NAC web agent question

Similar Messages

• Use NAC Web Agent login with Ipad

  Hello Guys,
  I'm using NAC 4.8, and I'd like to login using NAC Web Agent on Ipad.
  When I'm trying to do that, I'm receiving a message on Ipad that I need to install Java Plug-In, but there is no JavaPlug-in available for Ipad.
  Does anyone know if there is any aditional configuration that I have to do on NAC Manager to be able to access the network using NAC Web Login on Ipad ?
  Best Regards

  Hi Luciano,
  Unfortunately, the NAC Web Agent and the persistant Agent are not supported for the iPad operating system. (It is called iOS). The following table documents this fact under footnote 3:
  http://www.cisco.com/en/US/docs/security/nac/appliance/support_guide/agntsprt.html#wp125630
  Only normal Web Login with Safari browser is enabled.
  Hope this helps.
  -Shrikant
  P.S.: Please mark this question as answered if it has been resolved. Do rate helpful posts. Thanks.

• Cisco NAC Web Agent + Windows 8

  Hello,
  I´m implementing a Cisco ISE 1.2 and I am having troubles with NAC Web Agent and Windows 8 compatibility.
  All time that I try install NAC Web Agent in Windows 8, I get the message "Agent User Operating System is Not Supported".
  Follow are some informations about my Environment:
  ISE 1.2 Patch 3
  OS: Windows 8 Enterprise
  IE: 10 (In Desktop Mode w and w/o Compatibility View)
  NAC Web Agent: 4.9.0.1007
  Could you help me ?
  Best Regards,
  Daniel Stefani

  Hi Charles,
  I can download all this files, but I can’t import it in ISE Resourses.
  NAC Agent MST files
  nacagentsetup-mst-4.9.3.9.zip
  NAC Agent MSI Installation file
  nacagentsetup-win-4.9.3.9.msi
  NAC Agent Installation Package
  nacagentsetup-win-4.9.3.9.tar.gz
  Mac Agent Installation Package for MacOSX
  CCAAgentMacOSX-4.9.3.803.tar.gz
  NAC Agent MST files
  nacagentsetup-mst-4.9.3.5.zip
  NAC Agent MSI Installation file
  nacagentsetup-win-4.9.3.5.msi
  NAC Agent Installation Package
  nacagentsetup-win-4.9.3.5.tar.gz
  In this link that you sent me doesn’t have options to Cisco NAC Web Agent.
  But in the follow yes…
  http://software.cisco.com/download/release.html?mdfid=283801620&flowid=26081&softwareid=283802505&release=1.2&relind=AVAILABLE&rellifecycle=&reltype=latest
  Best Regards,
  Daniel Stefani

• Cisco NAC web agent failure

  Is there a list somewhere that shows what the status's mean?  I have a few users getting this error, while others are working fine -
  Failed to download  Cisco NAC Web Agent ( status = -2 ) !
  Thanks!

  For the web agent, there are three error states
  -1 means that it was unable to launch the control at all,
  -2 means it failed to download the agent executable,
  -3 means there was an error running the web agent
  Are you using the Java or ActiveX version of the web agent?  Definitely check the browser settings for both and make sure that it's either allowing or prompting the user for the applets.  If you're using the ActiveX version, you could try forcing the Java version, as most users seem to have more lenient browser settings by default for it.

• Cisco NAC web agent Network Security Policy

  I have a computer with an installed McAfee Antivirus that us up to date. However, each time try to access one of my client's server via VPN, I successfully connect to VPN using Cisco Anyconnnect but whenever I try to download the web agent and the device security check is being run, I get the feedback "Host is not compliant with network security policy". It also tells me a Remediation description of "please update your antivirus". (see attached screenshot)
  Please note that I already have my McAfee antivirus updated and I have done everything to keep my computer in good shape in terms of security.
  What is the possible cause for this?

  That means the CAM hasn't received an SNMP trap for that MAC address.  Double-check that the WLC is set up to send traps to the CAM: http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/47/cam/m_woob.html#wp1290626
  You can see if the CAM's received a trap for a specific MAC by looking under OOB Management > Devices > Discovered Clients.

• ISE 1.3 NAC Web Agent for Posture

  Hi,
  We have two categories of wireless users (Vendors and Guests) and we need only Vendors to do posture (AV update check).We need to have two different portals to be redirected once each category of user hit as Vendor portal should also do device compliance checked and Guest portal should not do. We made a policy matching SSID (Called-Satation-ID=ssid) however when we tried it does not hits the particular rule. When we use single portal it can either do device complaint or not compliant..?
  Appreciate if any one has tried this out or has better idea how to accompany this requirement.
  Thanks in advance.

