Setting up a network syslog server
I am trying to move my syslog server (which captures my router logs) from a Slackware Linux box to my OS X machine. I have had good luck except for one small detail. Every time *periodic daily* runs syslogd stops accepting the UDP syslog packets that the router is sending.
I have updated com.apple.syslogd.plist to be:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.syslogd</string>
<key>ServiceDescription</key>
<string>Apple System Log Daemon</string>
<key>OnDemand</key>
<false/>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/syslogd</string>
<string>-u</string>
</array>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>
The only thing I changed was to add "<string>-u</string>" to turn on the UDP listener. And it works, too. Except that at 03:14 every morning periodic does a +kill -HUP+ to the daemon and, for some unknown reason, this turns off the UDP listener.
If I do a full kill to syslogd, which results in a new task completely, it starts with the listener running.
If I do a +ps -A|grep syslogd+ I do see the "-u" in the command even if the listener isn't listening.
I think it might be a bug in the -HUP handler in the syslogd code but I don't know the right place to post the question other than here.
For the forum: is anyone else running syslogd and collecting network log traffic? If you are then do you experience the same problem? I know I can work around the problem by putting in a local daily kill and I probably will but I shouldn't have to should I?
Any thoughts would be appreciated.
Bill W
No, but the servers have been hiccuping lately. When that occurs, I usually quit the browser, relaunch it, empty/delete the cache, and log back in. That seems to clear things up.
Similar Messages
-
Very new user needs help setting up a three user network plus server
Hi,
I'm an owner/manager of a recruitment company in the UK and we use three mac minis in our office to run our recruitment software (on a filemaker database) internet, mail and MS Office 2008.
We currently use one of the mini's as a 'server' in so much that it has a external HDD attached and shared across the network. We use Airport Extreme to share the internet.
Although to begin with this set up has served us well the amount of data travelling across the network and the prospect of a couple of new employees starting has made me think it's time to invest in a network and server of some description.
With my very limited knowledge i'm proposing the following but would greatly appreciate some assistance from the forum users!
Install OSX 10.5.3 Server on one of the Mac Minis
Get an ethernet switch and cable the three minis together
Use the external HDD as a time machine backup and store all files on the 'server' HDD
Continue to use the Airport Extreme to share the internet over airport.
I have a couple of questions:
Can the Server computer still be used as a desktop or do we need to buy a new mini
Does this set up make the airport base station redundant
As we grow I would envisage enlisting the help of a specialist Mac IT support company but in the mean time any help would be greatly appreciated.
Thank you again in advance.I would get something better specified than a mini to be my Mac OS X based server, and although you can run it as a desktop I wouldnt advise it.
You ought to go out and buy the book Mac OS X Server 10.5 Essentials - The only Apple-certified book on Mac OS X Server - which Ive found to be a godsend of a book in getting Leopard Server going. Make sure you get the 10.5 version. Im in the UK and got it from Foyles in London.
Your approach is fine, but Leopard Server isnt as plug and go as the rest of Apples products. In particular it just doesnt function correctly if you do not have working DNS before you start. Period. If you dont understand DNS in your office or If having read the book you find its too technical you might be better off buying a no-brand Network File Store/Disk or even a Time Capsule from Apple if its mainly shared disk space that you need.
Angus -
a tech company just set up a wifi network in my house and does not use my existing TC; how do I get it in the network to serve as backup for my iMac? (I don't need it as a wifi access point anymore) thanks
Just bridge the TC and plug it by ethernet into the main router.
Bridge in v5 airport utility.
In v6 it is under network.. change it from DHCP and NAT to Off bridge mode.
Turn off the wireless. -
Setting up Network Address Server Settings (Static IP)
To be abundantly clear, I do not want to change my Internet Connection Type - its dynamic and will stay that way. I'm not paying my ISP (Time Warner Cable - RoadRunner in NYC) for a static IP address.
I am changing my network address server settigns to disable DHCP, and hopefully assign static IPs to the various comps/devices in my home network. For various reasons (mostly security/ease of use) it would be handy to know my desktop/media center is always (for example) 192.168.1.101, my laptop is always 192.168.1.102, xbox is always...etc etc.
