Missing Active/New Sockets during SSL Setup

Similar Messages

• My hard drive failed and during the setup of Illustrator CS4 on my new hard drive/pc, I was told I had reached the maximum number of licenses

  My hard drive failed and during the setup of Illustrator CS4 on my new hard drive/pc, I was told that the maximum # of licenses for my serial number had been reached and so I am unable to install Illustrator on my working computer.  This happened a couple of years ago and I called Adobe and they were able to 'reset' things but I don't see any way to talk to someone now to resolve this problem.  BTW, I have the failed hard drive slaved in my new computer and am able to access files and such things, but have no way of uninstalling the Illustrator on my old drive.  How do I fix this issue?

  Contact Adobe Support thru chat and ask them to reset your activations.
  For the link below click the Still Need Help? option in the blue area at the bottom and choose the chat option...
  Serial number and activation chat support (non-CC)
  http://helpx.adobe.com/x-productkb/global/service1.html ( http://adobe.ly/1aYjbSC )

• How to Uninstall SQL instance on active-passive SQL server , which failed during Cluster Setup (Error-Failed at Validate Active Directory Configuration)

  How to Uninstall SQL instance on active-passive SQL server , which failed during Cluster Setup (Error-Failed at Validate Active Directory Configuration)
  active-passive SQL server cluster setup failed due to some steps missed in initial cluster setup,
  now i have unistall sql instance from nodes,
  Your help will higly appriciated.
  Regards,
  Anish
  Asandeen

  Hello,
  Please refer to the following link about remove a node of  SQL Server Failover Cluster Instance:
  http://msdn.microsoft.com/en-us/library/ms191545.aspx#Remove
  Regards,
  Fanny Liu
  Fanny Liu
  TechNet Community Support

• Looking for quick creation of a new contact during activity processing

  We are looking for a quick way to create a new contact during the process of activity management.  Once I have selected my business partner and then I search for a contact, if the contact I need does not exist yet there are several long involved ways to go create the new contact.  Several people from SAP have alluded that there is an add button that should be available on the business partner central search window that comes up when you look for contacts but we have no add button.  Does someone know if the add button becomes available later?  We are on CRM 5.0  - has anyone customized a way to add a contact here without having to go into the account application relationship tab.  We are coming off of Mobile Sales where there is a pop up window to add a contact. We need to replace this functionality.

  Hello Pascale,
  "Follow-up" button is present to enable a quick creation of follow up.
  That is end user can just input those limited fields, and click on this button to create the document without going into the detail.
  And at the same time, standard IC do provides another link to the detailed follow up documents to enable user add more detail.
  The link "Follow-up Details" can realize such purpose and should be the one you are asking for.
  The steps are:
  - select the transaction type in the drop down;
  - click on "Follow-up Details" link, this lead to another page of the detailed activity creating, only at this time the activity is being created;
  - click on the Back button without save, you will return to the previous screen, and get the link in Activity Clipboard for future access;
  Hope I have understood your requirement correctly!
  Hongyan

• During iCloud setup, I was notified that an email was sent to my mail account for activation.  I cannot find the e-mail.

  During iCloud setup, I was notified that an email was sent to my mail account for activation.  I cannot find the e-mail.

  Put in a request for another verification e-mail to be sent to you.
  Start here, change your country if necessary and go to manage your account.

• Getting a new Openreach Master Socket during the i...

  I have an old style master socket which means I can't use the broadband accelerator.  Can someone advise me whether the newer Openreach type master socket can be fitted at the same time as BT Infinity is installed, as I don't want to pay for 2 visits!
  Thanks

  Hi
      The OR engineer will be able to change you old master socket to a new version one.  Your new socket should end up looking like the one in this picture.