  Hello,
  Perhaps re-order the rules so the guests are first and use a rule that calls Guest Flow or Guest Identity and then vendors come next.
  Chris

• ISE - Can't install Web Agent

  Dear guys,
  I have problem in my lab case like sequence below:
  A guest access into internal network, then will be redirect to Guest Portal.
  A guest log in successfully using credential (was created by sponsor account)
  Then, "Client Provisioning" process starts. Base on Client Provisioning policy with OS: Windows 8, guest session will be apply on Web Agent.
  Then Web Agent install and check status process starts. But, in this phase. I got a error like this:
  In Chrome & FF browser: "You will not be allowed to access the network due to internal error. please contact your administrator"
  In IE browser:
  "You will not be allowed to access the network due to internal error. please contact your administrator"
  "Your login session failed! (status = 36) You will have limited network connectivity. Please try disconnecting and reconnecting to the network to start a new connection (or) contact your system administrator if the problem persists"
  In addition:
  I imported certificated (was signed by AD Root CA) into Local Certificates.
  I imported AD Root certificated into Certificate Store.
  I will be grateful for any help you can provide.
  Have a nice day !

  Web agent should handle cert. revocation dialog box similar to Win agent
  CSCsl40626
  Description
  Symptom:
  Revocation failed dialog box keeps popping up on client machine despite of clicking "Yes" button
  Conditions:
  This issue is seen on the client machine performing login either using Windows agent or NAC web agent. The issue happens when the Clean Access Server (CAS) certificate root CA is not listed in the trusted store on the client machine. The issue is known to be reproducible on all flavors of Win XP & Win Vista using Windows or NAC web agent
  Workaround:
  Try selecting Yes. If this does not work you can turn off the security certificates revocation check by changing the options in Internet Explorer IE.
  Use the following procedure to change the option in IE:
  1. Launch IE
  2. From the tool bar, select Tools then Internet Options
  3. Select the Advanced tab
  4. In the Security section, un-check the option "Check for server certificate revocation"
  5. Click on the Apply button
  6. Click on the OK button
  7. Close IE
  8. Try the web login again
  Product:
  Cisco NAC Appliance (Clean Access)
  Known Affected Releases:
  (1)
  4.1(3.6)

• NAC 4.8 web agent with WSUS checking

  Hi,
  In some cases we would like to use the NAC 4.8 Web agent to check the WindowsUpdate  related things.
  We have a managed WSUS server, the ckeck working well with native win32 clients, but when we try connect with web agent,
  the report show the following:
  Information:
  Failed to find Windows updates
  Description:
  Missing windows updates: 0
  At the Windowsupdate.log file there is NOTHING about it, nor connecting, or any related.
  Tried with the activex and Java client, the result is same. Also tried to catch some ip packets with Wireshark going to wsus server, but there is active connection.
  Is this a bug, or the web agent is not WIndowsUpdate check compatible?
  Thanks
  Attila

  Hi Eduardo,
  We can check all the requirement rules, but notes,
  this check is works well with native win agents, so I assume the CAM Requirements and Rules side is ok.
  Pls. confirm, there is no matter how I'd like to check win patches (via web or with client) at Checks/Rules/Roles/Requirements config.
  Attila

• NAC - Using ActiveX web agent with low level user

  Hi:
  I have NAC installed in-band and running. We have a group of test taker with user rights to the PC. The ActiveX web agent will not load and the Java agent does not start.
  Any suggestion o dealing with some low secuirty issue and the browser.
  Thanks
  Dan

  Hi Eduardo,
  We can check all the requirement rules, but notes,
  this check is works well with native win agents, so I assume the CAM Requirements and Rules side is ok.
  Pls. confirm, there is no matter how I'd like to check win patches (via web or with client) at Checks/Rules/Roles/Requirements config.
  Attila

• Web agent

  Hey there,
  I'm new to intermedia, but I have managed to get it installed, uploaded some images using the clipboard and I'm even able to view them...my question is when I create the web agent, does that user have to have DBA priviledges?? When I use a user that has DBA granted to it, I don't have problems...when I try to change to a user w/ lesser permissions...it doesn't work. Is there a reason for this?
  null

  Hi,
  What error are you seeing, and what operation are you trying to perform when things do go wrong? (In all the work I've done on the Web Agent, I don't think I've ever specified a user that DID have DBA privs!!) Just for interest, have you tried firing up the Clipboard against a simple table created in scott/tiger [eg, create table images(id number, image ordsys.ordimage);]?
  Simon

• Integrating WebLogic Server with CA SiteMinder Web Agent R6

  Hi I have searched on the topic of integrating WebLogic Server with the CA SiteMinder Web Agent R6 to provide single sign on services, and have been unable to find anything. Does anyone have any experience with this that could provide some tips, or could direct me to some documentation?

