PriorityProcessor's timeout ignored

Dear all,
I can't get the PriorityProcessor timeout working with Coherence 3.5.3/465 invoking on long EntryProcessor on a partionned/distributed cache. The timeout (both unlimited and MAX_LONG) seem to be ignored, after about 30 seconds, my entry processor is interrupted by an InterruptedException and Coherence emmits the following error message :
2010-05-21 12:44:00.385/36.954 Oracle Coherence GE 3.5.3/465 <Error> (thread=Cluster, member=1):
   Attempting recovery (due to soft timeout) of Guard{Daemon=DistributedCache}Does anyone knows how to prevent timeouts on an entry processor ?
Thanks,
Cyrille
Cyrille Le Clerc
[email protected]
Here is a test case to reproduce this InterruptedTimeout.
import org.junit.Test;
import com.tangosol.net.CacheFactory;
import com.tangosol.util.InvocableMap.Entry;
import com.tangosol.util.processor.AbstractProcessor;
import com.tangosol.util.processor.PriorityProcessor;
* @author Cyrille Le Clerc
public class PriorityProcessorTest {
public static class SleepProcessor extends AbstractProcessor {
    private final long sleepDurationInMillis;
    public SleepProcessor(long sleepDurationInMillis) {
      super();
      this.sleepDurationInMillis = sleepDurationInMillis;
    @Override
    public Object process(Entry entry) {
      try {
        Thread.sleep(sleepDurationInMillis);
      } catch (InterruptedException e) {
        throw new RuntimeException(e);
      return null;
@Test
public void testPriorityProcessorWithLongRunningEntryProcessor() {
    System.setProperty("tangosol.coherence.wka", "localhost");
    long threeMinutesInMillis = 3 * 60 * 1000;
    SleepProcessor sleepProcessor = new SleepProcessor(threeMinutesInMillis);
    PriorityProcessor priorityProcessor = new PriorityProcessor(sleepProcessor);
    priorityProcessor.setExecutionTimeoutMillis(2 * threeMinutesInMillis);
    priorityProcessor.setRequestTimeoutMillis(2 * threeMinutesInMillis);
    long timeBefore = System.currentTimeMillis();
    try {
      CacheFactory.getCache("dist-test").invoke("test", priorityProcessor);
    } finally {
      System.out.println("Execution duration: " + (System.currentTimeMillis() - timeBefore) +
        " ms, expected duration: " + threeMinutesInMillis + " ms");
}The output is :
2010-05-21 12:44:00.385/36.954 Oracle Coherence GE 3.5.3/465 <Error> (thread=Cluster, member=1):
   Attempting recovery (due to soft timeout) of Guard{Daemon=DistributedCache}
Execution duration: 36563 ms, expected duration: 180000 ms
(Wrapped: Failed request execution for DistributedCache service on Member(...))
   java.lang.RuntimeException: java.lang.InterruptedException: sleep interrupted
at c.t.util.Base.ensureRuntimeException(Base.java:293)
at c.t.c.c.util.daemon.queueProcessor.service.Grid.tagException(Grid.CDB:36)
at c.t.c.c.util.daemon.queueProcessor.service.grid.DistributedCache.onInvokeRequest(DistributedCache.CDB:80)
at c.t.c.c.util.daemon.queueProcessor.service.grid.DistributedCache$InvokeRequest.run(DistributedCache.CDB:1)
at c.t.c.c.net.message.requestMessage.DistributedCacheKeyRequest.onReceived(DistributedCacheKeyRequest.CDB:12)
at c.t.c.c.util.daemon.queueProcessor.service.Grid.onMessage(Grid.CDB:9)
at c.t.c.c.util.daemon.queueProcessor.service.Grid.onNotify(Grid.CDB:136)
at c.t.c.c.util.daemon.queueProcessor.service.grid.DistributedCache.onNotify(DistributedCache.CDB:3)
at c.t.c.c.util.Daemon.run(Daemon.CDB:42)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.lang.RuntimeException: java.lang.InterruptedException: sleep interrupted
at PriorityProcessorTest$SleepProcessor.process(PriorityProcessorTest.java:28)
at c.t.util.processor.PriorityProcessor.process(PriorityProcessor.java:77)
at c.t.c.c.util.daemon.queueProcessor.service.grid.DistributedCache$Storage.invoke(DistributedCache.CDB:20)
at c.t.c.c.util.daemon.queueProcessor.service.grid.DistributedCache.onInvokeRequest(DistributedCache.CDB:50)
... 7 more
Caused by: java.lang.InterruptedException: sleep interrupted
at java.lang.Thread.sleep(Native Method)
at PriorityProcessorTest$SleepProcessor.process(PriorityProcessorTest.java:26)
... 10 more

Thanks Mark,
You solved my problem. I din't declare a thread pool on my Cache configuration and the timeout was ignored. This makes sense as my request was running on the service thread.
If fixed this adding a "<thread-count>" element to my distributed "<distributed-scheme>". It looks like :
[xml]<distributed-scheme>
<scheme-name>example-distributed</scheme-name>
<service-name>DistributedCache</service-name>

<thread-count>50</thread-count>
<backing-map-scheme>
<local-scheme>
<scheme-ref>example-binary-backing-map</scheme-ref>
</local-scheme>
</backing-map-scheme>
<autostart>true</autostart>
</distributed-scheme>[xml]
Thanks for your help,
Cyrille

Similar Messages

No Timeout Target Assigned to ______ Timeout Ignored!

Sorry if this has been answered, I searched "timeout ignored" and hit zero. And I am under the gun here to figure this out.
I am hitting this Log note: No Timeout Target Assigned to ____ Timeout Ignored!
I have two Menu canvases with one still photo per canvas.
Ideally I would like them to Time Out — go black — after a set time (so as to avoid screen burn in).
Does this Log note warning have anything to do with that?
Any info will be appreciated, if this normal or something I need to figure out and correct...

You can set the timeout action to a black menu (or perhaps a motion menu with the word press here with button moving so movie can continue).
But if you set the menu to timeout and did not set an action to not set you would get that message

Weblogic Admin server - Configuration/Server Start/Arguments ignored?

Hi,
I'm trying to specify a http proxy for a WebLogic Admin Server in order for an application to access external resources. I've placed the settings into the "Server Configuration / Server Start / Arguments", and verified that they have been saved into the config/config.xml file for that domain:
<server-start>
<arguments>-Dhttp.proxyHost=[XXXX] -Dhttp.proxyPort=8080</arguments>
<password-encrypted>[XXXX]</password-encrypted>
</server-start>
However, no matter how I start the server, these settings are ignored despite that the documentation states these should be added to the java command line.
starting weblogic with Java version:
java version "1.6.0_19"
Java(TM) SE Runtime Environment (build 1.6.0_19-b04)
Java HotSpot(TM) 64-Bit Server VM (build 16.2-b04, mixed mode)
Starting WLS with line:
C:\PROGRA~1\Java\JDK16~1.0_1\bin\java -client -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m -XX:MaxPermSize=256m -Dweblogic.Name=AdminServer -Djava.security.policy=C:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\weblogic.policy -Xverify:none -da -Dplatform.home=C:\Oracle\MIDDLE~1\WLSERV~1.3 -Dwls.home=C:\Oracle\MIDDLE~1\WLSERV~1.3\server -Dweblogic.home=C:\Oracle\MIDDLE~1\WLSERV~1.3\server -Dweblogic.management.discover=true -Dwlw.iterativeDev= -Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=C:\Oracle\MIDDLE~1\patch_wls1032\profiles\default\sysext_manifest_classpath weblogic.Server
As a test I created a new managed server in the same domain, specifying the same startup properties, and they were picked up during startup.
If I manually place the settings into the bin/setDomainEnv.cmd batch file for the domain they are also picked up and work.
Is there an undocumented restriction on Admin Servers that they ignore the "Server Start / Arguments" setting, or is there something else I can check as to why this is not working?
Many thanks,
- Micha.

