Setting up VPN Server fails in Windows 8.1
Hello Folks
I'm trying to set up VPN server in my Windows 8.1 box to receive incoming connections. It fails at the last step (http://www.diaryofaninja.com/blog/2012/09/11/setting-up-a-vpn-server-on-windows-7-or-windows-8-ndash-secure-your-internet-use-while-away)
of the process (Allow Access) with the following error. I binged a lot but none of the trouble shooting mechanisms worked for me. I made sure that concerned service (Routing and Remote Access) can be started and stopped manually. Also, the same step works
in Windows 7.
Please see attached for error details.
Highly appreciate any help for fixing the issue.
Cheers
Manohar
Hi Manooh,
Besides disabling IP v6, try reset the TCP/IP in the way below:
Open the command line windows as an administrator and type the command “nets hint ip reset” hit enter, or you can try the fix it below:
http://support.microsoft.com/kb/299357
We usually modify the default RDP port 3389 to another value, if you followed this too, you should add an port exception through a firewall in the way below:
1.Open Windows Firewall
2.In the left pane, click Advanced settings.
3.In the Windows Firewall with Advanced Security dialog box, in the left pane, click Inbound Rules, and then, in the right pane, click New Rule.
4. Choose “port” and input the port number as allowed to connect.
Regards
Wade Liu
TechNet Community Support
Similar Messages
-
The negotiation with the VPN server failed. Verify the server address and try reconnecting
Hi folks,
I am unable to connect VPN, While connecting error occurred. Can anyone advice how to solve this issue.
"The negotiation with the VPN server failed. Verify the server address and try reconnecting"
Thanks
VinothThis might help, at least from Harald's post onwards.
-
Issue with WAN Miniport when setting up VPN server in Windows 7
I tried making my computer a VPN server by setting up a "New incoming connection" under network connections within Network and sharing center. Originally, it did complete but did not show any WAN Miniport connections. I could not connect to this VPN
with my other computer.
What I've done so far:
I "updated" all the WAN Miniports in Device Manager to "MAC Bridge Miniport" driver (since I could not uninstall them as they were) and then proceeded to uninstall all the WAN miniports. I rebooted my computer and then the device
drivers tried to install automatically but only a few installed successfully.
I then downloaded the latest WDK (8.1) and tried re-installing all the WAN Miniports via devcon.exe with the command "devcon.exe install c:\windows\inf\netrasa.inf MS_PptpMiniport". It said that the node was created but it failed to install the
drivers. I rebooted my computer but some of these mini ports appeared as "Unknown" in Device Manager while others appeared with their names but with numbers attached since I've attempted this a few times, Ex: "WAN Miniport (IP) #3".
from my understanding, I need at least WAN Miniport pptp to be working for VPN to work. I don't know what to do at this point. Any help is greatly appreciated. Thanks in advance.
Gateway DX4822-01 Desktop PC
Windows 7 64-bit, SP1Hi,
Please try to use Incoming connection troubleshooter to fix this problem for test. If it identify any problem that couldn't fix this problem, please provide the error message here.
Control Panel\All Control Panel Items\Troubleshooting\All Categories
Roger Lu
TechNet Community Support -
VPN Server broken with Windows after upgrade from Tiger.
Hey there
I use Tiger 10.4 Server on a PowerMac G4.
It has two network interfaces, one public facing with it's own static IP, and the other internal facing.
The VPN service works perfectly, and allows people to connect via L2TP and assignes them an IP on the internal facing subnet, and allows OS X and Windows clients to connect.
However after upgrading to Leopard, only Mac clients can connect, all the Windows clients connect, and although they get an IP and are able to ping destinations, attempts to connect to these destinations (some of which are web apps on port 80, others are file servers running Samba), they just sit waiting for ever.
I've experimented with this problem, and it appears to be a problem with MTU and packet fragmentation, however these settings appear to be the same between Tiger, which worked, and Leopard which does not work.
Does anyone have any experience with the new VPN Server in Leopard, and can offer me any advice on how to fix this problem? I'm currently downgraded to Tiger again until a fix can be found.I had the same issue, among others, but I finally got everything to work eventually. It seems that if the IP range of the client connecting to VPN is in the same range of the server LAN, there will be connectivity issues, whether it be pcs and/or macs not being able to connect. The following set up got my VPN services working:
1. Get DNS and Open Directory working properly. When I did an upgrade, the Server Admin updated my zone files with a curious extra space, which killed DNS. For example, I had the name server as ns.company.private., but in the files it would say ns. company.private everywhere! I've been reading about various bugs in upgrading DNS, so I think it's best just to start DNS from scratch. But if you are upgrading, the following thread expalins how to go about setting up DNS and Open Directory: http://discussions.apple.com/thread.jspa?messageID=5957209�
2. Once you have Open directory users and dns working properly, then set up VPN. Give a unique IP range to the internal network (192.168.7.1/24) that other networks will not emulate. If you use 192.168.1.1, you will likely run into issues. You can always test this method out by changing the IP range from a remote location and trying to get in this way instead of changing the server. Also, be aware that if you use Gateway Assistant within NAT, it will automatically give you a 192.168.1.1/24 range, at least that's been my experience, and this always killed VPN for me. I would set up NAT manually to avoid problems.
3. Ensure that the DNS information under the Client Information tab is correct. For my server I have 192.168.9.1 as the nameserver, and company.private as the search domain. Then set up routing tables. Mine are 192.168.0.0:255.255.0.0 private and 0.0.0.0:0.0.0.0 public.
Also, when you restart the server, stop and restart VPN services, as there is some talk about the Tiger bug still being around, where VPN services are messed up upon startup. This all worked for me and a couple others that had similar server set ups. Hopefully this will work for you. -
RDP over Easy VPN Server fails, ping works
Dear experts,
What can I do to troubleshout this problem?
This is our router configuration with the Easy VPN Server enabled:
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
no service dhcp
hostname ####
boot-start-marker
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret ###########################
aaa new-model
aaa authentication login local_authen local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec local_author local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa session-id common
no ipv6 cef
no ip source-route
ip cef
ip dhcp excluded-address 192.168.1.1 192.168.1.29
ip dhcp excluded-address 192.168.1.59
ip dhcp excluded-address 192.168.1.99
ip dhcp excluded-address 192.168.1.182
ip dhcp excluded-address 192.168.1.192
ip dhcp excluded-address 192.168.1.193
ip dhcp excluded-address 192.168.1.198
ip dhcp excluded-address 192.168.1.238
ip dhcp excluded-address 192.168.1.240
ip dhcp excluded-address 192.168.1.243
ip dhcp excluded-address 192.168.1.245
ip dhcp excluded-address 192.168.1.215
ip dhcp excluded-address 192.168.1.122
ip dhcp excluded-address 192.168.1.33
ip dhcp excluded-address 192.168.1.10
ip dhcp excluded-address 192.168.1.11
ip dhcp excluded-address 192.168.1.201
no ip bootp server
ip dhcp-server ##########
multilink bundle-name authenticated
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-############
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-############
revocation-check none
crypto pki certificate chain TP-self-signed-############
certificate self-signed 01
quit
license udi pid CISCO1941/K9 sn ##########
license boot module c1900 technology-package securityk9
license boot module c1900 technology-package datak9
username #### privilege 15 secret ####################.
username #### secret ####################
username #### secret ####################
username #### secret ####################
redundancy
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
crypto ctcp port 10000
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration group ###########
key ##########
dns 192.168.1.4 192.168.1.6
domain ####.local
pool SDM_POOL_1
acl 102
include-local-lan
crypto isakmp profile ciscocp-ike-profile-1
match identity group ##############
client authentication list ciscocp_vpn_xauth_ml_1
isakmp authorization list ciscocp_vpn_group_ml_1
client configuration address respond
virtual-template 1
crypto ipsec transform-set ########### esp-aes 256 esp-sha-hmac
crypto ipsec profile CiscoCP_Profile1
set transform-set ###########
set isakmp-profile ciscocp-ike-profile-1
interface Null0
no ip unreachables
interface GigabitEthernet0/0
description $ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ES_LAN$$ETH-LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1
description $FW_OUTSIDE$
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
ip local pool SDM_POOL_1 192.168.2.1 192.168.2.10
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 23 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 ###########
logging esm config
logging trap debugging
access-list 23 permit 192.168.1.0 0.0.0.255
access-list 23 permit 192.168.2.0 0.0.0.255
access-list 101 deny ip any host 184.82.162.163
access-list 101 deny ip any host 184.22.103.202
access-list 101 deny ip any host 76.191.104.39
access-list 101 permit ip any any
access-list 102 permit tcp any any eq 3389
access-list 102 permit ip any any
access-list 102 permit icmp any any
access-list 700 permit 000d.6066.0d02 0000.0000.0000
no cdp run
snmp-server group ICT v3 priv
control-plane
banner exec ^C
Welcome ####^C
banner login ^C
Unauthorized access prohibited
##################################^C
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
access-class 23 in
password 7 ##################
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
access-class 23 in
authorization exec local_author
login authentication local_authen
transport input telnet ssh
scheduler allocate 20000 1000
endIn the server debug, I see this:
*Oct 13 09:25:46.662: ISAKMP:(2013): retransmitting phase 2 CONF_XAUTH -2020890165 ...
