NAC L3 OOB not working accross WAN
I am setting up a proof of concept lab for a NAC installation.
I am using Cisco Catalyst 3550 and 2950 switches (the actual environment is using 3750 and 2960 and 2950 switches) and have the NAC set up in central L3 OOB configuration. In this configuration i have a single NAS and NAM at the "MAIN_SITE" and then two branch sites "BRANCH1" and "BRANCH2".
At the main site, the OOB works fine and when a user logs on, the port is moved from the unauthenticated VLAN (290) to the role based VLAN (200) However, at the "branches" the switches are not placing the port into the role based VLAN, nor if a port is in VLAN 200 and a PC is plugged into that port does the port switch to VLAN 290 (unauthenticated).
Sniffing the traffic with Wireshark i see the SNMP sets being sent by the NAM to the switch telling it to place the port into VLAN 200, but the switch is not doing it.
My write strings are set up correctly and the NAM is able to set up the initial commands on the switch for the NAC ("snmp trap mac-notification added" commands to the ports).
Can anyone say what is wrong?
Sachin
I defaulted the 3550 switch in the WAN and reconfigured it and it works now. I tried the same procedure for the 2950 switch but no dice. I replaced the 2950 switch with a 3550 that worked.
Can anyone say if there is an issue with teh 2950 switch for L3 OOB? I don't have another 2950 switch to test with.
Sachin
Similar Messages
-
NAC 4.9 not working with iphones/ipads
Hi,
we updated our NAC appliances from 4.8.1 to 4.9 and have noticed that web authentication is no longer woking on Apple IOS devices.
We had setup a user page for the MAC_ALL OS and iphones etc. were able to authenticate using thier browser ok.
Now (after the upgrade) after they authenticate they receive the below warning.
There doens't seem to be any other config changes we can make for the IOS device so any advice would be useful.
ThanksHave resolved this by a little 'trial and error'
I removed the agent requirement from the 'all' OS group.
I trashed the user pages I had created and set them up again for MAC_ALL and All.
Added the agent requirement back in for ALL and exempted MAC_ALL from this requirement.
Seems to work ok, only odd glitch is MACOSX devices are being served the MAC_ALL user page even though they should not be.
The agent requirement for MACOSX is still enforced though.
Looks like this new upgrade is a little flakey -
NAC CAM HA not working since upgrade to 4.8
Hi,
I have just upgraded my two NAC CAM servers to 4.8. They were previously running on 4.6. They are configured with eth0 on one LAN (fully routed), and eth1 and eth2 sitting on totally private LANs, each with a small /30 subnet to use. These are just a couple of small VLANs between two 4848 switches. It's basically configured as:
Server -- Switch -- Portchannel group -- Switch -- Server. Other VLANs also traverse the link and are fine. Portchannel is up and happily passing traffic. The VLANs appear active too (they are simply layer 2 VLANs - no routing or anything. Literally point to point).
I followed the upgrade instructions as per the release notes. However, since they have been unable to see eachother for HA. Pings between the HA interfaces produce no reply. I have found if I run tcpdump on one server, and fire a ping at it from the other, a ARP will arrive asking who has the IP, and it will reply, but it goes no further. Nothing has changed on the network side, so I'm a little flummoxed now.
Consequentially, one box will load up happily, the second will always tell me:
[root@xxxxxxxx bin]# ./fostate.sh
My node is dead, peer node is unknown
The 'working' node will show:
[root@xxxxxxxx bin]# ./fostate.sh
My node is active, peer node is dead
Ifconfig shows the interfaces as up - they can ping themselves after all.
Any help most gratefully received!Hi:
I have an iPhone 3G (16GB) that I upgraded a couple weeks ago with the iOS 4.0 and although I haven't had any problems with those applications that I use regularly, I have not tried out the ones I don't use regularly. The problem I've been experiencing is that when I use the start button on the front to boot up, the slider to unlock won't move--I have to use the top edge button to boot up and slide/unlock. Even then, sometimes the application icons won't respond and I have to start all over again. Anyone else have this irritating deficiency?
