Log connection attempts and source IP address for connections that fail/timeout on RADIUS

Similar Messages

• The attempt to connect to the server (IP address) on port 443 failed - OLT

  Hi all
  I am facing one problem, if i run load to any application for 100 users for 1 iteration then it is not showing any error. Lets say i ran the load of 100 users for one hour then for some users there are errors like
  Line: (script.java:84)][ScriptException]: The attempt to connect to the server (IP address) on port 443 failed.
  And my understanding is the user's which are facing failures is not able to get response or page loaded at their end. As failures are occuring for some particular steps not the entire scenario. Pls confirm.
  Thanks

  I believe that's an indication that there is an error receiving mail, but if you have any drafts or email in your outgoing mailbox, try deleting them.  Apple's troubleshooting steps for this are (from http://support.apple.com/kb/TS4002):
  Cannot receive mail in OS X Mail
  If you use OS X Mail, look at the name of your iCloud account on the left side of the main Mail window. If your iCloud account name is dim and has a lightning bolt next to it, your account is offline. To resolve this, make sure your computer is connected to the Internet. Then choose Go Online from the Mailbox menu.
  If taking your iCloud account online doesn't resolve the issue, follow these steps:
  From the Mail menu, choose Preferences.
  In the Preferences window, click the Accounts tab if it is not already selected.
  In the Accounts list, select your iCloud email address.
  Click the Account Information tab.
  Verify your SMTP server settings with the following information:
  Incoming Mail Server: imap.mail.me.com
  User Name: Your iCloud email address
  Password: Your iCloud password
  Click the Advanced tab and verify the following additional settings:
  Port: 993
  Use Secure Sockets Layer (SSL): Should be enabled
  Authentication: Password

• HT5569 My mini won't allow me to log into FaceTime and I messaging it says connect to the internet but everything else that requires internet works

  My mini won't allow me to log into FaceTime and I messaging it says connect to the internet but everything else that requires internet works.. I've reconnected to the internet, reset the iPad and I've changed the password to see if any of these things would help.

  Using FaceTime http://support.apple.com/kb/ht4319
  Troubleshooting FaceTime http://support.apple.com/kb/TS3367
  The Complete Guide to FaceTime + iMessage: Setup, Use, and Troubleshooting
  http://tinyurl.com/a7odey8
  Troubleshooting FaceTime and iMessage activation
  http://support.apple.com/kb/TS4268
  iOS: FaceTime is 'Unable to verify email because it is in use'
  http://support.apple.com/kb/TS3510
  Using FaceTime and iMessage behind a firewall
  http://support.apple.com/kb/HT4245
  iOS: About Messages
  http://support.apple.com/kb/HT3529
  Set up iMessage
  http://www.apple.com/ca/ios/messages/
  iOS 6 and OS X Mountain Lion: Link your phone number and Apple ID for use with FaceTime and iMessage
  http://support.apple.com/kb/HT5538
  How to Set Up & Use iMessage on iPhone, iPad, & iPod touch with iOS
  http://osxdaily.com/2011/10/18/set-up-imessage-on-iphone-ipad-ipod-touch-with-io s-5/
  Extra FaceTime IDs
  http://tinyurl.com/k683gr4
  Troubleshooting Messages
  http://support.apple.com/kb/TS2755
  Troubleshooting iMessage Issues: Some Useful Tips You Should Try
  http://www.igeeksblog.com/troubleshooting-imessage-issues/
  Setting Up Multiple iOS Devices for iMessage and Facetime
  http://macmost.com/setting-up-multiple-ios-devices-for-messages-and-facetime.htm l
  FaceTime and iMessage not accepting Apple ID password
  http://www.ilounge.com/index.php/articles/comments/facetime-and-imessage-not-acc epting-apple-id-password/
  Fix Can’t Sign Into FaceTime or iMessage iOS 7
  http://ipadtutr.com/fix-login-facetime-imessage-ios-7/
  FaceTime, Game Center, Messages: Troubleshooting sign in issues
  http://support.apple.com/kb/TS3970
  Unable to use FaceTime and iMessage with my apple ID
  https://discussions.apple.com/thread/4649373?tstart=90
  How to Block Someone on FaceTime
  http://www.ehow.com/how_10033185_block-someone-facetime.html
  My Facetime Doesn't Ring
  https://discussions.apple.com/message/19087457
  Send an iMessage as a Text Message Instead with a Quick Tap & Hold
  http://osxdaily.com/2012/11/18/send-imessage-as-text-message/
  To send messages to non-Apple devices, check out the TextFree app https://itunes.apple.com/us/app/text-free-textfree-sms-real/id399355755?mt=8
  How to Send SMS from iPad
  http://www.iskysoft.com/apple-ipad/send-sms-from-ipad.html
  You can check the status of the FaceTime/iMessage servers at this link.
  http://www.apple.com/support/systemstatus/
   Cheers, Tom