*Oct 13 09:25:46.662: ISAKMP (2013): incrementing error counter on node, attempt 1 of 5: retransmit phase 2
*Oct 13 09:25:46.662: ISAKMP (2013): incrementing error counter on sa, attempt 1 of 5: retransmit phase 2
*Oct 13 09:25:46.662: ISAKMP:(2013): retransmitting phase 2 -2020890165 CONF_XAUTH
*Oct 13 09:25:46.662: ISAKMP:(2013): sending packet to 109.59.232.39 my_port 500 peer_port 500 (R) CONF_XAUTH
*Oct 13 09:25:46.662: ISAKMP:(2013):Sending an IKE IPv4 Packet.
*Oct 13 09:25:49.850: ISAKMP (2013): received packet from 109.59.232.39 dport 500 sport 500 Global (R) CONF_XAUTH
*Oct 13 09:25:49.850: ISAKMP:(2013):processing transaction payload from 109.59.232.39. message ID = -2020890165
*Oct 13 09:25:49.850: ISAKMP: Config payload REPLY
*Oct 13 09:25:49.850: ISAKMP/xauth: reply attribute XAUTH_USER_NAME_V2
*Oct 13 09:25:49.850: ISAKMP/xauth: reply attribute XAUTH_USER_PASSWORD_V2
*Oct 13 09:25:49.850: ISAKMP/xauth: Expected attribute XAUTH_TYPE_V2 not received
*Oct 13 09:25:49.850: ISAKMP:(2013):peer does not do paranoid keepalives.
Is it something with the above line ?
/Jesper -
Multiple (but not all) VPN clients failing in Windows 8 and 8.1
Big question for VPN gurus, with a long story. I got a new machine with Windows 8 in late December 2012. I work remotely
for a bunch of different customers, so 100% of my work is done via VPNs. My customers use a wide variety of VPN types. These were all working fine up through early December 2013. Suddenly a bunch of them stopped working. I tried a ton
of stuff:
- Uninstalling all VPN clients and reinstalling them one at a time
- Reinstalling / updating network drivers
- Turning off and uninstalling antivirus and firewall software
- Verified problem was on my machine, not local network, both by testing other machines on local network and by testing this machine on other networks
The following VPN clients would not work:
Cisco VPN Client
FortiSSL
Microsoft built-in
The following VPN clients had no problems:
Cisco AnyConnect
ShrewSoft
Juniper web-based SSL VPN
Check Point web-based SSL VPN
As you can imagine, having to use a second (Windows XP) machine to connect to half my customers was a source of some serious headaches. After 3 weeks of beating my head against this, I finally upgraded my OS to Windows 8.1. The hail mary worked;
my VPN problems went away!
Two weeks later, the exact same symptoms resurfaced. I've gone back through a bunch of the steps that didn't help the first time around, with the same results. I expect a system refresh would probably do the trick, probably temporarily like the
OS upgrade, but I can't afford to spend a week reinstalling dozens of critical applications only to have the problem resurface after another couple of weeks.
At this point, the closest thing I have to a clue is that in both cases the problems started soon after installing an update to the Cisco AnyConnect client. After uninstalling the client, the problems do not go away.
Exactly what do I mean when I say the VPN clients don't work? That varies from one client to the next:
Microsoft built-in: Error 720
FortiSSL: variable - sometimes won't finish connecting, sometimes connects for about a second
Cisco: variable - sometimes won't finish connecting, sometimes "connects" but I can't access anything
Has anybody seen this sort of behavior before? Any suggestions for fixes I may not have tried yet? Thanks in advance.Hi.
I have been similar issues with VPN clients. In my case cause of this problems seems to be "Deterministic Network Enhancer". So turning this component on and off usually helps.
Actually I writed one script to fix this probleem for my clients.
<#
.Synopsis
This script is ment for a fixing of network problems which may occur when you use Windows 8/8.1 with Client Hyper-V
.DESCRIPTION
This script will disable and then enable again Deterministic Network Enhancer (dni_dne) component from network connections.
Parameter RegisterScheduledTask will register this script as a scheduled task which will be triggered at every time when computer starts.
.EXAMPLE
Fix-Network.ps1
.EXAMPLE
Fix-Network.ps1 -RegisterScheduledTask
#>
param
[switch]$RegisterScheduledTask
function Test-IsRunAsAdministrator
$currentUser = New-Object Security.Principal.WindowsPrincipal( [Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole( [Security.Principal.WindowsBuiltInRole]::Administrator)
function Get-RunAsAdministrator
if(!(Test-IsRunAsAdministrator))
[string[]]$argumentList = @('-NoProfile' , '-File', $MyInvocation.ScriptName)
if($RegisterScheduledTask)
$argumentList += '-RegisterScheduledTask'
Start-Process PowerShell.exe -Verb Runas -WorkingDirectory $PWD.Path -ArgumentList $argumentList
break
Get-RunAsAdministrator
if($RegisterScheduledTask)
$actionArgument = '-ExecutionPolicy Bypass -File "' + $PSCommandPath + '"'
$action = New-ScheduledTaskAction -Execute "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Argument $actionArgument
$trigger = New-ScheduledTaskTrigger -AtStartup
$principal = New-ScheduledTaskPrincipal "SYSTEM" -LogonType ServiceAccount -RunLevel Highest
Register-ScheduledTask -TaskName Fix-Network -Trigger $trigger -Action $action -description "Fix network for Windows 6.X with Hyper-V" -Principal $principal
else
$bindings = Get-NetAdapterBinding | Where-Object { ($_.ComponentID -eq "dni_dne") -and ($_.Enabled)}
$bindings | Set-NetAdapterBinding -Enabled $false
$bindings | Set-NetAdapterBinding -Enabled $true
$date = Get-Date
"Done: $date" > $PSScriptRoot\Fix-Network.log
Hope that this will help.
Br,
Heiki -
the tittle is my question. I am noob , so I hope i can make my question clear. Now i 'd like to tell you more about my question:
My aim is to set a VPN server in Local lan, then ppl can connect to the VPN server, But I dont wanna all of the Local lan IP cant connet to it. So I neet to set a rule to restrick some local Ip to connect failure, just like banning so IP in a rule.such as: just like the "192.168.4.3~192.168.4.20 ; 192.168.7.3~192.168.7.20 " IPs can connect . the IPs which outside the rules can not do.
my step is following:
1) install server app
2)and then i set a VPN server , finally the VPN server can be connected successfully by local lan computer(PC or Mac)
3)But i found no restrict IP founction in Server app panel.
4)then i down load workgroup manager, and found nothing there about such a founction about IP restriction.
so can you tell me how to aproach my aim?
Please tell me in a clear detail,I am noob
thank youWon't the password restrict everyone from connecting unless they know the password?
I have never worked with a VPN server, so I can't really add any suggestions. Below are links to Apple support articles, but I'm not sure they will help you:
VPN - Set up Connection
VPN - Advanced Setup
VPN - Connect
VPN - Connect Automatically -
VPN server only connected to a WAN
Hi,
I have configured a VPN server on a xserve directly connected to the Internet (public IP address on en0 interface). The server is not connected to a LAN (no cable on en1 interface).
The VPN clients ("roadwarriors" clients) are assigned a 10.0.0.x private IP address.
My question is: what is the correct setup to have a private IP on the server?
