Network security:LAN manager authentication level setting on GPO

Similar Messages

• Authentication on local SQL Server 2008 R2 Express server fails after Lan Manager authentication level changed to "Send NTLMv2 response only\refuse LM & NTLM"

  I'm upgrading my organisation's Active Directory environment and I've created a replica of our environment in a test lab.
  One medium-priority application uses a SQL server express installation on the same server that the application itself sits on.
  The application itself recently broke after I changed the following setting in group policy:
  "Send LM & NTLM - use NTLMv2 session security if negotiated"
  to
  "Send NTLMv2 response only\refuse LM & NTLM"
  The main intent was to determine which applications will break if any - I was very surprised when troubleshooting this particular application to find that the issue was actually with SQL Server express itself.
  The errors I get are as follows (note that there are hundreds of them, all the same two):
  Log Name:      Application
   Source:        MSSQL$SQLEXPRESS
   Date:          1/19/2015 2:53:28 PM
   Event ID:      18452
   Task Category: Logon
   Level:         Information
   Keywords:      Classic,Audit Failure
   User:          N/A
   Computer:      APP1.test.dev
   Description:
   Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: 127.0.0.1]
   Event Xml:
   <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
     <System>
       <Provider Name="MSSQL$SQLEXPRESS" />
       <EventID Qualifiers="49152">18452</EventID>
       <Level>0</Level>
       <Task>4</Task>
       <Keywords>0x90000000000000</Keywords>
       <TimeCreated SystemTime="2015-01-19T22:53:28.000000000Z" />
       <EventRecordID>37088</EventRecordID>
       <Channel>Application</Channel>
       <Computer>APP1.test.dev</Computer>
       <Security />
     </System>
     <EventData>
       <Data> [CLIENT: 127.0.0.1]</Data>
       <Binary>144800000E00000017000000570053004C004400430054004D00540052004D0053005C00530051004C0045005800500052004500530053000000070000006D00610073007400650072000000</Binary>
     </EventData>
   </Event>
  Log Name:      Application
   Source:        MSSQL$SQLEXPRESS
   Date:          1/19/2015 2:53:29 PM
   Event ID:      17806
   Task Category: Logon
   Level:         Error
   Keywords:      Classic
   User:          N/A
   Computer:      APP1.test.dev
   Description:
   SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure.  [CLIENT:
  127.0.0.1].
  Event Xml:
   <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
     <System>
       <Provider Name="MSSQL$SQLEXPRESS" />
       <EventID Qualifiers="49152">17806</EventID>
       <Level>2</Level>
       <Task>4</Task>
       <Keywords>0x80000000000000</Keywords>
       <TimeCreated SystemTime="2015-01-19T22:53:29.000000000Z" />
       <EventRecordID>37089</EventRecordID>
       <Channel>Application</Channel>
       <Computer>APP1.test.dev</Computer>
       <Security />
     </System>
     <EventData>
       <Data>8009030c</Data>
       <Data>14</Data>
       <Data>AcceptSecurityContext failed. The Windows error code indicates the cause of failure.</Data>
       <Data> [CLIENT: 127.0.0.1]</Data>
       <Binary>8E4500001400000017000000570053004C004400430054004D00540052004D0053005C00530051004C004500580050005200450053005300000000000000</Binary>
     </EventData>
   </Event>
  All of the documentation that I have followed suggests that the errors are caused by incorrect SPN configuration- I figured that they were never correct and it has always failed over to NTLM in the test environment (I can't look at production - we couldn't
  replicate the setup due to special hardware and also RAM considerations), but only NTLMv2 has issues.
  So I spent some time troubleshooting this.  We have a 2003 forest/domain functional level, so our service accounts can't automatically register the SPN.  I delegated the write/read service principle name ACEs in Active Directory.  SQL Server
  confirms that it is able to register the SPN.
  So next I researched more into what is needed for Kerberos to work, and it seems that Kerberos is not used when authenticating with a resource on the same computer:
  http://msdn.microsoft.com/en-us/library/ms191153.aspx
  In any scenario that the correct username is supplied, "Local connections use NTLM, remote connections use Kerberos".  So the above errors are not Kerberos (since it is a local connection it will use NTLM).  It makes sense I guess - since
  it worked in the past when LM/NTLM were allowed, I don't see how changing the Lan Manager settings would affect Kerberos.
  So I guess my question is:
  What can I do to fix this? It looks like the SQL server is misconfigured for NTLMv2 (I really doubt it's a problem with the protocol itself...).  I have reset the SQL service or the server a number of times.  Also - all of my other SQL applications
  in the environment work.  This specific case where the application is authenticating to a local SQL installation is where I get the failure - works with LAN Manager authentication set to "Send LM & NTLM - use NTLMv2 session security if negotiated",
  but not "Send NTLMv2 response only\refuse LM & NTLM".
  Note also - this behaviour is identical whether I set the Lan Manager authentication level at the domain or domain controller level in Active Directory - I did initially figure I had set up some kind of mismatch where neither would agree on the authentication
  protocol to use but this isn't the case.