• Hi I lost the ICloud password and the mail address for it is freezing by the hostage ( hotmail ) so how can I enter my ICloud Account

  Hi
  I lost the ICloud password and the mail address for it is freezing by the hostage ( hotmail ) so how can I enter my ICloud Account

  Hello Cheif Auditor,
  Thanks for using Apple Support Communities.
  For more information on this, take a look at:
  Apple ID: If you forget your password
  http://support.apple.com/kb/ht5787
  Best of luck,
  Mario

• Info record and source list mandatory for PO creation?

  Hi Gurus,
  Client wants to make Info record and source list mandatory for PO creation?
  If Inforec and source list not available for that material, then user can't able to create PO.
  How can I achieve this requirement?
  Any user exit available?
  pls help..

  Hi ,
  SproMM-Purchasing -Source ListDefine Source List Requirement at Plant Level
  If u mark the indicator then the Source list is mandatory for all the materials procured.
  If u want for a speciic material , mark it in purchasing view of Material Master.
  Inorder to create a source list , inforecord is mandatory -- this is by default Standard SAP .
  Regards
  Ramesh Ch

• I have an iPad and want to know how to delete email addresses for those that I have sent email to.

  I have an iPad 2 and want to know how to delete email addresses for those that I have sent mail to.

  Email addresses that are not in your Contacts app but which still show up in Mail will disappear after a period of time when they are unused. Just ignore them and they will eventually go away.

• I'm unable to add the email address for iMessage, that I was using before iOS 7 to my iPhone, because it says that it is "in use by another device," but I have no other devices.  How do I resolve this so I can add this email address to my iPhone?

  I'm unable to add the email address for iMessage, that I was using before iOS 7 to my iPhone, because it says that it is "in use by another device," but I have no other devices.  How do I resolve this so I can add this email address to my iPhone to send and recieve iMessages?

  Sync your iPhone to iTunes, and see if that does the trick.  Also you could try a Soft Reset with no Risk to Data.  Holding down both the Sleep button and the Home button until the Apple logo appears and then waiting for the Reset to bring you iPhone back to the lock screen.    Are you trying to add the email at Settings>Messages>Send and Receive from (2 Addresses) your iPhone number and your email address?

• TS1538 my ipad can not continue to download ios 6.1.2 because of connection problem and it is stuck in connect to itunes image, i cant open it anymore..what should i do? help plz

  my ipad can not continue to download ios 6.1.2 because of connection problem and it is stuck in connect to itunes image, i cant open it anymore..what should i do? help plz

  Connect to iTunes on the computer you usually Sync with and “ Restore “...
  http://support.apple.com/kb/HT1414
  If necessary Place the Device into Recovery mode...
  http://support.apple.com/kb/ht4097
  You may need to try this More than Once...
  Be sure to Follow ALL the Steps...
  But... if the Device has been Modified... this will Not necessarily work.

• I changed my AppleID a long time ago to an email that I no longer use and I have updates for apps that I can't update because my old email is filled in to where i sign in and it wont let me change it to my new one???