1/ Should I configure en1 interface with a 10.0.0.x IP address (the panel won't apply the settings because there is no cable plugged BUT I can do it with a simple "ifconfig en1 10.0.0.1 netmask 255.255.255.0 up" command in a terminal).
2/ Or should I create a virtual interface and assign a 10.0.0.x IP to it (ifconfig vlan0 create)?
And yes there is a logic to have such a setup (expose only the VPN service on the server from the Internet side, but open access to all other services only to VPN clients like for example mail. This is why I do need a private IP address for the server).
Note: I was using previously openvpn on a Linux server and did not have such problem as openvpn creates a tun0 interface on the server side with its own private address.setup macmini with public wan ip.
This is what i did and i have a firewall problem
I created a en1 interface with
sudo ifconfig en1 10.0.0.1 netmask 255.255.255.0 up
I enabled the pptp protocol in the vpn setup.
enable pptp
start ip 10.0.0.1
end ip 10.0.0.5
authentication mschap
in the client information
for the dns server I used opendns
208.67.222.222
208.67.220.220
network routing definition
10.0.0.0 255.255.255.0 private
I now goto the firewall settings
I check the box to allow for group ANY
vpn PPTP port 1723
i goto address group and create a group called vpn
I add the five ip's i have set the vpn server to assign to the clients. I choose allow All for this group.
I goto my mac book and setup the pptp connection. It lets me authenticate and I get an ip address of 10.0.0.2 from the server. however web, email and other services dont work.
I check the firewall log in the mac mini and sure nuff 10.0.0.2 is getting denied for lots of services.
Jan 3 21:04:38 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:04:38 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49431 208.67.222.222:53 in via ppp0
Jan 3 21:04:41 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:04:44 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:04:46 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49432 208.67.220.220:53 in via ppp0
Jan 3 21:04:53 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:04:53 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49431 208.67.222.222:53 in via ppp0
Jan 3 21:04:56 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:05:01 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49432 208.67.220.220:53 in via ppp0
Jan 3 21:05:08 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:05:08 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49433 149.254.192.126:53 in via ppp0
Jan 3 21:05:11 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:05:17 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
4 Deny UDP 10.0.0.2:49433 149.254.192.126:53 in via ppp0
Jan 3 21:05:26 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:05:32 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:05:35 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
4 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
an 3 21:05:46 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49436 208.67.220.220:53 in via ppp0
Jan 3 21:05:53 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49435 208.67.222.222:53 in via ppp0
Jan 3 21:05:56 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:05:59 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
Jan 3 21:06:01 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:49436 208.67.220.220:53 in via ppp0
n 3 21:06:05 mini ipfw[1158]: 65534 Deny UDP 10.0.0.2:5353 208.67.222.222:53 in via ppp0
I dont understand why 10.0.0.2 is being denied when I have setup a group including that IP and have allowed it to do anyting.
Can anyone help please? -
Need help setting up VPN with OS X Server 2.2
I just bought OS X Server in the hopes that it would be a simpler way to set up VPN for use with my iPhone. I've tried a couple third party VPN configuration tools before with older versions of OSX but was never able to get it working. Now I'm running 10.8.2 and Server 2.2. I've made some progress, but I'm not quite there yet.
Here's what I have set up in the VPN window:
And the user I created:
The User services show that VPN is selected:
I let the Server app configure my Airport Extreme, and it looks like it set up the port mapping:
Here are my iPhone settings
-Server is set to my iMac's public IP address assigned by my ISP
-Password is the password I gave the user account
When I turn the VPN on in the iPhone I get:
"Connecting..."
"Starting..."
"Authenticating..."
then an error:
"VPN Connection
Authentification failed."
What am I missing?
Thanks,
SeanHi,
1701
UDP
L2TP
l2f
Mac OS X Server VPN service
1723
TCP
PPTP
pptp
Mac OS X Server VPN service
Try L2TP -
Hello
I am trying to install Exchange Server 2010 beta 1 onto a Windows Server 2008 R2 (build 7000) machine which has also been set up as a domain controller.
However when attempting to install the Client Access role, setup fails with the error below.
Does anyone know of a way to get around this please?
I have already searched for this error and not found any similar threads.
Also every time I press the code button on this forum it crashes the browser and I keep losing the message! (IE8 from within Server R2). Also the message box is very small, will not expand and keeps jumping to the top.
Thanks
Robin
[code]
Summary: 4 item(s). 1 succeeded, 1 failed.
Elapsed time: 00:00:01
Preparing Setup
Completed
Elapsed Time: 00:00:00
Client Access Role
Failed
Error:
The execution of: "$error.Clear(); Install-ExchangeCertificate -services "IIS, POP, IMAP" -DomainController $RoleDomainController", generated the following error: "Could not grant Network Service access to the certificate with thumbprint 2F320F5D5B5C6873E54C8AB57F604D8AFA31D18C because a cryptographic exception was thrown.".
Could not grant Network Service access to the certificate with thumbprint 2F320F5D5B5C6873E54C8AB57F604D8AFA31D18C because a cryptographic exception was thrown.
Access is denied.
Elapsed Time: 00:00:01
Mailbox Role
Cancelled
Finalizing Setup
Cancelled
[/code]
Robin WilsonHello
Thanks for all the replies.
I have since wiped the system and installed everything again and it all worked this time so not sure what was wrong last time. I did try to uninstall all Exchange components and then uninstall IIS and Application server, reboot and re-install but I received the same error still when it came to installing the client access role.
Walter: I just attempted the standard installation which should have used the default self-signed certificate. Everything was a fresh install done at the same time on a freshly formatted PC.
For info last time when it failed to work:
- Installed Windows Server 2008 R2
- Installed Domain Controller role using dcpromo. I set the forest and domain as Windows Server 2008 R2
- Added a forest trust between main domain and test Exchange domain (set up as ex2010.local)
- Installed IIS and Application Server role
- Installed Hyper-v role
- Installed Desktop Experience feature
- Installed Exchange and recieved the error
When it worked I set up the forest and domain in Windows Server 2008 mode (i.e. not R2), installed Exchange first and then set up the forest trust and then Hyper-v. It did say it failed to configure dns which was probably because it started trying to do automatic updates half way through the dcpromo! DNS seems to work ok though.
I did notice this time that Hyper-v gave a warning about the virtual network adapter not being set up correctly and the local network did not work correctly although I could access the internet. Not sure if this could have been related to the cause of the problem previously. For now I have disabled the virtual network until I get time to try and get it working and so the mail will work in the meantime.
I also noticed that Hyper-v added an extra 443 ssl binding to the default website so as it had 2 bindings on port 443 it refused to start. After deleting one it worked.
I decided to install Exchange onto a domain controller as it is only a test and I wouldn't do it in a live environment. I am also short of test machines! It didn't give me any warnings about this actually, I think previous versions warn you that it is not recommended.
Andreas and Chinthaka: I did not know about the requirement to run the domain at 2003 mode. The main domain is running in 2008 mode with Exchange 2007 so I assume this is just a temporary beta related requirement. It does seem to be working (second attempt) so far in a 2008 mode domain although I haven't had a chance to fully test it yet.
Thanks
Robin
P.S. Sorry it's taken me a while to reply!
Robin Wilson -
Set up Search Service App For SharePoint server 2013 on Windows server 2012 R2 not working
Hi all,
I installed SharePoint server 2013 on Windows server 2012 R2 using VirtualBox. I created a DC(domain controller) server with a domain set up on one VM and it has SQL server 2012 SP1 installed. Then SharePoint 2013 on another VM was set up to access
the DC server. Everything seems working except Search Service App which cannot be sucessfully set up. Creation process for Search service app says Successful and 4 search databases were created and look fine. But when I navigate to search service app
admin page, it gives error info:
System status: The search service is not able to connect to the machine that hosts the administration component. Verify that the administration component '386f2cd6-47ca-4b3a-aeb5-d9116772ef16' in search application 'Search Service Application 1' is in
a good state and try again.
Search Application Topology: Unable to retrieve topology component health states. This may be because the admin component is not up and running.
From event viewer, I see following errors:
(1) Error From source: SharePoint Server
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance
(b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
Reason: The object you are trying to create already exists. Try again using a different name.
