Remote Mesh AP with Centralized Controller

Need help to clarify this technical requirement. we are in the midst of designing a wireless Mesh AP solution for our customer.
Customer Requirement:-
1. Customer wants to deploy REmote MEsh APs (1500 Series) with a centralized 4404 Controller at HQ site.
2. The Remote and HQ site is linked thru a leased line with 2 routers in between
Based on cisco's document REAP and HREAP is not supported in LWAPP Mesh APs. So if the Mesh APs were to be deployed at Remote sites (3 total). How this be achieved?
Your input would be very much appreciated.
Thanks.

Well since the mesh AP's don't support h-reap, you would have to run them like local mode AP's. So depending on your WAN connection/bandwidth you can possible achieve this. Currently the mesh isn't designed or remote site wireless, since there is no h-reap function, but you can get it to work if you have a good wan connection.
Sent from Cisco Technical Support iPhone App

Similar Messages

  • 802.11a Mesh Outdoors with 5500 controller

    Hi
    I am working on a project that will involve 5500 controllers managing 1260 series N rate A/Ps. There may be a requirement for MESH but my previous experience using Motorola 802.11a radios is that random, intermittent radio detections resulted in the MESH network having to keep re-forming resulting in less than 100% availability.
    What's peoples experience in the UK is 802.11a outdoors?
    Ideally i would prefer to use 2.4GHz and repeater access points for those areas not serviced with data connection but I cant find any info' so far on how whether the 5500 controller is able to manage repeater access points.
    Any guidance or experiences much appreciated
    Steve               

    I don't live or have done work in the UK so can't answer your first question, but for your other question... The wlc does not manage any APs configured as a repeater.
    Sent from Cisco Technical Support iPhone App

  • Cannot turn off Central Controller B

    Hello,
    I have the following issue:
    When I turn off Central Controler B, CG1A and CTIOS1 on sideA are IDLE.
    When I turn on Router B and Logger B, they become ACTIVE and agents can login normally.
    What could be the problem?
    Thanks,
    Justine.

    ccagent process on the PG will maintain an Active connection with one  side of the central controller and an idle connection with other side  of the central controller.
    It looks like your PG's have a problem to failover to A  side central controller when  B side is turned off. Either of your PG is not able to establish an active connection with A side central controller hence the  CG's  see that the Central controller as Offline and not able to go active. When B side is turned ON PG A establish an Active  connection with  central controller B so the ctisvr and ctios on A side seems to go active.
    When B side router is off check  the health of your A side central controller specially the mds is inservice and able to see all the PG's
    Check your pgagent process on the PG's to see if they are able to establish proper connection with the central controllers, when B is turned off check if PG's realign with A side central controller.
    Hope this helps to isolate the issue.
    Shirish.

  • Remote LAP registration with controller at Main office

    WLC 5508 is installed at our main office and we want to install LAP at our remote location.
    confusion is that how Remote LAP is register with main office controller?

    No need to bring to Mumbai.
    There are 2 ways: Either bring it to mumbai or keep in ahemdabad.
    Bring to Mumbai then:
     Priming the AP with a Controller and Configure H-REAP
    If you want the AP to discover a controller from a remote network where CAPWAP discovery mechanisms are not available, you can use priming. This method enables you to specify the controller to which the AP should connect.
    In order to prime an H-REAP-capable AP, connect the AP to the wired network at the main office. During its boot up, the H-REAP-capable AP first looks for an IP address for itself. Once it acquires an IP address through a DHCP server, it boots up and looks for a controller to perform the registration process.
    Keep in Ahemdabad:
    Read the HREAP Controller discovery section: DHCP option 43 is the only solution.
    http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/71250-h-reap-design-deploy.html
    Regards
    Dont forget to rate helpful posts

  • Remote not working with MBP lid closed

    My MBP OSX 10.8.2 is plugged in using the charger and connected via an HDMI adapter to my TV.  Apparently, the MBP will work in clamshell mode only if connected to a display and connected to a
    The Apple TV remote controller works fine if the lid is open at a distance of 15 feet.  Once the lid is closed, however, the remote controller stops working.  It was working fine previously.  The remote works fine with other appliances and applications, such as Apple TV as well as the MBP when the lid is open, so I believe the batteries are fine.
    Any help would be most appreciated.  Thank you.

    What does it do when you connect it back up and turn it on, what screen do you get etc.