Umm... I already pasted the relevant snippet out of the config.xml, but following is the entire file. The startup arguments, as specified in the admin console, are:
-Dhttp.proxyHost=[XXXXXXXX] -Dhttp.proxyPort=8080
which matches what is saved in the config.xml.
<?xml version='1.0' encoding='UTF-8'?>
<domain xmlns="http://xmlns.oracle.com/weblogic/domain" xmlns:sec="http://xmlns.oracle.com/weblogic/security" xmlns:wls="http://xmlns.oracle.com/weblogic/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/weblogic/security/xacml http://xmlns.oracle.com/weblogic/security/xacml/1.0/xacml.xsd http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator/1.0/passwordvalidator.xsd http://xmlns.oracle.com/weblogic/domain http://xmlns.oracle.com/weblogic/1.0/domain.xsd http://xmlns.oracle.com/weblogic/security http://xmlns.oracle.com/weblogic/1.0/security.xsd http://xmlns.oracle.com/weblogic/security/wls http://xmlns.oracle.com/weblogic/security/wls/1.0/wls.xsd">
<name>wls_starter</name>
<domain-version>10.3.2.0</domain-version>
<security-configuration>
<name>wls_starter</name>
<realm>
<sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
<sec:authentication-provider xsi:type="wls:default-identity-asserterType">
<sec:active-type>AuthenticatedUser</sec:active-type>
</sec:authentication-provider>
<sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
<sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
<sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
<sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
<sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
<sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
<sec:name>myrealm</sec:name>
<sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType">
<sec:name>SystemPasswordValidator</sec:name>
<pas:min-password-length>8</pas:min-password-length>
<pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters>
</sec:password-validator>
</realm>
<default-realm>myrealm</default-realm>
<credential-encrypted>[XXXXXXXXXX]</credential-encrypted>
<node-manager-username>weblogic</node-manager-username>
<node-manager-password-encrypted>[XXXXXXXX]</node-manager-password-encrypted>
</security-configuration>
<server>
<name>AdminServer</name>
<max-http-message-size>-1</max-http-message-size>
<ssl>
<enabled>false</enabled>
</ssl>
<log>
<file-name>logs/AdminServer.log</file-name>
<rotation-type>bySize</rotation-type>
<number-of-files-limited>true</number-of-files-limited>
<file-count>7</file-count>
<file-min-size>500</file-min-size>
<rotate-log-on-startup>true</rotate-log-on-startup>
<logger-severity>Trace</logger-severity>
<logger-severity-properties></logger-severity-properties>
<log-file-severity>Info</log-file-severity>
<stdout-severity>Info</stdout-severity>
<domain-log-broadcast-severity>Notice</domain-log-broadcast-severity>
<memory-buffer-severity>Debug</memory-buffer-severity>
<log4j-logging-enabled>false</log4j-logging-enabled>
<redirect-stdout-to-server-log-enabled>false</redirect-stdout-to-server-log-enabled>
<domain-log-broadcaster-buffer-size>1</domain-log-broadcaster-buffer-size>
</log>
<machine>[XXXXXXXXXX]</machine>
<listen-port>8080</listen-port>
<listen-port-enabled>true</listen-port-enabled>
<web-server>
<frontend-http-port>0</frontend-http-port>
<frontend-https-port>0</frontend-https-port>
<keep-alive-enabled>true</keep-alive-enabled>
<keep-alive-secs>30</keep-alive-secs>
<https-keep-alive-secs>60</https-keep-alive-secs>
<post-timeout-secs>30</post-timeout-secs>
<max-post-size>-1</max-post-size>
<send-server-header-enabled>false</send-server-header-enabled>
<wap-enabled>false</wap-enabled>
<accept-context-path-in-get-real-path>false</accept-context-path-in-get-real-path>
</web-server>
<listen-address></listen-address>
<java-compiler>javac</java-compiler>
<tunneling-enabled>false</tunneling-enabled>
<tunneling-client-ping-secs>45</tunneling-client-ping-secs>
<tunneling-client-timeout-secs>40</tunneling-client-timeout-secs>
<server-start>
<arguments>-Dhttp.proxyHost=[XXXXXXXX] -Dhttp.proxyPort=8080</arguments>
<password-encrypted>[XXXXXXX]</password-encrypted>
</server-start>
<server-life-cycle-timeout-val>30</server-life-cycle-timeout-val>
<startup-timeout>0</startup-timeout>
<graceful-shutdown-timeout>30</graceful-shutdown-timeout>
<ignore-sessions-during-shutdown>false</ignore-sessions-during-shutdown>
<client-cert-proxy-enabled>false</client-cert-proxy-enabled>
</server>
<embedded-ldap>
<name>wls_starter</name>
<credential-encrypted>[XXXXXXXXXX]</credential-encrypted>
</embedded-ldap>
<configuration-version>10.3.2.0</configuration-version>
<app-deployment>
<name>[XXXXXXXXXX]</name>
<target>AdminServer</target>
<module-type>ear</module-type>
<source-path>[XXXXXXXXXX]</source-path>
<security-dd-model>DDOnly</security-dd-model>
</app-deployment>
<app-deployment>
<name>[XXXXXXXXXX]</name>
<target>AdminServer</target>
<module-type>ear</module-type>
<source-path>[XXXXXXXXXX]</source-path>
<security-dd-model>DDOnly</security-dd-model>
</app-deployment>
<app-deployment>
<name>[XXXXXXXXXX]</name>
<target>AdminServer</target>
<module-type>ear</module-type>
<source-path>[XXXXXXXXXX]</source-path>
<security-dd-model>DDOnly</security-dd-model>
</app-deployment>
<app-deployment>
<name>[XXXXXXXXXX]</name>
<target>AdminServer</target>
<module-type>ear</module-type>
<source-path>[XXXXXXXXXX]</source-path>
<security-dd-model>DDOnly</security-dd-model>
</app-deployment>
<machine>
<name>[XXXXXXXXXX]</name>
</machine>
<jms-server>
<name>WseeJmsServer</name>
<target>AdminServer</target>
<persistent-store>WseeFileStore</persistent-store>
</jms-server>
<jms-server>
<name>[XXXXXXXXXX]</name>
<target>AdminServer</target>
<persistent-store>WseeFileStore</persistent-store>
</jms-server>
<self-tuning>
<work-manager>
<name>weblogic.wsee.mdb.DispatchPolicy</name>
<target>AdminServer</target>
</work-manager>
</self-tuning>
<file-store>
<name>WseeFileStore</name>
<directory>WseeFileStore</directory>
<target>AdminServer</target>
</file-store>
<jms-system-resource>
<name>WseeJmsModule</name>
<target>AdminServer</target>
<sub-deployment>
<name>BEA_JMS_MODULE_SUBDEPLOYMENT_WSEEJMSServer</name>
<target>WseeJmsServer</target>
</sub-deployment>
<descriptor-file-name>jms/wseejmsmodule-jms.xml</descriptor-file-name>
</jms-system-resource>
<jms-system-resource>
<name>[XXXXXXXXXX]</name>
<target>AdminServer</target>
<sub-deployment>
<name>[XXXXXXXXXX]</name>
<target>[XXXXXXXXXX]</target>
</sub-deployment>
<descriptor-file-name>[XXXXXXXXXX]</descriptor-file-name>
</jms-system-resource>
<admin-server-name>AdminServer</admin-server-name>
<jdbc-system-resource>
<name>[XXXXXXXXXX]</name>
<target>AdminServer</target>
<descriptor-file-name>[XXXXXXXXXX]</descriptor-file-name>
</jdbc-system-resource>
<saf-agent>
<name>ReliableWseeSAFAgent</name>
<target>AdminServer</target>
<store>WseeFileStore</store>
</saf-agent>
</domain>

Converting a 1310 to autonomous IOS mode

I have a 1310 that I need to convert to autonomous IOS mode. For this I have the 1310 connected to a 2100 WLAN controller. The problem is when I run the config ap tftp-downgrade command the ap returns the following error message
examining image...
%Error opening (Timed out)
archive download: takes 62 seconds
lwapp_image_proc: unable to open tar file
I feel that I should note that the only time I can ping the AP is if it's connected to the management interface of the controller. The same goes to my computer which is acting as the tftp server. Any ideas on what is wrong here would be a great help. Thanks