  Maybe your application doesn't support "Send NTLMv2 response only. Refuse LM & NTLM".
  https://support.software.dell.com/zh-cn/foglight/kb/133971

• Lan manager authentication website

  I have a website that from the packet captures uses lan manager authentication. I can't seem to get this to work through the proxy. If I make a filter exception to allow TCP/1609 from the workstation and add the website to (bypass proxy list) I'll get the login dialog. Can I get some suggestions on how to make this work without changing my ie proxy settings?
  http://portal.odh.ohio.gov/
  and then click on the Login link. that takes you to:
  http://mossapps.odh.ohio.gov/default.aspx

  In article <[email protected]>, Keith Larson
  wrote:
  > unloading ipflt doesn't change the behavior at ALL. if i create a
  > filter exception to all the workstation to communicate directly with
  > the website (i block non-proxy port 80 traffic normally) and change
  > ie to not use proxy for that website, it works just fine.
  >
  OK, this is a typical 'proxy bypass' scenario then. Typically you
  allow port 80 (or 443) either from a fixed IP address (allow a server
  to bypass proxy) or to a fixed destination IP address (allow hosts to
  bypass proxy).
  The easy part is setting up the filter exception to allow the traffic.
  The tricky part is telling the browsers not to use a proxy for the URL
  or IP address involved. You have to do that for every browser in the
  bypass proxy menu of the browser. For IE, you can push that out via a
  group policy. You could also use a proxy.pac file.
  Craig Johnson
  Novell Support Connection SysOp
  *** For a current patch list, tips, handy files and books on
  BorderManager, go to http://www.craigjconsulting.com ***

• Need network security settings for wireless printer set-up

  I have an older airpot extreme base station. I'm trying to set-up my wireless brother printer and it says that I need the following network information:
  SSID- I know this one
  Authentication Method (open system/shared key/WPA-PSK/WPA2-PSK)
  Encription Mode (None/WEP/TKIP/AES/CKIP)
  Encryption Key (WEP key/Passphrase)
  From what I've found, I believe that I should be using WPA-PSK and TKIP, but what is that passphrase that I'm supposed to use or where can I find out that information?

  I am also trying to set up a wireless printer set up. I have an Airport Extreme and a new Brother wireless printer. Sounds perfect, right? Well, I am so confused right now. I bought an Airport Extreme while overseas a bunch of years ago and am now using it in the States. I have no memory of any info such as what is being asked from me to set up wireless printing. I don't remember the wireless security password, authenication method, or either of the Encryption thingies. I don't know where to find this information, whether it be on my computer somewhere or online. Please advise. Plus I don't use any security settings as I live pretty far from other humans in my neighborhood. Does that matter in the big picture?
  Please help a girl out!

• For a good book regarding the network security and management

  i am not a newbie to networking. i have done ccna successfully. now i want to do gain some knowledge regarding the security of the networks.
  i want to know which book i prefer?? or any other good advice..
  Regards

  You don't get books dealing with ASP and MySQL but you can get books that deals with PHP and MySQL.  For example I have used this book (click on it to go to Amazon):
  There are other books as well but this one gets you started quickly and then you can develop your skills buying something more advanced.
  Good luck.

• How to disable Wifi and Network access in low level setting for security ?