Medren -
I am on 8.1.14 SIA with OSES 11g installed on Windows 64-bit. I followed all the instructions. When I am indexing the Service requests, I can see couple of files getting placed in ssc\xmlidata and getting the SUC files to err folder. When I go to schedules tab, and then the statistics page I get this..This is after I placed a search spec on SR's like [Created] > '12/11/2011' on index definitions. I am always getting this and my documents are not getting as per the below status. But on the Administration- Search I get saying 13 records as indexed with status shown as indexed. So I got the log files attached.. Can some help on this..================== Crawling settings
20:32:42:079 INFO main
20:32:42:079 INFO main Source type is "Siebel 8"
20:32:42:079 INFO main Source is "buscomp"
20:32:42:079 INFO main
20:32:42:079 INFO main Total number of documents fetched = 0
20:32:42:079 INFO main Document fetch failures = 0
20:32:42:079 INFO main Document conversion failures = 0
20:32:42:079 INFO main Total number of documents queued for indexing = 0
20:32:42:079 INFO main Total number of documents indexed = 0
20:32:42:079 INFO main Total data queued for indexing = 0 bytes
20:32:42:079 INFO main Total data indexed = 0 bytes
20:32:42:079 INFO main Total number of non-indexable documents = 0
20:32:42:079 INFO main
20:32:42:079 INFO main Number of times disk cache is full = 0We are using FTP indexing..
Created file object on /fs/SSC/config/RSS_Crawler_Configuration.xml
20:32:29:876 INFO main URIHandler initialized for the URI file://sgicrmdxse1/fs/SSC/config/RSS_Crawler_Configuration.xml
20:32:30:235 DEBUG main Params: feedURL: ftp://129.135.75.181/xmlidata
sourceName: buscomp
user: ing\svcc
securityType:attributeBased
errorFile:/xmlidata/err
20:32:30:251 INFO main No existing connection pool: ing\svccrmdevadmin@ftp//:129.135.12.35, Creating new connection pool
20:32:30:267 INFO main FTP connection to 129.135.75.181:-1 successful
20:32:30:829 INFO main FTP login of user ing\svcc successful
20:32:30:845 INFO main Setting file type to binary: true
20:32:30:845 INFO main FTP URI parsed: Host:129.135.75.181, Port: -1, Path: xmlidata, Resource: null
20:32:30:845 INFO main URIHandler initialized for the URI ftp://129.135.75.181/xmlidata
20:32:30:845 INFO main Feed directory xmlidata
20:32:30:876 DEBUG main Retrieved contents of directory xmlidata. Directory size=2
20:32:30:876 INFO main Checking file err
20:32:30:876 INFO main File err not RSS feed. ignoring...
20:32:30:876 INFO main Checking file Service Requests-Service Request_20120120023202002_0.xml
20:32:30:876 INFO main Accepted file Service Requests-Service Request_20120120023202002_0.xml for processing
20:32:30:907 DEBUG main FTP reply for stream retrieval for Service Requests-Service Request_20120120023202002_0.xml : 150
20:32:30:907 INFO main RSS SAX queue - init on Service Requests-Service Request_20120120023202002_0.xml
20:32:30:907 INFO main Initialized error feed at D:\temp\Service Requests-Service Request_20120120023202002_0.xml.err
MIME inclusions = text/plain application/pdf text/html application/x-msexcel application/vnd.ms-excel application/ms-excel application/x-mspowerpoint application/vnd.ms-powerpoint application/msword
20:32:23:235 INFO main URL table attributes = url, depth, signature, last_modified, status, url_id, access_url, enqueue_status, doc_lang, TITLE, DESCRIPTION, AUTHOR, CRAWLED_DATE, CONTENT_LENGTH, CONTENT_TYPE, LANG, CACHE_FILE_PATH, DS_ID, ACL_ID, OWNER_ID, DOC_OWNER
20:32:23:235 INFO main SQL callback statement is "begin eq_crw.crawler_callback(?,?,?,?); exception when eq_def.search_error then eq_err.raise; when others then eq_err.raise; end;"