• Exchange active sync not requesting advanced setup details

  hi - we have exchange 2010 with active sync 14.1  we have many types mobile devices connected using active sync including iphone and android.  when we previously added any account onto a phone we always had to add the advanced setup manually during
  the setup i.e. mail server and domain.  now these details are added automatically after adding email and password.  This seems less secure and i need to find how to stop this.
  Thanks

  Hi ,
  This is normal behavior in exchange because of autodiscover feature and it is making up the things easier during new account configuration on mobile devices.
  After giving up the user name and password ,autodiscover is the feature which will bring up the remaining settings that you mentioned .
  We will discuss in terms of security view .
  1.User's password would be confidential .
  However in worst cases someone might know about anyone's password and email address then on such case there would be chance to configure that particular account in any of the mobile devices.
  We can control the above scenario too.
  In exchange Active sync organisation settings we have an option to set the DefaultAccessLevel to quarantine for the devices.So that administrator can decide to allow or block the active sync device which is trying to connect to exchange.
  Reference Link : http://exchangeserverpro.com/preventing-new-activesync-device-types-from-connecting-to-exchange-server-2010/
  Note : If your existing exchange organisation is having active sync devices configured in use then before changing the "Defaultaccesslevel" to quarantine we need to make sure existing active sync device ID'S are added to the corresponding mailboxes
  -ActiveSyncAllowedDeviceIDs 
  Thanks & Regards S.Nithyanandham

• New Socket takes too long / how to stop a Thread ?

  Hello to everyone,
  I have a problem that I have been hunting this ol' Sun website all day for a suitable answer, and have found people who have asked this same question and not gotten answers. Finally, with but a shred of hope left, I post...
  My really short version:
  A call to the Socket(InetAddress,int) constructor can take a very long time before it times out. How to limit the wait?
  My really detailed version:
  I have a GUI for which the user enters comm parameters, then the program does some I/O while the user waits (but there is a Cancel button for the Impatient), then the results are displayed. Here is quick pseudocode (which, by the way, worked great before there were Sockets in this program -- only serial ports):
  Main (GUI) thread:
       --> reset the stop request flag
       --> calls workerThread.start(), then brings up a Cancel dialog with a Cancel button (thus going to sleep)
       --> (awake by dialog closing -- dialog may have been closed by workerThread or by user)
       --> set stop request flag that worker thread checks (in case he's still alive)
       --> call workerThread.interrupt() (in case he's alive but asleep for some reason (???))
       --> call workerThread.join() to wait for worker thread to be dead (nothing to wait for if he's dead already)
       --> display worker thread's result data or "Cancelled..." information, whichever worker thread has set
  Worker thread:
       --> yield (to give main thread a chance to get the Cancel Dialog showing)
       --> do job, checking (every few code lines) that stop request flag is not set
       --> if stop request, stop and set cancelled flag for Main thread to handle
       --> if finish with no stop request, set result data for Main thread to handle
       --> take down Cancel Dialog (does nothing if not still up, takes down and wakes main thread if still up)
  THE PROBLEM: Worker thread's job involves doing IO, and it may need to instantiate a new Socket. If it is attempting to instantiate Socket with bad arguments, it can get stuck... The port int is hardcoded by the program, but the IPAddress must be typed by user.
  If the arguments to Socket(InetAddress, int) constructor contain a valid-but-not-in-use IP address, the worker thread will get stuck in the Socket constructor for a LONG time (I observed 1m:38s). There is nothing the Main thread can do to stop this wait?
  EVEN WORSE: If the user clicks the Cancel Button during this time, the dialog goes away soon/immediately, but then the GUI appears to be hanging (single-threaded look) until the long wait is over (after which the "Cancelled..." info is displayed).
  MY QUESTION: Is there nothing the Main thread can do to stop this wait?
  Your answers will be sincerely appreciated. Despite my hopeless attitude (see above), the folks at this forum really have yet to let me down ...
  /Mel