I have DHCP under network address server settings, and attempted to change TCP/IP protocol of my adapters in the comps to static IP (instead of obtain one automatically). I followed the WRT54G router manual whilst doing this. So I inputted the IP for each comp I want to use, 255.255.255.0 for a subnet mask, and the default gateway (in the example, it would be 192.168.1.1, though I want to use a different internal IP address for my network as a security precaution). Now it also wants primary and alternate DNS. TimeWarner won't tell me this information. They say they tell my router it (since its DHCP) and it changes. So...if I want static IP addresses for the devices in my network, I need my router to have a static ip address externally? that means I pay more. Or have I got it wrong? Please advise. I know I could check the router's status page and grab the two DNS servers its currently using, but then when my router's IP and DNSs change due to the internet connection being dynamic, I'd have to go change all the devices in the network (PITA!!). Thank you for your help.Most ISPs don't actually change their DNSs only the internet IP adress... you can try grabbing those DNS 1 & 2 and set it to your PC. try checking if those will change for verification.
If not, then for primary DNS, use 192.168.1.1 (equivalent for your router so whatever the DNS your router will use, it will just route it. but it doesnt always work), for the alternate DNS: you can use 4.2.2.1 or 4.2.2.2
"a helping hand in a community makes the world a universe" -
How to log successful logins to a syslog server in NX-OS
Does anyone know how to do this in NX-OS? I do it in IOS with the following commands:
login on-failure log
login on-success log
logging x.x.x.x
With that I get a syslog message that I can then log to a file to track who has logged into which device and when. But I can't find the syntax to do the same thing in the Nexus switches that we have. Does anyone know what the equivalent commands are?
Thanks,
BenHi Ben,
By default, failed logins are logged.
You can checked the log using:
show logging logfile | last 15
and for every logging failed (by default) you will get something like this:
2012 Dec 18 14:51:08 Nexus5010-B %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication
failed for user en from 2.2.2.1 - login
To get the success-login to show up in the logs we need to increase the level of the authpriv to 5 (it is 3 by default), and doing this will add a new log for failed or succesful connections.
Use the following command:
Nexus5010-A(config)# logging level authpriv 5
You can check loggin levels by using:
#show logging level
After you do this with the logging level you will see in the log something like this when a succesful login takes place:
2005 Jan 6 03:29:48 Nexus5010-A %AUTHPRIV-5-SYSTEM_MSG: admin :TTY=unknown
; PWD=/var/sysmgr/vsh ; USER=root ; COMMAND=/usr/bin/strings/proc/18340/environ
- sudo
Now for a failed login and after increasing the authpriv level you will see the following logs:
2005 Jan 6 03:31:36 Nexus5010-A %AUTHPRIV-4-SYSTEM_MSG: pam_unix(aaa:auth):check pass; user unknown - aaad
2005 Jan 6 03:31:36 Nexus5010-A %AUTHPRIV-5-SYSTEM_MSG: pam_unix(aaa:auth):
aut
hentication failure; logname= uid=0 euid=0 tty= ruser= rhost= - aaad
For logging *****
Nexus7018(config)# logging ?
console Set console logging
event Interface events
ip IP configuration
level Facility parameter for syslog messages
logfile Set File logging
message Interface events
module Set module(linecard) logging
monitor Set terminal line(monitor) logging level
origin-id Enable origin information for Remote Syslog Server
server Enable forwarding to Remote Syslog Server
source-interface Enable Source-Interface for Remote Syslog Server
timestamp Set logging timestamp granularity
You can use logging source-interface ....
Thanks-
Afroz
***Ratings Encourages Contributors **** -
How do I set up a local testing server?
Hey again everyone. I am trying to figure out how to set up a local testing server. I've read a couple different tutorials online and i still can't figure it out. I added a new server, named it test server, I'm connecting using local/network, my server folder is C:\Users\Jake\Website\testfolder, and my web URL is http://localhost/. My server model is PHP/MySQL.