  • Linking expressions to central Controller

    I'm trying to link up my expressions to one central Controller layer so that that one expression is shared across all objects in my project which require it.
    I have "// Controller" composition with "Expression_Source (tK-logo_anim)" text layer. Its source text expression is set to my desired expression:
    sourceLayer = comp("Killers logo (test)").layer("tK-logo_anim_mask");
    sampleSize = [1,1];
    samplePoint = transform.position;
    color = sourceLayer.sampleImage(samplePoint,sampleSize);
    x=color[0]*100;
    [x,x]
    Now, another composition includes a shape layer with its Transform Expression: Scale set to:
    eval(comp("// Controller").layer("Expression_Source (tK-logo_anim)").text.sourceText.toString())
    But when I try to hit enter on this line of code I get error: expression result must be of dimension 2, not 1
    What am I doing incorrectly? The expression works when inserted manually into the Scale property but not when I try to link to it...
    Thanks

    I was able to resolve it.
    I have placed my code by adding expression to Source Text (option-click on the stopwatch icon). Instead it should've been placed right into the composition art area by right clicking Source Text and then Edit Value

  • Can you use Multi Factor Authentication server with Central NPS and RD Gateway?

    Hi,
    Does anyone have any experience getting the Azure Multi-Factor Authentication (MFA) on-premise server, working with a Remote Desktop Gateway server, and a centralised NPS server?  I can get a solution whereby a user can get the second token (phone call/sms
    etc.) but the connection never gets established.  It looks like its looping as it repeats the phone call/text for a second time but again no connection.  I can’t figure out why.
    All the blogs are very vague as to whether you can combine a new MFA NPS connection policy with an existing username/group membership NPS policy on a centralised NPS server (with RAP/CAP policies).
    I need to understand whether we can combine both an MFA Radius policy with a Username/Password plus group membership NPS policy together to achieve two factor authentication.
    Do you have the Remote Desktop Gateway Server connect to the Central NPS server and then the NPS server use the MFA server as its proxy server? In effect turning the NPS server into a proxy Radius server?  
    Or do you configure the Remote Desktop Gateway server to use the MFA server as the proxy Radius server, and configure the MFA server to send on Radius requests to the central NPS server?
    Or either of these scenarios not supported and you can only use the MFA server as the only Radius server in the auth. process? (bypassing NPS policies?)
    Thanks if someone can assist,
    I’ve been using these blogs but to no successful effect:
    http://technet.microsoft.com/en-us/library/dn394287.aspx
    http://www.rdsgurus.com/uncategorized/step-by-step-using-windows-server-2012-r2-rd-gateway-with-azure-multifactor-authentication/
    http://dave.harris.uno/installing-and-configuring-azure-multi-factor-authentication-mfa/

    Hi Michael,
    Thank you for posting in Windows Server Forum.
    After going through your description, I can say that we can use MFA server with central NPS and RD Gateway. Also the link which you have provided points the step to apply. In addition you can refer below article.
    Configure Remote Desktop Gateway to use Multi-Factor AuthenticationConfigure Remote Desktop Gateway to use Multi-Factor Authentication 
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    TechNet Community Support

  • Enterprise Wireless Mesh License needed for controller and AP's?

    If I have a 2112 WLAN Controller and 7 1240AG AP's what licensing do I need to purchase to enable enterprise wireless mesh? Do I need to get the license for the controller (AIR-AP-LIC-M-12)? A license for each AP? Both? Thanks for any replies!

    Hi Andy,
    You only require the Mesh license for the Controller not for the individual AP's :)
    Solution
    The Cisco EWM license is required for wireless mesh deployments for the indoor access point platforms, including the Cisco Aironet 1130 and 1240 Series. For the Cisco Aironet 1500 Series, these licenses are not required. These EWM licenses are required for all the WLAN controllers when mesh indoor acess points are associated with the controller. Each WLAN controller has a corresponding EWM license. The license entitles the user to configure as many mesh indoor access points as the controller allows.
    The license SKUs are as follows:
    • AIR-AP-LIC-RTU=, Cisco Advanced Feature License
    • AIR-AP-LIC-M-6, Cisco Advanced Enterprise Wireless Mesh, 6-AP Controller
    • ***AIR-AP-LIC-M-12, Cisco Advanced Enterprise Wireless Mesh, 12-AP Controller
    • AIR-AP-LIC-M-25, Cisco Advanced Enterprise Wireless Mesh, 25-AP Controller
    • AIR-AP-LIC-M-50, Cisco Advanced Enterprise Wireless Mesh, 50-AP Controller
    • AIR-AP-LIC-M-100, Cisco Advanced Enterprise Wireless Mesh, 100-AP Controller
    • AIR-AP-LIC-M-300, Cisco Advanced Enterprise Wireless Mesh, 300-AP Controller
    Cisco Enterprise Wireless Mesh Licensing and Ordering Guide
    http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns348/ns767/ordering_guide_c07-482365_ps6521_Products_Brochure.html
    Hope this helps!
    Rob

  • Need to get wireless remote to work with Flash Presentation... HELP!!!

