sw/cscowork/ps2073/prod_troubleshooting_guide09186a008036dff2.html#wp1045599
    Screen shot of the error and Detailed inventory report of the device are attached here.
    Please help me out with your expertise whether it is a TACACS which is stopping CW2K to view the Flash and files? or it is a problem with CiscoWorks to see the Flash.

    This document describes the procedure to configure the CiscoWorks Hosting Solution Engine 1.8.1 (HSE) using ACS as a TACACS+/RADIUS authentication module.
    ACS TACACS+ Setup for HSE
    ACS RADIUS Setup for HSE
    On Cisco.com, see also the Administration chapter of the User Guide for the CiscoWorks Hosting Solution Engine 1.8.1.
    http://www.cisco.com/en/US/products/sw/cscowork/ps150/prod_connection_guide09186a00802b2bae.html

Maybe you are looking for

  • Move an iTunes library between users on the same mac

    How do I move an iTunes library between users on the same mac? I accidentally created a secondary user on my mac some time ago when using the migration tool and am now going back and transferring all my files from the secondary to the admin user prof

  • Creating a custom view - define NavBar ID

    Hi Guys, Well im new to all this but like ive got some preliminary knowledge. The problem is i started off with the cookbook but somehow got blocked. I wanted to create my own views. As far as ViewSet and ViewAreas and Views are concerned i got throu

  • How to create an EIT in Oracle apps with custom table?

    Hi, I have a custom table in APPS schema where training information is loaded everyday by running a control file. I've to pick the training end date and status of 5 particular trainings and create an EIT. When I try to create an EIT which is basicall

  • Name of documents in iBooks are changed since upgrade iOS 8.0

    AAll names of my documents are changed since upgrade iOS 8.

  • VISA Driver Development Wizard

    I found a reference to this great document called Using the VISA Driver Development Wizard and NI-VISA to Register-Level Program a PXI/PCI Device under Windows. As I described in another post, I am having performance problems using AccessHW to talk t