My site's root folder is C:\Users\Jake\Website\. I have also downloaded XXAMP. It downloaded and that was it though, I'm not sure if I need to apply it somehow to Dreamweaver. When I try to preview my pages I get a message that asks me if I want to update copy on testing server. If I choose yes, another message comes up and asks me if I want to put dependent files. Whether I choose yes or no it just says IE cannot display the web page.
Any help would be appreciated, thanks!Site Name: PHP Test Site
Local Site Folder: C:\xampp\htdocs\php_test\
Server Name: Local Testing
Connect Using: Local/Network
Server Folder: C:\xampp\htdocs\php_test
Default Images Folder: C:\xampp\htdocs\php_test\Images\
Web URL: http://localhost/php_test/Server Model: PHP MySQL
Is that everything you need to know? Note that I do not have a remote testing site set up yet. -
How do I set up a network hard disk so I can restart my MacBook from it?
I have a 2TB Freecom XS Network hard disk, and I want to be able to restart my MacBook from it with my current OS, Leopard 10.5.8, when I have upgraded the OS on the MacBook to Snow Leopard 10.6.3 [as a possible precursor to Mavericks or even Yosemite]. The problem is that the MacBook doesn't recognise the XS as a network disk: the XS has been assigned an IP number, and I can mount it as a server volume, and I have copied all the system folders/files onto it, but that is no use if the system doesn't recognise it as a network disk for a restart [I've tried]. The system/library/users/applications folders are in a Macintosh HD folder as on the MacBook, but this folder is inside a root folder named PUBLIC: could this be part of the problem? I thought I might be able to reinstal the OS on the network disk using the original system installation discs, but after restarting the MacBook as instructed, the network disk isn't recognised as a destination for installing the OS. I don't want to instal Snow Leopard on the MacBook before I'm sure I can reboot it with Leopard, using the network disk.
Hi BDAqua.
Thank you for your reply. I don't know how much what I omitted to disclose in my original post might affect what you've told me, but I have a wireless network set up with a 500GB Time Capsule, to which a broadband router and another backup disk [1TB, daisy-chained to the TC] are connected. Given the difficulty I had initially, setting up the network [mainly because of my ineptitude where comms are concerned], I didn't want to risk connecting the Freecom drive to the TC, in case it changed the network settings [or worse, disrupt my internet access], and I haven't done it hitherto. I did try connecting the ethernet cable to the wireless router however, with neutral results: still possible to manually mount the drive as a server, and it shows in the Network folder in my MacBook's root folder.
Further to an email from Freecom's support department [effectively just a request for part number, proof of purchase, etc.], I followed their suggestion and tried connecting the drive to the MacBook using the USB 2 cable, and the drive showed up in the device section of the Finder window sidebar, but I would guess that this option wouldn't enable the drive to function as a boot drive either? Also, unless I'm mistaken, USB offers much slower data transfer speeds than Gigabit Ethernet? I'm hoping I've not dropped a monumental bollock, because I'm positive from my pre-purchase research that Gigabit Ethernet is faster than FireWire or USB2, which is why I chose this drive over cheaper USB drives [like the 1TB Western Digital drive daisy-chained to the TC]; or am I mistaken?
To get back to your answer though, I don't dispute what you say, because I'm sure I'm much less of an expert than you might be, but I would nevertheless like to be able to boot up from the Freecom drive, if a way to do that is possible, even if it means biting the bullet and connecting it to the Time Capsule [assuming that this will work: can you advise?], without needing to investigate and purchase additional kit. I've had a scan of the forum, and I've seen a few suggestions which mention cloning, but I don't know how this works: I presume I'd have to buy the appropriate app for that? Your answer seems to suggest installing the new OS onto an external drive [although, worryingly, you don't mention Ethernet as an option] using cloning, so I'd be grateful if you could explain that.
I just hope that my desire to save the cost of a newer Mac of some description, be it new or refurbished, but giving me the newest OS possible on the MacBook [Yosemite, I'm guessing], doesn't end up costing me something uncomfortably similar, cumulatively.
Any practical and reasonably-priced suggestions welcome and considered! Thanks again -
Setting up local web test server
Hi All,
Apologies if this should go in installation and setup but here goes.
