URL Logging for Guest Traffic using Guest Anchor and ISE

Similar Messages

• Web Auth using 5760 Guest Anchor and ISE

  I am trying to deploy a new guest wireless solution using a 3650s as the MA, a 5760 as the MC, and a 5760 as the guest anchor.  ISE is being used as the guest auth server.
  When no auth requirements are set on the guest wlan, everything works fine.  I get an IP address and can get to the internet, VPN, etc.  As soon as I enter the security web-auth command on the wlan, my client drops and goes into an Acquiring IP Address state.  When I check the client on the controller, it is in a Policy Manager State of START.
  As soon as I remove the security web-auth commamd from the wlan, I connect right up.  It is my understanding that in guest, the client gets an IP address first in order to get redirected to the spoofed external web page, in my case ISE.
  Any thoughts on what I am missing on my guest anchor, or MA config?  Do I need to make any changes to the wlan on the MC?  Any documentation about the relationship between the MA, MC, and guest anchor would be appreciated, I am not 100% sure which devices are required to have the client reach the guest anchor and get connected.

  I hope this may help you
  http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/117742-configure-wlc-00.html
  HTH
  Rasika
  *** Pls rate all useful responses ****

• I forgot my username password. Cant log in! Currently using guest user

  I forgot my username password. Cant log in! Currently using guest

  Doesn't sound like what was written, but perhaps the mods thought there was some reference to getting in through SU Mode? The usual password reset from the DVD instructions don't bring this on. (And very rarely even the SU Mode one.)
  If not that, then very strange. Maybe a pet cat or hamster ran across someone's keyboard at Apple.

• WSA access logging for HTTPS traffic

  Hi,
  We have a WSA s370 with AsyncOS  version 7.5.1-079 and it is configured as a transparent proxy.
  HTTPS proxy is enabled and all the URL categories set to pass through ( no decrytpting or monitoring ).
  Seems like the WSA does not generate logs for HTTPS transactions.
  I would like to know whether this is the expected behaviour.
  Is there any way that I can monitor HTTPS transactions without decrypting ?
  Thanks,
  Wipula.

  In addition to what Ken mentioned, the only way you can monitor HTTPS traffic without decrypting it will be done so using the IP address.
  In the access logs, you will see the following transaction when accessing an HTTPS site (google for example):
  TCP_CONNECT 74.125.101.50
  It will only report URLs once decrypted.  At that point, it is just HTTP.
  -Vance

• How to create an URL link for product cancellation using an FM

  Hi,
  I have tried creating an external attachment i.e URL link for a workorder by triggering a custom FM by exporting business object type , order id ,realtion type , title and link with return parameter as a message .
  But i'm not being able to create URL link for workorder using the custom FM.
  Kindly please suggest some solutions regarding how the URL link can be created using an FM instead of manual creation.

  given that there can be a variety of reasons for something to crash, you can sometimes initialize a buffer by wiring a non-null data structure to the left terminal of the call library function node. for example, if the output is to be a string no more than 100 characters long, create a string that long of nulls, blanks or anything and attach that to the left terminal for that output. no guarantees, but i have seen that work.
  Certified Professional Instructor
  Certified LabVIEW Architect
  LabVIEW Champion
  "... after all, He's not a tame lion..."
  Be thinking ahead and mark your dance card for NI Week 2015 now: TS 6139 - Object Oriented First Steps

• CC log  for user that used the application

  Hello GRC gurus ,
  I would like to know if there is a possibility to check users last log on in Compliance Calibrator . We have people that are doing simulations over Informer tab--> risk analysis --> user level and we would like to have a log .
  Thank you very much in advance

  Hello David,
  Well, sorry but I am still not clear with your question. There are two diffrent things I can guess in the same message. I would request you to please let me know which is the one which exactly you want to do, and would explain you both of the cases as under:
  1. Are you wanting to monitor if risk analysis is done on role creation?
  OR
  2. Are you wanting to monitor if the risk analysis is done on the assignement of the role to a user?
  I'm asking this because each of these 2 requirements can be  achieved by RE and AE respectively and the user carrying out these tasks need not even log into CC for doing either/both of 1 & 2.
  For 1:
  You can use RE and enable the Risk analysis step in the role creation process by enabling and using the web service which connects the Risk analysis from RE to AE. Here (in RE) you can enable the option "not to generate the role if Risk analysis is not done", to ensure everyone does a risk analysis before generating a role.
  For 2:
  You can use AE directly and do a risk analysis the same way as we did for RE (by using web service), before the role assignment is approved/done to the user.
  CASE 3:
  In case you do not have RE or AE installed (which is also one of the inferences I get from your post when you mentioned that there is one service desk who takes care of the role assignments), you may configure Risk Terminator in this case, wherein you can configure this tool at the backend to make it mandatory to do the risk analysis when:
  a) A role is generated at the backend.
  b) A role assignment is done at the backend.
  Regards,
  Hersh.
  Edited by: HERSH GUPTA on Sep 27, 2008 11:54 PM

• Common URL format for sharing file paths between Mac and Windows?