  I changed my AppleID a long time ago to an email that I no longer use and I have updates for apps that I can't update because my old email is filled in to where i sign in and it wont let me change it to my new one???

  The problem with those two apps is that they are supposed to be in your Apple ID and you didn't set up the Mac properly/completely when you got it.
  You might try deleteing them and using OS X Recovery to install them again.
  OS X Recovery -
  http://support.apple.com/kb/HT4718
  After that, before you open any iLife apps go to your Mac App Store account, to the Purchased pane and Accept them into your account.

• Source ip address for icmp messages not what is expected

  We have a router that has interfaces in multiple VRFs.  One interface sits on an interface that is routed on the Internet.  Other interface sits on a VRF that is in a private address space and is used for WAN connectivity.  The strange behavior that I'm seeing is related to icmp messages coming off the router.  It appears that scanners hitting the Internet-facing interface cause the router to generate icmp messages (type 3) that are source using the IP address of the WAN-facing interface and they are routed across the WAN, into our data center and dropped by our firewall due to anti-spoofing rules.  Is this normal behavior?  Doesn't seem normal to me. Is this behavior something that can be changed via configuration?

  probabaly some body attacking you
  you need inbound access-list in Internet-facing interface.
  and you need to filtr private source addresses classes  A, B, C 
  ip access-list extended InWorld
   deny   ip any 192.168.0.0 0.0.255.255
   deny   ip any 172.16.0.0 0.15.255.255
   deny   ip any 10.0.0.0 0.255.255.255
   permit ip any any
  interface FastEthernet0
   description Internet-facing interface
   ip address 9.2.3.6 255.255.255.252
   ip access-group InWorld in
  later you will see hit counts
  sh access-lis
  here is detailed explanation
  http://www.techrepublic.com/article/prevent-ip-spoofing-with-the-cisco-ios/
  they using more complicated acces-list
  In a typical IP address spoofing attempt, the attacker fakes the source of packets in order to appear as part of an internal network. David Davis tells you three ways you can make an attacker's life more difficult—and prevent IP address spoofing. 
  As you know, the Internet is rife with security threats, and one such threat is IP address spoofing. During a typical IP address spoofing attempt, the attacker simply fakes the source of packets in order to appear as part of an internal network. Let's discuss three ways you can protect your organization from this type of attack.
  Block IP addresses
  The first step in preventing spoofing is blocking IP addresses that pose a risk. While there can be a reason that an attacker might spoof any IP address, the most commonly spoofed IP addresses are private IP addresses (RFC 1918) and other types of shared/special IP addresses.
  Here's a list of IP addresses—and their subnet masks—that I would block from coming into my network from the Internet:
  10.0.0.0/8
  172.16.0.0/12
  192.168.0.0/16
  127.0.0.0/8
  224.0.0.0/3
  169.254.0.0/16
  All of the above are either private IP addresses that aren't routable on the Internet or used for other purposes and shouldn't be on the Internet at all. If traffic comes in with one of these IP addresses from the Internet, it must be fraudulent traffic.