Running 10.3.9.
Httpd running
MySQL server running
PHP enabled
I'm trying to set up a local testing server on my G4 powerbook so I can do my mods and just occasionally ftp up the code, say, once a week.
I've started personal web sharing and can access my local site's index page ok (i.e. http://mymachine.local/~me/website/ ). That's all fine.
But I've installed the oscommerce app under my web directory and unless I have a connection toi the net then it just doesn't want to know.
So calling up " http://mymachine/local/~me/website/catalog/index " gives me a nothing if I don't have an internet connection.
I think I have set everything up as I should to have a local testing server for web apps :- Personal web sharing enabled, MySQL sorted, PHP sorted.
Does anyone know what I might need to do further or perhaps point me in the right direction?
Much appreciated.Try using http://localhost/local/~me/website/catalog/index . It may be that your original link doesn't work because your machine is trying to look up the IP-address of "mymachine" using DNS, and that won't work if you're off-line; "localhost" is a synonym for "127.0.0.1", which is the "loopback address" -- it always means your own machine. No DNS lookup required, no real network interface required, so it should work whether you're on-line or not.
-
A few questions about setting up a network drive
Hello,
I have been trying setup a private server on my home network. I have a Netgear WNDR 3800 and have been trying to hook up my 2TB external drive to the router.
I have been trying to decide how I want to format the drive, and how many partitions I should use.
The reason I have a 2TB drive is because I needed a work space to create a image of a corrupt 500GB drive. The 500GB drive had my entire digital life on it, and it was almost lost. I dont want to encounter the same issue with a 2TB drive because at that point I feel like any issues would make it difficult for me to recover the data due to work space size issues. This is why I am thinking about using several partitions, but I am not sure what issues this might present.
As far as format goes; the router says it supports read/write with FAT 16/32, NTFS, EXT 2/3, and I know it works with HFS. Here are the things that I am trying to do with the drive. (in order of importance)
Use it as a Time Machine backup location for 1 possible more MBP's
As a media sever to stream downloaded movies and music to A/V reciever (Pioneer VSX-822) and possibly other devices on the network
Act as a temporary storage location to swap files between devices or operating systems
If possible not keep media on my computer and stream it from the network drive when I am home
And, thats all I can think of right now. If there is something else useful I am missing that would need special attention in setting up a network drive let me know.
So, I have had no problems getting the drive to connect and show up on the network when I use HFS. I have also been able to get multiple partitions to show up; been able to back up to different partitions; including time machine on one partition.
So here is where I am running into problems; the router bios allows you to enable a media sever. I believe the router tries to do something with DLNA. DLNA I believe allows for a similar functions to airplay and cloud for basically all compatible non apple products. I dont care if I use DLNA, or Airplay. I just want to be able to access my music library over the network without having to have my computer open, or my iphone on me..ect.
So I was wondering if anyone could help me out, or if there are any articles I should look at that I might have missed while I have been researching.
Edit: I am sorry if this is posted in the wrong section, I figured the best people to ask about filesystem compatability and ease of use was going to be the System software sectionHello,
I have been trying setup a private server on my home network. I have a Netgear WNDR 3800 and have been trying to hook up my 2TB external drive to the router.
I have been trying to decide how I want to format the drive, and how many partitions I should use.
The reason I have a 2TB drive is because I needed a work space to create a image of a corrupt 500GB drive. The 500GB drive had my entire digital life on it, and it was almost lost. I dont want to encounter the same issue with a 2TB drive because at that point I feel like any issues would make it difficult for me to recover the data due to work space size issues. This is why I am thinking about using several partitions, but I am not sure what issues this might present.
As far as format goes; the router says it supports read/write with FAT 16/32, NTFS, EXT 2/3, and I know it works with HFS. Here are the things that I am trying to do with the drive. (in order of importance)
Use it as a Time Machine backup location for 1 possible more MBP's
As a media sever to stream downloaded movies and music to A/V reciever (Pioneer VSX-822) and possibly other devices on the network
Act as a temporary storage location to swap files between devices or operating systems
If possible not keep media on my computer and stream it from the network drive when I am home
And, thats all I can think of right now. If there is something else useful I am missing that would need special attention in setting up a network drive let me know.