    I know almost nothing about Flash or Powerpoint.  I was given a Flash presentation I need that I'd like to show at meetings using my new wireless remote, but I can't get it to move forward & backward between slides (works fine using arrow keys on the laptop keyboard - Windows XP Pro).  The remote works fine with Powerpoint presentations, so I know the remote is ok.  Is there some setting/command I need to allow my Flash presentation to work with my remote, or do I need a special remote?  I already talked to the remote tech support (Keyspan/TrippLite) and they were totally unfamiliar wirh Flash and simply said that their unit works with Powerpoint as advertised, which was true, but they couldn't help me with Flash presentations.  Can anyone out there help me??  Thanks very much!

    Ok, I'm officially retarded.  I followed the link you gave me, which led to another link about fullscreening (a .zip file) which I decompressed and ran then escaped out of it.  I then looked at the gobbledygook programming language code and I found where it said "trapallkeys" but still haven't the slightest idea how to get my remote to work.  Is there some utility file which I can run which already has this "trapallkeys" function compiled into a nice simple executable that I can run prior to or in conjunction with my Flash presentation which will let my wireless remote controller flip through my slides?  I'm sorry, but please don't expect me to understand what...
    package
    import flash.display.Sprite;
    import flash.display.StageDisplayState;
    import flash.display.StageScaleMode;
    import flash.events.KeyboardEvent;
    import flash.events.MouseEvent;
    import flash.ui.Keyboard;
    import flash.system.fscommand;
    public class FullscreenDemo extends Sprite
    public function FullscreenDemo():void
    fscommand("trapallkeys", "true");
    stage.showDefaultContextMenu = false;
    stage.displayState = StageDisplayState.FULL_SCREEN;
    stage.scaleMode = StageScaleMode.SHOW_ALL;
    stage.addEventListener(KeyboardEvent.KEY_DOWN, onStage_KEY_DOWN);
    quitScreen_mc.visible = false;
    quitScreen_mc.yesBtn_mc.addEventListener(MouseEvent.CLICK, onQuitYes_CLICK);
    quitScreen_mc.noBtn_mc.addEventListener(MouseEvent.CLICK, onQuitNo_CLICK);
    quitScreen_mc.yesBtn_mc.buttonMode = true;
    quitScreen_mc.noBtn_mc.buttonMode = true;
    function onStage_KEY_DOWN(evt:KeyboardEvent):void {
    if (evt.keyCode == Keyboard.ESCAPE) {
    quitScreen_mc.visible = true;
    function onQuitYes_CLICK(evt:MouseEvent):void {
    fscommand("quit");
    function onQuitNo_CLICK(evt:MouseEvent):void {
    quitScreen_mc.visible = false;
    means.  That may be all I need to solve my problem, but it's in a language I just don't understand.  Could you or somebody out there please break this down for a newbie??  Thanks very much!   :-)   :-)

  • Remote not working with Apple TV

    My Apple remote stopped working with my Apple TV the other day. The light on the Apple TV does flash as buttons are pressed, but nothing happens. I tried to pair the Apple remote, nothing. I tried to pair my Macbook remote, nothing. I have even pulled the plug a let it sit for a day before plugging it back in. I have recently upgraded to iTunes 7.3.
    Thanks

    What does it do when you connect it back up and turn it on, what screen do you get etc.