  Hi
  New to here
  One of our final customer bought imac last months. OS 10.9, SN is c02*******J4i
  Since they are security printing, all the necessary ports accessing to outisdes need to be disabled in low level setting(not the ons just like turn on and off ).
  The ports including USB storage, Network and WIFI.
  I googled and found the following
  Open the /System/Library/Extensions folder.
  To remove support for USB mass storage devices, drag the following file to the Trash: IOUSBMassStorageClass.kext
  Open Terminal and enter the following command: $ sudo touch /System/Library/Extensions The touch command changes the modified date of the /System/Library/Extensions folder. When the folder has a new modified date, the Extension cache files (located in /System/Library/) are deleted and rebuilt by Mac OS X.
  Choose Finder > Secure Empty Trash to delete the file.
  Restart the system.
  I want to confirm this before sending to final user. Since I didn't have mac on hand, just wonder whether there are similar kext files for network and wifi to remove.
  Just like step 2 described.
  I would like customer to backup these files before permanently removed.
  Many thanks
  Kevin
  <Edited By Host>

  chiqui wrote:
  Is it possible to disable Internet access point and WAP as when I use WiFi some connections to WAP server of my provider are still made and I get charged. I am looking for the option not to delete it entirely from the access point list, but rather disable it as I might need connection when WiFi is not available and I want to be able to enable it as once I delete the server name and setting I won't know it.
  Is it possible to do it and how?
  You could delete WAP accesspoint. Not all providers (carriers) allow this.
  ‡Thank you for hitting the Blue/Green Star button‡
  N8-00 RM 596 V:111.030.0609; E71-1(05) RM 346 V: 500.21.009

• Setting an Authentication Level for a WS using Deployment Descriptor Files

  Hi
  I'm developing WS with authentication level BASIC but I have some problem deploying it.
  I read from https://cw.sdn.sap.com/cw/docs/DOC-106319  how to setting authentication level using annotation, but I cannot use annotation because my WS are cross-platform (they can be executed on SAP NetWeaver AS, JBoss, IBM WebSphere).
  My WS is based on a stateless EJB Session 2.1.
  My ejb-jar contains security-role-ref.
  <?xml version="1.0" encoding="UTF-8"?>
  <ejb-jar id="ejb-jar_ID" version="2.1" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/ejb-jar_2_1.xsd">
       <enterprise-beans>
            <session id="AsyncOrd10">
                 <description>AsyncOrd10</description>
                 <ejb-name>AsyncOrd10</ejb-name>
                 <local-home>com.dat.now.ws.ord.AsyncOrd10Home</local-home>
                 <local>com.dat.now.ws.ord.AsyncOrd10</local>
                 <service-endpoint>com.dat.now.ws.ord.AsyncOrd10WS</service-endpoint>
                 <ejb-class>com.dat.now.ws.ord.AsyncOrd10EJB</ejb-class>
                 <session-type>Stateless</session-type>
                 <transaction-type>Container</transaction-type>
                 <resource-ref id="AsyncOrd10Ref">
                      <description>Reference to the DataSource used by AsyncOrd10</description>
                      <res-ref-name>jdbc/AsyncOrd10</res-ref-name>
                      <res-type>javax.sql.DataSource</res-type>
                      <res-auth>Container</res-auth>
                 </resource-ref>
                 <security-role-ref id="SecurityRoleRef_AsyncOrd10">
                      <role-name>everyone</role-name>
                      <role-link>everyone</role-link>
                 </security-role-ref>
            </session>
       </enterprise-beans>
       <assembly-descriptor id="assembly-descriptor_ID">
            <security-role id="SecurityRole_everyone">
                 <role-name>everyone</role-name>
            </security-role>
            <security-role id="SecurityRole_sysadm">
                 <role-name>sysadm</role-name>
            </security-role>
            <method-permission id="MethodPermission_AsyncOrd10">
                 <role-name>everyone</role-name>
                 <method id="MethodElement_AsyncOrd10">
                      <ejb-name>AsyncOrd10</ejb-name>
                      <method-name>*</method-name>
                 </method>
            </method-permission>
            <container-transaction id="container-transaction_AsyncOrd10">
                 <method id="AsyncOrd10_methods">
                      <ejb-name>AsyncOrd10</ejb-name>
                      <method-name>*</method-name>
                 </method>
                 <trans-attribute>Required</trans-attribute>
            </container-transaction>
       </assembly-descriptor>
  </ejb-jar>