So, I have had no problems getting the drive to connect and show up on the network when I use HFS. I have also been able to get multiple partitions to show up; been able to back up to different partitions; including time machine on one partition.
So here is where I am running into problems; the router bios allows you to enable a media sever. I believe the router tries to do something with DLNA. DLNA I believe allows for a similar functions to airplay and cloud for basically all compatible non apple products. I dont care if I use DLNA, or Airplay. I just want to be able to access my music library over the network without having to have my computer open, or my iphone on me..ect.
So I was wondering if anyone could help me out, or if there are any articles I should look at that I might have missed while I have been researching.
Edit: I am sorry if this is posted in the wrong section, I figured the best people to ask about filesystem compatability and ease of use was going to be the System software section -
(Request for:) Best practices for setting up a new Windows Server 2012 r2 Hyper-V Virtualized AD DC
Could you please share your best practices for setting up a new Windows Server 2012 r2 Hyper-V Virtualized AD DC, that will be running on a new WinSrv 2012 r2 host server. (This
will be for a brand new network setup, new forest, domain, etc.)
Specifically, your best practices regarding:
the sizing of non virtual and virtual volumes/partitions/drives,
the use of sysvol, logs, & data volumes/drives on hosts & guests,
RAID levels for the host and the guest(s),
IDE vs SCSI and drivers both non virtual and virtual and the booting there of,
disk caching settings on both host and guests.
Thanks so much for any information you can share.A bit of non essential additional info:
We are small to midrange school district who, after close to 20 years on Novell networks, have decided to design and create a new Microsoft network and migrate all of our data and services
over to the new infrastructure . We are planning on rolling out 2012 r2 servers with as much Hyper-v virtualization as possible.
During the last few weeks we have been able to find most of the information we need to undergo this project, and most of the information was pretty solid with little ambiguity, except for
information regarding virtualizing the DCs, which as been a bit inconsistent.
Yes, we have read all the documents that most of these posts tend point to, but found some, if not most are still are referring to performing this under Srvr 2008 r2, and haven’t really
seen all that much on Srvr2012 r2.
We have read these and others:
Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100),
Virtualized Domain Controller Technical Reference (Level 300),
Virtualized Domain Controller Cloning Test Guidance for Application Vendors,
Support for using Hyper-V Replica for virtualized domain controllers.
Again, thanks for any information, best practices, cookie cutter or otherwise that you can share.
Chas. -
Setting up user accounts on server and setting up workstation
Hey. I have just recieved my new server.
I am really trying to get my head around this. How do i set up a work station computer on the network, which asks you to login with a username/password, which is connected to the server, the usual stuff, Setting up a user in the workgroup manager and then set up a few work stations so that users can login in any computer with there own user/password and access all there work.
I have read bits and bobs about how to do this, but all i can find is how to set it up on the server its self, not how to set up work stations. This is what i found. Am i looking at the right place.
I have set up lots of linux servers before. But never set up a mac os x server.
http://www.macworld.com/news/2007/04/20/opendirectory/index.php
Cheers,
Nathaniel
Message was edited by: nathaniel McinnesWell, i will set up this tomorrow when i get back into the office. Should be interesting. I will give it ago.
Also is there a way for users to login to the computer either by network or standalone. I mean a quick login option, eg. If they want to work standalone, they can.
With back ups, how do you set it so it will back up nightly onto another hard drive in the server?
Thanks,
Message was edited by: nathaniel Mcinnes -
Unable to view website from within network - OSX Server
I have recently set up a Mac mini server in my home. I have configured the DNS settings manually by creating a primary zone being my domain and then a machine record (A Record) in order to configure the right host name. I've checked this the usual way in terminal and it returns success.
Before I go ahead and configure my mail, I noticed that I was unable to view my website. From within my network on any device.
NB. My website is hosted externally with a third party.