Technical Support Details:
System.Runtime.InteropServices.COMException (0x80040D02): The object you are trying to create already exists. Try again using a different name.
at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize()
at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean
isAdministrationServiceJob)
(2) Error From source: SharePoint Server Search
Could not access the Search database. A generic error occurred while trying to access the database to obtain the schema version info.
Context: Application '386f2cd6-47ca-4b3a-aeb5-d9116772ef16'
(3) Warning from source: SharePoint Server Search
A database error occurred. Source: .Net SqlClient Data Provider Code: 8169 occurred 0 time(s) Description: Error ordinal: 1 Message:
Conversion failed when converting from a character string to uniqueidentifier., Class: 16, Number: 8169, State: 2 at
System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
(4) Error From source: SharePoint Server
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance
(b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
Reason: The gatherer application could not be mounted because the search administration database schema version does not match the expected backwards compatibility schema version. The database might not have been upgraded.
Technical Support Details:
System.Runtime.InteropServices.COMException (0xC0041235): The gatherer application could not be mounted because the search administration database schema version does not match the expected backwards compatibility schema version. The database might not have
been upgraded.
Since separate DC server and SharePoint server do not work, I installed SharePoint 2013 on DC server ( so DC server has everything on it now ) but it gives exactly same result. Later I installed SharePoint 2013 SP1 and still have the same problem with Search
Service app. I spent two weeks tried all suggestions available from Web and Google but SharePoint Search Service simply does not work. Config and other databases work but why Search Service has this issue seemingly related to search DB.
Could anybody please help out? You deserve a top SharePoint consultant award if you could find a solution. I am so frustrated and so tired by this issue. This seems also to be a SP set up issue.
Thanks a lot.Using new Search Service App wizard to create SSA is always a success. I could delete existing SSA and recreate it and no problem. It says successful but when I open Search Admin page from CA, it gives me errors as mentioned.
Now I used the following PS script for creating SSA from Max Mercher, but it stays at the last setps in following script:
Add-PsSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
$IndexLocation = "C:\Search" #Location must be empty, will be deleted during the process!
$SearchAppPoolName = "SSAPool"
$SearchAppPoolAccountName = "mydomain\admin"
$SearchServiceName = "SSA"
$SearchServiceProxyName = "SSA Proxy"
$DatabaseServer = "W12R2DC1"
$DatabaseName = "SSA"
$spAppPool = Get-SPServiceApplicationPool -Identity $SearchAppPoolName -ErrorAction SilentlyContinue
if (!$spAppPool)
$spAppPool = New-SPServiceApplicationPool -Name $SearchAppPoolName -Account $SearchAppPoolAccountName -Verbose
$ServiceApplication = Get-SPEnterpriseSearchServiceApplication -Identity $SearchServiceName -ErrorAction SilentlyContinue
if (!$ServiceApplication)
# process stays at the following step forever, already one hour now.
$ServiceApplication = New-SPEnterpriseSearchServiceApplication -Name $SearchServiceName -ApplicationPool $spAppPool.Name -DatabaseServer $DatabaseServer -DatabaseName $DatabaseName
Account mydomain\admin is an farm managed account, domain admin account, in WG_ADMIN role, It is in all SQL server roles and is DBO. I see search DBs are already on SQL server. From Event viewer, I got following errors in sequence:
(1) Crawler:Content Plugin under source Crawler:Content Plugin
Content Plugin can not be initialized - list of CSS addresses is not set.
(2) Warning for SharePoint Server Search
A database error occurred. Source: .Net SqlClient Data Provider Code: 8169 occurred 0 time(s) Description: Error ordinal: 1 Message: Conversion failed when converting from a character string to uniqueidentifier., Class: 16, Number: 8169, State: 2
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
(3) Error for SharePoint Server Search
Could not access the Search database. A generic error occurred while trying to access the database to obtain the schema version info.
Context: Application 'cbc5a055-996b-44a7-9cbc-404322f9cfdf'
(4) Error for SharePoint Server
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
Reason: The gatherer application could not be mounted because the search administration database schema version does not match the expected backwards compatibility schema version. The database might not have been upgraded.
(5) Error Shared Services for SharePoint Server Search
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
Reason: The object you are trying to create already exists. Try again using a different name.
Technical Support Details:
System.Runtime.InteropServices.COMException (0x80040D02): The object you are trying to create already exists. Try again using a different name.
at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize()
at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean isAdministrationServiceJob
Above errors keep being generated. Last step for SSA creation stay there forever. Any clue what is really going on? Thanks. -
EPM 11.1.2: Foundation Services config fails on Windows 2008 SP1 server.
Hi,
I installed EPM 11.1.2 on Windows 2008 SP1, 32-bit. The installation succeeded (no errors in logs). However, when I run EPM Configurator to configure Foundation Services, it fails.
Environment:
EPM Server: Windows 2008 SP1 32-bit
RDBMS: Oracle Enterprise Edition 10.2.0.4 (running on remote AIX 5.3 TL 8 server)
Oracle Client: 10.2.0.4 (full client install)
The configtool.log (see below) indicates that the program cannot find the reg.properties file. I checked the server and this file does not exist. The log file also reports non-existing classpath entries (not sure if this is related). The registry.log file (see below) reports a jdbc driver error: java.sql.SQLSyntaxErrorException: ORA-00917: missing comma.
I submitted a service request with Oracle Support, but the support engineer said that installation and configuration errors are outside the scope of technical support.
Any ideas/suggestions would be greatly appreciated.
Thank you.
Configtool_Summary.log:
---- Product Configuration Summary.....
( May 9, 2010 6:55:58 AM ): ---- Hyperion Foundation Configuration......
( May 9, 2010 6:55:59 AM ): Pre-Configuration :: pass
( May 9, 2010 6:55:59 AM ): Common Settings :: fail
( May 9, 2010 6:56:03 AM ): Configure Database :: pass
( May 9, 2010 6:56:03 AM ): Deploy to Application Server :: fail
( May 9, 2010 6:57:03 AM ): Configure Oracle Configuration Manager :: fail
( May 9, 2010 6:57:08 AM ): ---- Workspace Configuration......
( May 9, 2010 6:57:08 AM ): Deploy to Application Server :: fail
Configtool.log:
[2010-05-09T06:49:19.927-06:00] [EPMCFG] [TRACE] [EPMCFG-01001] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.oracle.preconfig.util.EpmLoggerPreConfigReporter] trace: Running preconfig checks...[[
Running EPM_ORACLE_HOME check...
EPM_ORACLE_HOME environment variable value: C:\Oracle\Middleware\EPMSystem11R1
JAVA_HOME environment variable value: C:\Oracle\Middleware\EPMSystem11R1\..\jdk160_11
EPM_ORACLE_HOME check succeeded
Running .oracle.products check... .oracle.products check succeeded
Running Jars manifest check...
Time spent for manifests parsing: 55129 ms
Maximum jars depth achieved: 9, while restriction was: unrestricted
Parsed 439 manifests
Total jars and classpath entries encountered: 439
Total not-existing referenced classpath entries count: 28
Enumerating not-existing classpath entries:
Missing (depth 9) file C:\oracle\Middleware\modules\com.bea.cie.comdev.it_6.1.1.0.jar referenced from C:\oracle\Middleware\modules\features\com.bea.cie.config.it_6.1.0.0.jar referenced from C:\oracle\Middleware\modules\features\com.bea.cie.config.L10N_6.1.0.0.jar referenced from C:\oracle\Middleware\modules\features\com.bea.cie.config_6.1.0.0.jar referenced from C:\oracle\Middleware\utils\config\10.3\config-launch.jar referenced from C:\oracle\Middleware\wlserver_10.3\common\lib\pdev.jar referenced from C:\oracle\Middleware\wlserver_10.3\server\lib\weblogic.jar referenced from C:\oracle\Middleware\EPMSystem11R1\common\jlib\11.1.2.0\epm_jrf.jar referenced from C:\oracle\Middleware\EPMSystem11R1\common\jlib\11.1.2.0\epm_j2se.jar referenced from C:\oracle\Middleware\EPMSystem11R1\common\config\11.1.2.0\configtool.jar
Missing (depth 5) file C:\oracle\Middleware\wlserver_10.3\server\lib\wlw-langx-L10N.jar referenced from C:\oracle\Middleware\wlserver_10.3\server\lib\wlw-langx.jar referenced from C:\oracle\Middleware\wlserver_10.3\server\lib\weblogic.jar referenced from C:\oracle\Middleware\EPMSystem11R1\common\jlib\11.1.2.0\epm_jrf.jar referenced from C:\oracle\Middleware\EPMSystem11R1\common\jlib\11.1.2.0\epm_j2se.jar referenced from C:\oracle\Middleware\EPMSystem11R1\common\config\11.1.2.0\configtool.jar
Total classpath elements to check: 67
Check for C:\oracle\Middleware\EPMSystem11R1\common\config\11.1.2.0\lib\hit-common.jar existence succeeded; file depth: 1
Check for C:\oracle\Middleware\EPMSystem11R1\common\config\11.1.2.0\lib\hit-config.jar existence succeeded; file depth: 1
Jars manifest check succeeded
Running Environment variables check... Environment variables check succeeded
Running Windows system32 directory check... Windows system32 directory check succeeded
Preconfig checks passed! Going further
[2010-05-09T06:49:22.303-06:00] [EPMCFG] [NOTIFICATION] [EPMCFG-01731] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.config.wizard.ConfigToolWizardLoader] Couldnt find proper class for wizard state: {0}, skipping...