Here is a copy of the running-config. Now I do not have the the controller hooked up to a switch. Both the laptop and the ap plug directly into the controller. Could this be the problem?
Cisco Controller) >show running-config
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
location rssi-half-life tags 0
location rssi-half-life client 0
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
ap syslog host global 255.255.255.255
dhcp create-scope Ap-dhcp
dhcp address-pool Ap-dhcp 10.200.4.100 10.200.4.104
dhcp default-router Ap-dhcp 10.200.4.105
dhcp enable Ap-dhcp
dhcp dns-servers Ap-dhcp 10.20.3.27 10.10.3.20
dhcp domain Ap-dhcp ptrcs.com
dhcp network Ap-dhcp 10.200.4.0 255.255.255.0
local-auth method fast server-key *****
interface address ap-manager 10.200.4.3 255.255.255.0 10.200.4.1
interface address management 10.200.4.4 255.255.255.0 10.200.4.1
interface address virtual 1.1.1.1
interface dhcp ap-manager primary 10.200.4.4
interface dhcp management primary 10.200.4.4 secondary 10.200.4.3
interface port ap-manager 2
interface port management 2
load-balancing window 5
logging syslog host 0.0.0.0
mesh security eap
mgmtuser add admin **** read-write
mobility group domain Pierce
network master-base enable
network otap-mode disable
network rf-network-name Pierce
radius cred-cache enable
snmp version v2c enable
snmp version v3 enable
sysname WLAN_Controller
wlan create 1 Pierce Pierce
wlan session-timeout 1 1800
wlan wmm allow 1
wlan security static-wep-key encryption 1 104 1
wlan enable 1

Problem printing with network accounts in Rosetta apps

This is a weird one that I've been trying to fix for weeks with no luck. Any thoughts would be helpful before I dump the AD Plugin and switch to ADmitMac...
Setup:
We have some (about 50) student iMacs, bound to our Active Directory domain.
On logging in, students are authenticated via an Active Directory server.
The students have Home Folders on another Windows 2003 server.
Force Local Home is off in the AD plugin, so when a student logs in, they get an ordinary account (non-admin) and see the Desktop, etc. that is held on the server, so if they log into any iMac they get the same Home Folder.
Problem:
The odd problem has just occurred with 4 new iMacs. These are the first Intel Macs on the network using AD logins and network Home Folders. Old PowerPC iMacs work just fine. However, the Intels exhibit this strange behaviour:
If a student prints from any Rosetta application (e.g. Word or Photoshop) the print goes ahead and prints, but the application immediately crashes (quits unexpectedly). Intel Apps (e.g. Preview) however, print fine.
I've just done a print from Word with one of my students' accounts (username bbjarhsy, Home Folder on a server called d4, as you'll see at the end). The crash log for Word tells me:
No log handling enabled - turning on stderr logging
snmpget: Timeout
snmpget: Timeout
snmpInk: writeSupplies() write failed.
snmpInk: writeSupplies():: Broken pipe
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
No log handling enabled - turning on stderr logging
snmpget: Timeout
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
snmpget: Timeout
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Ignoring Quickdraw drawing between QDBeginCGContext and QDEndCGContext
Word(618,0x1ac7e00) malloc: * vm_allocate(size=2751467520) failed (error code=3)
Word(618,0x1ac7e00) malloc: * error: can't allocate region
Word(618,0x1ac7e00) malloc: * set a breakpoint in szone_error to debug
Word(618,0x1ac7e00) malloc: * vm_allocate(size=1543507968) failed (error code=3)
Word(618,0x1ac7e00) malloc: * error: can't allocate region
Word(618,0x1ac7e00) malloc: * set a breakpoint in szone_error to debug
Word(618,0x1ac7e00) malloc: * vm_allocate(size=1543507968) failed (error code=3)
Word(618,0x1ac7e00) malloc: * error: can't allocate region
Word(618,0x1ac7e00) malloc: * set a breakpoint in szone_error to debug
Dec 1 10:49:33 STU-868-M01 crashdump[628]: Microsoft Word crashed
Dec 1 10:49:33 STU-868-M01 crashdump[628]: crash report written to: /Network/Servers/d4.students.ioead/bbjarhsy$/Library/Logs/CrashReporter/Microso ft Word.crash.log
This seems to indicate some sort of problem with addressing Virtual Memory after/during sending the print job. (??)
I should mention that the prints are going to a (Windows) print server which does its stuff properly - queues and prints the job and deducts pages properly from the quotas set up.
I've tried making a test account an Admin account but these crash too, so it doesn't seem to have anything to do with the local permissions.
Any idea where I can go with this? Anyone doing the same thing with no problem? It definitely seems to be a bug with the Intel version of Tiger as the G5s have exactly the same set up with no such problems.
Thanks for anything anyone can offer!!
Jem
iMac Intel Core 2 Duo, 2GHz, 1GB RAM Mac OS X (10.4.8)

10.4.9 update fixed this - phew!

AP-1121G do not even try to join to WLC-1206

Hello!
I upgraded 1121 to lightweight with upgrade tool.
Now I want it to be joined to 2106.
In debug packet I see that 1121 sends discovery request (broadcast, or, after I addedd dns record unicast) to 2106 and 2106 replies.
Then there is no join request from AP.
2106 is in master mode.
What can be wrong?

>If you physically console into the AP (is that available on an 1121?) and I think password is like "Cisco" on most APs, you should be able to see the log.
unfortunately, there is no serial console on 1121 :-(
>Is the controller and AP in the same VLAN/Subnet? Same switch? Is it the same VLAN/Subnet as other working devices?
They are in the same subnet, and I tried to connect them using one switch.
>Could you post the run-config of your WLC?
(Cisco Controller) >show running-config
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
aaa auth mgmt local radius
advanced 802.11a channel add 100
advanced 802.11a channel add 104
advanced 802.11a channel add 108
advanced 802.11a channel add 112
advanced 802.11a channel add 116
advanced 802.11a channel add 120
--More-- or (q)uit
advanced 802.11a channel add 124
advanced 802.11a channel add 128
advanced 802.11a channel add 132
advanced 802.11a channel add 136
advanced 802.11a channel add 140
advanced 802.11a channel add 149
advanced 802.11a channel add 153
advanced 802.11a channel add 157
advanced 802.11a channel add 161
advanced 802.11a receiver pico-cell-V2 rx_sense_thrld 0 0 0
advanced 802.11a receiver pico-cell-V2 cca_sense_thrld 0 0 0
advanced 802.11a receiver pico-cell-V2 sta_tx_pwr 0 0 0
--More-- or (q)uit
advanced 802.11b tx-power-control-thresh -65
Location Summary
Algorithm used: Average
Client
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
Calibrating Client
RSSI expiry timeout: 5 sec
Half life: 0 sec
Rogue AP
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
RFID Tag
RSSI expiry timeout: 5 sec
Half life: 0 sec
Notify Threshold: 0 db
--More-- or (q)uit
location rssi-half-life tags 0
location rssi-half-life client 0
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
Cisco Public Safety is not allowed to set in this domain
ap syslog host global 255.255.255.255
auth-list ap-policy ssc enable
auth-list add mic 00:21:55:74:af:82
country RU
--More-- or (q)uit
dhcp proxy disable
local-auth method fast server-key *****
interface address ap-manager 192.168.22.19 255.255.255.0 192.168.22.221
interface address management 192.168.22.18 255.255.255.0 192.168.22.221
interface address virtual 1.1.1.1
interface dhcp ap-manager primary 192.168.22.220
interface dhcp management primary 192.168.22.220
interface port ap-manager 2
interface port management 1
load-balancing window 5
logging buffered 7
--More-- or (q)uit
logging console 7
memory monitor error disable
memory monitor leak thresholds 10000 30000
mesh security eap
mgmtuser add cisco **** read-write
mobility group domain Belkam
network webmode enable
network telnet enable
network multicast mode multicast 0.0.0.0
network mgmt-via-dynamic-interface enable
network otap-mode disable
network rf-network-name Belkam
--More-- or (q)uit
snmp version v2c enable
snmp version v3 enable
sysname WLC2106
time ntp interval 28800
time ntp server 1 192.168.22.99
trapflags 802.11-Security ids-sig-attack disable
802.11a disable network

Wired guest access - Unable to access network

Hello,
I've configured two WLC's with the exact same config one of them has working Wired guest network the other one does not.
The only difference in the two I know of is that the one that does not work is connected to a Cisco 3550 switch, the one that works is connected to a Cisco 7600.
The problem is when I connect a computer to the wired guest network I am able to get an IP address from the Internal DHCP server but unable to access the network.
I've tried pinging the gateway's IP and I get no answer.
The Port-channel interface has the correct VLans and the vlans exist on all switches.
If anyone see an error there or might have an idea why this is not working I would appreciate the feedback.
Config follows below..
regards,
Gk