  Hi -
  I have to integrate several Macs into a Windows environment. We need to be able to copy and paste file paths to share between all machines. Is there a common URL format that can be used between the platforms?
  On Windows, I have:
  \\server\share\file
  On the Mac:
  smb://server/share/file
  Thank you for your help,
  Steve

  On Windows you have what is known as a "UNC".
  On the Mac, you have a "URL". It starts with the protocol to use "smb" then gives the path to the item using standard conventions.
  UNC is Microsoft mainly.
  The only way I know for Windows to use a URL is with an application like a web browser or ftp client.
  On the Mac, you can use UNCs but they must be modified as follows.
  In Terminal:
  smbclient \\\\servername\\sharename\\filename -U username
  And enter a password if prompted.
  Notice that you must double up the slashes. This is due to how UNIX shells treat the backslash.
  You will connect to the share, but it will only be in Terminal.

• Binding for table produces list for other tables using foreign key and crea

  Using
  software Jdev 11G, WLS 11G, Oracle DB 11G, Windows Vista platform
  technology EJB 3.0, jspx, backing beans, session bean
  I cannot create a namedquery on my secondary table. The method for the column uses the entity object rather than the name and value of the column.
  For instance,
  (Coketruck) table has inventory records(Products) table
  Coketruck has one to many to the Products table
  Products has a many to one to the Coketruck
  I need to return the products from the product table based on the CokeTruck but I cannot create a namedQuery because the method in the Product table is an entity object type instead of a long that I can use to look up all the products based off the column truck_id.
  This is what I was expecting…
  Private Long truckId;
  public Long getTruckId() {
  return truckId;
  public void setTruckId (Long truckId) {
  this. truckId = truckId;
  Instead this is what I have…
  @ManyToOne
  @JoinColumn(name = "TRUCK_ID")
  private Coketruck coketruck;
  this. coketruck = coketruck
  public Coketruck getCoketruck() {
  return coketruck;
  public void set Coketruck (Coketruck coketruck) {
  this. coketruck = coketruck;
  How do I do a query on the Product table to return all the products that are in the coketruck?
  If I do the following it expects for me to pass the Entity Object which I cannot use as search criteria for my find method.
  @NamedQuery(name = "Products.findById", query = "select o from Products o where o.truckId = :truckId")
  On a different note but the same song…
  I noticed that when I look at my Session Bean Data Contols that the coketruck already has a list of the products. I have created a jsp page with a backing bean and have been able to use the namedquery on the coketruck entity to retrieve the productList. Unfortunately I need to sort the products by type and was also not able to find where to perform the work to be able to iterate through the productList to get my desired display. Therefore I started looking at doing another namedquery that would only retrieve the product_type ordering by the truckId.
  Seems I have come full circle… I don’t care what method I have to use to get the info back.
  Any help is greatly appreciated!

  user9005175 wrote:
  Hi!
  I work on an application wich uses a shopping cart stored in a database. The shopping cart uses two tables:
  CART: Holds information common for one shopping cart: the user it is connected to etc.
  - Primary key: CART_ID
  CART_ROW: One row in the cart, e.g. one new product to buy.
  - Primary key: ROW_ID
  - Foreign key: CART_ROW.CART_ID references CART.CART_ID
  From the code the rows in the cart are collected per cart, as is modelled by the foreign key. There exists one more relationship, which we use in the code, but which is not modelled by a foreign key in the database. One row can be dependent on another row, which makes the other row a parent.
  CART_ROW has a column PARENT_ID which references CART_ROW.ROW_ID.
  Should we add a foreign key for PARENT_ID? Or are there any questions to consider when it is a foreign key to the same table?
  I suggest to add foreign key it wont harm the performance (except while on insert when there would be validation for the foreign key). But it would prevent users to insert wrong/corrupt data either through code or directly by loggin in the database.
  A while ago we added indexes, both on ROW_ID and on PARENT_ID. Could the index on PARENT_ID have been harmful, since there is no foreign key?
  Index on parent_id would only be harmful if you do not make use of index after creating it (i.e. there is no query which make use of this index).
  And if you decide to have a foreign key on parent_id then I suggest to have index too on parent_id as it would be helpful atleast when you delete any record in this table.
  Best regards!