[2010-05-09T06:49:22.943-06:00] [EPMCFG] [WARNING] [EPMCFG-01001] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.config.document.Storage] trace: {0}[[
com.hyperion.hit.registry.exceptions.RegistryException: No database properties could be read
[2010-05-09T06:49:22.943-06:00] [EPMCFG] [TRACE] [EPMCFG-05934] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.cis.utils.StopWatch] Task [Init Storage] has been started.
[2010-05-09T06:49:22.943-06:00] [EPMCFG] [TRACE] [EPMCFG-05934] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.cis.utils.StopWatch] Task [Getting registry instance] has been started.
[2010-05-09T06:49:22.943-06:00] [EPMCFG] [WARNING] [EPMCFG-01001] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.config.document.Storage] trace: com.hyperion.hit.registry.exceptions.RegistryException: No database properties could be read
[2010-05-09T06:49:22.943-06:00] [EPMCFG] [TRACE] [EPMCFG-05935] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.cis.utils.StopWatch] Task [Getting registry instance] has been ended. Execution time [0] sec.
[2010-05-09T06:49:22.943-06:00] [EPMCFG] [TRACE] [EPMCFG-05934] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.cis.utils.StopWatch] Task [Loading CT documents] has been started.
[2010-05-09T06:49:22.959-06:00] [EPMCFG] [NOTIFICATION] [EPMCFG-01044] [oracle.EPMCFG] [tid: 10] [ecid: 0000IXx7D4337E65zNd9iW1BtexF000000,0] [SRC_CLASS: com.hyperion.cis.config.document.ConfigToolDocumentManager] Loading product descriptor from file C:\Oracle\Middleware\EPMSystem11R1\common\config\11.1.2.0\product\aps\11.1.2.0\default_aps_1.xml...
[2010-05-09T06:50:53.137-06:00] [EPMCFG] [TRACE] [EPMCFG-05922] [oracle.EPMCFG] [tid: 13] [ecid: 0000IXx7Zkm37E65zNd9iW1BtexF000004,0] [SRC_CLASS: com.hyperion.install.sw.SoftwareRegistry] Adding Hyperion Home entry...
[2010-05-09T06:50:53.137-06:00] [EPMINS] [NOTIFICATION] [EPMINS-00006] [oracle.EPMINS] [tid: 13] [ecid: 0000IXx7Zkm37E65zNd9iW1BtexF000004,0] [SRC_CLASS: com.hyperion.hit.wizard.Wizard] Wizard state is: RegistryWizardState
[2010-05-09T06:51:41.437-06:00] [EPMINS] [TRACE] [EPMINS-00015] [oracle.EPMINS] [tid: 11] [ecid: 0000IXx7Zhb37E65zNd9iW1BtexF000002,0] [SRC_CLASS: com.hyperion.hit.wizard.AbstractWizardAction] Invoked action: navigation.next
[2010-05-09T06:51:41.453-06:00] [EPMCFG] [ERROR] [EPMCFG-01001] [oracle.EPMCFG] [tid: 14] [ecid: 0000IXx7j^D37E65zNd9iW1BtexF000005,0] [SRC_CLASS: com.hyperion.config.document.Storage] trace: {0}[[
com.hyperion.hit.registry.exceptions.RegistryException: com.hyperion.hit.registry.exceptions.RegistryException: No database properties could be read
at com.hyperion.hit.registry.Registry.releaseInstance(Registry.java:2039)
at com.hyperion.config.document.Storage.resetRegistryItems(Storage.java:811)
at com.hyperion.config.document.Storage.resetRegistry(Storage.java:798)
at com.hyperion.config.wizard.impl.RegistryWizardState$1.validate(RegistryWizardState.java:348)
at com.hyperion.hit.wizard.Wizard$NextClass.run(Wizard.java:504)
at java.lang.Thread.run(Thread.java:619)
Caused by: com.hyperion.hit.registry.exceptions.RegistryException: No database properties could be read
at com.hyperion.hit.registry.datasource.SharedServicesDataSourceFactory.getDataSource(SharedServicesDataSourceFactory.java:29)
at com.hyperion.hit.registry.datasource.SharedServicesDatabaseConnectionBuilder.getConnection(SharedServicesDatabaseConnectionBuilder.java:26)
at com.hyperion.hit.registry.RegistryUtils.createNewConnection(RegistryUtils.java:183)
at com.hyperion.hit.registry.RegistryConnection.getInstance(RegistryConnection.java:149)
at com.hyperion.hit.registry.Registry.releaseInstance(Registry.java:2030)
... 5 more
[2010-05-09T06:51:46.891-06:00] [EPMCFG] [WARNING] [EPMCFG-01863] [oracle.EPMCFG] [tid: 14] [ecid: 0000IXx7j^D37E65zNd9iW1BtexF000005,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RegistryWizardState] Unknown server type: ORACLE
[2010-05-09T06:51:46.938-06:00] [EPMCFG] [TRACE] [EPMCFG-01864] [oracle.EPMCFG] [tid: 14] [ecid: 0000IXx7j^D37E65zNd9iW1BtexF000005,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RegistryWizardState] HSS DB commit: serverType = ORACLE, host = fsdev21.jeffco.k12.co.us, port = 1521, db = EPMDMO
[2010-05-09T06:54:20.402-06:00] [EPMCFG] [TRACE] [EPMCFG-01001] [oracle.EPMCFG] [tid: 22] [ecid: 0000IXx8MHf37E65zNd9iW1BtexF00000B,0] [SRC_CLASS: com.hyperion.cis.utils.Log4jEPMLoggerAdapter] trace: oracle.sysman.ccr.common.network.EndPoint: SSL Protocol Initialized - SSL SocketFactory initialized
[2010-05-09T06:54:20.699-06:00] [EPMCFG] [TRACE] [EPMCFG-01001] [oracle.EPMCFG] [tid: 22] [ecid: 0000IXx8MHf37E65zNd9iW1BtexF00000B,0] [SRC_CLASS: com.hyperion.cis.utils.Log4jEPMLoggerAdapter] trace: oracle.sysman.ccr.common.network.EndPoint: Peer Certificate Chain(3):
[2010-05-09T06:54:20.714-06:00] [EPMCFG] [TRACE] [EPMCFG-01001] [oracle.EPMCFG] [tid: 22] [ecid: 0000IXx8MHf37E65zNd9iW1BtexF00000B,0] [SRC_CLASS: com.hyperion.cis.utils.Log4jEPMLoggerAdapter] trace: oracle.sysman.ccr.common.network.EndPoint: [[[
Version: V3
Subject: CN=ccr.oracle.com, OU=Terms of use at www.verisign.com/rpa (c)05, OU=Global IT, O=Oracle Corporation, L=Redwood Shores, ST=California, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 126484617735060833031672477175673947636995798346030414463203905767325249772953279144384357766006815101034501698878511926718137275402247180206176507598520965207099036209959054153609440070358274987559344845438007585125964758282852498389487164896685302381484205088204064664382056656592869143856352689583929480807
public exponent: 65537
Validity: [From: Mon May 04 18:00:00 MDT 2009,
To: Sun Jul 04 17:59:59 MDT 2010]
Issuer: CN=VeriSign Class 3 Secure Server CA, OU=Terms of use at https://www.verisign.com/rpa (c)05, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
SerialNumber: [ 52b9bccd 239d7a0d 7bb16003 389848b0]
Certificate Extensions: 8
[1]: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 62 30 60 A1 5E A0 5C 30 5A 30 58 30 56 16 09 .b0`.^.\0Z0X0V..