(Cisco Controller) >show running-config
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
location rssi-half-life tags 0
location rssi-half-life client 0
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
Cisco Public Safety is not allowed to set in thisdomain
ap syslog host global 255.255.255.255
auth-list ap-policy ssc enable
custom-web ext-webserver add 1 217.28.176.114
dhcp create-scope guestnetwork
dhcp address-pool guestnetwork 192.168.34.2 192.168.34.200
dhcp default-router guestnetwork 192.168.34.254
dhcp enable guestnetwork
dhcp dns-servers guestnetwork 212.30.200.200 212.30.200.199
dhcp network guestnetwork 192.168.34.0 255.255.255.0
local-auth method fast server-key *****
interface create guestnetwork 331
interface create guestnetwork-wired 332
interface address ap-manager 10.255.255.90 255.255.255.248 10.255.255.94
interface address dynamic-interface guestnetwork 192.168.34.1 255.255.255.0 192.168.34.254
interface address dynamic-interface guestnetwork-wired 192.168.35.1 255.255.255.0 192.168.35.254
interface address management 10.255.255.89 255.255.255.248 10.255.255.94
interface address service-port 10.60.4.200 255.255.255.0
interface address virtual 1.1.1.1
interface dhcp ap-manager primary 10.255.255.89
interface dhcp dynamic-interface guestnetwork primary 10.255.255.89
interface dhcp management primary 10.255.255.89
interface dhcp service-port disable
interface vlan ap-manager 226
interface vlan guestnetwork 331
interface vlan guestnetwork-wired 332
interface vlan management 226
interface port ap-manager 29
interface port guestnetwork 29
interface port guestnetwork-wired 29
interface port management 29
lag enable
load-balancing window 5
mesh security eap
mgmtuser add root **** read-write
mobility group domain XXXXXXX
mobility symmetric-tunneling enable
network otap-mode disable
network rf-network-name XXXXXXX
radius acct add 1 XXXXXXX 1813 ascii ****
radius auth add 1 XXXXXXX 1812 ascii ****
radius auth management 1 disable
spanningtree port mode off 1
spanningtree port mode off 2
sysname XXXXXXX
time ntp interval 3600
time ntp server 1 XXXXXXX
wlan create 1 hotspot hotspot
guest-lan create 1 hotspot-wired
wlan interface 1 guestnetwork
guest-lan interface 1 guestnetwork
wlan custom-web webauth-type external 1
wlan custom-web ext-webauth-url https://XXXXXXX
wlan session-timeout 1 disable
wlan wmm allow 1
wlan wmm allow 18
wlan security wpa disable 1
wlan security wpa disable 18
wlan radius_server auth add 1 1
wlan radius_server acct add 1 1
guest-lan radius_server auth add 1 1
guest-lan radius_server acct add 1 1
wlan dhcp_server 1 0.0.0.0 required required
wlan enable 1
guest-lan enable 1

Not able to login to weblogic console.

Hi,
I am trying to login to weblogic console, but it is failing with error message as follow:
*"Page not found*
The server has not found anything matching the Request-URI. "_
Previous it was fine i was able to login to the weblogic console without any issue, but suddenly this problem start apearing.
Please can somebody help me on this issue.
Thanks,
Manoj

Hi Ravi,
This is the config file sample. Please have a look to this.
<server>
<name>AdminServer</name>
<ssl>
<name>AdminServer</name>
<enabled>true</enabled>
<hostname-verification-ignored>true</hostname-verification-ignored>
<listen-port>9002</listen-port>
<login-timeout-millis>25000</login-timeout-millis>
<two-way-ssl-enabled>true</two-way-ssl-enabled>
</ssl>
<log>
<name>AdminServer</name>
<file-min-size>50000</file-min-size>
<rotate-log-on-startup>true</rotate-log-on-startup>
<log-file-severity>Info</log-file-severity>
<stdout-severity>Info</stdout-severity>
<memory-buffer-severity>Notice</memory-buffer-severity>
<log4j-logging-enabled>false</log4j-logging-enabled>
<redirect-stdout-to-server-log-enabled>true</redirect-stdout-to-server-log-enabled>
</log>
<stuck-thread-max-time>2400</stuck-thread-max-time>
<stuck-thread-timer-interval>180</stuck-thread-timer-interval>
<listen-port>9001</listen-port>
<web-server>
<name>AdminServer</name>
<frontend-https-port>443</frontend-https-port>
<auth-cookie-enabled>false</auth-cookie-enabled>
</web-server>
<listen-address>-------</listen-address>
<tunneling-enabled>true</tunneling-enabled>
<staging-directory-name>/apps2/bcawl10/applications_on</staging-directory-name>
<staging-mode>nostage</staging-mode>
<health-check-timeout-seconds>120</health-check-timeout-seconds>
<graceful-shutdown-timeout>60</graceful-shutdown-timeout>
<ignore-sessions-during-shutdown>true</ignore-sessions-during-shutdown>
<client-cert-proxy-enabled>true</client-cert-proxy-enabled>
<weblogic-plugin-enabled>true</weblogic-plugin-enabled>
</server>
I am accessing the console from a different windows machine while the admin server is configure on different unix box.
http://host_IP:9001/console is the url i am using to access the console.
As this is the production environment so we do not have permission or flexibility to create the new domains.
and for your previous post i did search for the files on the DemoIdentity.jks, DemoTrust.jks and wsrpKeystore.jks.
I am able to file the files at
/apps/bea/software/bea1001/wlserver_10.0/server/lib/DemoTrust.jks
/apps/bea/software/bea1001/wlserver_10.0/server/lib/DemoTrust.jks
/bea/software/bea1001/wlserver_10.0/samples/domains/portal/wsrpKeystore.jks
and i can see from the console that all the instance point to the same path mentioned above under KeyStore setting of weblogic console.
One more point i want to add is that console is accessible for few of the users what few of them are not able to access intermittently. So if you know then please could you put some input from the network prospective whether firewall setting can play role in in this or not.
Thanks,
Manoj Kumar

Mesh AP cannot join RAP

Hi,
I m using one 1522 AP as a RAP and one 1522 AP as a MAP.Also there are four 1242 RAP Aps.1522 AP could find its 1522 RAP earlier before connecting 1242 RAPs in network but after connecting 1242 RAP APs the mesh 1522 AP disappars after few menutes of joining to RAP 1522.
plase help.
output of 'debug mesh security events enable' is show below
(Cisco Controller) >debug mesh security events enable
(Cisco Controller) >Fri May 29 12:31:17 2009: 00:22:BE:43:4E:00 MESH_ASSOC_REQU
EST_PAYLOAD in Association Request for AP 00:22:BE:42:0B:00
Fri May 29 12:31:17 2009: 00:22:BE:43:4E:00 Mesh assoc request for known AP 00:
22:be:42:0b:00
Fri May 29 12:31:17 2009: 00:22:BE:43:4E:00 Mesh assoc request :child : 00:22:b
e:42:0b:00 NextHop : 00:22:be:43:4e:00 LradIp 10.7.51.74 vlanid: 0 mwarPort:
12223 lradPort: 13536
Fri May 29 12:31:17 2009: Sending PMK Delete request to other MDID members for A
P(mscb)00:22:be:42:0b:00
Fri May 29 12:31:17 2009: MAC Validation of Mesh Assoc Request for00:22:be:42:0b
:00 is 0, Mode is : 0
Fri May 29 12:31:17 2009: Starting dot1x authentication for : 00:22:be:42:0b:00
Fri May 29 12:31:18 2009: Got the following AAA key message for : 00:22:be:42:0b
:00
Fri May 29 12:31:18 2009: Control Msg Hex Dump:
93 BC A8 97 57 2C 6B 82
0B EC 4F A
9 61 62 70 A2
F7 0F 5B 4F A3 68 4D 11
46 C9 12 F0 49 6F E1 6F
Fri May 29 12:31:18 2009: Parent Nonce for : 00:22:be:42:0b:00
Fri May 29 12:31:18 2009: Key Hex Dump:
E2 D1 11 C6 79 FE 35 DD
F6 A6 0D 19 94 F7
C0 79
50 C3 80 AC B0 88 C7 62
2B 76 87 DF E0 F6 DF AA
Fri May 29 12:31:18 2009: PMK-R0 Key for : 00:22:be:42:0b:00
Fri May 29 12:31:18 2009: NASID WLC1-T MGID: 00:00:00:00:00:00:00:00
Fri May 29 12:31:18 2009: Key Hex Dump:
03 95 21 5D 5A C0 26 7B
E6 02 DD 0D 09 F2
06 95
EB 9D CE 57 B0 76 92 51
1C 68 D6 E2 52 29 A3 44
Fri May 29 12:31:18 2009: PMK-R0 Name for : 00:22:be:42:0b:00
Fri May 29 12:31:18 2009: Key Hex Dump:
B7 56 31 49 88 AC C2 5C
E7 85 98 56 E4 A6
A4 24
Fri May 29 12:31:18 2009: PMK-R1 Key for : 00:22:be:42:0b:00
Fri May 29 12:31:18 2009: Key Hex Dump:
18 34 4B A1 52 86 58 FA
5E 59 75 F7 BA 0B
37 34
96 C3 FE 6E 13 24 11 88
1C 56 B3 19 B3 34 AD 47
Fri May 29 12:31:18 2009: Sending the following key for : 00:22:be:42:0b:00
Fri May 29 12:31:18 2009: Control Msg Hex Dump:
18 34 4B A1 52 86 58 FA
5E 59 75 F
7 BA 0B 37 34
96 C3 FE 6E 13 24 11 88
1C 56 B3 19 B3 34 AD 47
Fri May 29 12:31:18 2009: Processing of Mesh key response success from AP00:22:b
e:43:4e:00
and i can't see any output from 'debug lwapp events enable' for 30 min.