• Configuring Guest Access using 2 LWAPs and 2504 WLC

  Please advise,
  I have 2 APs, Cisco Aironet 1040, and 2504 WLC.
  Is it possible to configure guest access (Guest SSID/VLAN and Corporative SSID/VLAN) without dedicated guest WLC in DMZ?

  Yes you can. You can have up to 16 SSIDs per AP, but not suggested to have all 16. You can either use one port on the 2504 for both SSID/vlan or specify which port is for corporate and which one is for guest.
  Thanks,
  Scott Fella
  Sent from my iPhone

• Streaming for Android devices using Amazon AWS and Adobe FMS 4.5

  I have created a live stream using Amazon Web Services and Adobe Flash Media Server 4.5.
  AWS provides me with both a .f4m and .m3u8 file, to use in  <object><embed> and  <video> tags, respectively.
  The .f4m loads fine on my desktop browser, and the .m3u8 file loads fine on my iOS device. However, my Android devices will not load either file.
  What code/solutions are there to get this to play on Android devices?
  My current .f4m code (retrieved from http://www.osmf.org/configurator/fmp):
  <object width="600" height="409">
      <param name="movie" value="http://fpdownload.adobe.com/strobe/FlashMediaPlayback_101.swf"></param>
      <param name="flashvars" value="src=http%3A%2F%2F<myinfo>.cloudfront.net%2Fhds-live%2Flivepkgr%2F_definst_%2Flivee vent%2Flivestream.f4m"></param>
      <param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param>
      <embed src="http://fpdownload.adobe.com/strobe/FlashMediaPlayback_101.swf" type="application/x-shockwave-flash" allowscriptaccess="always"
                  allowfullscreen="true" width="600" height="409" flashvars="src=http%3A%2F%2F<myinfo>.cloudfront.net%2Fhds-live%2Flivepkgr%2F_definst_%2Fl iveevent%2Flivestream.f4m">
      </embed>
  </object>
  My current .m3u8 code:
  <video src="http://myinfo>.cloudfront.net/hls-live/livepkgr/_definst_/liveevent/livestream.m3u8" height="300" width="400"> </video>

  Few additional things which I just came across while setting up for live stream on my Android from AWS are as follows:
  1. for the first time when I tried to run the live stream on my android app, it didnt run at all and I thought your concerns are valid for an instance :-) .
  2. Later, I killed the application from task manager, restarted it cleanly and again provided the url and it streamed without issues.
  Please also ensure that:
  - You had put a crossdomain.xml file under <fmsinstalldirectory>/webroot folder.
  - You have provided the correct stream name in the <media> tag in Manifest.xml file inside <fmsinstalldirectory>/livepkgr/events/_definst_/liveevent folder
  (hopefully you have done it since you are already playing it on PC)
  You may also like to cehck the apache logs inside <fmsinstalldirectory>/Apache2.2/logs/access_logs folder to find whether your Android device request is reaching to the server.
  Hope these steps will help you in osloating the problem.
  Regards,
  Shiraz Anwar

• Is there a way to use Text Anchors and Hyperlinks to create a single-page interactive PDF?

  We are trying to emulate the functionality of a website, by creating a series of clickable buttons at the top that would take you to different locations within the page (it's 80" long). This seems to be only possible within multi-page documents, but not single-page documents.

  I have created a tutorial on how to setup domain name masking using cpanel and other popular web hosting control panels.
  You need to edit the zone file settings in the Web Host Manager of Cpanel (WHM) a very popular web hosting control panel.
  Main > DNS Functions > Edit DNS Zone > Choose Zone to Edit
  Unless you have a reseller hosting account or are a server administrator, you will not be able to access this file directly. Just contact your web hosting support rep and they will gladly change it for you.
  see the screenshot of zone file changes
  http://www.netpaths.net/blog/wp-content/uploads/2007/10/cpanel-zone-file.jpg

• Will the memory leak for queue when used in producer and consumer mode in DAQ to transfer different sized array.