  • Remote access VPN with ASA 5510 using DHCP server

    Hi,
    Can someone please share your knowledge to help me find why I am not able to receive an IP address on remote access VPN connection while I can get an IP address on local DHCP pool?
    I am trying to setup remote access VPN with ASA 5510. It works with local dhcp pool but doesn't seem to work when I tried using an existing DHCP server. It is being tested in an internal network as follows:
    ASA Version 8.2(5)
    interface Ethernet0/1
    nameif inside
    security-level 100
    ip address 10.6.0.12 255.255.254.0
    ip local pool testpool 10.6.240.150-10.6.240.159 mask 255.255.248.0 !(worked with this)
    route inside 0.0.0.0 0.0.0.0 10.6.0.1 1
    crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map dyn1 1 set transform-set FirstSet
    crypto map mymap 1 ipsec-isakmp dynamic dyn1
    crypto map mymap interface inside
    crypto isakmp enable inside
    crypto isakmp policy 1
      authentication pre-share
      encryption 3des
      hash sha
      group 2
      lifetime 43200
    vpn-addr-assign aaa
    vpn-addr-assign dhcp
    group-policy testgroup internal
    group-policy testgroup attributes
    dhcp-network-scope 10.6.192.1
    ipsec-udp enable
    ipsec-udp-port 10000
    username testlay password *********** encrypted
    tunnel-group testgroup type remote-access
    tunnel-group testgroup general-attributes
    default-group-policy testgroup
    dhcp-server 10.6.20.3
    tunnel-group testgroup ipsec-attributes
    pre-shared-key *****
    I got following output when I test connect to ASA with Cisco VPN client 5.0
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDO
    4024 bytesR copied in 3.41 0 secs (1341 by(tes/sec)13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 853
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing SA payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ke payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ISA_KE payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing nonce payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received xauth V6 VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received DPD VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Fragmentation VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, IKE Peer included IKE fragmentation capability flags:  Main Mode:        True  Aggressive Mode:  False
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received NAT-Traversal ver 02 VID
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Cisco Unity client VID
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, Connection landed on tunnel_group testgroup
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing IKE SA payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, IKE SA Proposal # 1, Transform # 9 acceptable  Matches global IKE entry # 1
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ISAKMP SA payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ke payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing nonce payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Generating keys for Responder...
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing hash payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Cisco Unity VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing xauth V6 VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing dpd vid payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Traversal VID ver 02 payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Fragmentation VID + extended capabilities payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 440
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing hash payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing notify payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Received Cisco Unity client VID
    Jan 16 15:39:21 [IKEv1]: Group = testgroup, I
    [OK]
    kens-mgmt-012# P = 10.15.200.108, Automatic NAT Detection Status:     Remote end is NOT behind a NAT device     This   end is NOT behind a NAT device
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing blank hash payload
    Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing qm hash payload
    Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72
    Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 87
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, process_attr(): Enter!
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing MODE_CFG Reply attributes.
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary DNS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary DNS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary WINS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary WINS = cleared
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: IP Compression = disabled
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Split Tunneling Policy = Disabled
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Setting = no-modify
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Bypass Local = disable
    Jan 16 15:39:26 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, User (testlay) authenticated.
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
    Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64
    Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 60
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
    Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg ACK attributes
    Jan 16 15:39:27 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=49ae1bb8) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 182
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg Request attributes
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 address!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 net mask!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DNS server address!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for WINS server address!
    Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Received unsupported transaction mode attribute: 5
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Banner!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Save PW setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Default Domain Name!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split Tunnel List!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split DNS!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for PFS setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Browser Proxy Setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for backup ip-sec peer list!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Smartcard Removal Disconnect Setting!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Application Version!
    Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Client Type: WinNT  Client Application Version: 5.0.07.0440
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for FWTYPE!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DHCP hostname for DDNS is: DEC20128!
    Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for UDP Port!
    Jan 16 15:39:32 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected.  No last packet to retransmit.
    Jan 16 15:39:37 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=b04e830f) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 84
    Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing hash payload
    Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing notify payload
    Jan 16 15:39:37 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected.  No last packet to retransmit.
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE received response of type [] to a request from the IP address utility
    Jan 16 15:39:39 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Cannot obtain an IP address for remote peer
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE TM V6 FSM error history (struct &0xd8030048)  <state>, <event>:  TM_DONE, EV_ERROR-->TM_BLD_REPLY, EV_IP_FAIL-->TM_BLD_REPLY, NullEvent-->TM_BLD_REPLY, EV_GET_IP-->TM_BLD_REPLY, EV_NEED_IP-->TM_WAIT_REQ, EV_PROC_MSG-->TM_WAIT_REQ, EV_HASH_OK-->TM_WAIT_REQ, NullEvent
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE AM Responder FSM error history (struct &0xd82b6740)  <state>, <event>:  AM_DONE, EV_ERROR-->AM_TM_INIT_MODECFG_V6H, EV_TM_FAIL-->AM_TM_INIT_MODECFG_V6H, NullEvent-->AM_TM_INIT_MODECFG, EV_WAIT-->AM_TM_INIT_XAUTH_V6H, EV_CHECK_QM_MSG-->AM_TM_INIT_XAUTH_V6H, EV_TM_XAUTH_OK-->AM_TM_INIT_XAUTH_V6H, NullEvent-->AM_TM_INIT_XAUTH_V6H, EV_ACTIVATE_NEW_SA
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE SA AM:bd3a9a4b terminating:  flags 0x0945c001, refcnt 0, tuncnt 0
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, sending delete/delete with reason message
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing IKE delete payload
    Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
    Jan 16 15:39:39 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=9de30522) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
    Regards,
    Lay