0010: 69 6D 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 image/gif0!0.0..
0020: 05 2B 0E 03 02 1A 04 14 4B 6B B9 28 96 06 0C BB .+......Kk.(....
0030: D0 52 38 9B 29 AC 4B 07 8B 21 05 18 30 26 16 24 .R8.).K..!..0&.$
0040: 68 74 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 http://logo.veri
0050: 73 69 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 31 sign.com/vslogo1
0060: 2E 67 69 66 .gif
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 6F EC AF A0 DD 8A A4 EF F5 2A 10 67 2D 3F 55 82 o........*.g-?U.
0010: BC D7 EF 25 ...%
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://SVRSecure-crl.verisign.com/SVRSecure2005.crl]
[4]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve
0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 risign.com/rpa
[6]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
[7]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.verisign.com, accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://SVRSecure-aia.verisign.com/SVRSecure2005-aia.cer]
[8]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
[2010-05-09T06:54:20.714-06:00] [EPMCFG] [TRACE] [EPMCFG-01001] [oracle.EPMCFG] [tid: 22] [ecid: 0000IXx8MHf37E65zNd9iW1BtexF00000B,0] [SRC_CLASS: com.hyperion.cis.utils.Log4jEPMLoggerAdapter] trace: oracle.sysman.ccr.common.network.EndPoint: [[[
Version: V3
Subject: CN=VeriSign Class 3 Secure Server CA, OU=Terms of use at https://www.verisign.com/rpa (c)05, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 18905729229464742433949840178165285210788629616064305164260843170201977241822595607598003983710482114887504542420063531704226365322091550579034120400511694538047325464426047959412241672706076731441028369861556999479337863789783838582999151810376013650218058341794419022809268802993425241541430009002110553726612125414429934927217253337526656605550620555845061032537869588361121949241772361851996536275260212221084778605793422355009443918198903890623415507477268041766919150091887619618794603091993360637671933766441597921249204891707900552776893415739395596650548462810104696585021566385762017523199762687187467514321
public exponent: 65537
Validity: [From: Tue Jan 18 17:00:00 MST 2005,
To: Sun Jan 18 16:59:59 MST 2015]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
SerialNumber: [ 75337d9a b0e1233b ae2d7de4 469162d4]
<RESPONSE><STATUS CODE="202"><MESSAGE></MESSAGE></STATUS><REQUEST_DATA><REGISTRATION_CIPHER VALUE="09944570f33deb38b7f170e09875db7e6ceb032d7b721409201e9990f06403478f4ebc88b080ac6b391b466b13abdd11056e5fc1ede4a4c3c45e377689daa321118296752b3efe0d9deaa9fc7150a1c7e6aeb26df38f35ccc96e8cb4cda148049e8b439f58c3c14fcfbc9067f2f81761803554fe79f9a7dbd2b3f79c0a040b19d941d6ab436bf2d016c36531486aa47ce430024bb51e6adfd3a82d9b8b0672935259764208f28ae626f5ab79efad45b11b058c872d6f69e328068957b6c545dea09ebcff54f920e5d0758ce0546352d03b426b7384058a0178599692be48753d7b4cfc1b98b80e68b9b3a93200679e62d62f8a837e45af992651e2eba1906ae5e892761e7005cb75b72e4d5e1a12810a5b61c6a4a670062b6f5af633f2742e93f04030552cbef91de925e8e81b2117922f4b72be9fa495bee4cc230357207fb6ae6ad77bb87f3d5d13d5f5dcd1b219adc857fc09f5d5a448aa2c79723a642d0a1839ac3a12b71159dd0ca1dc36a8eb46a7fb8ca05d86ede61b0f75640ff183efe1faf317202604f928137f7c4b58d9d8c02eb1d5997df2d6"/></REQUEST_DATA></RESPONSE>
[2010-05-09T06:55:22.359-06:00] [EPMCFG] [WARNING] [EPMCFG-01001] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.fusion.FusionComponent] trace: The component type 'Foundation' is not supported. Valid component types are: [OCM, OHS, WebCache]
[2010-05-09T06:55:33.954-06:00] [EPMCFG] [ERROR] [EPMCFG-01001] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.document.Storage] trace: com.hyperion.hit.registry.exceptions.RegistryException: Unable to create registry.
[2010-05-09T06:55:33.954-06:00] [EPMCFG] [TRACE] [EPMCFG-02015] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RunAllTasks] Creating product component(s) in the HIT Registry (if not created yet) for all selected product(s)...
[2010-05-09T06:55:33.954-06:00] [EPMCFG] [TRACE] [EPMCFG-01321] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.config.ConfigRegistryUtils] Creating product component: component type = SHARED_SERVICES_PRODUCT
[2010-05-09T06:55:33.954-06:00] [EPMCFG] [TRACE] [EPMCFG-01322] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.config.ConfigRegistryUtils] Product component already exists in the registry: component type = SHARED_SERVICES_PRODUCT
[2010-05-09T06:55:33.954-06:00] [EPMCFG] [TRACE] [EPMCFG-01321] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.config.ConfigRegistryUtils] Creating product component: component type = WORKSPACE
[2010-05-09T06:55:42.970-06:00] [EPMCFG] [TRACE] [EPMCFG-05955] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.document.Storage] Setting link. Parent: id [b57bd794d9cd2537337158c31287d1efc497ffe], componnet type [FOUNDATION_SERVICES_PRODUCT]. Child: id [b57bd794d9cd2537337158c31287d1efc497ff1], component type [WORKSPACE]
[2010-05-09T06:55:42.970-06:00] [EPMCFG] [TRACE] [EPMCFG-02144] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.document.Storage] Storage storeComponent trace : WORKSPACE:[b57bd794d9cd2537337158c31287d1efc497ff1] to be stored
[2010-05-09T06:55:42.970-06:00] [EPMCFG] [TRACE] [EPMCFG-02144] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.document.Storage] Storage storeComponent trace : allRegistryComponents contains WORKSPACE:[b57bd794d9cd2537337158c31287d1efc497ff1]
[2010-05-09T06:55:42.970-06:00] [EPMCFG] [TRACE] [EPMCFG-02144] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.document.Storage] Storage storeComponent trace : toUpdateComponents did not contain WORKSPACE:[b57bd794d9cd2537337158c31287d1efc497ff1]. It has been added to toUpdateComponents
[2010-05-09T06:55:42.970-06:00] [EPMCFG] [TRACE] [EPMCFG-01426] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.ant.AbstractAntConfigurator] propertiesExtractLocation : C:\Oracle\Middleware\user_projects\domains\EPMSystem\scripts
[2010-05-09T06:55:47.986-06:00] [EPMCFG] [ERROR] [EPMCFG-01001] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.utils.Shortcut] trace: shortcut out:Microsoft (R) Windows Script Host Version 5.7[[
Copyright (C) Microsoft Corporation. All rights reserved.
[2010-05-09T06:55:58.627-06:00] [EPMCFG] [ERROR] [EPMCFG-02151] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.fusion.FusionComponent] oracleComponent is null. Component will not be provisioned.