  In the data acquisition, I use one loop to poll data from hardware, another loop to receive the data from polling loop sent by queue.
  But everytime the size of the transferred data array may not be the same, so the system may assign different array size and recycle very frequently.
  Will it cost memory leak. Or will it slow down the performance, since the array size is not fixed, so every time need to create a new sized array.
  Any suggestion or better method. 
  Solved!
  Go to Solution.

  As i understand your description, your DAQ-loop acquires data with the setting '-1' for samples to read at the DAQmx read function. This results in the different array sizes.
  Passing those arrays directly to a queue is valid and it does not have significant drawback in performance (at least as far as i know) and it definetly does not leak memory.
  So the question is more or less:
  Is it valid that your consumer receives different array sizes for analysis? How does your consumer handle those arrays? 
  hope this helps,
  Norbert 
  CEO: What exactly is stopping us from doing this?
  Expert: Geometry
  Marketing Manager: Just ignore it.

• Performance tunning for select statements using likp lips and vbrp

  Dear all,
    I have a report where i am using select statements using first on likp the for all entries of likp  i am taking data from lips and then for all entries in lips i am taking data from vbrp by matching VGBEL and VGPOS. Now the problem is that when it fetches data from vbrp it is taking lot of time around 13mins. to fetch data from vbrp. How can i overcome the problem.
  regards
  Amit

  Hi,
  there is also no secondary index for preceding document in VBFA table.
  You will also have to create it here.
  Regards,
  Przemysław

• SQ01 help for listing not used problem codegroup and code in notifications

  Hi ,
  I am making a query through SQ01 to find out how many damage codes created for a particular notification type are not being used .
  In infoset I used QMEL which lists problem code group and problem code  and as a bonus we also get codegroup text . When I test this query , I get damage code group and code used in all the notifications . I want solution for the following
  1)How to list only distinct damage codegroup and damage code (Not per notification wise)
  2)Which second table I have to use to get problem code short text
  3)Which table I have to add in infoset and how join has to be created so that I get list of  Damage codegroups and codes not used in notification .
  NPB

  Hi Pete ,
  1)How to list only distinct damage codegroup and damage code (Not per notification wise)
          I have output like
                    problem code group     Problem code grp text        Problem code    Problem code text
                    MRTR                           Transformer  problems        1                        I need table here
                    MRTR                            Transformer Problem           1
                    MRTR                            Transformer problem         2
  I need distinct output like
    problem code group     Problem code grp text        Problem code    Problem code text
                    MRTR                           Transformer  problems        1                        I need table here
                    MRTR                            Transformer problem         2
  2)Which second table I have to use to get problem code short text
                  I need  problem code table
  3)Which  problem code group and code not used
              Suppose for notification type X I have configured damage catalog Q  and Q has MRTR , MRAM , MRGT as code groups and each of them have their own codes (say 1 to 5)...If notifications are created only for MRTR and code 1 , 5
  I need not used output like
  MRTR 2
  MRTR 3
  MRTR 4
  MRAM *
  MRCT *
  How can I achieve this using  sq01,02 etc
  NPB
  Edited by: Narasimha Bhat on Feb 1, 2011 4:54 PM

• System requirements for hardware when using one server and 9 terminals?

  Hi, in our school there are 9 terminals connected to one Multipoint server 2011 (CPU: Intel xeon e3-1226v3 8M cache, 3.30GHz, 32RAM).
  In my opinion the choice of hardware is not suitable for so many terminals.
  The question is:
  What hardware do we need if our students worked with those programs in the same time - Corel Draw, Photoshop, ect.
  Thank you! 

  Photoshop can be a bit pig heavy. The CPU you are using is only Quad Core and NOT Hyper-Threaded.
  A bit underpowered for that many users on that App IMHO.
  Also, are the clients direct connected, USB, or RDP ?
  If you want to keep that machine in service, you could get another identical box and split half the users to the new one.
  If you really want them all on the same box, I would prob replace the current one with something like a Lenovo TD340. Config with at least a single 6 Core XEON CPU, or Dual Quad XEON w/ Hyper-Threading, 64GB Memory, NVidia Quadro K4000 ( If there are any
  direct connections ) and at least 2 10k SAS HD's. Preferably 4x 10k SAS HD in RAID 10.
  SpecSheet
  http://www.lenovo.com/images/products/server/pdfs/datasheets/thinkserver_td340_ds.pdf