  http://developer.java.sun.com/developer/technicalArticles/Networking/timeouts/

• SSL setup - Weblogic 10.3 and OIM 9.1.0.1

  I am using self generated certs. I have followed all the steps in configuring SSL for OIM given in section 8.6.2 SSL Certificate Setup given in Installation and Configuration Guide for Oracle WebLogic Server Release 9.1.0.1 E14047-02.
  But when I try to perform the following step:
  To configure the trust store:
  1. Copy the supportcert.pem file to the following location on the Design Console:
  OIM_DC_HOME\java\lib\security.
  2. Open a command prompt at OIM_DC_HOME\java\lib\security and run the
  following command:
  cd OIM_DC_HOME\java\lib\security
  keytool -import
  -alias support
  -trustcacerts
  -file supportcert.pem
  -keystore cacerts
  -storepass changeit
  I don't see any folder in oim client as given above of \java\lib\security. So I created the same and followed the instructions but still the keytool.exe s not present in it. So is something missing in the document that we are not aware of? Do we have to copy the keytool.exe from BEA_HOME? I tried that too but it propped up an error saying some DLL/JAR not found.
  I found this viewlet which shows something different related to SSL setup in weblogic
  \S21880\Setup_SSL_Certificates_WLS70_61_viewlet_swf.htm
  Are the steps given in the guide enough for the SSL configuration between weblogic and oim ? or do we need to follow some other steps too ?
  Any ideas/clues/suggestions? Very appreciative.
  Many Thanks in advance.
  - oidm.

  I had a look into the xlclient.cmd file and went to the JAVA directory which is being used. And did a search for the "cacerts" and found out that there is a file named cacerts in the JAVA_HOME/jre/lib/security folder over there.
  But how does that relate to the problem of running the keytool command successfully at the right place (OIM_DC_HOME) ?
  Any hints Kevin....
  Thanks,
  - oidm.

• A new socket for every http-request?

  Do I have to make a new socket for every http-request? The code below doesn't work because it is two requests in a row. The first GET works, but the second doesn't. I thought that the purpose of a socket is that you set it up once and then you should be able to do arbitrary communication between the two peers. Maybe that is just the case with sockets only but not if you use sockets to perform http.
  Thank you for your answers! Nice greetings from Austria (not Australia)!
  Stefan :)
  package httptest;
  import javax.net.ssl.*;
  import java.io.*;
  import java.net.*;
  public class Conn2 {
      private PrintWriter out;
      private BufferedReader in;
      private Socket socket;
      public Conn2()
          try {
           socket = new Socket("www.google.at", 80);
           out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())));         
           if (out.checkError())
            System.out.println("SSLSocketClient:  java.io.PrintWriter error");
           in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
              System.out.println("Connect erfolgreich.");
       } catch (Exception e) {
           System.err.println(e);
      public void test()
          String inputLine;
          // 1. GET
          out.println("GET / HTTP/1.0");
       out.println();
       out.flush();
       try
              while ((inputLine = in.readLine()) != null)
                  System.out.println(inputLine);
          catch(IOException e)
              System.err.println(e);
          // 2. GET
          out.println("GET / HTTP/1.0");
       out.println();
       out.flush();
          try
              while ((inputLine = in.readLine()) != null)
                  System.out.println(inputLine);
          catch(IOException e)
              System.err.println(e);
  }

  Normally in the HTTP protocol, the server will close the connection after every request. So after you do the first GET, the server sends you the result and closes the connection. You have to open a new connection for the second GET.
  You can set specific headers to keep the connection open, which makes things faster if you have to do multiple GET's quickly after another. Lookup the specification of the HTTP protocol on http://www.ietf.org/
  Maybe it's easier to use a HTTP client library like Apache's HTTPClient: http://jakarta.apache.org/commons/httpclient/ so that you don't have to implement all the difficulties of the HTTP protocol yourself.

• New table in replicated setup

  Hi,
  Im having two datastores A and B. Whole datastore is replicated in two-way replication scheme.
  My question is what are the steps to be taken if Im adding a new table to this setup.
  After adding the new table in both the datastores, replication is not happening for the new table.
  Do I need to do a duplicate operation on one of the card after creating a new table in the other?
  Regards
  Pratheej

  Hi Pratheej,
  Please confirm my understanding that you are using legacy replication (CREATE REPLICATION as opposed to CREATE ACTIVE STANDBY PAIR). For legacy datastore level replication, when you create a new table in a replicated datastroe it is created as 'EXCLUDED" (i.e. as if it had existed at the time you created the replication scheme but you had explicitly EXCLUDED it. Hence to get that table into replication you need to 'ALTER TREPLICATION ... INCLUDE ...'.
  If you are adding multiple tables you can do them all in one 'hit' so in steps 5 and 7 you would do all the tables at the same time hence only one duplicate is needed regardless of the number of tables being added.
  If you were to use ACTIVE STANDBY PAIR replication then you could do this much more easily using DDL Replication.
  Chris