4.WLC configuration:
(Cisco Controller) >show running-config
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11a channel global off
802.11a rate supported 12
802.11a rate supported 24
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
802.11b channel global off
advanced 802.11a channel add 165
advanced 802.11a profile coverage global 15
advanced 802.11a profile foreign global 60
advanced 802.11a profile level global 12
advanced 802.11b profile foreign global 60
advanced 802.11b profile clients global 15
advanced 802.11b profile level global 12
advanced 802.11b profile coverage global 15
advanced location expiry tags 1200
advanced location expiry client 150
advanced location expiry calibrating-client 30
advanced location expiry rogue-aps 1200
Cisco Public Safety is not allowed to set in this domain
auth-list ap-policy ssc enable
auth-list add mic 00:22:be:41:e3:00
auth-list add mic 00:22:be:42:0b:00
auth-list add mic 00:22:be:43:4e:00
auth-list add mic 00:23:5e:03:b2:14
auth-list add mic 00:23:5e:03:b2:c6
country IN
dhcp create-scope DHCP Scope
dhcp create-scope Electronic Shop
dhcp address-pool DHCP Scope 10.7.51.12 10.7.51.254
dhcp address-pool Electronic Shop 10.7.24.240 10.7.24.250
dhcp default-router DHCP Scope 10.7.51.1
dhcp default-router Electronic Shop 10.7.24.1
dhcp enable DHCP Scope
dhcp enable Electronic Shop
dhcp dns-servers DHCP Scope 10.7.24.2 172.16.7.86
dhcp dns-servers Electronic Shop 10.7.24.2 172.16.7.86
dhcp domain DHCP Scope lthed.com
dhcp domain Electronic Shop lthed.com
dhcp network DHCP Scope 10.7.51.0 255.255.255.0
dhcp network Electronic Shop 10.7.24.0 255.255.255.0
interface address ap-manager 10.7.51.11 255.255.255.0 10.7.51.1
interface address management 10.7.51.10 255.255.255.0 10.7.51.1
interface address service-port 192.168.1.1 255.255.255.0
interface address virtual 1.1.1.1
interface dhcp ap-manager primary 10.7.51.10
interface dhcp management primary 10.7.51.10
interface dhcp service-port disable
interface port ap-manager 1
interface port management 1
known ap add 00:30:5b:02:3b:9f
load-balancing window 5
wlan apgroup add EleShop Electronic Shop
logging buffered 2
macfilter add 00:0e:35:90:ee:85 0 management U1
macfilter add 00:17:23:06:54:54 0 management U2
macfilter add 00:17:23:06:59:4d 0 management U3
mesh client-access enable
mesh security rad-mac-filter disable
mesh security eap
mgmtuser add admin **** read-write
mobility group domain Mobility
mobility group member add 00:23:33:b2:c3:c0 172.16.5.1 Mobility
msglog level critical
network telnet enable
network broadcast enable
network mgmt-via-wireless enable
network fast-ssid-change enable
network rf-network-name none
radius auth add 1 172.16.7.12 1812 ascii ****
radius auth rfc3576 enable 1
radius auth retransmit-timeout 1 5
snmp version v2c enable
snmp version v3 enable
snmp trapreceiver create WCS 10.7.24.39
snmp trapreceiver mode enable WCS
syslog 172.16.7.12
sysname WLC1-T
trapflags 802.11-Security wepDecryptError disable
trapflags rrm-profile load disable
trapflags rrm-params tx-power disable
trapflags rogueap disable
wlan create 1 LTAIT LTAIT
wlan mac-filtering enable 1
wlan session-timeout 1 1800
wlan session-timeout 2 disable
wlan wmm allow 1
wlan wmm allow 2
wlan radius_server auth add 1 1
wlan radius_server acct disable 2
wlan security static-wep-key encryption 1 104 1
wlan security wpa disable 2
wlan security wpa wpa1 enable 1
wlan security wpa wpa1 ciphers tkip enable 1
wlan security wpa wpa2 disable 1
wlan dhcp_server 1 0.0.0.0 required required
wlan dhcp_server 2 0.0.0.0 required required
wlan enable 1
wlan enable 2

WLC2125: vlan issue

Best regards,
I need your help.
I have a WLC2125 configured and working with 4 LAPs.
Now, when I want to add a new SSID and asign to the respective vlan, I can't access to new vlan through layer 3.
My laptop can detect the new SSID but can't get ip address.
When I configure a static ip address in the laptop I can ping to defaul gateway.
From the WLC, I can ping to DHCP server and gateway of the new vlan
Also I created a new SSID & vlan and it works fine.
WLC version is 5.1.151
WLC connects to the Switch through 2 trunk ports.
There is a Core Router working as DHCP server.
The problem is with only vlan 12, other vlans work fine.
Why I can't access this vlan through wireless?
What do I have to do?
Please, someone can help me,
Thanks