[2010-05-09T06:56:02.690-06:00] [EPMCFG] [WARNING] [EPMCFG-01113] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.config.AbstractProductDBConfigurator] Couldn't find product component in updateRegistryEntries
[2010-05-09T06:56:02.706-06:00] [EPMCFG] [NOTIFICATION] [EPMCFG-01107] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.DBConfigurator] Running file: C:\Oracle\Middleware\EPMSystem11R1\products\Foundation\workspace\database\Oracle\create.sql
[2010-05-09T06:56:03.503-06:00] [EPMCFG] [ERROR] [EPMCFG-01020] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RunAllTasks] Error: [[
java.lang.NullPointerException
at com.hyperion.cis.config.AppServerDeployer.isDeployAsWinService(AppServerDeployer.java:1699)
at com.hyperion.cis.config.AppServerDeployer.initializeParameters(AppServerDeployer.java:169)
at com.hyperion.config.wizard.impl.RunAllTasks.executeAppDeploymentTask(RunAllTasks.java:636)
at com.hyperion.config.wizard.impl.RunAllTasks.execute(RunAllTasks.java:331)
at com.hyperion.config.wizard.impl.RunnAllTasksState.run(RunnAllTasksState.java:89)
at java.lang.Thread.run(Thread.java:619)
[2010-05-09T06:57:03.804-06:00] [EPMCFG] [ERROR] [EPMCFG-01020] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.foundation.config.OCMTaskProcessor] Error: [[
java.lang.NullPointerException
at com.hyperion.foundation.config.OCMTaskProcessor.uploadOCMConfigurationToRegistry(OCMTaskProcessor.java:209)
at com.hyperion.foundation.config.OCMTaskProcessor.execute(OCMTaskProcessor.java:95)
at com.hyperion.cis.CustomTaskProcessor.execute(CustomTaskProcessor.java:94)
at com.hyperion.config.wizard.impl.RunAllTasks.executeCustomTask(RunAllTasks.java:725)
at com.hyperion.config.wizard.impl.RunAllTasks.execute(RunAllTasks.java:313)
at com.hyperion.config.wizard.impl.RunnAllTasksState.run(RunnAllTasksState.java:89)
at java.lang.Thread.run(Thread.java:619)
[2010-05-09T06:57:07.992-06:00] [EPMCFG] [ERROR] [EPMCFG-02151] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.fusion.FusionComponent] oracleComponent is null. Component will not be provisioned.
[2010-05-09T06:57:07.992-06:00] [EPMCFG] [TRACE] [EPMCFG-01001] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RunAllTasks] trace: Component provisioning is done.
[2010-05-09T06:57:07.992-06:00] [EPMCFG] [TRACE] [EPMCFG-01001] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RunAllTasks] trace: Done sorting tasks by priority
[2010-05-09T06:57:07.992-06:00] [EPMCFG] [TRACE] [EPMCFG-07326] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RunAllTasks] Executing deployment task for ProductDescriptor [workspace]
[2010-05-09T06:57:07.992-06:00] [EPMCFG] [TRACE] [EPMCFG-01328] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.cis.config.ConfigRegistryUtils] Looking for product component in the registry: component type = SHARED_SERVICES_PRODUCT
[2010-05-09T06:57:08.007-06:00] [EPMCFG] [ERROR] [EPMCFG-01020] [oracle.EPMCFG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.config.wizard.impl.RunAllTasks] Error: [[
java.lang.NullPointerException
at com.hyperion.cis.config.AppServerDeployer.isDeployAsWinService(AppServerDeployer.java:1699)
at com.hyperion.cis.config.AppServerDeployer.initializeParameters(AppServerDeployer.java:169)
at com.hyperion.config.wizard.impl.RunAllTasks.executeAppDeploymentTask(RunAllTasks.java:636)
at com.hyperion.config.wizard.impl.RunAllTasks.execute(RunAllTasks.java:331)
at com.hyperion.config.wizard.impl.RunnAllTasksState.run(RunnAllTasksState.java:89)
at java.lang.Thread.run(Thread.java:619)
Registry.log:
[2010-05-09T06:51:46.860-06:00] [EPMREG] [NOTIFICATION] [EPMREG-51096] [oracle.EPMREG.REG] [tid: 14] [ecid: 0000IXx7j^D37E65zNd9iW1BtexF000005,0] [SRC_CLASS: com.hyperion.hit.registry.RegistryUtils] [SRC_METHOD: readDatabaseProperties] Security Key could not be read from reg.properties file.
[2010-05-09T06:55:33.719-06:00] [EPMREG] [ERROR] [EPMREG-11054] [oracle.EPMREG.REG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.registry.RegistryConnection] [SRC_METHOD: createRegistry] [arg: C:\Oracle\Middleware\EPMSystem11R1\common\config\11.1.2.0\resources\registry\create_oracle.sql] An SQL Exception executing the registry DDL script C:\Oracle\Middleware\EPMSystem11R1\common\config\11.1.2.0\resources\registry\create_oracle.sql.
[2010-05-09T06:55:33.735-06:00] [EPMREG] [ERROR] [EPMREG-11099] [oracle.EPMREG.REG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.registry.RegistryConnection] [SRC_METHOD: createRegistry] Exception occurred.[[
java.sql.SQLSyntaxErrorException: ORA-00917: missing comma
at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:91)
at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:133)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:206)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:455)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:413)
at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1035)
at oracle.jdbc.driver.T4CStatement.doOall8(T4CStatement.java:183)
at oracle.jdbc.driver.T4CStatement.executeForRows(T4CStatement.java:942)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1223)
at oracle.jdbc.driver.OracleStatement.executeInternal(OracleStatement.java:1775)
at oracle.jdbc.driver.OracleStatement.execute(OracleStatement.java:1744)
at oracle.jdbc.driver.OracleStatementWrapper.execute(OracleStatementWrapper.java:299)
at com.hyperion.hit.registry.RegistryConnection.createRegistry(RegistryConnection.java:241)
at com.hyperion.hit.registry.RegistryUtils.initRegistry(RegistryUtils.java:82)
at com.hyperion.hit.registry.Registry.createRegistry(Registry.java:2220)
at com.hyperion.config.document.Storage.createRegProperties(Storage.java:1396)
at com.hyperion.config.wizard.impl.RunAllTasks.execute(RunAllTasks.java:105)
at com.hyperion.config.wizard.impl.RunnAllTasksState.run(RunnAllTasksState.java:89)
at java.lang.Thread.run(Thread.java:619)
[2010-05-09T06:56:03.456-06:00] [EPMREG] [ERROR] [EPMREG-11037] [oracle.EPMREG.REG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.registry.Registry] [SRC_METHOD: getConnection] An error occured when checking the status of the registry connection and reseting it.[[
com.hyperion.hit.registry.exceptions.RegistryException: No database properties could be read
at com.hyperion.hit.registry.datasource.SharedServicesDataSourceFactory.getDataSource(SharedServicesDataSourceFactory.java:29)
at com.hyperion.hit.registry.datasource.SharedServicesDatabaseConnectionBuilder.getConnection(SharedServicesDatabaseConnectionBuilder.java:26)
at com.hyperion.hit.registry.RegistryUtils.createNewConnection(RegistryUtils.java:183)
at com.hyperion.hit.registry.Registry.getConnection(Registry.java:161)
at com.hyperion.hit.registry.Registry.lookupComponents(Registry.java:1263)
at com.hyperion.hit.registry.Registry.lookup(Registry.java:517)
at com.hyperion.css.registry.RegistryManager.<init>(RegistryManager.java:70)
at com.hyperion.css.registry.RegistryManager.populateCSSTrustedServicesKey(RegistryManager.java:140)
at com.hyperion.foundation.config.FoundationDbConfigurator.populateCssTrustedKey(FoundationDbConfigurator.java:121)
at com.hyperion.foundation.config.FoundationDbConfigurator.configure(FoundationDbConfigurator.java:88)
at com.hyperion.config.wizard.impl.RunAllTasks.executeDbConfigTask(RunAllTasks.java:753)
at com.hyperion.config.wizard.impl.RunAllTasks.execute(RunAllTasks.java:322)
at com.hyperion.config.wizard.impl.RunnAllTasksState.run(RunnAllTasksState.java:89)
at java.lang.Thread.run(Thread.java:619)
[2010-05-09T06:56:03.456-06:00] [EPMREG] [ERROR] [EPMREG-11045] [oracle.EPMREG.REG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.registry.Registry] [SRC_METHOD: lookupComponents] [arg: SYSTEM9] An exception when looking up components of type SYSTEM9 matching the specified properties.