I have Mac Mini running Mavericks 10.9.1 and Server 3.0.2, I'm using a 2TB Time Capsule as the router which plugs directly into my fibre modem. Ports are opened correctly as I have done this through the Server App panel where I can see my Time Capsule.
I've obtained the IP of the website and when I tried pinging it from terminal it cannot resolve. I've contacted Apple, and after 2 hours on the phone to them, I've been told it's out of the scope of their support.
If this is DNS, can someone help, because I'm pulling my hair out!
Thanks in advance.I have now figured this out!
After setting up the hostname in the Server app I auto created the DNS records.
I have removed them all, created a new zone, the zone being my domain name; I have then created a Machine (A) Record being my hostname; I have then created another ***BLANK*** Machine (A) Record being my domain, and hey presto, everything works perfectly. -
Time machine and network file server
Hi,
Is it possible to set up the time machine to a network file server which my macbook is able to see and use? Right now, time machine is limited to be used with a delicated external HD or another Mac...
It would be convenient to share files between my 1st mac and other windows PCs.armyedwrd wrote:
I believe I can do a work around by simply sharing my External HD so that that can happen. It's just very awkward to navigate to that shared drive each time we access it. If I had separate backup HDs for each MAC, I think I could use the TC as a media server (at least that's what I get from the marketing material here ).
You might want to try one of the workarounds in #Q3 of Using Time Machine with a Time Capsule.
Have you ever used Time Machine Editor? Is it worth downloading and using?
It's not recommended; Time Machine usually works best the way it was designed. See Time Machine - Frequently Asked Question #13. -
How can I use my MAC OS X as syslog server ??
Hi Team,
Can you please help me in configuring my MAC machine as syslog server for my Cisco routers ?? I have the devices on same network and would like to forward all syslog messages to my MAC machine for analysing them.
Thanks,Crocosmia wrote:
Thank you for advise, will try apple store another thing how can I increase my ramm and memory
Check your machine's actual specifications here.
It looks like you can support up to 3 MByte in a 17" iMac and up to 4 Mbyte in a 20" iMac, if your cache size coordinates with the specs on the linked page.
OWC says you should be able to put 4 Gbyte into your machine here. Wherever you get the memory, it would be a good addition. This is the Apple Store listing for your machine, as near as I can figure it. -
NPS: Event 6274 - Network Policy Server discarded the request for a user
Intermittently I will get desktop (wired) and laptop (wireless) computers experiencing issues with NPS (they drop off the network).
Some computers are affected more than others, although they are identical hardware and based on a standard image.
In the event log of the NPS servers I can see the following messages:
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 2/05/2014 8:47:58 a.m.
Event ID: 6274
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: NT147.domain.local
Description:
Network Policy Server discarded the request for a user.Contact the Network Policy Server administrator for more information.User:
Security ID: NULL SID
Account Name: host/DPC0387.domain.local
Account Domain: DOMAIN
Fully Qualified Account Name: DOMAIN\DPC0387$Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 3c-xx-xx-xx-xx-xx
Calling Station Identifier: 00-xx-xx-xx-xx-xxNAS:
NAS IPv4 Address: 10.nnn.nnn.nnn
NAS IPv6 Address: -
NAS Identifier: ND246
NAS Port-Type: Ethernet
NAS Port: 71RADIUS Client:
Client Friendly Name: Network Device Management Subnet
Client IP Address: 10.nnn.nnn.nnnAuthentication Details:
Connection Request Policy Name: NAP 802.1X (Wired)
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: NT147.domain.local
Authentication Type: -
EAP Type: -
Account Session Identifier: 384F322E317838316564303034313030306230666632
Reason Code: 1
Reason: An internal error occurred. Check the system event log for additional information.
How do I debug when an internal error occurs but there is nothing in the system event log? Where else can I look?