Ok, this is the running-config:
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Tabla normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;
mso-fareast-language:EN-US;}
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac video tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac video tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
aaa auth mgmt local radius
Location Summary
Algorithm used:                 Average
Client
        RSSI expiry timeout:     5 sec
        Half life:               0 sec
        Notify Threshold:        0 db
ating Client
        RSSI expiry timeout:     5 sec
        Half life:               0 sec
Rogue AP
        RSSI expiry timeout:     5 sec
        Half life:               0 sec
        Notify Threshold:        0 db
RFID Tag
        RSSI expiry timeout:     5 sec
        Half life:               0 sec
        Notify Threshold:        0 db
location rssi-half-life tags 0
location rssi-half-life client 0
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
Cisco Public Safety is not allowed to set in this domain
ap syslog host global 255.255.255.255
country EC
local-auth method fast server-key 736563726574
interface create estudiantes 19
interface create empleados 194
interface create invitados 207
interface create investigadores 193
interface create test_vlan31 31
interface create wifi_invitados 12
interface address ap-manager 172.16.16.100 255.255.255.0 172.16.16.1
interface address dynamic-interface estudiantes 172.16.19.250 255.255.255.0 172.16.19.1
interface address management 172.16.16.10 255.255.255.0 172.16.16.1
interface address dynamic-interface empleados 172.16.194.19 255.255.255.0 172.16.194.1
interface address dynamic-interface invitados 172.31.12.19 255.255.255.0 172.31.12.1
interface address dynamic-interface investigadores 172.16.193.19 255.255.255.0 172.16.193.1
interface address dynamic-interface test_vlan31 172.31.16.50 255.255.240.0 172.31.16.1
interface address dynamic-interface wifi_invitados 172.31.32.50 255.255.240.0 172.31.32.1
interface address virtual 1.1.1.1
interface dhcp ap-manager primary 172.16.16.227
interface dhcp dynamic-interface estudiantes primary 172.16.19.1
interface dhcp management primary 172.16.16.227
interface dhcp dynamic-interface empleados primary 172.16.2.54
interface dhcp dynamic-interface invitados primary 172.31.12.1
interface dhcp dynamic-interface investigadores primary 172.16.2.54
interface dhcp dynamic-interface test_vlan31 primary 172.31.16.1
interface dhcp dynamic-interface wifi_invitados primary 172.31.32.1
interface vlan estudiantes 19
interface vlan empleados 194
interface vlan invitados 207
interface vlan prof_investigadores 193
interface vlan test_vlan31 31
interface vlan wifi_invitados 12
interface port ap-manager 1
interface port estudiantes 1
interface port management 1
interface port pydlos_empleados 1
interface port pydlos_invitados 1
interface port pydlos_prof_investigadores 1
interface port test_vlan31 1
interface port wifi_invitados 1
load-balancing window 5
wlan apgroup add m-estudiantes vlan 19 estudiantes m
wlan apgroup interface-mapping add m-estudiantes 1 estudiantes
wlan apgroup nac disable m-estudiantes 1
mesh security eap
mobility group domain RFMed
mobility dscp 0
network webmode enable
network telnet enable
network multicast mode multicast 0.0.0.0
network mgmt-via-dynamic-interface enable
network ap-priority disabled
network otap-mode disable
network rf-network-name RFMed
radius fallback-test mode off
radius fallback-test interval 300
rogue ap ssid alarm
rogue ap valid-client alarm
rogue adhoc enable
rogue adhoc alert
rogue ap rldp disable
snmp version v2c enable
snmp version v3 enable
wlan create 1 Med Med
wlan create 2 Empleados_Pydlos Empleados_Pydlos
wlan create 3 Pydlos_Invitados Pydlos_Invitados
wlan create 4 Pydlos_Academicos Pydlos_Academicos
wlan create 5 test_ucwifi test_ucwifi
wlan create 6 testvlan31 testvlan31
wlan nac disable 1
wlan nac disable 2
wlan nac disable 3
wlan nac disable 4
wlan nac disable 5
wlan nac disable 6
wlan interface 1 estudiantes
wlan interface 2 empleados
wlan interface 3 invitados
wlan interface 4 investigadores
wlan interface 5 wifi_invitados
wlan interface 6 test_vlan31
wlan radio 1 802.11g
wlan session-timeout 1 1800
wlan session-timeout 2 1800
wlan session-timeout 3 1800
wlan session-timeout 4 1800
wlan session-timeout 5 1800
wlan session-timeout 6 1800
wlan wmm allow 1
wlan wmm allow 2
wlan wmm allow 3
wlan wmm allow 4
wlan wmm allow 5
wlan wmm allow 6
wlan security wpa disable 1
wlan security wpa disable 3
wlan security wpa disable 5
wlan security wpa disable 6
wlan security static-wep-key encryption 1 104 1
wlan security static-wep-key encryption 2 104 1
wlan security static-wep-key encryption 4 104 1
wlan security static-wep-key encryption 6 104 1
wlan security wpa akm 802.1x disable 1
wlan security wpa akm psk enable 1
wlan security wpa akm 802.1x disable 2
wlan security wpa akm psk enable 2
wlan security wpa akm 802.1x disable 4
wlan security wpa akm psk enable 4
wlan security wpa akm ft reassociation-time 20 1
wlan security wpa akm ft over-the-air enable 1
wlan security wpa akm ft over-the-ds enable 1
wlan security wpa akm ft reassociation-time 20 2
wlan security wpa akm ft over-the-air enable 2
wlan security wpa akm ft over-the-ds enable 2
wlan security wpa akm ft reassociation-time 20 3
wlan security wpa akm ft over-the-air enable 3
wlan security wpa akm ft over-the-ds enable 3
wlan security wpa akm ft reassociation-time 20 4
wlan security wpa akm ft over-the-air enable 4
wlan security wpa akm ft over-the-ds enable 4
wlan security wpa akm ft reassociation-time 20 5
wlan security wpa akm ft over-the-air enable 5
wlan security wpa akm ft over-the-ds enable 5
wlan security wpa akm ft reassociation-time 20 6
wlan security wpa akm ft over-the-air enable 6
wlan security wpa akm ft over-the-ds enable 6
wlan security wpa wpa1 enable 4
wlan security wpa wpa1 ciphers tkip enable 2
wlan security wpa wpa1 ciphers tkip enable 4
wlan security wpa wpa2 ciphers aes disable 2
wlan security wpa wpa2 ciphers tkip enable 2
wlan security wpa wpa2 ciphers aes disable 4
wlan security wpa wpa2 ciphers tkip enable 4
wlan enable 1
wlan enable 2
wlan enable 3
wlan enable 4
wlan enable 5
wlan enable 6

ISE 1.1 - switch ignores "Session-Timeout"

