Problem add CAS in CAM NAC 4.7 SSL certificate

Similar Messages

• Problem to configure Blink Pro (App). Error SSL certificate verification error (PJSIP_TLS_ECERTVERIF) (503)

  Problem to configure Blink Pro (App). Error SSL certificate verification error (PJSIP_TLS_ECERTVERIF) (503)

  Hi, William
  My question is if you can help me and support me to configure the Blink Pro App, I have a Mac Book Air, OS X 10.9.1.
  hope for your answer

• NAC SSL certificate Issue

  I recently applied a signed certificate to both the CAM and CAS. ever since then I have been having problems with the system. In the perfigo logs on the CAM I receive a lot of messages with "Certificate chaining error" in them. My question is what is the best way to roll back the signed certificates to the self signed ones? Any other suggestions would be greatly appreciated.
  Thanks in advance.

  Hi Giles,
  Thanks for te update. The problem I am facing is:-I have 2 SSL certificates on my ACE and I have also configured 2 server farms (farm1 and farm2)each associated with ssl certificate, now the problem i am facing is when we access the farm2 serverfarm we are issued the certificate of farm1 wereas i need to be getting the certificate from the farm2.
  Thanks in advance.
  Regards
  Sum

• NAC Unable to add CAS server in the CAM manager

  Hi,
  We are facing the issue with adding CAS server in the CAM manager. While Adding CAS server to CAM manager ; we are getting Failed to add server: Could not connect to 172.22.105.13 error on the CAM manager.
  FYI, We have added CAS server certificate on CAM and viceversa. My CAS and CAM server is working in HA mode. 
  Also We are getting following error on the CAM manager. 
    SSL Communication 2014-07-30 14:16:17 SSLFilter:access deniedCN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:No trusted certificate found 
    SSL Communication 2014-07-30 14:16:17 SSLManager: client's certificate chain verification failed CN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:No trusted certificate found 
    SSL Communication 2014-07-30 14:15:57 SSLManager: client's certificate chain verification failed CN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:No trusted certificate found 
    SSL Communication 2014-07-30 14:15:57 SSLFilter:access deniedCN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:No trusted certificate found 
    SSL Communication 2014-07-30 14:15:37 SSLManager: client's certificate chain verification failed CN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:No trusted certificate found 
    SSL Communication 2014-07-30 14:15:37 SSLFilter:access deniedCN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:No trusted certificate found 
    SSL Communication 2014-07-30 14:15:17 SSLManager: client's certificate chain verification failed CN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:Certificate signature validation failed 
    SSL Communication 2014-07-30 14:15:17 SSLFilter:access deniedCN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:Certificate signature validation failed 
    SSL Communication 2014-07-30 14:14:57 SSLManager: client's certificate chain verification failed CN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:Certificate signature validation failed 
    SSL Communication 2014-07-30 14:14:57 SSLFilter:access deniedCN=172.22.105.11, OU=IT, O=XYZ, L=ABC, ST=UAE, C=AE:Certificate signature validation failed

  Fix Certificate Errors on the CAM/CAS:
  http://www.cisco.com/c/en/us/support/docs/security/nac-appliance-clean-access/107909-416CertFix.html