Here's the packet trace that matches the event log entry above:
No. Time Source Destination Protocol Length Time from request Info
1 0.000000 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
2 2.470423 Universa_xx:xx:xx Nearest EAPOL 60 Start
3 2.472870 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
4 2.539416 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
5 2.544206 Universa_xx:xx:xx Nearest EAPOL 60 Start
6 2.548804 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
7 2.550050 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
8 2.552597 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=249, l=208)
9 2.556043 10.NPS_Server 10.switch RADIUS 136 0.003446000 Access-Challenge(11) (id=249, l=90)
10 2.565876 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Protected EAP (EAP-PEAP)
11 2.569472 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=250, l=208)
12 2.572566 10.NPS_Server 10.switch RADIUS 136 0.003094000 Access-Challenge(11) (id=250, l=90)
13 2.580254 Universa_xx:xx:xx Nearest TLSv1 123 Client Hello
14 2.586544 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
15 4.564841 Universa_xx:xx:xx Nearest EAPOL 60 Start
16 4.568530 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Identity
17 4.569876 Universa_xx:xx:xx Nearest EAP 60 Response, Identity
18 4.582263 10.switch 10.NPS_Server RADIUS 254 Access-Request(1) (id=252, l=208)
19 4.586006 10.NPS_Server 10.switch RADIUS 136 0.003743000 Access-Challenge(11) (id=252, l=90)
20 4.591896 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Request, Protected EAP (EAP-PEAP)
21 4.592692 Universa_xx:xx:xx Nearest TLSv1 123 Client Hello
22 4.599634 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=253, l=315)
23 4.600887 10.NPS_Server 10.switch IPv4 1518 Fragmented IP protocol (proto=UDP 17, off=0, ID=07db)
24 4.609920 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 1514 Server Hello, Certificate, Certificate Request, Server Hello Done
25 4.610516 Universa_xx:xx:xx Nearest EAP 60 Response, Protected EAP (EAP-PEAP)
26 4.617407 10.switch 10.NPS_Server RADIUS 262 Access-Request(1) (id=254, l=216)
27 4.618352 10.NPS_Server 10.switch RADIUS 288 0.000945000 Access-Challenge(11) (id=254, l=242)
28 4.623650 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 176 Server Hello, Certificate, Certificate Request, Server Hello Done
29 4.643316 Universa_xx:xx:xx Nearest TLSv1 361 Certificate, Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
30 4.649607 10.switch 10.NPS_Server RADIUS 601 Access-Request(1) (id=255, l=555)
31 4.656950 10.NPS_Server 10.switch RADIUS 199 0.007343000 Access-Challenge(11) (id=255, l=153)
32 4.662734 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 87 Change Cipher Spec, Encrypted Handshake Message
33 4.681106 Universa_xx:xx:xx Nearest EAP 60 Response, Protected EAP (EAP-PEAP)
34 4.788536 10.switch 10.NPS_Server RADIUS 262 Access-Request(1) (id=2, l=216)
35 4.789735 10.NPS_Server 10.switch RADIUS 173 0.001199000 Access-Challenge(11) (id=2, l=127)
36 4.795723 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 61 Application Data
37 4.796372 Universa_xx:xx:xx Nearest TLSv1 93 Application Data
38 4.802368 10.switch 10.NPS_Server RADIUS 331 Access-Request(1) (id=3, l=285)
39 4.803363 10.NPS_Server 10.switch RADIUS 189 0.000995000 Access-Challenge(11) (id=3, l=143)
40 4.808905 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
41 4.809501 Universa_xx:xx:xx Nearest TLSv1 77 Application Data
42 4.817342 10.switch 10.NPS_Server RADIUS 315 Access-Request(1) (id=4, l=269)
43 4.822986 10.NPS_Server 10.switch RADIUS 189 0.005644000 Access-Challenge(11) (id=4, l=143)
44 4.828973 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
45 4.833318 Universa_xx:xx:xx Nearest TLSv1 829 Application Data
46 4.840610 10.switch 10.NPS_Server RADIUS 1073 Access-Request(1) (id=5, l=1027)
47 4.845946 10.NPS_Server 10.switch RADIUS 189 0.005336000 Access-Challenge(11) (id=5, l=143)
48 4.850938 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 77 Application Data
49 4.907924 Universa_xx:xx:xx Nearest TLSv1 141 Application Data
50 4.913390 10.switch 10.NPS_Server RADIUS 379 Access-Request(1) (id=6, l=333)
51 4.917535 10.NPS_Server 10.switch RADIUS 221 0.004145000 Access-Challenge(11) (id=6, l=175)