hi all,
I'm playing around with ISE guest service and have some difficulty with Time Profiles.
After guest logs in, Radius attributes are sent to the switch (3750G) one of them is Session-Timeout which should be similar to 1h (DefaultOneHour)
According to ISE logs and switch debugs, ISE did it well and this attribute was sent but it seems that the switch simply ignores it.
May 24 07:03:11.658: %SEC-6-IPACCESSLOGP: list ACL-DEFAULT denied udp 10.1.100.194(1029) -> 10.1.100.2(389), 1 packet19:46:57: RADIUS: COA received from id 36 10.1.100.6:64700, CoA Request, len 18319:46:57: RADIUS/DECODE: parse unknown cisco vsa "reauthenticate-type" - IGNORE19:46:57: RADIUS/ENCODE(00000000):Orig. component type = Invalid19:46:57: RADIUS(00000000): sending19:46:57: RADIUS(00000000): Send CoA Ack Response to 10.1.100.6:64700 id 36, len 3819:46:57: RADIUS: authenticator 0B 30 6E 9B DF 97 0D A0 - D9 8B A5 5A 11 39 3E 4119:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   11 42 82 E2 52 68 DF 28 CD 43 AE 88 0C 5D 91 10            [ BRh(C]]19:46:57: RADIUS/ENCODE(00000026):Orig. component type = Dot1X19:46:57: RADIUS(00000026): Config NAS IP: 0.0.0.019:46:57: RADIUS(00000026): Config NAS IPv6: ::19:46:57: RADIUS/ENCODE(00000026): acct_session_id: 2719:46:57: RADIUS(00000026): sending19:46:57: RADIUS/ENCODE: Best Local IP-Address 10.1.100.1 for Radius-Server 10.1.100.619:46:57: RADIUS(00000026): Send Access-Request to 10.1.100.6:1812 id 1645/25, len 26719:46:57: RADIUS: authenticator 6D 92 DC 77 87 47 DA 8E - 7D 6B DD DD 18 BE DC 3319:46:57: RADIUS: User-Name           [1]   14 "0016d329042f"19:46:57: RADIUS: User-Password       [2]   18 *19:46:57: RADIUS: Service-Type        [6]   6   Call Check                [10]19:46:57: RADIUS: Vendor, Cisco       [26] 31 19:46:57: RADIUS:   Cisco AVpair       [1]   25 "service-type=Call Check"19:46:57: RADIUS: Framed-IP-Address   [8]   6   10.1.100.194 19:46:57: RADIUS: Framed-MTU          [12] 6   1500 19:46:57: RADIUS: Called-Station-Id   [30] 19 "00-24-F9-2D-83-87"19:46:57: RADIUS: Calling-Station-Id [31] 19 "00-16-D3-29-04-2F"19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   AD EB 99 4A F2 B9 4E BB 2E B3 E2 04 BE 5B 0C 72             [ JN.[r]19:46:57: RADIUS: EAP-Key-Name        [102] 2   *19:46:57: RADIUS: Vendor, Cisco       [26] 49 19:46:57: RADIUS:   Cisco AVpair       [1]   43 "audit-session-id=0A01280100000016043E0D23"19:46:57: RADIUS: NAS-Port-Type       [61] 6   Ethernet                  [15]19:46:57: RADIUS: NAS-Port            [5]   6   50107 19:46:57: RADIUS: NAS-Port-Id         [87] 22 "GigabitEthernet1/0/7"19:46:57: RADIUS: Called-Station-Id   [30] 19 "00-24-F9-2D-83-87"19:46:57: RADIUS: NAS-IP-Address      [4]   6   10.1.100.1 19:46:57: RADIUS(00000026): Sending a IPv4 Radius Packet19:46:57: RADIUS(00000026): Started 5 sec timeout19:46:57: RADIUS: Received from id 1645/25 10.1.100.6:1812, Access-Accept, len 27219:46:57: RADIUS: authenticator F1 5F 57 72 FD 80 95 20 - 46 47 B5 CE DF 63 6E 1A19:46:57: RADIUS: User-Name           [1]   19 "[email protected]"19:46:57: RADIUS: State               [24] 40 19:46:57: RADIUS:   52 65 61 75 74 68 53 65 73 73 69 6F 6E 3A 30 41 [ReauthSession:0A]19:46:57: RADIUS:   30 31 32 38 30 31 30 30 30 30 30 30 31 36 30 34 [0128010000001604]19:46:57: RADIUS:   33 45 30 44 32 33            [ 3E0D23]19:46:57: RADIUS: Class               [25] 49 19:46:57: RADIUS:   43 41 43 53 3A 30 41 30 31 32 38 30 31 30 30 30 [CACS:0A012801000]19:46:57: RADIUS:   30 30 30 31 36 30 34 33 45 30 44 32 33 3A 69 73 [00016043E0D23:is]19:46:57: RADIUS:   65 2F 31 32 34 30 33 36 37 39 31 2F 32 39 37   [ e/124036791/297]19:46:57: RADIUS: Session-Timeout     [27] 6   2940 19:46:57: RADIUS: Termination-Action [29] 6   0 19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   26 46 2C B6 75 95 AF 37 E6 3B B1 CB F2 70 E0 8D           [ &F,u7;p]19:46:57: RADIUS: Vendor, Cisco       [26] 72 19:46:57: RADIUS:   Cisco AVpair       [1]   66 "ACS:CiscoSecure-Defined-ACL=#ACSACL#-IP-Contractors-ACL-4fbcd736"19:46:57: RADIUS: Vendor, Cisco       [26] 42 19:46:57: RADIUS:   Cisco AVpair       [1]   36 "profile-name=Microsoft-Workstation"19:46:57: RADIUS(00000026): Received from id 1645/2519:46:57: RADIUS/DECODE: parse unknown cisco vsa "profile-name" - IGNOREMay 24 07:03:19.132: %MAB-5-SUCCESS: Authentication successful for client (0016.d329.042f) on Interface Gi1/0/7 AuditSessionID 0A01280100000016043E0D23May 24 07:03:19.132: %AUTHMGR-7-RESULT: Authentication result 'success' from 'mab' for client (0016.d329.042f) on Interface Gi1/0/7 AuditSessionID 0A01280100000016043E0D23May 24 07:03:19.140: %EPM-6-POLICY_REQ: IP 10.1.100.194| MAC 0016.d329.042f| AuditSessionID 0A01280100000016043E0D23| AUTHTYPE DOT1X| EVENT APPLYMay 24 07:03:19.165: %EPM-6-AAA: POLICY xACSACLx-IP-Contractors-ACL-4fbcd736| EVENT DOWNLOAD-REQUEST19:46:57: RADIUS/ENCODE(00000000):Orig. component type = Invalid19:46:57: RADIUS(00000000): Config NAS IP: 0.0.0.019:46:57: RADIUS(00000000): sending19:46:57: RADIUS/ENCODE: Best Local IP-Address 10.1.100.1 for Radius-Server 10.1.100.619:46:57: RADIUS(00000000): Send Access-Request to 10.1.100.6:1812 id 1645/26, len 14419:46:57: RADIUS: authenticator 1A 52 18 C5 25 A7 5C DC - 29 C9 5C 7C C5 B3 FC 5819:46:57: RADIUS: NAS-IP-Address      [4]   6   10.1.100.1 19:46:57: RADIUS: User-Name           [1]   38 "#ACSACL#-IP-Contractors-ACL-4fbcd736"19:46:57: RADIUS: Vendor, Cisco       [26] 32 19:46:57: RADIUS:   Cisco AVpair       [1]   26 "aaa:service=ip_admission"19:46:57: RADIUS: Vendor, Cisco       [26] 30 19:46:57: RADIUS:   Cisco AVpair       [1]   24 "aaa:event=acl-download"19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   2B 6B 13 37 0D 25 11 E9 6A 56 35 D8 91 9F EF F0           [ +k7?jV5]19:46:57: RADIUS(00000000): Sending a IPv4 Radius Packet19:46:57: RADIUS(00000000): Started 5 sec timeoutMay 24 07:03:19.191: %SEC-6-IPACCESSLOGP: list ACL-DEFAULT denied tcp 10.1.100.194(2125) -> 10.1.100.6(8443), 1 packet19:46:57: RADIUS: Received from id 1645/26 10.1.100.6:1812, Access-Accept, len 35919:46:57: RADIUS: authenticator 31 B0 73 93 CA 0E 5C 7C - 11 29 AA 57 6C A1 53 D819:46:57: RADIUS: User-Name           [1]   38 "#ACSACL#-IP-Contractors-ACL-4fbcd736"19:46:57: RADIUS: State               [24] 40 19:46:57: RADIUS:   52 65 61 75 74 68 53 65 73 73 69 6F 6E 3A 30 61 [ReauthSession:0a]19:46:57: RADIUS:   30 31 36 34 30 36 30 30 30 30 30 30 35 44 34 46 [0164060000005D4F]19:46:57: RADIUS:   42 44 44 44 33 37            [ BDDD37]19:46:57: RADIUS: Class               [25] 49 19:46:57: RADIUS:   43 41 43 53 3A 30 61 30 31 36 34 30 36 30 30 30 [CACS:0a016406000]19:46:57: RADIUS:   30 30 30 35 44 34 46 42 44 44 44 33 37 3A 69 73 [0005D4FBDDD37:is]19:46:57: RADIUS:   65 2F 31 32 34 30 33 36 37 39 31 2F 32 39 38   [ e/124036791/298]19:46:57: RADIUS: Termination-Action [29] 6   1 19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   80 EF 5B 80 76 F1 C9 37 0B 25 34 37 10 57 CC 44          [ [v7?47WD]19:46:57: RADIUS: Vendor, Cisco       [26] 47 19:46:57: RADIUS:   Cisco AVpair       [1]   41 "ip:inacl#1=permit udp any any eq domain"19:46:57: RADIUS: Vendor, Cisco SW3750-1# [26] 48 19:46:57: RADIUS:   Cisco AVpair       [1]   42 "ip:inacl#2=permit ip any host 10.1.100.6"19:46:57: RADIUS: Vendor, Cisco       [26] 57 19:46:57: RADIUS:   Cisco AVpair       [1]   51 "ip:inacl#3=deny ip any 10.0.0.0 0.255.255.255 log"19:46:57: RADIUS: Vendor, Cisco       [26] 36 19:46:57: RADIUS:   Cisco AVpair       [1]   30 "ip:inacl#4=permit ip any any"19:46:57: RADIUS(00000000): Received from id 1645/26May 24 07:03:19.216: %EPM-6-AAA: POLICY xACSACLx-IP-Contractors-ACSW3750-1#SW3750-1#SW3750-1#L-4fbcd736| EVENT DOWNLOAD-SUCCESSMay 24 07:03:19.216: %EPM-6-POLICY_APP_SUCCESS: IP 10.1.100.194| MAC 0016.d329.042f| AuditSessionID 0A01280100000016043E0D23| AUTHTYPE DOT1X| POLICY_TYPE Named ACL| POLICY_NAME xACSACLx-IP-Contractors-ACL-4fbcd736| RESULT SUCCESSMay 24 07:03:20.147: %AUTHMGR-5-SUCCESS: Authorization succeeded for client (0016.d329.042f) on Interface Gi1/0/7 AuditSessionID 0A01280100000016043E0D2319:46:58: RADIUS/ENCODE(00000026):Orig. component type = Dot1X19:46:58: RADIUS(00000026SW3750-1#SW3750-1#SW3750-1#SW3750-1#): Config NAS IP: 0.0.0.019:46:58: RADIUS(00000026): Config NAS IPv6: ::19:46:58: RADIUS/ENCODE: Best Local IP-Address 10.1.100.1 for Radius-Server 10.1.100.619:46:58: RADIUS(00000026): Sending a IPv4 Radius Packet19:46:58: RADIUS(00000026): Started 5 sec timeout19:46:58: RADIUS: Received from id 1646/35 10.1.100.6:1813, Accounting-response, len 38SW3750-1#
SW3750-1#sh authe sess int g 1/0/7 Interface: GigabitEthernet1/0/7 MAC Address: 0016.d329.042f IP Address: 10.1.100.194 User-Name: [email protected] Status: Authz Success Domain: DATA Security Policy: Should Secure Security Status: Unsecure Oper host mode: multi-auth Oper control dir: both Authorized By: Authentication Server Vlan Group: N/A ACS ACL: xACSACLx-IP-Contractors-ACL-4fbcd736 Session timeout: N/A Idle timeout: N/A Common Session ID: 0A01280100000016043E0D23 Acct Session ID: 0x0000001B Handle: 0x2F000017Runnable methods list: Method   State mab      Authc Success dot1x    Not runSW3750-1#
Has anyone encountered similar thing?
I tried 12.2(58) and now Im testing
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 15.0(1)SE2, RELEASE SOFTWARE (fc3)
but in both cases it is similar.
regards
Przemek