• Problem SSO between VPN and NAC

  Hello
  Description of our problem : SSO doesn't work
  -on the first connexion from vpn client we insert two time the login and password :one time for the client vpn and the seconde time for CAA (clean Access agent).
  -although for the other connexion that succeed, we insert only one time the login and password (for vpn only) and for CAA the connexion is done automatiquely and a some hours later we reinsert two times login and password for vpn and CAA.
  The following steps are done to configure Cisco NAC Appliance to work with a VPN concentrator:
  Step 1 Add Default Login Page =ok
  Step 2 Configure User Roles and Clean Access Requirements for your VPN users =ok
  Step 3 Enable L3 Support on the CAS = ok
  Step 4 Verify Discovery Host =ok (CAS IP ADDRESS 192.168.2.11)
  Step 5 Add VPN Concentrator to Clean Access Server =ok (ASA IP ADDRESS 192.168.2.1)
  Step 6 Make CAS the RADIUS Accounting Server for VPN Concentrator =ok
  Step 7 Add Accounting Servers to the CAS (accounting server is CAM IP ADDRESS 192.168.20.10)
  Step 8 Map VPN Concentrator(s) to Accounting Server(s)=ok
  Step 9 Add VPN Concentrator as a Floating Device =ok
  Step 10 Configure Single Sign-On (SSO) on the CAS/CAM =ok
  the database for vpn authentication is cisco secure acs(192.168.1.30).
  Tanks to any anybody to give us a possible solution.
  FILALI Saad
  Ares Maroc

  Hi
  I have just gone the the same issues with SSO VPN with my CAS in real-ip mode.
  First thing to consider, when your testing, every time you test a user, make sure you go into the CAS or CAM and remove them as a certified device or active user before you perform your next test. I found that while I was testing that it would sometimes cache the user and I was getting successful auth attempts but due to their device being already accepted on a previous connection because the CAS was not made aware that the user had logged out correctly.
  1. Make sure you have a fully functional DNS system on the inside network, I didnt realize how important it was to have forward and reverse look ups for your CAS and CAM. Make sure that all CAS and cams are listed in dns with correct domain names.
  This in very important if your running your own CA certificates on cas and cam. Make sure that the CAM and CAS can resolve each other via dns. Make sure the CAM and CAS can perform reverse lookups of each other. Also make sure that when the user VPN's into your ASA that they can also perform DNS lookups and reverse lookups. If they cant perform dns look ups, you may need to temporarily allow the untrusted network full access while you resolve the DNS lookup problem on the client computer. One of the issues I had was that the VPN clients couldnt resolve internal DNS names and so the CCA agent would never auto pop-up and start the auto login process because it was trying to resolve the CAM name and also check that the CA certificate I had on the CAS was legitimate as I had used names in my certs and not IP addresses.
  2. Make sure your VPN group settings on the IPSEC policy of the ASA has DNS pointing to your internal DNS server.
  3. I know you already said you have done this but check to make sure that the VPN group setup on your ASA for your remote access users, has been setup with the radius accounting being directed the INSIDE interface IP address of your CAS, (if you are running your CAS in real-ip, I found that the inside interface was the only interface listening on 1813, do a 'netstat -an' on the cas to check) if your running in VGW mode then you only have 1 ip address to direct it to anyway.
  Follow from step 15 in following link
  http://www.cisco.com/en/US/products/ps6128/products_configuration_example09186a008074d641.shtml
  3. Troubleshoot and make sure that the ASA actually sends a radius accounting message to the CAS. I did this by ssh into the CAS and doing a 'tcpdump -i any src and not tcp 22'. I then logged into the VPN client and made sure that once I entered my vpn user and pass, that the ASA authenticates the vpn user and then passes a radius accounting message to the CAS informing the CAS it has allowed a new user. If you dont see this radius accounting message hit the CAS interface go back to my step 3 and resolve.
  4. Finally check that you have not mistyped a shared secret somwhere, ie between CAM and ACS, Between ASA and ACS, Between ASA and CAS. I had all my users authenticate though radius on my ACS server, a number of times I got caught out by a simple typo in a shared secret.
  Try these things first.
  Also someone else here on the forums linked this guide to me that also helped me setup my CAS correctly.
  http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/412/cas/s_vpncon.html
  You may find it useful too.
  Dale

• I have problems when using the camera on my iPhone 4S (the same for my daughter with a iPhone4) A veil around the blurred photo, a development impossible and completely unable to read the bar code or QR code. What to do?

  I have problems when using the camera on my iPhone 4S (the same for my daughter with a iPhone4)
  A veil around the blurred photo, a development impossible and completely unable to read the bar code or QR code. What to do?