20:32:23:235 INFO main Cookie support is enabled
20:32:23:235 INFO main Maximum number of cookies = 300
20:32:23:235 INFO main Maximum number of cookies per host = 20
20:32:23:235 INFO main Maximum size of cookie = 4096 bytes
20:32:23:235 INFO main Cache file deletion is disabled
20:32:23:235 INFO main Crawler plug-in manager class is "oracle.search.plugin.siebel.Siebel8CrawlerManager"
20:32:23:235 INFO main SQL hook ID is "22"
20:32:23:235 INFO main SQL command hook statement is "begin ? := eq_crw.crawler_get_command(?,?,?,?); end;"
20:32:23:235 INFO main SQL response hook statement is "begin ? := eq_crw.crawler_send_response (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?); end;"
20:32:23:235 INFO main Crawler launched by schedule "buscomp"
20:32:23:235 INFO main Bad title to be replaced = "powerpoint presentation"
20:32:23:235 INFO main Bad title to be replaced = "slide 1"
WEHo=%hostName%&SWEBU=1&SWEApplet0=Service+Request+List+Applet&SWERowId0=1-64YD9Z&sblindexcategory=Service+Requests
20:32:33:610 INFO crawler_2 crawler_2: All items have been consumed
20:32:33:626 INFO filter_1 Initializing crawler plug-in "Siebel 8 crawler plug-in"
20:32:33:626 INFO filter_1 Crawler plug-in "Siebel 8 crawler plug-in" crawl starts
20:32:33:626 INFO crawler_3 Initializing crawler plug-in "Siebel 8 crawler plug-in"
20:32:33:626 INFO crawler_3 Crawler plug-in "Siebel 8 crawler plug-in" crawl starts
20:32:33:642 INFO crawler_2 Deleted the channel file Service Requests-Service Request_20120120023202002_0.xml after crawling successfully
20:32:33:642 INFO crawler_2 No errors in channel - deleting error file D:\temp\Service Requests-Service Request_20120120023202002_0.xml.err
20:32:33:657 INFO crawler_2 No free connection in pool ing\svcc@ftp//:129.135.75.181. Creating a new connection.
20:32:33:657 INFO crawler_2 FTP connection to 129.135.75.181:-1 successful
20:32:33:657 INFO crawler_2 FTP login of user ing\svcc successful
20:32:33:657 INFO crawler_2 Setting file type to binary: true
20:32:33:673 INFO crawler_2 Service Requests-Service Request_20120120023202002_0.xml.suc uploaded successfully
20:32:33:673 INFO crawler_2 Service Requests-Service Request_20120120023202002_0.xml.suc uploaded successfully
DEBUG crawler_2 Retrieved contents of directory xmlidata. Directory size=1
INFO crawler_2 File err not RSS feed. ignoring...
INFO crawler_2 No more items to process
DEBUG crawler_2 RSSC: calling close on ctrl Q
DEBUG crawler_2 FTPClient added to free pool for ing\svcc@ftp//:129.135.75.181
DEBUG crawler_2 RSSC: done with close on ctrl Q
INFO crawler_2 No more items. Crawler thread exiting.
INFO crawler_2 Crawler plug-in "Siebel 8 crawler plug-in" crawl finishes
INFO crawler_4 No more items to process
DEBUG crawler_4 RSSC: calling close on ctrl Q
DEBUG crawler_4 RSSC: done with close on ctrl Q
INFO crawler_4 No more items. Crawler thread exiting.
INFO crawler_4 Crawler plug-in "Siebel 8 crawler plug-in" crawl finishes
INFO filter_0 No more items to process
DEBUG filter_0 RSSC: calling close on ctrl Q
DEBUG filter_0 RSSC: done with close on ctrl Q
INFO filter_0 No more items. Crawler thread exiting.
INFO filter_0 Crawler plug-in "Siebel 8 crawler plug-in" crawl finishes
INFO filter_0 Shut down document service agent "Default pipeline"
INFO filter_1 No more items to process
DEBUG filter_1 RSSC: calling close on ctrl Q
DEBUG filter_1 RSSC: done with close on ctrl Q
INFO filter_1 No more items. Crawler thread exiting.
INFO filter_1 Crawler plug-in "Siebel 8 crawler plug-in" crawl finishes
INFO crawler_3 No more items to process
DEBUG crawler_3 RSSC: calling close on ctrl Q
DEBUG crawler_3 RSSC: done with close on ctrl Q
INFO crawler_3 No more items. Crawler thread exiting.