Hi Sebastian,
thx a lot those 2 commands solved the issue, my mistake. Now I can see remaining time for the session
SW3750-1#sh auth sess int g1/0/7 Interface: GigabitEthernet1/0/7 MAC Address: 0016.d329.042f IP Address: 10.1.100.194 User-Name: [email protected] Status: Authz Success Domain: DATA Security Policy: Should Secure Security Status: Unsecure Oper host mode: multi-auth Oper control dir: both Authorized By: Authentication Server Vlan Group: N/A ACS ACL: xACSACLx-IP-Contractors-ACL-4fbcd736 Session timeout: 28800s (server), Remaining: 28780s Timeout action: Terminate Idle timeout: N/A Common Session ID: 0A012801000000221DE0F555 Acct Session ID: 0x0000002B Handle: 0x99000023Runnable methods list: Method   State mab      Authc Success dot1x    Not run
regards
Przemek

TACACS+ timeout value ignored

I'm running ACS 3.3. I have a bunch of Catalyst 3550 and 3560 switches, some running IOS 12.1(19)EA1c and others running IOS 12.2(20)SE1.
All are configured for TACACS+ as follows:
aaa new-model
aaa authentication login default group tacacs+ line
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ if-authenticated none
aaa authorization commands 15 default group tacacs+ if-authenticated none
aaa accounting exec default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting system default stop-only group tacacs+
tacacs-server host 10.1.1.1
tacacs-server timeout 2
tacacs-server directed-request
tacacs-server key CISCO
All works fine however the "timeout" value above seems to be ignored on switches running 12.2(20)SE1. It should be that if the TACACS+ server (10.1.1.1) goes down, the switch will fall back to using local authentication after 2 secs. However, it seems to be fixed at 30 secs.
Note that it works fine on 12.1(19)EA1c but always seems fixed at 30 secs on 12.2(20)SE1. This makes it really annoying when TACACS+ is unavailable and you're trying to configure a switch, especially if you're doing command authorization.
Wondering if anyone else has this problem and whether Cisco is aware of it?
Thanks.
PAUL G.

You are possibly running into CSCed76124 - Tacacs-server timeout value ignored. I guess you will need to track it for a workaround or consider using another IOS version not affected with this defect.

AppFabric 1.1 with Windows 7 losing or abandone sessions and ignore the timeout settings

Hi,
We have a enterprise financial web solution using aspx and AppFabric 1.1 and we have an issue with Sessions as the get abandoned or appFabric is ignoring the timeout settings.
I tried almost everything: use sql and xml configuration, deactivate firewalls, ensure all sessions are set to 20 minutes expirations. We have the appFabric settings on the web.config and our project is multilayer but sessions are mainly
created/consumed at the web project level..
We use AppFabric 1.1 with Sql Server 2008R2 over a Windows7 x64 environment.
I also tried all the options using powerShell command: get-command -module DistributedCacheAdministration, I increased the TTL to 38 mins but still nothing makes any difference. Sessions are lost between ~~ 5 to 10 minutes no matter if
you are playing with the solution or you left aside..
Please help. I really appreciate any suggestion, idea, recommendation..
Hernan Bogantes
Florida.

Note the provider type in AF 1.1 is
type="Microsoft.Web.DistributedCache.DistributedCacheSessionStateStoreProvider,Microsoft.Web.DistributedCache"
which is different from the type in 1.0:
type="Microsoft.ApplicationServer.Caching.DataCacheSessionStoreProvider"
https://msdn.microsoft.com/en-us/library/hh361709(v=azure.10).aspx

Ignore voice commands / Speech Recognition Server timeout

I'm fairly new to AppleScript but I've found it really entertaining and gloriously simple to pick up so far. I've been using it mostly to make my own speakable items for the Mac's voice control, and I've managed to write some basic things like voice commands to set/change volume and brightness. My goal at this point is to be able to do the majority of things I want to do on my computer by voice only. Sue me - I just rewatched Iron Man and I really wish I had a JARVIS system right now.
This means that the computer must always be listening for commands (I have set it to 'listen continuously with keyword', and set the keyword as 'optional before commands'). It defeats the purpose if I have to walk over and hit a key to start listening for commands. At the same time, I don't want to have to speak a keyword, because I will invariably forget to do so and it's also an added hassle (especially when I have several commands to say - I don't want to have to say the keyword before each command).
You might have an idea of where this is going. Obviously, if the computer is always listening, it will pick up on normal conversation and try to interpret it.
I could just deactivate voice commands when I'm not using it, but as I said earlier, I don't want to have to either hit a key or say a keyword. In other words, I want to be able to activate and deactivate voice commands by voice. Deactivating is easy. Activating is what presents an interesting problem, because if it's deactivated, how will it hear my reactivation command?
Thus, the first part of my question: is there a way - any way at all - to get voice commands to ignore commands until given some keyword, short of literally changing its settings to listen for a keyword before the command?
I decided to try to use speech recognition. This must, I think, be involved in some way, because as I said earlier, this presents the unique problem of having voice commands deactivated yet still able to recognise the reactivation command. I had noticed that while the computer is listening for a specific command, it ignores anything that isn't what it is listening for. I tried to use this to my advantage and wrote a script to listen for a reactivation command; until the reactivation command was given, the computer would ignore everything else. The problem is that the speech recognition server times out after two minutes. I have tried to increase this, but to no avail (see below for my attempts).
Thus, the second part of my question: assuming there is no other answer to my first question, is there a way to get speech recognition to listen indefinitely?
Here are the two things I tried to make the timeout last longer, specifically for five minutes (300 seconds) in both cases. Neither worked; both timed out after 120 seconds.
tell application "SpeechRecognitionServer"
set userinput to listen for {"resume voice commands"} giving up after 300
end tell
and
with timeout of 300 seconds
set userinput to listen for {"resume voice commands"}
end timeout

UPDATE: I have since come up with an alternate solution. I created two speakable items, one for 'deactivation' and one for 'activation'. The deactivation command uses UI scripting to set voice commands to 'keyword required' mode (i.e. the keyword is required before each command); the activation command simply sets it back to 'keyword optional' mode.
I figure that as long as I choose a keyword that's unique enough that it (and things that sound like it) won't come up too often in conversation, the computer will ignore anything I say once I activate the keyword requirement. Then, I only need to say the keyword once along with the reactivation command to bring it out of this 'ignore commands' state.
In a way, this is actually better, because it allows me to continue to use voice commands if I really need to, as opposed to having to say the reactivation command to get my computer to listen to me, saying my intended command, and then saying the deactivation command to make it ignore me again.
All the same, if anyone has answers to any of my two original questions, please don't hesitate to share your knowledge! It might come in handy later!

Bug: tcp open ignores timeout

If it cannot connect it gives error 56: timeout after ~20 secs regardless of timeout input.
LV 2010 SP1
/Y
LabVIEW 8.2 - 2014
"Only dead fish swim downstream" - "My life for Kudos!" - "Dumb people repeat old mistakes - smart ones create new ones."
G# - Free award winning reference based OOP for LV
Solved!
Go to Solution.

Correction: It ignores values larger than 20-ish seconds, it then timeouts at ~20 secs.
The default 60000 timeouts at 20 secs, changing to 120000 makes no difference.
/Y
LabVIEW 8.2 - 2014
"Only dead fish swim downstream" - "My life for Kudos!" - "Dumb people repeat old mistakes - smart ones create new ones."
G# - Free award winning reference based OOP for LV

PriorityProcessor's timeout ignored

Similar Messages

Maybe you are looking for