TACACS+ and RADIUS
Hi,
Can i configured on aironet 1100 RAIDIUS for users and TACACS for administration?
With Cisco ACS i can only add one option.
I want to centralize the AAA for all the equipments and use CISCO ACS!
But the AP's are radio clients already!
TKS
Yes, you can do both on the AP1100. Use something similar to the configuration below:
aaa new-model
aaa group server radius rad_eap
server x.x.x.x auth-port 1645 acct-port 1646
aaa group server tacacs+ tacacs_here
server x.x.x.x
aaa authentication login default group tacacs+ group tacacs_here
aaa authentication login wireless_client group rad_eap
dot11 ssid SSID4ME
vlan xxx
authentication open eap wireless_client
Similar Messages
-
Cisco ISE with TACACS+ and RADIUS both?
Hello,
I am initiating wired authentication on an existing network using Cisco ISE. I have been studying the requirements for this. I know I have to turn on RADIUS on the Cisco switches on the network. The switches on the network are already programmed for TACACS+. Does anybody know if they can both operate on the same network at the same time?
BobHello Robert,
I believe NO, they both won't work together as both TACACS and Radius are different technologies.
It's just because that TACACS encrypts the whole message and Radius just the password, so I believe it won't work.
For your reference, I am sharing the link for the difference between TACACS and Radius.
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml
Moreover, Please review the information as well.
Compare TACACS+ and RADIUS
These sections compare several features of TACACS+ and RADIUS.
UDP and TCP
RADIUS uses UDP while TACACS+ uses TCP. TCP offers several advantages over UDP. TCP offers a connection-oriented transport, while UDP offers best-effort delivery. RADIUS requires additional programmable variables such as re-transmit attempts and time-outs to compensate for best-effort transport, but it lacks the level of built-in support that a
TCP transport offers:
TCP usage provides a separate acknowledgment that a request has been received, within (approximately) a network round-trip time (RTT), regardless of how loaded and slow the backend authentication mechanism (a TCP acknowledgment) might be.
TCP provides immediate indication of a crashed, or not running, server by a reset (RST). You can determine when a server crashes and returns to service if you use long-lived TCP connections. UDP cannot tell the difference between a server that is down, a slow server, and a non-existent server.
Using TCP keepalives, server crashes can be detected out-of-band with actual requests. Connections to multiple servers can be maintained simultaneously, and you only need to send messages to the ones that are known to be up and running.
TCP is more scalable and adapts to growing, as well as congested, networks.
Packet Encryption
RADIUS encrypts only the password in the access-request packet, from the client to the server. The remainder of the packet is unencrypted. Other information, such as username, authorized services, and accounting, can be captured by a third party.
TACACS+ encrypts the entire body of the packet but leaves a standard TACACS+ header. Within the header is a field that indicates whether the body is encrypted or not. For debugging purposes, it is useful to have the body of the packets unencrypted. However, during normal operation, the body of the packet is fully encrypted for more secure communications.
Authentication and Authorization
RADIUS combines authentication and authorization. The access-accept packets sent by the RADIUS server to the client contain authorization information. This makes it difficult to decouple authentication and authorization.
TACACS+ uses the AAA architecture, which separates AAA. This allows separate authentication solutions that can still use TACACS+ for authorization and accounting. For example, with TACACS+, it is possible to use Kerberos authentication and TACACS+ authorization and accounting. After a NAS authenticates on a Kerberos server, it requests authorization information from a TACACS+ server without having to re-authenticate. The NAS informs the TACACS+ server that it has successfully authenticated on a Kerberos server, and the server then provides authorization information.
During a session, if additional authorization checking is needed, the access server checks with a TACACS+ server to determine if the user is granted permission to use a particular command. This provides greater control over the commands that can be executed on the access server while decoupling from the authentication mechanism.
Multiprotocol Support
RADIUS does not support these protocols:
AppleTalk Remote Access (ARA) protocol
NetBIOS Frame Protocol Control protocol
Novell Asynchronous Services Interface (NASI)
X.25 PAD connection
TACACS+ offers multiprotocol support.
Router Management
RADIUS does not allow users to control which commands can be executed on a router and which cannot. Therefore, RADIUS is not as useful for router management or as flexible for terminal services.