• Weblogic server 10.3.5 error during SSL handshake

  Please some one help to figure the issue with following logs.
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 33092690>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 33095418>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <33092490 SSL Version data invalid>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Connection to SSL port from Sa-PC - 150.1.104.124 appears to be either unknown SSL version or maybe is plaintext>
  <16-Jan-2013 18:40:40 o'clock GMT> <Warning> <Security> <BEA-090476> <Invalid/unknown SSL header was received from peer Sa-PC - 150.1.104.124 during SSL handshake.>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 70
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.record.ReadHandler.getProtocolVersion(Unknown Source)
       at com.certicom.tls.record.ReadHandler.checkVersion(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
       at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
       at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  >
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33092490>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33092490>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 33092690>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <33095215 SSL Version data invalid>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Connection to SSL port from Sa-PC - 150.1.104.124 appears to be either unknown SSL version or maybe is plaintext>
  <16-Jan-2013 18:40:40 o'clock GMT> <Warning> <Security> <BEA-090476> <Invalid/unknown SSL header was received from peer Sa-PC - 150.1.104.124 during SSL handshake.>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 70
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.record.ReadHandler.getProtocolVersion(Unknown Source)
       at com.certicom.tls.record.ReadHandler.checkVersion(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
       at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
       at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  >
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33095215>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33095215>
  <16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 33095418>
  I just created domain with http and https ports. I installed an web app. When I am trying to access the app from browser through https the above error is occurring.
  Please somebody help me.
  Thanks in advance.
  SK

  This message indicates that the SSL connection is closed successfully. It is a warning message and normal to see in the logs when you enable the SSL debug flags. This is an expected behavior. If you see alerts when SSL debug is NOT ENABLED then it is a real alert and we need to take care of those issues. Also, it is not a real alert, it is a caught and handled exception from the certicom code which is not harmful and should be ignored, just because you have enabled the SSL debug flag. Once you turn it off, you won't see it in the logs.
  Edited by: sharmela on Jan 22, 2013 4:55 AM

• Disable a test socket during execution (Batch Mode)

       We are running a Batch Model with Batch Synchronization.   I am wondering if it is at all possible to totally disable one or more of the test socket during execution.  I know that the opening screen allows you to choose which sockets are active, but in the event that something goes astray like the RS-485 communication is non-responsive, I would like to disable one or more at anytime during the test.  Thank you in advance for any ideas you come up with.
  Regards
  Scott
  Environment: TestStand 2010
  Solved!
  Go to Solution.

  I am not aware of how to stop a socket which is already running and facing an error midway.
  But this setting will ensure that the socket is disabled for the next runs.
  1) Override the preBatch callback.
  2) Call this statement in the current executing thread to stop the socket from next run. ( precondition = on error)
  RunState.Caller.Parameters.ModelData.TestSockets[RunState.TestSockets.MyIndex].Disabled=True

• New Socket() acting strangely under Windows

  Hello,
  First a little background:
  I have a client application that connects to a server application through a socket. The client first checks to see the server is 'reachable' using the .isReachable() method. If this return true, all is good. If it returns false, the application sets up to use a Microsoft Windows DUN connection and VPN to connect to the server. This is handled through a 3rd party .jar file called jdialup. Oh, one more thing, the client pc is connected to the network through a hub. In other words, the pc is connected to a hub. The hub is connected to the network using it's up-link port... Everything so far is pretty simple enough...
  Now the issue:
  If I disconnect the network cable from the back of the pc and run my client application, it says that the server is not reachable, which is fine. The application then dials out to our ISP and connects to our VPN. The client application connects to the server application through a socket and sends the request and receives the response. The client then disconnects. Everything is GOOD.
  Now, if I disconnect the network cable from the up-link on the hub, thus removing the client pc from the network, this is where the strangeness happens! I run my client application, it again says that the server is not reachable, which is fine. The application again dials out to our ISP and connects to our VPN. This is fine. Now though, when I attempt to make the socket connection to the server, it times out! The actual call to
  Socket socket = new Socket(ipaddress, port);times out...
  This seems very strange to me... Any ideas?
  PS: In both situations when I connect to the VPN, I can ping and telnet to the server. It is the Socket call that is acting strange...
  Thanks,

  I've been following this and I'm baffled by the
  discussion so far. Has the thread been trimmed? I believe we got off on a tangent, but the problem is that in certain circumstances the client application tries to connect to the server application the call the 'new Socket()' times out... You will have to read my original post...
  Anyway, I believe that I have figured it out. It was related to the gateway option in the network setup on the client pc.
  Originally I had the gateway option set to be an ip address internal to our network. Our network guy said that in this situation, I needed to set the gateway to an ip address outside out network. When I did that, everything now work beautifully. Why? I have no real idea as I am not a network guy, but it work now and I am happy...
  Thanks for everyones help and sorry for all the confusion.