  In addition, other commonly spoofed IP addresses are whatever internal IP addresses your organization uses. If you're using all private IP addresses, your range should already fall into those listed above. However, if you're using your own range of public IP addresses, you need to add them to the list.
  Implement ACLs
  The easiest way to prevent spoofing is using an ingress filter on all Internet traffic. The filter drops any traffic with a source falling into the range of one of the IP networks listed above. In other words, create an access control list (ACL) to drop all inbound traffic with a source IP in the ranges above.
  Here's a configuration example:
  Router# conf t
  Enter configuration commands, one per line.  End with CNTL/Z.
  Router(config)# ip access-list ext ingress-antispoof
  Router(config-ext-nacl)# deny ip 10.0.0.0 0.255.255.255 any
  Router(config-ext-nacl)# deny ip 172.16.0.0 0.15.255.255 any 
  Router(config-ext-nacl)# deny ip 192.168.0.0 0.0.255.255 any 
  Router(config-ext-nacl)# deny ip 127.0.0.0 0.255.255.255 any
  Router(config-ext-nacl)# deny ip 224.0.0.0 31.255.255.255 any
  Router(config-ext-nacl)# deny ip 169.254.0.0 0.0.255.255 any     
  Router(config-ext-nacl)# permit ip any any     
  Router(config-ext-nacl)# exit
  Router(config)#int s0/0
  Router(config-if)#ip access-group ingress-antispoof in
  Internet service providers (ISPs) must use filtering like this on their networks, as defined in RFC 2267. Notice how this ACL includes permit ip any any at the end. In the "real world," you would probably have a stateful firewall inside this router that protects your internal LAN.
  Of course, you could take this to the extreme and filter all inbound traffic from other subnets in your internal network to make sure that someone isn't on one subnet and spoofing traffic to another network. You could also implement egress ACLs to prevent users on your network from spoofing IP addresses from other networks. Keep in mind that this should be just one part of your overall network security strategy.
  Use reverse path forwarding (ip verify)
  Another way to protect your network from IP address spoofing is reverse path forwarding (RPF)—or ip verify. In the Cisco IOS, the commands for reverse path forwarding begin with ip verify.
  RPF works much like part of an anti-spam solution. That part receives inbound e-mail messages, takes the source e-mail address, and performs a recipient lookup on the sending server to determine if the sender really exists on the server the message came from. If the sender doesn't exist, the server drops the e-mail message because there's no way to reply to the message—and it's very likely spam.
  RPF does something similar with packets. It takes the source IP address of a packet received from the Internet and looks up to see if the router has a route in its routing table to reply to that packet. If there's no route in the routing table for a response to return to the source IP, then someone likely spoofed the packet, and the router drops the packet.
  Here's how to configure RPF on your router:
  Router(config)# ip cef
  Router(config)# int serial0/0
  Router(config-if)# ip verify unicast reverse-path
  Note that this won't work on a multi-homed network.
  It's important to protect your private network from attackers on the Internet. These three methods can go a long way toward protecting against IP address spoofing. For more information on IP address spoofing, read "IP Address Spoofing: An Introduction."
  Is IP address spoofing a major concern for your organization? What steps have you taken to protect the company? Have you used RPF? Share your experiences in this article's discussion.
  and dont forget to rate post