TACACS+ provides two methods to control the authorization of router commands on a per-user or per-group basis. The first method is to assign privilege levels to commands and have the router verify with the TACACS+ server whether or not the user is authorized at the specified privilege level. The second method is to explicitly specify in the TACACS+ server, on a per-user or per-group basis, the commands that are allowed.
Interoperability
Due to various interpretations of the RADIUS Request for Comments (RFCs), compliance with the RADIUS RFCs does not guarantee interoperability. Even though several vendors implement RADIUS clients, this does not mean they are interoperable. Cisco implements most RADIUS attributes and consistently adds more. If customers use only the standard RADIUS attributes in their servers, they can interoperate between several vendors as long as these vendors implement the same attributes. However, many vendors implement extensions that are proprietary attributes. If a customer uses one of these vendor-specific extended attributes, interoperability is not possible.
Traffic
Due to the previously cited differences between TACACS+ and RADIUS, the amount of traffic generated between the client and server differs. These examples illustrate the traffic between the client and server for TACACS+ and RADIUS when used for router management with authentication, exec authorization, command authorization (which RADIUS cannot do), exec accounting, and command accounting (which RADIUS cannot do). -
Configure PIX to use both TACACS and RADIUS for VPN
PIX 506E using ver 6.3: Whenever I add the command "crypto map mymap client authentication PARTNERAUTH" it removes the current TACACS+ client authentication. I need to have both until I've finished testing the radius server. Can I add an additional crypto map designation command to accomodate and use both the current TACACS+ (ACS) and RADIUS?
Hi,
Unfortunately what you want to do cannot be done on the pix, let's say that you have
multiple vpn groups on your firewall, as soon as you apply the following command:
crypto map mymap client authentication partnerauth
where parnerauth can a radius, tacacs, tacacs+ or an ACS server:
aaa-server partnerauth protocol radius
aaa-server partnerauth (inside) host 172.18.124.196 cisco123
As soon as you use "crypto map mymap client authentication partnerauth" the authentication
is applied globally on the crytpmap, thus affecting all the vpn groups configured.
You can have multiple vpn groups running on your firewall (dynamic crypto maps) but you
need to associate them to a static crypto map ( crypto dynamic-map dynmap 10 set
transform-set myset).
You can only have 1 crypto map applied to one interface, when you apply this line:
"crypto map mymap client authentication partnerauth"
The authentication is applied to ALL the clients, we cannot separate the extended
authentication based on the vpn group or ip address.
Please rate if that helps !
Regards,
~JG -
Authentication providers for TACACS+ and RADIUS
Does anyone supply WLS 8.1 authentication providers for TACACS+ and/or
RADIUS?
BenSo in the ACS network config you add 2 NASes (or should that be NASi?)
One is of type TACACS+, enter the device ip and secret. The other is RADIUS - unless you need to use some vendor specific trickery you could stick with IETF RADIUS to keep it simple. Again enter the IP and the secret.
Assuming you a have at least 1 user in say, the default group (acs group 0) you then need to do some basic setup. In ACS a single group can have both RADIUS and TACACS+ config :-)
RADIUS will pretty much default to PPP anyway, but you should still set the Service-Type to Framed and set session timeouts etc.
With T+ you tick the boxes for the services that are allowed. For SSH login you might have to define a custom service first (under interface config)
Suggest you first take time to scan through the ACS docs. -
TACACS+ and RADIUS - Does either care about hostname?
When first experimenting with TACACS+, I remember changing the hostname on a router and having it cause issues with authentication. Is it normal for TACACS+ to use a devices hostname as part of the authentication process? What about RADIUS?
Hi,
Nope, neither one uses the hostname of the device for the AAA process.
Only take care of the source-interface (source IP address), the shared secret and the ports used.
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it. -
ACS Solution Engine TACACS+ and Radius
I have an ACS Solutions Engine that is performing TACACS authentication for remote access to Switches and now want to add 802.1X support for port based access control against the ACS server also. For some reason this is not working for me at all. Does anyone have a document that will guide me in this.
http://cisco.biz/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6638/guide_c07-627531.pdf
There is a lot of reading on the topic. Maybe you could precise what is not working as expected ?
what EAP method are you doing ? how is your switchport configured ? Is there an error message on ACS ? -
Tacacs+ for exec and radius for ppp on the same ras
Hi, I'm going to implement tacacs+ for exec control and RADIUS for ppp control in a ras router, using the same ACS for tacacs+ and radius sessions.