• EAP-TLS or PEAP authentication failed during SSL handshake

  Hi Pros,
                 I am a newbie in the ACS 4.2 and EAP-TLS implementation, with that being said. I face an issue during a EAP-TLS implementation. My search shows that this kind of error message is already certificate issue;However, I have deleted and recreated the certificate in both ACS and the client with the same result. I have deleted and re-install the certchain as well.
  When I check my log in the failed attemps, there is what I found:
  Date
  Time
  Message-Type
  User-Name
  Group-Name
  Caller-ID
  Network Access Profile Name
  Authen-Failure-Code
  Author-Failure-Code
  Author-Data
  NAS-Port
  NAS-IP-Address
  Filter Information
  PEAP/EAP-FAST-Clear-Name
  EAP Type
  EAP Type Name
  Reason
  Access Device
  Network Device Group
  06/23/2010
  17:39:51
  Authen failed
  000e.9b6e.e834
  Default Group
  000e.9b6e.e834
  (Default)
  EAP-TLS or PEAP authentication failed during SSL handshake
  1101
  10.111.22.24
  25
  MS-PEAP
  wbr-1121-zozo-test
  Office Networ
  06/23/2010
  17:39:50
  Authen failed
  [email protected]
  Default Group
  000e.9b6e.e834
  (Default)
  EAP-TLS or PEAP authentication failed during SSL handshake
  1098
  10.111.22.24
  25
  MS-PEAP
  wbr-1121-zozo-test
  Office Network
  [email protected] = my windows active directory name
  1. Why under EAP-TYPE it shows MS-PEAP not EAP-TLS? I did configure EAP-TLS....
  2. Why sometimes it just shows the MAC of the client for username?
  3. Why  it puts me in DEFAULT-GROUP even though i belongs to a group well definy in the acs?
  2. Secondly, When I check in pass authentications... there is what i saw
  Date
  Time
  Message-Type
  User-Name
  Group-Name
  Caller-ID
  NAS-Port
  NAS-IP-Address
  Network Access Profile Name
  Shared RAC
  Downloadable ACL
  System-Posture-Token
  Application-Posture-Token
  Reason
  EAP Type
  EAP Type Name
  PEAP/EAP-FAST-Clear-Name
  Access Device
  Network Device Group
  06/23/2010
  17:30:49
  Authen OK
  groszozo
  NOC Tier 2
  10.11.10.105
  1
  10.111.22.24
  (Default)
  wbr-1121-zozo-test
  Office Network
  06/23/2010
  17:29:27
  Authen OK
  groszozo
  NOC Tier 2
  10.11.10.105
  1
  10.111.22.24
  (Default)
  wbr-1121-zozo-test
  Office Network
  In the output below, it says that the user is authenticate and it puts the user in the right group with the right username, but the user never really authenticate. Maybe for the first few seconds when I initiate the connection.
  Before I forget, the suppliant is using WIN XP and 802.1x is enable. I even uncheck not verify the server and the ACS under External User Databases, I did  check ENABLE EAP-TLS machine authentication.
  Thanks in advance for your help,
  Crazy---

  Any ideas on this guys?? In my end, i've been reading some docs... Things started to make sens to me, but I still cannot authenticate, still the same errors. One more thing that catch my  attention now is the time it takes to open a telnet session to cisco device which has the ACS for auth server.
  My AD(Active Direct) and the ACS server are local same subnet(server subnet). Ping to the ACS from my desktop which is in different subnet is only take 1ms. To confirm that the issue is the ACS server, I decided to use another server in remote location, the telnet connection is way faster than the local ACS.
  Let's brain storm together to figure out this guys.
  Thanks in advance,
  ----Paul