  for JBoss I can set in the jboss.xml the auth-method (under the port-component)
  <?xml version="1.0" encoding="UTF-8"?>
  <jboss>
       <security-domain>java:/jaas/absolut</security-domain>
       <enterprise-beans>
            <session>
                 <ejb-name>AsyncOrd10</ejb-name>
                 <local-jndi-name>com.dat.now.ws.ord.AsyncOrd10</local-jndi-name>
                 <port-component>
                 <port-component-name>AsyncOrd10WSPort</port-component-name>
                      <port-component-uri>AsyncOrd10</port-component-uri>
                      <auth-method>BASIC</auth-method>
                 </port-component>
                 <resource-ref>
                      <res-ref-name>jdbc/AsyncOrd10</res-ref-name>
                      <res-type>javax.sql.DataSource</res-type>
                      <jndi-name>java:/now</jndi-name>
                 </resource-ref>
            </session>
       </enterprise-beans>
  </jboss>
  For IBM WebSphere I should use an additional step in the deploy
  Maybe I missing something in the ejb-j2ee-engine.xml ?
  this is it :
  <?xml version="1.0" encoding="UTF-8"?>
  <ejb-j2ee-engine>
       <enterprise-beans>
            <enterprise-bean>
                 <ejb-name>AsyncOrd10</ejb-name>
                 <jndi-name>com.dat.now.ws.ord.AsyncOrd10</jndi-name>
                 <resource-ref>
                      <res-ref-name>jdbc/AsyncOrd10</res-ref-name>
                      <res-link>now</res-link>
                 </resource-ref>
            </enterprise-bean>
       </enterprise-beans>
  <security-permission>
  <security-role-map>
  <role-name>everyone</role-name>
  <server-role-name>all</server-role-name>
  </security-role-map>
  <security-role-map>
  <role-name>sysadm</role-name>
  <server-role-name>administrators</server-role-name>
  </security-role-map>
  </security-permission>
  </ejb-j2ee-engine>
  Thanks

• Security Level set to High, Windows 7, Word 2010, Acrobat X Pro

  I had Acrobat 9 Pro and could create PDF files from Word 2010 files by going directly into Acrobat.
  Then, one day, I received an error msg: "Secruty Level set to High, please run the application which created this document ..."
  I figured that MS has installed some sort of security update which prevented me from creating PFD files from Word 2010 files.
  So I waited for Acrobat X to ship, which I just bought for $199 (on top of the $449 for Acrobat 9 Pro).
  I just installed the new version of Acrobat X Pro, but I get the same error message.
  PLEASE HELP!!

  Thanks, but the error msg is actually an Acrobat msg.
  I called the Adobe Tech Support and spent an hour on the phone with the gentleman. We went through many configurations and I'm still trying to resolve this issue (I'll be reinstalling Acrobat X in a minute to see if our changes make a difference).
  I believe the trouble lies in the fact that I'm on a 64-bit system, with an MS-issued security update. Hard to say exactly what the fiasco is all about just now.
  Regards,
     :- Kelly

• Officejet 6000 wireless and WPA2-Enterprise network security

  I own an Officejet 6000 wireless printer. The manual says that it should be compatible with a wireless network with WPA2-Enterprise network security but when setting up the connection (I am using a macbook and am setting the printer up via usb connection) the newtork is listed but the security type is "unsupported." For whatever its worth it is listed 5 or 6 times but probably thats a different issue.
  I can still select the right network but it only asks for a security key, but my network security requires a log-in name and password.
  What can I do to get my printer connected to the network?

  I get the feeling that most of the people replying here don't know the difference between WPA2-Personal and WPA2-Enterprise.
  Personal has a passkey.
  Enterprise uses both a username and password, usually in conjunction with a Radius server (802.1X athentication).
  What we've had to do solve this problem is create a second SSID on the network that authenticates on WPA2-Personal. We use a really long password to secure the network, one that I will never be able to memorize in my lifetime.
  All we can hope for is that these enterprise-level vendors will, perhaps, gain a greater understanding of wireless authentication processes and the needs of actual enterprise customers who at least a percieved need for wireless printer capabilities. It used to be that customer was always right, though. Perhaps those days are gone...
  The other problem that probably ought to be addressed on consumer end is the fact that multicast tools that make AirPrint work (such as Bonjour), are being blocked from crossing between your wired and wireless networks, perhaps by the wireless controller or due to inefficient routing hierarchy or NAT/PAT issues. Solve this issue and you won't have a need for wireless printers.