Is there any problem with this kind of configuration ?
thank you in advance
RenatoRenato
I have recently done something very similar at a customer site. On a remote access server we configured it to use TACACS for exec control and to use Radius for ppp. In our case we are using different servers but I do not think that would be an issue. We also are generating aaa accounting records for the ppp sessions and sending the accounting records to the TACACS server. I have not had any particular problems with getting this to work.
HTH
Rick -
Hi,
I am setting up a server with TACACS+ to test with IPv6 - is there an update that I can do to enable the software to listen and respond on IPv6 (tacacs+-F4.0.4.18)....
ThanksYes.
If you want to run both TACACS+ and RADIUS for the same network device (eg. AP1200 with radius for clients and TACACS+ for telnet), then you would have to use a difference device name for each option on the ACS.
eg. For radius you would use the device name ukwap1200-001 and for tacacs+ maybe ukwap1200-001-T -
Can ACS run TACACS+ adn RADIUS concurrently?
I know that ACS supports both TACACS+ and RADIUS protocols. My question is can ACS run TACACS+ and RADIUS concurrently?
Once you go into Network Configuration, you enter the Network Device Group you want to add the device to. Select the option to add a client device and input the information, but enter a different client hostname, with the same IP Address in each seperate Network Device Configuration. You can specify which Network Device Group for the client to use, and in the specific group is where you will specify which resources the client members will be able to access. I specified a few different groups with different access restricitions, because I didn't want the Dial -In or Wireless people to have Admin Access to my TACACS+ configured devices...
Let me know if this helps... -
802.1x, eDirectory, and RADIUS
Hello all:
I hope that I am posting on the correct forum.
We currently have a Cisco ACS 3.3 which we have configured to use
eDirectory as an external LDAP directory. We are currently able to set
up access to our routers and switches via TACACs and successfully
authenticate via user names and passwords stored in eDirectory, so we
know that the LDAP access is working. eDirectory version is 8.7.3.4. OS
is Netware 6.5 sp 3.
We are now embarking on setting up wireless authentication utilizing
the AEGIS client from Meetinghouse as our supplicant. We have been
successful in authenticating to our test wireless AP (Cisco 1200) with
a user setup in an access group on the ACS using the ACS as a RADIUS
server. We are authenticating via LEAP. However, we have not been able
to authenticate using eDirectory usernames and passwords. Upon
reviewing various posts I have seen info about adding RADIUS attributes
to eDirectory to use the FreeRADIUS server. Is this necessary with the
ACS device? Do we need to change our protocol to EAP-TTLS as is
suggested in other posts or do we need to set up simple passwords? What
security considerations do we want to take into account?
If anyone has successfully implemented this configuration, please feel
free to contact me directly. We want to leverage eDirectory and our
client's experience with this platform to make wireless security as
seemless and secure as possible. This is a school district and we want
to be able to limit our user access via login names that they enter on
any machine in the district rather than via machine certificates. That
way if we want to deny a student access for disciplinary reasons, we
can implement it very easily.
I would greatly appreciate any assistance that can be provided!!!!!!
Donna MoyerHeiti
I sent you an email regarding our situation. Have you received it yet
and if so have you had a chance to respond to the wireless
authentication questions.
Thanks
heiti@boras_nospam_.se wrote:
> Nope....the easiest way to do it, is to use eDirectory for authentication
> only and let the acs server do the other stuff.
>
> I quess that the only time when you need to to so is when you are
> connecting to netware RADIUS via PAP over EAP-TTLS tunnel.
> You can do that with freeRadius but not with ciso ACS.
> And the only clients supporting that are Intel Proset, Aegis and Odyssey
> but not the Ciscos or Microsofts supplicators.
>
>
> Whitch metod to use depends on what environment you have;
> In a school environment(or a environment where computers are shared among
> many users) and Novell Client installed, you should use PEAP (PEAPv1;GTC)
> instead of EAP-FAST and use the pre-logon stuff on the supplicator.
> And use a static user in the profile configuration(and you event dont need
> to have the user credentials in edirectory), istead of prompting the
> password and username all the time.