52 4.922877 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 109 Application Data
53 4.923472 Universa_xx:xx:xx Nearest TLSv1 61 Application Data
54 4.930319 10.switch 10.NPS_Server RADIUS 299 Access-Request(1) (id=7, l=253)
55 4.937348 10.NPS_Server 10.switch RADIUS 381 0.007029000 Access-Challenge(11) (id=7, l=335)
56 4.942543 JuniperN_xx:xx:xx Universa_xx:xx:xx TLSv1 269 Application Data
57 4.944791 Universa_xx:xx:xx Nearest TLSv1 125 Application Data
58 4.951408 10.switch 10.NPS_Server RADIUS 363 Access-Request(1) (id=8, l=317)
59 4.954022 10.NPS_Server 10.switch RADIUS 355 0.002614000 Access-Accept(2) (id=8, l=309)
60 4.981482 JuniperN_xx:xx:xx Universa_xx:xx:xx EAP 60 Success
61 32.590347 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
62 62.592420 10.switch 10.NPS_Server RADIUS 361 Access-Request(1) (id=251, l=315)
63 92.595043 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)
64 122.597856 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)
65 152.600618 10.switch 10.NPS_Backup_Server RADIUS 361 Access-Request(1) (id=9, l=315)A belated thanks for your reply.
Our environment doesn't have NPS accounting configured so that was easy to rule out.
The mid-day drop outs have stopped after I added "set protocols dot1x authenticator no-mac-table-binding" to our Juniper switches (which prevents mac address aging from clearing the active dot1x client session).
I believe the above error message occurs because the RADIUS session ID is rejected / ignored because of some quirks in the RADIUS standard. At the start of a dot1x authentication request a RADIUS session ID is created. For whatever reason the
RADIUS/NAP server stops responding and the Juniper switch fails over to the backup RADIUS/NAP server configured. The session ID is kept (per RADIUS standard) but the backup RADIUS/NAP server doesn't know about the session, so this event: "Network
Policy Server discarded the request for a user." occurs.
It would be nice to see a clearer error message "Invalid RADIUS session" or similar.
There is a Microsoft guide on how to set up RADIUS/NAP servers in a highly available configuration - something to do with RADIUS proxy servers.
It would be even nicer to see some kind of RADIUS session synchronisation between NAP servers... if it doesn't already exist?
I am having the same exact issue you posted on here except I have Extreme Network switches. Some of my computers, various hardware, will randomly not authenticate during re-authentication. The switch says that it failed to contact the NPS server so then it
switches to my backup server. The client has a random time on how long it waits to authenticate so sometimes I end up having the disable/re-enable the port they are connected to so that the session is started again. I see that you basically removed the option
to force clients to re-authenticate Any downfall disabling that?. Any idea why the NPS server is no longer responding? Are you using Windows Server 2012?
Maybe you are looking for
-
PM Order - Change operations Work Center to Main Work Center
Hi Experts, We have prepared a tool for client, which create Maintenance Plan and order in the background. The order created is having "Main Work Center" defined at header and "Work Center" at the operations level. In the current scenario the "Main W
-
HashPrintRequestAttributeSet will not serialize correctly
It seems that HashPrintRequestAttributeSet (or something else) doesn't serialize correctly. This only works for a certain high end printer with (multi-purpose tray selected). Note that loading from file right after saving works fine (loading from scr
-
Clicked on the Firefox icon , but window did not appeared, checked in the Task manager, there is a process running with firefox.exe, and could not see any icon in the task bar adjacent to start button
-
Copy and Paste from an excel spreadsheet to a JTable
Hi, does someone know how to copy and paste data from an excel spreadsheet to a JTable. It seems like copy and paste do not fuction from an to a JTable. Thanks, Fred.
-
On Demand - sound & picture freezing
For about 10 days now we have had an issue with our On Demand service. Mostly, the just sound goes but also the whole thing freezes for a couple of seconds, before going again for another couple of seconds. Rinse & repeat. We have been on the phone