• Access Manager Authentication

  Hi every1,
  im using JES 2005Q4 on solaris 10 box.
  i have created a web application which i deployed using the application server. i successfully secured few pages in my application using <security-constraints>. i used filerealm on the application server to authenticate.
  how can i use access manager authentication in my application?
  Im a newbee so plz help me out here.
  Thanks in adv.
  Mike

  Is your AM log level set to message? If not, set to message and retest. You should get output in your debug logs.
  On the agent side, set your logging to all:5

• Network Security - Need a recommendation

  Hi there!
  I'm currently running a wireless network in my apartment that is passworded on a regular bare bones LinkSys router. Currently I have both my PC desktop and my MBPro on this network. Both are running just fine.
  What I am concerned about is people in the apartment complex using my network. I know I could bump up the security on my router but what I really want is a program that lets me A) see the IP's of people connecting to my network, if any, and B) single them out and block them. I have no idea whether such a program exists for Leopard. I'm actually fairly computer-savvy, but network security is a new arena for me.
  I'm just wondering if anyone could recommend a program to use that is only moderately complex. Also, I'm willing to pay money, but free is always better. Or any other information would be great, e.g. if the MBP already has the propensity for this type of activity on its own. I know it does a great many things .
  Thanks for any help!
  Message was edited by: demosthenes_

  demosthenes_ wrote:
  A) see the IP's of people connecting to my network, if any
  Your router should provide this via the web based administration interface.
  B) single them out and block them
  In stead of monitoring the router for rogue connections, you could setup your Linksys router to perform MAC address filtering. MAC Address filtering involves setting up a whitelist of MAC addresses that can connect to the router and any MAC address that isn't in the list you can explicitly deny access.
  What you would need to do is to add the MAC address for each device you have that you want to connect to the network.
  To be honest though, if you're at all concerned about the security of your data, http traffic, if you do any online banking, shopping etc you should really enable the encryption features of your router. With the way you have things setup at the moment, even with MAC Address filtering enabled your wireless connection can still be snooped on which means your passwords, account numbers etc are potentially travelling in the clear over the airwaves.
  Personally I would just configure the router to use the highest encryption level that all your computers can support and secure the Wireless network with a 10+ digit authentication key (utilising alphanumeric, punctuation and number characters). Doing this will ensure that your network is secure and minimise the risk of someone getting hold of any sensitive data.

• File, Send link doesn't open a new email. Using Firefox 11.0. Outlook 2010 is the Mailto default and W7 default email program. On the About:config page network.protocol-handler.external.mailto is set to regular font (not bold) "default Boolean true".

  File, Send link doesn’t open a new email. Running Firefox 11.0. Outlook 2010 is the Mailto default and the W7 default email program. On the About:config page, network.protocol-handler.external.mailto is set to regular font (not bold) “default Boolean true”.

  I assume you have tried toggling the setting in Firefox between Outlook and, say, Gmail:
  orange Firefox button ''or'' classic Tools menu > Options > Applications
  In the search box, type or paste '''mailto''' and pause for the list to filter.
  Change the setting and OK to save it, then return to the dialog, change back, and OK again.
  You also might want to toggle the setting at the OS level between Microsoft Outlook and the native Windows Mail client in a similar fashion. In Windows XP you could use IE's Options dialog, Programs tab, for this, but I'm not sure in Windows 7.
  Since one possibility is a problem in your Firefox settings (including the possibility of interfering add-ons), and another is a problem at the Windows level (e.g., Registry settings), it would be useful to try to identify which one it is. One quick way to distinguish is to create a new Firefox profile. It will start up with all factory settings. You can switch back to your existing profile after testing.
  First, I recommend backing up your Firefox settings in case something goes wrong. See [https://support.mozilla.com/en-US/kb/Backing+up+your+information Backing up your information]. (You can copy your entire Firefox profile folder somewhere outside of the Mozilla folder.)
  After closing Firefox, start up again in the Profile Manager as described in this article: [http://support.mozilla.com/kb/Managing+profiles Managing profiles].
  With the new profile, can Firefox successfully create a message in Outlook?