  It definitely can work. We have done the same thing in several installations. The question is "How secure does it need to be?" You will be using SM to do authentication. You will configure SSO to trust the SM header variable. If you really want to be secure you need to configure your boxes so that the http server on you SUSE box (for Portal) can only be accessed from the Reverse Proxy. If another machine can access it someone could spoof the header variable and log in as anyone they want.
  Hope this is helpful.
  Anton

• ISE 1.3 and Windows Posture Web Agent

  Hello,
  I am running ISE 1.3 and have an issue running the Posture Web Agent. The client authenticates and gets redirected to the client provisioning portal but get the following message
  Detecting if Web Agent is installed and running gets ticked and then it keeps rolling at scanning your device. Open Web Agent to check the current status of the system scan and update your system as instructed.
  See attached screen shot

  is this issue specific to particular groups of clients/OS type... if using Windows 8, Internet Explorer 10 has two modes: Desktop and Metro. In Metro mode, the ActiveX plugins are restricted. You cannot download the Cisco NAC Agent in Metro mode. You must switch to Desktop mode, ensure ActiveX controls are enabled, and then launch Internet Explorer to download the Cisco NAC Agent. (If users are still not able to download Cisco NAC agent, check and enable “compatibility mode.”)

• Web Agent and Clip Board set up for multi user environment

  Hi
  Our environment is
  Database: 0racle8.1.5 on Sun Solaris
  Currently we are not using OAS but a portal server and Apache
  Intermedia Web Agent and Clip Board are working fine.
  The questions are
  1. if there are multiple users (content managers) who would be adding /modifying content in the database, the how can I go about with Clip board.
  2.The requirement is these people should be able to search documents on the basis of keywords. So how do we integrate Intermedia query capabilities on this clip board interface.
  3. For production level how do we go about implementing.
  Should we continue to have the ctxsys user and use that itself.
  Thank you for any solutions

  I have NO idea if these "exact problems" pertain to Macs, since I think most of these discussions are about Windows... but, some reading (not all PPro, but I put all the links I have saved, just for general information)
  -see #3 http://forums.adobe.com/thread/771151
  -you may NOT "map" your My Documents folder to a network drive
  -you MUST give all users administrator accounts to use Premiere
  -and especially Encore dual layer http://forums.adobe.com/thread/969395
  -#5 Server 2008 is UNsupported http://forums.adobe.com/thread/851602
  -a work around, of sorts http://forums.adobe.com/thread/957523
  -and not on a "domain" http://forums.adobe.com/thread/858977
  -also PreEl see #5 http://forums.adobe.com/thread/1017199
  -more PreEl problem http://forums.adobe.com/thread/975117
  The solution... some day... may be at this link
  Adobe Anywhere http://www.adobe.com/products/adobeanywhere.html

• Web Agent - MEDIAPUT ORA-3113

  Hi,
  I'm running an 8.1.6 db and using WebAgent on Redhat 6.1.
  I have a running application to upload files into blob columns that usually works well except that from time to time the following error message appears:
  "Oracle interMedia Web Agent
  An error occurred processing your MEDIAGET or MEDIAPUT request
  Error while trying to retrieve text for error ORA-03113"
  I have no idea why I'm getting this error, if I refresh the page then I get the normal MEDIAPUT succeeded message and the document is loaded.
  This is a little disconcerting for my end-users. Does anyone know what is causing this error or where to start looking?
  Many Thanks.
  Niall.
  null