> (Because you are needing the IP-address before the novell Client tries to
> logon.)
> That should give, in a user point of view, a Single Sing On functionality.
>
> In a opposite environment where there is a single profile(user) on each
> computer you can use EAP-FAST(with manual PAC provisioning) or PEAP with
> eDirectory (or LDAP) as the autehticator database, and prompt for Username
> and password eatch time.
>
>
> The ultimate method would be a Novell Client supporing EAP and a Novell
> RADIUS server supporting EAP-FAST/EAP-TTLS or PEAP.
> That should ease upp everyting a bit and give a clean environment and
> Single Sing On functionality =)
>
>
> PS. PEAP gives the advantage against EAP-TLS that PEAP doesnt need a
> client certificate only a server certificate.
>
>
> Method Database Certificate
> -------------------------------------------------
> EAP-FAST LDAP/NDS/Etc. No, only PAC
> PEAPv0(MSChap) AD Server
> PEAPv1(Gtc) LDAP/NDS/Etc. Server
> EAP-TLS LDAP/NDS/Etc. Client, Server
> EAP-TTLS NW RADIUS(PAP) No
> LEAP AD No
>
>
> feel free to ask more!
>
> best regards,
> Heiti Ernits
> Network Technician
> Adk-Data
> Bors Stad -
I am going through a 2 year degree course for Network Design and Adminstration and I have an internship with the city I live in. I have been tasked to reconfigure over 150 layer 3 switches (all Cisco and ranging from 2960, 3560 to 3850 [the 3850's are new and will have an initial config when this is done])from TACACS+ to Radius. The gentlemen I work under has given me only one parameter, make it work. He wants me to do my own research and then configure both a 3560 and a 3850 in a lab enviroment first and then troubleshoot.
I have a couple of questions...
1) In the manual for the 3560 on page 10-37 under the CoA heading It says ".... This procedure is required". Does that mean if I am using radius I have to use CoA or is it if I use some of the other options such as VSA I have to use it? Also, I have read the geek speak for what CoA is but this may be a stupid question but can someone put it in a langauge an intermediate person can understand and explain why I would want to do this and is it a best practice?
2) Any words of wisdom about do's and don'ts for this process?Good question.
And the answer depends on the requirements of an environment.
One example can be mentioned in the following scenario
A user has access to specific devices (Devices A) in the network only during business hours. While it has access to other devices 24/7 (Devices B).
If a user logged in to a device in group A just before end of buisness day, the user will be able to keep the session active after buisness hours until s/he exits or the session times out.
Now, you can change the authorizatoin at the end of business day so that the user's session loses access to the group A devices and keep only access to group B.
Another example can be that, you allow all users to your network to have internet only access. But allow only specific group to connect to the internal network. When a user authenticates you allow it directly in the VLAN X that allows the user for internet access only. Now, if the user is authorized and is a member of the internal group, you send a CoA message to the user to change its connection to VLAN Y that has access to both internal and internet access.
Hope it clears the picture a bit.
Amjad
Rating useful replies is more useful than saying "Thank you" -
Problems getting TACACS and SNTP to cork on CSS11500
Hi,
I have a problem with TACACS and SNTP on a pair of CSS11501s and a pair of CSS11503s
I have configured a TACACS server and an SNTP server which are accessable out the management interface. There is a route to these devices out the management interface. They aren't pingable but if I span the management port and sniff it I can see the ICMP requests leaviong th interface if I try to ping any of them. The problem is that the device sends no SNTP packets to the server and it never sends any packets to TACACS server on the management or any of the other ports - it's as if both services are somehow disabled. I did some debugging as per doc 27000 on CCO and I do get the message "SECURITY-7: Security Manager sending error 7 reply to xyz" which the doc suggests is a key mistmatch, but I don't think it can be as the device isn't even trying to connect to the TACACS server on port 49.
Am I missing something obvious?