INFO crawler_3 Crawler plug-in "Siebel 8 crawler plug-in" crawl finishes
INFO crawler_3 Shut down crawler plug-in "Siebel 8 crawler plug-in"
INFO crawler_3 Crawler thread stopping due to stop crawl command
INFO crawler_3 calling stop on the m_itemQueue
INFO crawler_3 done with stop on the m_itemQueue
INFO crawler_3 Shut down crawler plug-in "Siebel 8 crawler plug-in"
INFO crawler_3 Crawler thread stopping due to stop crawl command
INFO crawler_3 Shut down crawler plug-in "Siebel 8 crawler plug-in"
INFO crawler_3 Crawler thread stopping due to stop crawl command
INFO crawler_3 Shut down crawler plug-in "Siebel 8 crawler plug-in"
INFO crawler_3 Crawler thread stopping due to stop crawl command
INFO crawler_3 Shut down crawler plug-in "Siebel 8 crawler plug-in"
INFO crawler_3 Crawler thread stopping due to stop crawl command
20:32:42:079 INFO main
20:32:42:079 INFO main Total number of documents fetched = 0
20:32:42:079 INFO main Document fetch failures = 0
20:32:42:079 INFO main Document conversion failures = 0
20:32:42:079 INFO main Total number of documents queued for indexing = 0
20:32:42:079 INFO main Total number of documents indexed = 0
20:32:42:079 INFO main Total data queued for indexing = 0 bytes
20:32:42:079 INFO main Total data indexed = 0 bytes
20:32:42:079 INFO main Total number of non-indexable documents = 0
20:32:42:079 INFO main
20:32:42:079 INFO main Number of times disk cache is full = 0 -
Google Voice Widget Not Working in Safari 5.1 which is Adobe flash wmode transparent based
Google Voice Widget Not Working in Safari 5.1 which is Adobe flash with wmode transparent set. For that matter all flash text fields in Safari 5.1 are not working accross the web when wmode is set to transparent. This is a Safari bug! Other browsers work fine.
Well after much research Adobe flash text field with wmode transparent set is not working in Safari 5.1 when any flash object has the wmode set to "transparent", or "opaque". The problem is many site must layer flash objects with html so the wmode transparent must be used.
Affecting sites like BEST BUY, WALMART, CVS, STAPLES, Chechout their flash based weekly ads and find one that you need to update the quantity in the flash pop-up and the text field with keyboard strokes will not work. Flash text fields were all working fine until several month ago when Safari rolled out 5.1 working for Google Voice Flash based widget which uses the wmode transparent. HELP!
John Hooper
Techno Online Problem Solver
http://www.johnrhooper.comAll 3 examples seem to render just fine in IE and FF.
See comparison photo:
http://www.cidigitalmedia.com/web_devel/background.jpg
If not working for you, try clearing your cache to remove any old, non working versions.
Test on some other machine besides yours.
Code looks fine and seems to work.
Best wishes,
Adninjastrator -
Email with attachment ms word not working
Since updating to Mountain Lion, Share -> Email as Attachment in Word, Excel and Powerpoint 2011 no longer attaches the file. It launches Mac Mail but then I get the spinning beach ball.
I have repaired permissions and rebuilt the MS identity. No luck with either.
Any additonal help would be great. I use this feature a lot and would like to know what has become corrrupted.
thanks,
DebbieAll normal file names. MS Office has this built into the File, Share menu. It workd until I upgraded to ML. It launches Mail but does not attach the file. It does not work accross the Office platform: Word, Excel or Powerpoint.
As far as I know you cannot add the Share button like in Safari to other applications yet. It must be written into th program itself.
I think this must have something to do with the applescript which is running behind the scenes, but am at a loss to know what might not be working.
Debbie -
NAC OOB logoff feature not working
Hi all,
I've deployed NAC in L2 OOB VG mode with ADSSO and I'm trying to use the OOB logoff feature but it's not working. The VLAN change detect feature doesn't work either (I think the two problems might be related).
It will work if each user role is assigned a different auth/access VLAN pair but in my setup, everyone has a common auth vlan and separate role-based access vlans. Because of this, I have to use the IP refresh feature as well (this works fine).