[2010-05-09T06:56:03.456-06:00] [EPMREG] [ERROR] [EPMREG-11099] [oracle.EPMREG.REG] [tid: 27] [ecid: 0000IXx8^W937E65zNd9iW1BtexF00000G,0] [SRC_CLASS: com.hyperion.hit.registry.Registry] [SRC_METHOD: lookupComponents] Exception occurred.[[
com.hyperion.hit.registry.exceptions.RegistryException: com.hyperion.hit.registry.exceptions.RegistryException: No database properties could be read
at com.hyperion.hit.registry.Registry.getConnection(Registry.java:178)
at com.hyperion.hit.registry.Registry.lookupComponents(Registry.java:1263)
at com.hyperion.hit.registry.Registry.lookup(Registry.java:517)
at com.hyperion.css.registry.RegistryManager.<init>(RegistryManager.java:70)
at com.hyperion.css.registry.RegistryManager.populateCSSTrustedServicesKey(RegistryManager.java:140)
at com.hyperion.foundation.config.FoundationDbConfigurator.populateCssTrustedKey(FoundationDbConfigurator.java:121)
at com.hyperion.foundation.config.FoundationDbConfigurator.configure(FoundationDbConfigurator.java:88)
at com.hyperion.config.wizard.impl.RunAllTasks.executeDbConfigTask(RunAllTasks.java:753)
at com.hyperion.config.wizard.impl.RunAllTasks.execute(RunAllTasks.java:322)
at com.hyperion.config.wizard.impl.RunnAllTasksState.run(RunnAllTasksState.java:89)
at java.lang.Thread.run(Thread.java:619)
Caused by: com.hyperion.hit.registry.exceptions.RegistryException: No database properties could be read
at com.hyperion.hit.registry.datasource.SharedServicesDataSourceFactory.getDataSource(SharedServicesDataSourceFactory.java:29)
at com.hyperion.hit.registry.datasource.SharedServicesDatabaseConnectionBuilder.getConnection(SharedServicesDatabaseConnectionBuilder.java:26)
at com.hyperion.hit.registry.RegistryUtils.createNewConnection(RegistryUtils.java:183)
at com.hyperion.hit.registry.Registry.getConnection(Registry.java:161)
... 10 moreYes. I downloaded and extracted the additional components. I have also dropped and recreated the HSS repository. Each time I have tried to reinstall, I have uninstalled all EPM/Oracle components, removed registry keys, removed EPM environment variables and removed references to oracle in the PATH environment variable.
I have tried installing/configuring HSS 11.1.2 on both Windows 2008 SP1 64-bit and Windows 2008 SP1 32-bit. The configuration error is the same.
I was able to get my SR reassigned to a different support analyst, and we are working on troubleshooting now.
If you can think of anything else to try, let me know.
BTW...on the 32-bit server, the page file maximum is 16GB (should be enough)?
Thanks. -
How to set two radius servers one is window NPS another is cisco radius server
how to set two radius servers one is window NPS another is cisco radius server
when i try the following command, once window priority is first , i type cisco radius user name, it authenticated fail
i can not use both at the same time
radius-server host 192.168.1.3 is window NPS
radius-server host 192.168.1.1 is cisco radius
http://blog.skufel.net/2012/06/how-to-integrating-cisco-devices-access-with-microsoft-npsradius/
conf t
no aaa authentication login default line
no aaa authentication login local group radius
no aaa authorization exec default group radius if-authenticated
no aaa authorization network default group radius
no aaa accounting connection default start-stop group radius
aaa new-model
aaa group server radius IAS
server 192.168.1.1 auth-port 1812 acct-port 1813
server 192.168.1.3 auth-port 1812 acct-port 1813
aaa authentication login userAuthentication local group IAS
aaa authorization exec userAuthorization local group IAS if-authenticated
aaa authorization network userAuthorization local group IAS
aaa accounting exec default start-stop group IAS
aaa accounting system default start-stop group IAS
aaa session-id common
radius-server host 192.168.1.1 auth-port 1812 acct-port 1813
radius-server host 192.168.1.2 auth-port 1812 acct-port 1813
radius-server host 192.168.1.3 auth-port 1645 acct-port 1646
radius-server host 192.168.1.3 auth-port 1812 acct-port 1813
privilege exec level 1 show config
ip radius source-interface Gi0/1
line vty 0 4
authorization exec userAuthorization
login authentication userAuthentication
transport input telnet
line vty 5 15
authorization exec userAuthorization
login authentication userAuthentication
transport input telnet
end
conf t
aaa group server radius IAS
server 192.168.1.3 auth-port 1812 acct-port 1813
server 192.168.1.1 auth-port 1812 acct-port 1813
endThe first AAA server listed in your config will always be used unless/until it becomes unavailable. At that point the NAD would move down to the next AAA server defined on the list and use that one until it becomes unavailable and then move to third one, and so on.
If you want to use two AAA servers at the same time then you will need to put a load balancer in front of them. Then the virtual IP (vip) will be listed in the NADs vs the individual AAA servers' IPs.
I hope this helps!
Thank you for rating helpful posts! -
Windows 8.1 VPN Server Setup - No Network softwaare to choose
Hi Everyone
Windows 8.1
Setting up an incoming VPN Server.
When I try to create a New Incoming Connection via Control Panel > Network and Sharing Center > Change adapter settings > Alt - F > New Incoming Connection.
The wizard appears so I check the User Account > Next > Check Through the Internet > Next bringing up the Allow connections to this computer window where I should be able select Networking software to be enabled and then go on
to click Allow Access button. The networking software to highlight window is blank. Using the Install... button below this window brings up the Select Network Feature Type window where I can highlight a feature (Client, Service or Protocol)
and click Add button . It returns to the Allow connections window which has not changed and nothing is added. Still blank.
How do I get the network software to be there to select?
I have done this on other machines and had no problems at all. It worked the way it should.
After I did an image and reset operating system, the VPN Server Setup worked as it should. Restored image as it is way to much work to rebuild the machine. So any ideas?
Any and all help will be appreciated.
Thanks in advance. LowellHi,
Did you mean you have solved this problem by resetting Windows?
Regarding to current information, this issue can be caused by port settings or corrupted Windows components.
Please check if the VPN port 1723 has been set as allowed in both your Firewall and router settings pages.
Also, we may fix such issue by running following repair command:
NOTE: Please run these commands as administrator.
SFC /SCANNOW
dism /online /cleanup-image /restorehealth
For further help, you can upload %windir%\logs\CBS\cbs.log and %windir%\Logs\DISM\dism.log into Onedrive or similar file service and share the link here for our research.
Kate Li
TechNet Community Support -
Forwarding L2TP to an internal Windows 2008 R2 VPN server behind RV042
Hi all,
we have a Cisco RV042 router and we wanted to use a Win 2k8 R2 VPN server that is located behind it to handle L2TP VPN connections.
I have forwarded Ports 500 and 4500 UDP and Port 1701 TCP and UDP to the VPN server, but I cannot establish a connection from my Windows 7 machine. I'm getting error 809 after a timeout.
It is working from the iPhone and the Mac without problems.
I have already set the parameter "AssumeUDPEncapsulationContextOnSendRule" to 2 in the registry of both the client and the server but with no effect.
My guess is that I cannot forward "IP Protocol 50" from the RV042 and that the iPhone VPN does not care about that but the Windows VPN does and so it's not working. Or is it possible that the active PPTP server on the RV042 could interfere here? It should be using different ports though.
Any idea how I could make this setup work?
Thanks
Regards,
MichaelThis router is now supported on the Cisco forums since the sale of Linksys to Belkin. I had issues with L2TP with a different router. I just switched to PPTP instead. I've found PPTP much more forgiving between devices.
Please remember to Kudo those that help you.
Linksys
Communities Technical Support
Maybe you are looking for
-
Custom error messages on while validating User profile
Hi, I have developed a valadation handler to validate data of a user while creating/updating. If any of the attribute valation failed then my ValidationFailedException is getting triggered but it is showing my custom message on the server logs and on
-
One to Many table join -- concat field per record grouped by id
Post Author: wm5 CA Forum: Formula Hello, I am using Crystal Reports XI and have two tables that have a one to many relationship and are joined by an JobID (number). Below is a sample with relative fields for each table. job_table: JobID (number), Ma
-
Problem in getCellColor method
Hi All, I am using Jdeveloper 11g Release1(11.1.1.4.0) I have created getCellColor method in my bean as follow. public String getCellColor() { FacesContext ctx = FacesContext.getCurrentInstance(); ExpressionFactory ef = ctx.getApplication().getExpres
-
How to install FLEX in SAP WAS and How to deploy project into SAP EP ?
Hi. I want to create SAP EP Contents using FLEX and I have serveral question about this. 1. How to install Flex into SAP EP and What do I have to install ? 2. When we developing SAP EP Contents using FLEX, Which Tool do I have to use ? (NWDS or F
-
Some current apps require 6.0 but iPad wion't update from 5.1.1.