  Sounds kind of stupid, but check to make sure that your iphone case cover is not blocking the edge of the camera lens.  I had a silicone case on my 3S and when it got older, it started tot slip and the edges of my pictures were blurred.

• While trying to restore os x and erase content, some problem about voice software came up and the computer asked me to restart and try again by clicking restart button. When I did this, the machine went to a gray start up screen and will not progress.

  While trying to restore os x and erase content on my MacBook pro, some problem about voice software came up and the computer asked me to restart and try again by clicking restart button. When I did this, the machine went to a gray start up screen with an apple and will not progress. I've waited more than 30 minutes and tried restarting again by holding the power button. Also, restore cd 1 will not eject so the computer will no longer move past the gray screen with spinning circle. Restore CDs had never beeused and were still in packaging in the original box. Ran hardware test just to check, and it came back as normal. Now what? I live nowhere near a genius bar :(

  computer asked me to restart and try again by clicking restart button.
  That's called a kernel panic...
  Since the install disc won't eject, try starting up while holding down the C key. If the Mac won't boot while holding down the C key, try ejecting disc by either holding down the mouse while starting up or holding down the Eject key while starting up.
  Try booting from your install disc so you can run Disk Utility in case the startup disk needs repairing.
  Insert your install disk and Restart, holding down the "C" key until grey Apple appears.
  Go to Installer menu and launch Disk Utility.
  (In Mac OS X 10.4 or later, you must select your language first from the installer menu)
  Select your HDD (manufacturer ID) in the left panel.
  Select First Aid in the Main panel.
  (Check S.M.A.R.T Status of HDD at the bottom of right panel. It should say: Verified)
  Click Repair Disk on the bottom right.
  If DU reports disk does not need repairs quit DU and restart.
  If DU reports errors Repair again and again until DU reports disk is repaired.
  When you are finished with DU, from the Menu Bar, select Utilities/Startup Manager.
  Select your startup disk and click Restart
  While you have the Disk Utility window open, look at the bottom of the window. Where you see Capacity and Available. Make sure there is always 15% free space.
  What is a kernel panic
  Mac OS X Kernel Panic FAQ
  Resolving Kernel Panics

• I have a problem with my 4s camera which has come up recently. Everytime I take a picture and look it up via the 'Photos' app, it shows as blank. But when I click on edit on the blank picture, it comes up and I am able to save it back on my photo album.

  I have a problem with my 4s camera which has come up recently. Everytime I take a picture and look it up via the 'Photos' app, it shows as blank. But when I click on edit on the blank picture, it comes up and I am able to save it back on my photo album as a proper image. Besides, I have also experiences the camera working a bit wiered (slow and often blanks out the moment I am ready to take a photo). Any help on this pls?

  Hi Noob Søren
  There are a few things that are confusing in your question.
  As far as I know, you dont have to install Time Machine on this OS as it is already installed for you. You only need to connect a hard drive to your computer via firewire or usb, click on the Time Machine icon, Open Time Machine Preference in the drop down menu and select a disk: your connected hard drive.
  You can of course reformat this connected device, partition it into a few volumes to organise data if you so wish.
  I find it strange that your mac's hard drive is divided into two volumes... perhaps this was created through bootcamp?
  You can access the configuration of your hd through Applications/Utilities/Disk Utilities.
  Clicking on one of the icons on the right hand panel will bring the details of the contents of your hardDrive and volumes. From there you can decide to erase a partition, reformat etc....
  If your hd contains more than one volume, and one of them is empty, you could decide to remove it. Back up all your important data before doing so.
  Hope this helps
  WN

• Using iMovie 7.1.4 on an iMac w/ Snow Leopard; HD video imported with a Firewire cable transfers fine, but audio arrives with major static; problem persists w/ different cameras

  Using iMovie 7.1.4 on an iMac w/ Snow Leopard; HD video imported with a Firewire cable transfers fine, but audio arrives with major static; problem persists w/ different cameras & Firewire cables; source DV tape has no audfio static.