I'm running Windows Vista and version 4.8.0 of the NAC software with version 4.8.1.5 of the agent
I checked the release notes and found that caveat CSCth60233 identifies this bug with the VLAN change detect with the workaround being to refresh the IP address automatically after being logged out. Does anyone know of a workaround for this problem to do this automatically? Is a solution for this problem in the works?
Also would anyone be able to help me with my OOB logoff feature not working? I've configured everything according to the documentation.
I appreciate your responses
~XavierHere are my configs if necessary. Tell me if anything else is needed.
User Management > User Roles
List of Roles
Edit Role
Traffic Control
Bandwidth
Schedule
Disable this role
Role Name
Role Description
Role Type
Normal Login Role Quarantine Role
*Max Sessions per User Account ( Case-Insensitive Session Identifiers )
(1 – 255; 0 for unlimited)
Retag Trusted-side Egress Traffic with VLAN (In-Band)
(0 – 4095, or leave it blank)(*This option has been deprecated, and it will be removed in upcoming releases)
*Out-of-Band User Role VLAN
VLAN ID VLAN Name (if left blank, it will default to the default access vlan settings in the Port Profile)
*Bounce Switch Port After Login (OOB)
Enable Disable (This option is effective only when port profile is set to use it)
*Refresh IP After Login (OOB)
Enable Disable (This option only applies to L2 OOB Virtual Gateway with Role VLAN as Access VLAN and switch port is NOT bounced after VLAN change)
*After Successful Login Redirect to
previously requested URL
this URL:
(e.g. http://www.cisco.com/)
Redirect Blocked Requests to
default access blocked page
this URL or HTML message:
*Show Logged-on Users
User info
Logout button
Enable Passive Re-assessment (To enable Passive Re-assessment for OOB Agent connections, you must also enable the OOB Logoff option at Device Management > Clean Access > General Setup > Agent Login.)
Re-assessment Interval
(Minimum of 60 minutes and maximum of 1440 minutes [24 hours])
Grace Timer
(Minimum of 5 minutes and maximum of 30 minutes)
Default action on failure
Continue Allow user to remediate Logoff user immediately
(*only applies to normal login role)
Device Management > Clean Access
Certified Devices
General Setup
Network Scanner
Clean Access Agent
Updates
Web Login · Agent Login
User Role
Unauthenticated Role(not common) role_engineer role_developer role_admin role_sales role_guest
Operating System
ALL WINDOWS_ALL WINDOWS_XP WINDOWS_VISTA_ALL WINDOWS_7_ALL MAC_ALL MAC_OSX LINUX FREEBSD SOLARIS_ALL SOLARIS_86 SOLARIS_SPARC UNIX VMS OS2 PALM
(By default, 'ALL' settings apply to all client operating systems if no OS-specific settings are specified.)
Enable OOB logoff for Windows NAC Agent and Mac OS X Agent (This global option applies to all OOB CASs and user roles and enables Agent logout and heartbeat timers for OOB Agent connections. You must also enable this option for Passive Re-assessment to function with OOB Agent connections.)
Require use of Agent
(for Windows & Macintosh OSX only)
Agent Download Page Message (or URL):
Network Security Notice: This network is protected by a Cisco NAC Appliance Agent, a component of the Cisco NAC Appliance Suite. The Agent ensures that your computer meets the requirements for accessing this network, and helps you keep your computer secure and up-to-date.
Please use the Agent to log in to the network.
If you don't have the Agent software yet, download it by clicking the button below. After downloading the installation file, run it to complete the installation.
If you have already downloaded and installed the Agent, please close this window and right-click the Agent icon in the system tray and choose Login from the menu. Enter your usual network user name and password in the login window.
Require use of Cisco NAC Web Agent (for Windows only)
Cisco NAC Web Agent Launch Page Message (or URL):
Network Security Notice: This network is protected by the Cisco NAC Web Agent, a component of the Cisco NAC Appliance Suite. The Cisco NAC Web Agent ensures that your computer meets the requirements for accessing this network, and helps you keep your computer secure and up-to-date.
Please launch Cisco NAC Web Agent by clicking the button below.