  Hi Niall,
  Unfortunately, the fact that you're not seeing any trace files or
  anything in the alert log isn't giving us much to go on. I'll answer
  your questions first, then list some ideas at the end.
  The error message you are seeing, "MWM-00608: error executing a SQL
  statement", indicates that the Web Agent really is executing a
  statement - its pretty specific about what its doing when it has to
  write an error message. For example, if the error were occuring when
  it was trying to connect to the server or start a new database
  session, then you'd see something like "MWM-00546: OCI error attaching
  to database server using service name '%s'" or "MWM-00548: OCI error
  beginning database session using service name '%s'".
  Are there any delay / timeout parameters that should be examined or
  changed ?The Web Agent doesn't use any timers. It simply issues calls to OCI and
  waits for the response.
  Does the Web Agnet try to keep it's connection alive from the previous
  upload ?Yes it does. For database agents defined with a fixed user name and
  password, the Web Agent keeps both the server connection and database
  session active for use in subsequest requests. For database agents
  that do not specify a password, the Web Agent keeps only the server
  connection active between requests. It does this to avoid the overhead
  of creating a new server connection/database session for every
  request, something which would result in a noticeable in servicing
  requests.
  The fact that the MEDIAPUT request works immediately after the error
  (upon page refresh) makes me wonder if the server process is not
  coming up fast enough for the Web Agent? A page refresh should result in the browser resending the same request
  to the web server. When the web agent gets the request, it will simply
  create a new server connection/database session with which to execute
  the necessary SQL. That is, assuming the request goes to the same
  process. If it goes to a different process, then there may already be
  an existing connection that can be used, or a new connection may be
  created.
  Here are some thoughts as to what might be causing the problem, plus
  some suggestions where I can make any:
  1. The database is being shutdown and restarted without restarting the
  web agent and/or web server. This will cause the error you are
  seeing, because the Web Agent doesn't know the database has gone
  down and will try to use existing sessions when new requests
  arrive.
  If you're using Apache, then you'll need to restart Apache in order
  to restart the Web Agent. If you're using iPlanet Web Server in
  single-process mode, then you can use the Web Agent's on-line admin
  interface to reload the configuration, which will cause the Web
  Agent to shutdown any existing database sessions and server
  connections, then re-read the configuration file. As new requests
  are received, new connections will be established.
  2. Individual database sessions are being killed by something and/or
  someone. Although some documentation I read says that clients
  should get an ORA-00028 error message, when I tried it, I got
  ORA-03113. I didn't see anything in my alert log when I was trying
  it, but there may be settings you can use to enable the logging of
  such actions.
  3. Individual TCP/IP network connections are being killed by something
  and/or someone. I don't know how you're web server and database
  server are configured, or what transport they're using, but this
  sort of thing will result in the error you are seeing.
  4. There's some sort of bug in the 8.1.6 server on Linux which results
  in the server consuming virtual memory or some other resource to the
  point that when the resource runs out, it doesn't have enough resource
  to write a trace dump file.
  If this is happening, then its going to be a case for the support
  folks to look at. One possible way of proving this would be to
  periodically restart the web server or reload the Web Agent
  configuration, so re-initializing all the connections.
  Some other questions that may or may not have a bearing on the issue.
  - How often does this occur? Once a day, once a week, or multiple
  times per day to different users?
  - Which web server are you using?
  - Does it always happen to the empentblobs.empent_doc procedure or
  do other procedures experience problems?
  - What does the empentblobs.empent_doc procedure do, and can it be
  simplified in any way to narrow down the problem?
  That's all I can think of for now. Please let us know if any of this
  helps, or at least helps to point in the right directory.
  Regards,
  Simon
  null

• 9i Web Agent Error when displaying Java Table/Graph

  Hi,
  I am in the process of upgrading a Express 6.3.4 Web Agent database app to 9i.
  I have been able to import the databases correctly, under the OOWAAPP schema.
  On my app when ever I go to a page to display a Java Table I get the following error:
  oracle.olap.webAgent.express.OWAException: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"><HTML><HEAD><TITLE>Oracle OLAP Web Agent</TITLE></HEAD><BODY bgcolor="#FFFFFF"><P><img src="/oowa-install/sample/wabanner.gif" alt="Oracle OLAP Web Agent"></p><P><STRONG>An error occurred in the Oracle OLAP Web Agent</STRONG></p><STRONG>ORA-33272: (DBERR06) Analytic workspace IADSSDEMO.OOWASEL cannot be opened.
  ORA-01950: no privileges on tablespace 'IADSS'
  ORA-06512: at "SYS.DBMS_AW", line 18
  ORA-06512: at line 1
  </STRONG><P><!--<STRONG>Click <A HREF="/oowa-install/help/en/owacauseaction.html#ORA-33272: (DBERR06) Analytic workspace IADSSDEMO.OOWASEL cannot be opened.
  ORA-01950: no privileges on tablespace 'IADSS'
  ORA-06512: at SYS.DBMS_AW", line 18
  ORA-06512: at line 1
  ">here</A> to display information about potential causes for this error and about potential resolutions for the problem.</STRONG>--></p></BODY></HTML>
  The UserID I am logged in as is IADSSDEMO. While the AW are in the OOWA schema, I have forced them to use a tablspace of IADSS.
  The Page has some option/selectors followed by a java table.
  Any ideas?
  Regards,
  Imran Shah
  Ioppolo & Associates

  This forum is for Warehouse Builder related issues. Your question is better suited for the OLAP forum:
  OLAP