I've pasted the relevant parts of the config below
Thanks in advance,
Dom
lab-fe-2# show run
!Generated on 11/20/2009 09:40:18
!Active version: sg0820303
configure
!*************************** GLOBAL ***************************
sntp primary-server 10.52.240.1 version 3
sntp secondary-server 10.52.240.2 version 3
virtual authentication primary tacacs
virtual authentication secondary local
tacacs-server key xxxxxxxxxxxxx
tacacs-server 10.52.255.201 49
ip management route 10.52.240.0 255.255.240.0 10.55.2.252
ip route 0.0.0.0 0.0.0.0 10.55.3.254 1
!************************* INTERFACE *************************
interface e1
bridge vlan 2503
phy 100Mbits-FD
interface e2
bridge vlan 2004
phy 100Mbits-FD
interface Ethernet-Mgmt
phy 10Mbits-FD
!************************** CIRCUIT **************************
lab-fe-2# show boot
!************************ BOOT CONFIG ************************
ip address 10.55.2.245
subnet mask 255.255.255.0
primary boot-file sg0820303
primary boot-type boot-via-disk
gateway address 10.55.2.252
lab-fe-2#
lab-fe-2# show tacacs-server
Per-Server Status:
IP/Port State Primary Authen. Author. Account
10.52.255.201:49 Dead No 0 0 0
Totals: 0 0 0
Per-Server Configuration:
IP/Port Key Server Timeout Server Frequency
10.52.255.201:49 Not Configured None None
Global Configuration Parameters:
Global Timeout: 5
Global KAL Frequency: 5
Global Key: Configured
Authorize Config Commands: No
Authorize Non-Config Commands: No
Account Config Commands: No
Account Non-Config Commands: No
Send Full Command: Yes
end of buffer.
lab-fe-2#
lab-fe-2#
lab-fe-2#
lab-fe-2#I have got to the bottom of this, It looks like the CSS cannot authenticate users using a TACACS server
over the management interface unless the TACACS server is located on the same subnet as the management interface;
The Ethernet management port provides a connection to the CSS that allows you to perform CSS management functions. The Ethernet management port supports management functions such as secure remote login through SSH, remote login through Telnet, file transfer through active FTP, SNMP queries, HTTPS access to the Device Management user interface, SNTP, DNS, ICMP redirects, RADIUS, syslog, CDP, TACACs, and CSS configuration changes through XML.
Note When using static routes for managing the CSS from subnets beyond the management LAN, the Ethernet management port supports the management applications listed above, except CDP, DNS, SNTP, and TACACs. For more information on static routes, see the "Configuring Static Routes for the Ethernet Management Port" section.
I'm going to have to configure NAT on the Management port's gateway device so the CSS thinks the TACACS server is on the same subnet.
The confusing thing about this is that this is documented up to version 7.40, but it's not mentioned in the documentation for 7.5, 8.1 or 8.2 and neither is it mentioned that it is supported in the release notes of any of those versions.
Cheers, Dom -
Does ISE 1.1 support TACACS and H-REAP?
Hello,
Does ISE1.1 support TACACS/TACACS+ and H-REAP mode ?
Also, customer wants to have quick access to the corporate network with some few laptops without going through the Actice Directory? Any suggestion on this?
Thanks
OluEAP-TLS does not rely on AD.
CA root cert is installed on ACS for trust and identity.
you can elect to Perform Binary Certificate Comparison with Certificate retrieved from LDAP or Active Directory
Users and Identity Stores >
Certificate Authentication Profile >
Edit: "CN Username"
see the checkbox at the bottom.
I do EAP TLS machine auth only without integrating AD into the policy at all.