Allow restricted network access in case user cannot use NAC Agent or Cisco NAC Web Agent
Restricted Access User Role:
role_engineer role_developer role_admin role_sales role_guest
Restricted Access Button Text:
Restricted Network Access Message:
Restricted Network Access: If you cannot use a Cisco NAC Appliance Agent, you can obtain restricted network access temporarily by clicking the button below.
Show Network Policy to NAC Agent and Cisco NAC Web Agent users (for Windows only)
Network Policy Link:
Logoff NAC Agent users from network on their machine logoff or shutdown after
secs (for Windows & In-Band setup, for OOB setup when OOB Logoff is enabled)
(Setting the time to zero secs will logout user immediately. Valid range: 0 - 300 secs.)
Refresh Windows domain group policy after login
(for Windows only)
Automatically close login success screen after
secs
(Setting the time to zero secs will not display the login success screen. Valid range: 0 - 300 secs.)
Automatically close logout success screen after
secs
(for Windows only)
(Setting the time to zero secs will not display the logout success screen. Valid range: 0 - 300 secs.) -
I have a mid 2009 macbook pro and my issue is that I installed windows 7 and when I wan to install the drivers it says " bootcamp x64 is unsupported on this computer model" I tried installing the drivers with the bootcamp 4 but it did not work either it says that i have a newer bootcamp version. I tried a few tricks but they didnot work. I hope to be helped
Welcome to Apple Support Communities
You can install a 64-bit Windows 7 or Vista version in your Mac. Make sure you downloaded these drivers > http://support.apple.com/kb/DL1630 Also, if you have the Snow Leopard DVD you used to upgrade your Mac or the OS X DVD that came with your Mac, you can use it to install the Boot Camp drivers -
Time Capsule Internet WAN port is not working, what can I do to set it up?
When I plug the ethernet cable from my router to my Time Capsule it should turn on a green light in the back of the TC, but this light is not turning it on anymore, and this port is not working, how can I set it up?
I want to create a wireless network with the TC, but if this port (Ethernet WAN port) doesn't work, I can't, or can I? How?
Then I want to use my 2 Airport Express to use the network that I want to create.
I hope you can help me, thanks a lot.what model is the TC? A1xxx from the base please.
How old and is the front LED otherwise showing it is operating OK?
What is the network setup..? Is the TC bridged or router.. or is it in Join wireless network mode now..
If the later.. the ethernet ports are turned off.. you need to do a factory reset of the TC.
Factory reset.. Hold in reset button.. THEN power on the TC.. keep holding in reset for about 10sec until the front LED flashes rapidly.. there is a good chance the ethernet will work now. -
NAC L2-IP on 6500 . URL Redirection Not working
Hi,
We are testing NAC L2-IP on a Cat 6506 running 12.2(18)SXF9.
When configuring for NAC L2-IP, the switch is able to download the required ACL
entries. The HTTP Server is enabled in the Switch, however still the HTTP
redirection is Not working.
From the Client side, I can see the SYN packets going to port 80 but no
response (Redirect etc) comes back from the switch.
This is the Port-ACL
10 permit udp any eq 21862 any
11 permit icmp any any echo-reply
20 permit udp any any eq bootps
30 permit udp any any eq domain
40 permit tcp any eq 3389 any
50 deny ip any any
This is the ACL as specified in the "url-redirect-acl" attribute
70 deny tcp any host 10.140.4.116 eq www
80 deny tcp any host 10.140.4.202 eq www
90 deny tcp any host 10.1.194.15 eq www
100 deny tcp any host 172.25.1.15 eq www
110 permit tcp any any eq www
Any ideas ?
+++++++++++++++++
show eou ip 10.192.99.27
Address : 10.192.99.27
MAC Address : 0006.5ba0.5705
Interface : FastEthernet2/47
AuthType : CLIENTLESS
Audit Session ID : 0000002C1387D1FB0000000D0AC0631B
PostureToken : -------
Age(min) : 15
URL Redirect : http://x.x.x/y
URL Redirect ACL : redirect-policy
ACL Name : #ACSACL#-IP-NAC_NoCTA_ACL-464b3186
User Name : UNKNOWN USER
Revalidation Period : 36000 Seconds
Status Query Period : 300 Seconds
Current State : CLIENTLESS
++++++++++++++++++++++++++++++++
Exactly the Same configuration and Secure ACS configuration works for a 3560 Switch.