  I forgot to write down my computer specs:
  iMac 27 Mid 2011
  2.7 GHz Intel Core i5
  4 GB 1333 MHz DDR3
  AMD Radeon HD 6770M 512 MB
  OS X 10.9.2

• I am trying to connect my Sony DCR-TRV350 to iMovie so that I can make DVD's from family videos.  I am having problems getting the video camera connected.  Any advice on how to do this?

  I am trying to connect my Sony DCR-TRV350 to iMovie so that I can make DVD's from family videos.  I am having problems getting the video camera connected.  Any advice on how to do this?

  What happens when, after you connect your cam, you go to File > Import Media?
  But before that, does your cam require you to export your video files upon USB connection? I have a JVC Everio HD and I have to "Export to Library" from the cam's menu first-thing. This was true even in prior iMovie versions.

• How to add a wifi camera to photo stream

  How to add a wifi camera to photo stream

  You can't. Photostream requires an iOS device.
  iPhoto menu -> Provide iPhoto Feedback for feature requests.

• Im facing problem with my back camera.it's keep on hanging

  PLease help me fix my problem regarding my back camera because it keeps on hanging.please help solve this problem.

  Try:
  - Reset the iOS device. Nothing will be lost
  Reset iOS device: Hold down the On/Off button and the Home button at the same time for at
  least ten seconds, until the Apple logo appears.
  - Reset all settings      
  Go to Settings > General > Reset and tap Reset All Settings.
  All your preferences and settings are reset. Information (such as contacts and calendars) and media (such as songs and videos) aren’t affected.
  - Restore from backup. See:                                 
  iOS: How to back up           
  - Restore to factory settings/new iOS device.
  If still problem, make an appointment at the Genius Bar of an Apple store since it appears you have a hardware problem.
  Apple Retail Store - Genius Bar          
  If the iPod is defective and not abused Apple will exchange your iPod for a refurbished one at no cost

• I have got problem with my pc-cam 950 slim

  I have got problem with my pc-cam 950 slim. When I press the power button, the busy light goes on for seconds then it is shut down again so the camera doesn't work. Please help me with this problem. I tried to connect it to my PC put it didn't work either.
  Thank you for taking the time to help me.

  Originally Posted by Colin-CL
  Hi,
  Have you checked that you have put in brand new 2 x AAA batteries?
  Connecting it to your PC will allow you to use it as a mass storage device after installing the relevant operating system (Microsoft
  hi,
  Yes, I put two new batteries
  When connected to the computer nothing happens
  What can be done to reset it?
  By replaced capacitor problem can be solved?

• Problem with the back camera in iPhone 4 (Black Shadow)

  Hi, I have a problem with the back camera. When turned on I can see a black shadow on one side and when I take the photo, appears in all the photos.
  I searched on the Internet to resolve this problem but I haven't been successful. A friend told me that maybe it is dirt that was introduced into the cover but I don't think It's true.
  The iPhone haven't dropped me for some quite time and don't crashing.
  Look here is a photo to show you how the black shadow looks like:
  Please, anyone know what the problem can be?

  It certainly does work.
  Basic troubleshooting from the User's Guide is reset, restart, restore (first from backup then as new).  Try each of these in order until the issue is resolved.

• Problems with the front camera on iPhone 4

  Hey, guys. Just faced a problem with the front camera on my iPhone 4. So, when it's enabled this thing is on screen and all the pictures taken on it also has it:
  http://bit.ly/epZypp
  I've never dropped the phone, it isn't jailbroken or unlocked, it was bought in Britain but using in Russia, the firmware is 4.2.1.
  So, guys, can you help me?

  Have you tried resetting your phone by holding down the sleep/wake button and the home button at the same time until the phone restarts?