    For RADIUS you need a aaa-server-definition:
    aaa-server NPS-RADIUS protocol radius
    aaa-server NPS-RADIUS (inside) host 10.10.18.12
      key *****   
      authentication-port 1812
      accounting-port 1813
    and tell your tunnel-group to ask that server:
    tunnel-group VPN general-attributes
      authentication-server-group NPS-RADIUS LOCAL
    Don't stop after you've improved your network! Improve the world by lending money to the working poor:
    http://www.kiva.org/invitedby/karsteni

  • Windows Server 2008 R2: Server unable to authenticate with Domain Controller

    Hello, I was wondering what could be the reason for this error if it is certain that there was no other computer on the network using the same name:
    This computer could not authenticate with<Domain-controller>, a Windows domain controller for domain <Domain-name>, and therefore this computer might deny logon requests. This
    inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. 
    What would cause the machine account pw to be 'not recognized'?

    You can track changes in AD by enabling AD Auditing: https://technet.microsoft.com/en-us/library/cc731764%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
    As reading the logs is usually a complicated and time consuming task, it is recommended to use a third party tool for auditing. The one I usually recommend is Lepide Auditor - Active Directory: http://www.lepide.com/lepideauditor/active-directory.html
    This posting is provided AS IS with no warranties or guarantees , and confers no rights.
    Ahmed MALEK
    My Website Link
    My Linkedin Profile
    My MVP Profile

  • How to config a new remote on apple tv (first generation). I have lost my remote which came with the apple tv

    How to config a new remote on apple tv (first generation). I have lost my remote which came with the apple tv.

    Do you mean you've replaced your remote and it wont work because your AppleTV is paired to your lost remote?
    If so, http://support.apple.com/kb/HT1555 has you covered.

  • How can I access my parents iCloud account remotely to assist with photo management and printing?

    How can I access my parents iCloud account remotely to assist with photo management and printing?

    I tried that without any luck. I was hoping I could get Apple to reset it for me or delete the account so I could recreate it or at least tell me what is listed as my birth date, the security question answer.

  • Apple Remote stopped working with Lion on iMac

    My white Apple Remote does not work with Lion on my iMac 2.4ghz Core 2 Duo anymore.
    I'm sure it was working recently as I was able to control the volume on my RadioShark application.  Now that doesn't work anymore and I can't seem to get the remote to work with anything. 
    I've tried restarting my iMac, swapping the remote's battery, and using another remote but still no success.  The only response I get is from the remote's 'Menu' button which, when pressed, toggles between two graphics on screen - one a four-way arrow indicator with a centre button, and the other what appears to be a Forward/Back, Centre button with corner indications for Expand/Shrink.
    I've tried the 'Pair' option but pressing 'Menu' and 'Fast Forward' does nothing on screen - no sign of the chain-link 'Paired' symbol. Neither of the white remotes I tried is 'Paired' with the iMac.
    It seems I must have done something to cause this but can't think of any change I made that could be responsible.  I know Front Row is no longer accessible in Lion, but is there any other app I could test my remote on?  Any kind of hardware reset needed? (unlikely, I know, with two separate remotes showing the problem).
    Anyone have any ideas?
    Thanks.

    I'm replying to my own question because my remotes are working again.
    I'm not sure what I did to fix the issue, but I tried shutting down all open applications (I remembered that by default Lion re-opens with everything as it was).  And shortly afterwards I got full functionality back for my Apple Remote.
    I'm not sure what caused the issue.  I did install Easy Timeline, which I'd downloaded today from the Mac App Store.  It has Apple Remote functionality, so I'm not sure if it was in some way implicated.  It's working now with my remote, as is iTunes, and RadioShark.
    Weird!

Maybe you are looking for