Thanks,
NamanCheck this bug-id: CSCse02269.
-
NAC guest server hangs and guest portal is not working
Hi all ,
Our guest nac server NAC3315 is oftenly getting hung state . And our guest wireless network is not working . We are able to ping the NAC server but web page is not opening for the clients if they connected to guest network.
Any clue on this ....
Thanks!,
Regards,
Vijay.All actions within the Cisco NAC Guest Server are logged into the database. This enables you to see any action that occurred as part of the normal operating process of the application.
To access the system log from the administration interface select Server > System Log from the left hand menu
Please check the Error Logs for troubleshooting of NGS -
WAN replication not working for objects
I am trying out the WAN replication example from the Tangosol website. I got the Boston-London example working. However, it seems to only work for simple types like String, int, etc. Objects like hibernate, compressed string are not replicated across. Is more config added for this to work?
Hi Sham,
In one of environment we are using publish and author server. Custom comments are replicating on Author environment. We are not using custom workflow or JCR observation.Created one more environment for Production setup where 2 publish and 1 author instance. For this comment are not auto replicated on Author instance.
Default comment modification and comment activation launcher are in place, no change in this. Does it not working due to additional Publish Instance and if so what additional setting will required to address it ?
Thanks
Yogesh -
i have rented a movie in thru apple tv and i wasn't able to watch it because the sound did not work can i get my money refund so i can rerent it
Welcome to the Apple community.
Select the content which is causing a problem and use the 'Report a problem' button in Your Purchase History. -
ADSSO Service Not Working on Secondary CAS when done Failover
We are running NAC OS 4.9.2 in OOB L2 Virtual Gateway...
We have CAS Cluster
Primary CAS -- 10.245.220.5 & Secondary CAS -- 10.245.220.6 and Service-IP 10.245.220.4
When in HA Cluster Primary is Active and Secondary is Standby Ok , ADSSO is Working and Service is started
We have capture details of same .
10.245.220.5
2013-04-18 15:46:21.833 +0530 Thread-70 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - done building kdc list for domain kotakgroup.com
2013-04-18 15:46:21.833 +0530 Thread-70 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - KDC(s) :[kgp-gor-dc01.kotakgroup.com, kgp-gor-dc02.kotakgroup.com, kgp-gor-dc03.kotakgroup.com, kgp-gor-dc04.kotakgroup.com, kgp-gor-dc05.kotakgroup.com, kgp-dr-dc01.kotakgroup.com, kgp-dr-dc03.kotakgroup.com, kgp-dr-dc02.kotakgroup.com]
2013-04-18 15:46:21.833 +0530 Thread-70 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - writeKrbFile: writing to file ../conf/krb.txt
2013-04-18 15:46:21.833 +0530 Thread-70 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - writeKrbFile: wrote to file ../conf/krb.txt
2013-04-18 15:46:21.834 +0530 Thread-70 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - creating login context ...
2013-04-18 15:46:21.834 +0530 Thread-70 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - created login context ...javax.security.auth.login.LoginContext@bb3f71
2013-04-18 15:46:39.207 +0530 Thread-70 INFO com.perfigo.wlan.jmx.adsso.GSSServer - Notifying GSSServer status Started
2013-04-18 15:47:07.540 +0530 Timer-3 INFO com.perfigo.wlan.jmx.adsso.GSSRetrier - GSSR - Windows SSO is running
When Primary is rebooted and Secondary becomes Active Ok , ADSSO is not working and Service is not started
10.245.220.6
2013-04-18 15:50:42.933 +0530 Timer-3 INFO com.perfigo.wlan.jmx.adsso.GSSServer - Server starting server ...
2013-04-18 15:50:42.933 +0530 Timer-3 INFO com.perfigo.wlan.jmx.adsso.GSSServer - Server is now running ...
2013-04-18 15:50:42.933 +0530 Thread-68 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - SPN : [casadsso/[email protected]]
2013-04-18 15:50:42.933 +0530 Thread-68 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - building kdc list for domain kotakgroup.com
2013-04-18 15:50:42.934 +0530 Thread-68 ERROR com.perfigo.wlan.jmx.adsso.GSSServer - Unable to start server ... kotakgroup.com.