hth,
jk -
I configured my Aironet 1262N autonomous AP to authenticate and account my users against a FreeRADIUS server. In the RADIUS server database, I saw some records like:
select username, acctauthentic, acctterminatecause, acctstarttime, acctstoptime from radacct where username='xxxxxx';| xxxxxx | RADIUS | Lost-Carrier | 2014-02-22 09:15:32 | 2014-02-22 11:15:58 || xxxxxx | RADIUS | Lost-Carrier | 2014-02-22 09:15:58 | 2014-02-22 12:16:36 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:16:37 | 2014-02-22 09:22:13 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:22:14 | 2014-02-22 09:27:34 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:27:35 | 2014-02-22 09:33:12 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:33:14 | 2014-02-22 09:38:34 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:38:35 | 2014-02-22 09:43:55 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:43:57 | 2014-02-22 09:49:17 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:49:18 | 2014-02-22 09:54:52 || xxxxxx | Local | Lost-Carrier | 2014-02-22 09:54:54 | 2014-02-22 10:00:14 || xxxxxx | Local | Lost-Carrier | 2014-02-22 10:00:14 | 2014-02-22 10:00:26 || xxxxxx | RADIUS | Lost-Carrier | 2014-02-22 10:00:26 | 2014-02-22 10:06:17 || xxxxxx | Local | Lost-Carrier | 2014-02-22 10:06:19 | 2014-02-22 10:11:39 || xxxxxx | Local | Lost-Carrier | 2014-02-22 10:11:41 | 2014-02-22 10:17:52 || xxxxxx | Local | Lost-Carrier | 2014-02-22 14:50:41 | 2014-02-22 14:50:42 || xxxxxx | RADIUS | Lost-Carrier | 2014-02-22 14:50:42 | 2014-02-22 15:01:25 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:01:26 | 2014-02-22 15:06:46 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:06:48 | 2014-02-22 15:12:08 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:12:09 | 2014-02-22 15:20:24 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:20:25 | 2014-02-22 15:28:33 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:28:35 | 2014-02-22 15:33:54 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:33:55 | 2014-02-22 15:39:15 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:39:17 | 2014-02-22 15:44:37 || xxxxxx | Local | Lost-Carrier | 2014-02-22 15:44:38 | 2014-02-22 15:49:59 || xxxxxx | Local | | 2014-02-22 15:49:59 | NULL |
As you can see, the Acct-Authentic fields contains two possible values: Local and RADIUS. I didn't create any user with name 'xxxxxx' on AP, and I configure the authentication is against the RADIUS server. Why there are so many Acct-Authentic = 'Local'?
Also, this user always lost his connection and then reconnected quickly. This user login his account in multiple devices, including smart phone and computers. All of them are experiencing the same issue. Is there anyway to debug it? Any protential reasons?
Regards,
Lingfeng XiongHi,
I have exactly the same problem with my freeradius and switchs when swiths are in IOS 15.x .
You can see the log accounting :
| 5971 | 0000007E | bde8f71b768f2785 | | | | 10.254.1.253 | 50001 | Ethernet | 2014-04-03 23:23:04 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5972 | 0000007F | 27c15b7db52213d9 | | | | 10.254.1.253 | 50001 | Ethernet | 2014-04-03 23:23:04 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5973 | 00000080 | 8fb0d5fe41e82d65 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:23:18 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5974 | 00000081 | fa753225306a1a30 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:23:35 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5975 | 00000082 | 39b6dfcf6aa90e30 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:25:57 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5976 | 00000083 | d7766e99f09aee2f | | | | 10.254.1.253 | 50024 | Ethernet | 2014-04-03 23:26:33 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5977 | 00000084 | 7094f61110fe4eef | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:29:22 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5978 | 00000085 | 66ded1d410f07c51 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:30:00 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5979 | 00000086 | 326144c4321e0286 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:30:32 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5980 | 00000087 | 01d1379a4f9c3365 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:32:57 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5981 | 00000088 | 91164743f562dfdb | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:34:59 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5982 | 00000089 | abf1519e403f8305 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-03 23:36:21 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5984 | 0000008B | 2e199e473e646ba4 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 00:21:01 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5986 | 0000008C | cb4c2e11189d484c | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 00:28:10 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5987 | 0000008D | 1e928dc7eabc1e6d | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 00:28:11 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5988 | 0000008E | f1e3754a954e6863 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 00:28:15 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5989 | 0000008F | e46d377efc8a47f8 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 01:00:02 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5990 | 00000090 | e098f1dc19bdeee2 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 01:01:02 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5991 | 00000091 | 6ae3acb7d57c9c5a | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 01:56:25 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5992 | 00000092 | abc974156cf20e23 | | | | 10.254.1.253 | 50021 | Ethernet | 2014-04-04 03:10:56 | NULL | 1943 | Local | | | 0 | 204825 | | | | Framed-User | | | 0 | 0 | |
| 5993 | 00000093 | be822673509843a6 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 03:51:41 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5994 | 00000094 | 0a4366a6cd9eb0c5 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 07:53:42 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5996 | 00000095 | 5d289b8db37d0c8d | | | | 10.254.1.253 | 50024 | Ethernet | 2014-04-04 08:58:22 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 5997 | 00000096 | c4ea1e813085a6d7 | | | | 10.254.1.253 | 50024 | Ethernet | 2014-04-04 08:58:22 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 6002 | 0000009A | a82ac41b1ff5f16b | | | | 10.254.1.253 | 50024 | Ethernet | 2014-04-04 09:03:12 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 6004 | 0000009B | 0719718c780250c2 | | | | 10.254.1.253 | 50024 | Ethernet | 2014-04-04 09:53:30 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 6005 | 0000009C | c58f9c5e30b60fb7 | | | | 10.254.1.253 | 50016 | Ethernet | 2014-04-04 09:56:54 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 6007 | 0000009D | f78cc71528fd7898 | | | | 10.254.1.253 | 50024 | Ethernet | 2014-04-04 09:56:54 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
| 6008 | 0000009E | 200a1608264cc03c | | | | 10.254.1.253 | 50019 | Ethernet | 2014-04-04 10:01:14 | 2014-04-04 10:30:24 | 1750 | Local | | | 114654 | 93145 | | | Lost-Carrier | Framed-User | | | 0 | 0 | |
| 6009 | 0000009F | c5ec021f0ef399c1 | | | | 10.254.1.253 | 50019 | Ethernet | 2014-04-04 10:01:44 | 2014-04-04 10:30:24 | 1720 | Local | | | 109122 | 86295 | | | Lost-Carrier | Framed-User | | | 0 | 0 | |
| 6013 | 000000A4 | 042773e07781caba | | | | 10.254.1.253 | 50019 | Ethernet | 2014-04-04 10:30:26 | 2014-04-04 10:39:51 | 565 | Local | | | 36891 | 39077 | | | Lost-Carrier | Framed-User | | | 0 | 0 | |
| 6015 | 000000A5 | f6b305e3f0d6aa5a | | | | 10.254.1.253 | 50019 | Ethernet | 2014-04-04 10:30:56 | 2014-04-04 10:39:51 | 535 | Local | | | 31698 | 32171 | | | Lost-Carrier | Framed-User | | | 0 | 0 | |
| 6017 | 000000A6 | ef6cad3df24ccd61 | | | | 10.254.1.253 | 50002 | Ethernet | 2014-04-04 10:42:20 | NULL | 0 | Local | | | 0 | 0 | | | | Framed-User | | | 0 | 0 | |
Someone has an idea ?
Thanks,
Best regards, -
Please help to draw curves in flash pro cc,considering center and radius as parameters...
function drawArcF(sp:Sprite,centerX:int,centerY:int,radius:int,startA:int,endA:int,color:uint):voi d{
if(startA>endA){
var tempA:int=startA;
startA=endA
endA=tempA;
var degToRad:Number = Math.PI/180;
with(sp.graphics){
lineStyle(0,color);
moveTo(centerX+radius*Math.cos(degToRad*startA),centerY+radius*Math.sin(degToRad*startA)) ;
for(var i:int=startA+1;i<=endA;i++){
lineTo(centerX+radius*Math.cos(degToRad*i),centerY+radius*Math.sin(degToRad*i));
Maybe you are looking for
-
Problems with BC4J input select tag when its bounded to a primary key field
HI.. I have an jsp BC4J edit form. This form uses a BC4J input select tag. This component is mapping one of the primary key Entity fields. When im working with this component and it doesnt map a primary key field it shows the default "none" value whe
-
How do I bring Sony F3 footage into Final Cut Pro?
Hi, Would love some help here. I know the file are supposed to work well in FCP, however i dont have the plug ins. I tried to convert the files to pro res 422 using mpeg streamclip, but that didnt work either. would love some advice, thanks
-
BDT : Uplaod data in Customized fields
Hi Experts, I have added some customized fields with the help of Business Data Toolset(BDT). Now the problem is I have to upload mass data and I am not clear How the data would be passed in the customized fields. Is there any BAPI or stand
-
I am creating an aperture book from my photos. How do I change the default map provided in the theme to one of my choice e.g. satellite view?
-
Hello, We have a web app that's currently experiencing long paint times when scrolling a list. This isn't/wasn't the case in IE 10 - and it's fast in Chrome and Firefox. But in IE 11, there are 2.5+ sec paint times while scrolling. I've tried ever