• How do i set manual ip addresses for connect to wifi network which had setted with manually ip addresses?

  i had set ip addresses for my home wifi network manually,and now i want to connect my iPhone5 to this network.the phone can't connect.what i have to do?after changing the wifi network setting (channels and another things)i cant connect even.i want to reslove this problem.would you help me?!

  Just thought I would bump this up in the conversation. Doing a further search I came across this discussion which is similar: Connecting to a wireless network via applescript?
  However, I tried to build the Automator application as discussed and cannot get it to work. Very much a novice at Applescript and Shell Script but have created customized Automator services before. All I get now is "Shell Script command encountered an error". No more detail. I copied and pasted the script as shown in the email thread. Is there any other line or command I need to place in front of it?
  Thanks again for any help

• HT5621 My ipad recognizes and old email address for icloud.  When I go to change the address it sends me an email verification email that says click the link THAT DOES NOT EXIST IN THE EMAIL!!   How do I get this changed?

  I cannot get my icloud email address changed, but I no longer have that email address.  So it is sending an email to an address that no longer exists, yet I cannot get it to change to my current email address.  WHen I walk through the process, it sends me an "verificaiton email" that DOES NOT have the link in it to verify.  UGH

  Welcome to the Apple community TMOZINGO.
  If you are unable to remember your password, security questions, don’t have access to your rescue address or are unable to reset your password for whatever reason, your only option is to contact AppleCare(or Apple ID Support), upon speaking to an operator you should explain that your problem is related to your Apple ID, this way you will not be charged for assistance, even if you don’t have an AppleCare plan.
  The operator will take you through some steps you may have already tried, however they need to be sure they have exhausted all usual approaches before trying to reset your account, so you should try to be helpful and show patience with the procedure.
  The operator will need to verify they are speaking to the account holder and may ask you some questions that only the account holder could know, and you will need to answer them if the process is to proceed.
  Once the operator has verified your identity they will send a message through to your device which contains an alpha numeric code, which you will need to read back to them.
  Once this has been completed they will send an email to your iCloud email address after a period of 24 hours, so you should check that mail is enabled in your devices iCloud settings.
  Upon receipt of the email, use the reset link provided to reset your password, after which you should be able to make the adjustments to iCloud that you wish to do.

• I have 2 websites and 1 IP address for my server, how do I set the DNS up?

  I am having trouble following the boards and the Server Admin instructions to make sure I can activate a website.
  IP address for the Snow Leopard Server on a mac mini
  Server Settings for Web has the 2 domain names listed pointing to the same IP address and same port 80.
  How do I point the DNS correctly to the domain I want to respond?  www.ziggythewinegal.com
  If you put the IP address in a browser, it returns the default domain which is just the apache/osx server page. 64.142.85.71
  If you put the first domain name in a browswer, it does the same. www.JoelQuigley.com
  How do I setup the DNS to www.ziggythewinegal.com which is in the folder WebServer>ziggy>index.php ?

  64.142.85.71 has an existing public DNS translation, so you'll be adding DNS CNAME (alias) records for the each of the additional hosts into your public DNS at WorldNIC DNS servers.
  Your local host either isn't running DNS, or it's running local DNS.  If it's running local DNS, then hopefully it's not running with the same domain name as your public DNS services; that you have an external DNS zone and an internal DNS zone, with an external DNS domain and an internal domain name.  If you are running DNS locally and are using the same domain name for internal and external DNS servers, then you'll also need to add the translation for the new web sites into your local DNS server configuration.
  Once the translation is added, add - as John Lockwood indicates - Sites into your web server. 
  The numbers of folders can vary.  Different sites may or may not be in the same folder, depending on what you're doing. Multiple ttraditional static HTML web sites are probably stored in separate folders.  A single site with several names can be in the same folder.  A web content management system (CMS) can be stored in one folder.
  If you have a firewall here (and you should), then you may need some additional steps.  Particularly if you're running NAT, and don't already have rules and port-forwarding enabled on the server.  Given it appears you're using mail with this server, there are likely some rules in place, though you'll need to confirm that port 80 TCP and possibly port 443 TCP are (also) being forwarded for your web services.
  Here is a write-up on adding what Apple calls Sites and what Apache calls virtual hosts.

• Static NAT and same IP address for two interfaces

  We have a Cisco ASA 5520 and in order to conserve public IP addresses and configuration (possibly) can we use the same public IP address for a static NAT with two different interfaces? Here is an example of what I'm refering too where 10.10.10.10 would be the same public IP address.
  static (inside,Outside) 10.10.10.10  access-list inside_nat_static_1
  static (production,Outside) 10.10.10.10  access-list production_nat_static_1
  Thanks for any help.
  Jeff

  Hi Jeff,
  Unfortunately this cannot be done, on the ASA packet classification is done on the basis of mac-address, destination nat and route, and here you are confusing the firewall, to which interface does the ip belong to. I haven't ever tried to do it, but it should cause you issues.
  Thanks,
  Varun Rao
  Security Team,
  Cisco TAC

• HT3204 I have made sure my computer is updated, ran the connectivity tests and all passed except for cd player but I still cannot connect to iTunes store.

  I am not able to connect to iTunes store. I have tried all their suggstions o the Apple site. Ran all the connectivity tests and on the cd player came up as an error.

  Have you verified that the account information you have stored in iTunes on your computer, EXACTLY mirrors the information you have on file on your iPad?  For example, if you say you live on 1234 Road in iTunes, but on your iPad you say you live on 1234 Rd., you'll have an issue.  Make sure the information on both sides is the same.