2013-04-18 15:50:42.937 +0530 Thread-68 INFO com.perfigo.wlan.jmx.adsso.GSSServer - Notifying GSSServer status Stopped
2013-04-18 15:50:42.937 +0530 Thread-68 INFO com.perfigo.wlan.jmx.adsso.GSSServer - server is exiting .
Our Observation is krb.txt is not getting generated when Secondary is Active Ok ...
Can any one suggest how to fix the issue...Hi,
Can you check and see if dns and ntp are accurate and can you verify your AD environment? What version of domain controllers are in service if there are a mix then other steps like modifying a few files maybe needed.
Also was the secondary CAS replaced or reimaged recently?
Thanks,
Sent from Cisco Technical Support iPad App -
I am trying to get NAC integration with WLC working for wireless users in OOB and can't get it to work. I followed directions step by step from the Configuration Example on the Cisco web site. Without enabling NAC on the WLC I am able to associate and work fine. With NAC enabled, association works but the client stays on Quarantive VLAN and never gets switched. I can see the client as Discovered client on the CAM only when I turn off 802.1x for layer 2 security on the WLAN but still it does not get switched to Access VLAN nor do I get a web login screen. The DHCP for wireless clients is provided by the WLC itself so that traffic does not pass through the CAS. Am I doing anything wrong?
Faisal
I haven't tried to browse to the CAS IP. I will try that when I am there next time. The laptop did have a NAC agent with a discovery host of the CAM IP as it was used as a wired client before. Looking at the routing table, I would think routing should not be an issue as the Guest subnet correctly points to the untrusted interface with no GW and that should take VLAN 201 pathw hich is the quarantine VLAN ID for WLC Guest WLAN. Just FYI the 172.16.8.0 subnet which is the guest subnet is not being routed internally for security reasons and is jus a L2 VLAN on the core switch
10.8.21.11/32 - 0 0
10.8.21.1/32 - 1 0
10.8.21.0/24 - 2 0
0.0.0.0/0 10.8.21.1 1 0
10.8.17.0/24 - 2 8
10.8.15.0/24 - 2 8
172.16.8.0/24 - 2 8
10.8.21.10/32 - 0 2
10.8.17.169/32 10.8.21.1 1 0
10.8.17.152/32 10.8.21.1 1 0
10.8.17.182/32 10.8.21.1 1 0
10.8.17.128/32 10.8.21.1 1 0
10.8.17.119/32 10.8.21.1 1 0
10.8.17.137/32 10.8.21.1 1 0
10.8.17.188/32 10.8.21.1 1 0
10.8.17.200/32 10.8.21.1 1 0
10.8.17.165/32 10.8.21.1 1 0
10.8.17.124/32 10.8.21.1 1 0
10.8.17.113/32 10.8.21.1 1 0
10.8.17.197/32 10.8.21.1 1 0
10.8.17.206/32 10.8.21.1 1 0
Thanks
Shaffeel
Maybe you are looking for
-
How can I connect HDTV to iMac to use with Apple Color?
Hey guys, I use Color application a lot and the colors don't look the same outside of Color app once they come back to FCP the project is on a dvd... Is it possible to use an LCD HDTV with the iMac for Apple Color to see the colors would actually loo
-
Can I import I-life files into Adobe Premiere Pro CS4?
Okay, so not exactly an Apple question, but there are so many smart, helpful people on here, and the Adobe forum doesn' t seem very active. I recently got Adobe Premiere Pro CS4 (the movie editing software). I tried to import files from I-photo, but
-
how do i get all my music back ????
-
How to view all files / folders using a Jtree
Hello, I am developing a 'windows explorer' type application and need to create a JTree which displays all files and folders on a local and remote PC in the same way that windows explorer works. Can anyone recommend a good way to read all files / fol
-
Share my iCal wirelessly?
I just started using iCal for the first time last night and I'm really liking it so far. I've subscribed to several calendars and put in everything I have going on for the month with plenty of alarms (sounds & emails.) In order to ensure a happy home