• How to Make Wirless Network SECURE

  I am running my desktop hard line to a comcast modem which runs XP Pro. My Laptop which is running Vista is set up wireless via the WRT54GS Linksys Router.
  The wireless network is running great but it is identified as UNSECURED!
  After three 30 minute waits last night, 2 disconnects when I was not understanding them ( not a computer whiz but I do ok) and 1 live chat tech that copy and pasted the directions on how to set it up but not how to make it secure and then a quick disconnect    .
  Can anyone tell me exactly HOW TO MAKE THIS NETWORK SECURED and WHAT computer shall I use to perform this?
  Thank you for any help you can give me,
  SWAT
  JohnDoe sorry for violating any rules.
  (Edited post for guideline compliance. Thanks!)
  Message Edited by JOHNDOE_06 on 08-27-2007 11:04 AM
  Message Edited by SWAT on 08-27-2007 11:13 AM

  SWAT wrote:
  Sbatch...you click on the pull down window to the settings.....I click on WPA then I input the code I wanted (only room for 1 code) then scroll all the way down to click on save settings.
  That method does not secure my laptop wireless settings?
  **No, that secures your router's wireless settings.
  or
  Is this the only method to secure the network?
  With some investigation I can find have found the following:
  If I right click on my Network Icon in my tool bar and then click Connect to Network and then right click on the Network and right click Properties I get a box with the following:
  Tab for connection and a tab for security with pull down bars which can be changed...
  1) Security Types -No Authentication (open), shared, wpa2 personal, wpa personal, wpa2 enterprise, wpa enterprise and 802.1x
  2) Encryption Types -WEP
  Current settings on my laptop Linksys wireless network security is
  Security Type- OPEN
  Encryption- NONE
  sBatch when I perform the WPA on my desktop my laptop must be off or not on the network correct?
  Doesn't matter, once you change the security settings onthe router, you will be prompted for the settings to reconnect to it.
  Has anyone found the LinkSys hyperlink for setting the WRT54GS router as SECURED?
  Define "secured".  Wired, only physical connection have access.
  Wireless, once you add WPA or WEP (WPA is better) it's secured.
  Sincerely,
  SWAT
  Does that help?

• Incomplete "authentication level" property support on iOS/Mac clients

  When “authentication level:i:0" property is present in RDP file, client shouldn't show warnings regarding RDP server identity. Such warnings could appear when untrusted certificate is used on RDP server or when "RDP Security Layer" is used/configured
  on the server. With “authentication level:i:0" iOS/Mac clients omit warning only for the first case (untrusted certificate), but still show warning for the second case (RDP Security Layer). Windows client behaves as expected in both cases - no warnings
  are shown.
  How to reproduce:
  1. Configure RDSH server to use “RDP Security Layer” in properties of “RDP-Tcp” connection in Remote Desktop Session Host configuration utility (on Windows 2008).
  2. Create an RDP file for this server with “authentication level:i:0” property (it corresponds to "Advanced\Server authentication\Connect and don’t warn me" option in Windows RDP client).
  3. Try such RDP file on Mac and there always be “Untrusted Connection” warning (regardless of “authentication level” property). Expected behavior is no warnings.

  Hi,
  Which version of MRD MAC you are using?
  Please try to update the MRD MAC version to 8.0.15 and verify result.
  https://itunes.apple.com/in/app/microsoft-remote-desktop/id715768417?mt=12
  Please verify the RDP security level setting in the remote PC options is set to Client Compatible. Apart if you can find any error message\log then it is helpful for further process.
  Microsoft Remote Desktop>About Microsoft Remote Desktop>Send log via email
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Cisco NAC web agent Network Security Policy

  I have a computer with an installed McAfee Antivirus that us up to date. However, each time try to access one of my client's server via VPN, I successfully connect to VPN using Cisco Anyconnnect but whenever I try to download the web agent and the device security check is being run, I get the feedback "Host is not compliant with network security policy". It also tells me a Remediation description of "please update your antivirus". (see attached screenshot)
  Please note that I already have my McAfee antivirus updated and I have done everything to keep my computer in good shape in terms of security.
  What is the possible cause for this?

  That means the CAM hasn't received an SNMP trap for that MAC address.  Double-check that the WLC is set up to send traps to the CAM: http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/47/cam/m_woob.html#wp1290626
  You can see if the CAM's received a trap for a specific MAC by looking under OOB Management > Devices > Discovered Clients.