Using 802.1X and non-Cisco IP Phones

Similar Messages

• Data source for application using both pooled and non pooled connections

  Hi guys.
  I am integrating Oracle's connection pooling into an existing application that had formerly used dbConnectionBroker. It looks like this task should be quite straightforward. However, for consistency, I would also like to replace other Connection logic within the application to use Oracle classes. This will involve using OracleDataSource to obtain a Connection object. ( without pooling ).
  So in this case, the application will use both pooled and non pooled Oracle connections. They will be connecting to the same database. The question I have is in regard to the use of data-sources.xml.
  Are there any special considerations for the required attribute values within data-sources.xml under this scenario ?
  Help will be greatly appreciated.
  Regards.
  Steve.

  Hi Steve -
  It should be feasible for you to define a single datasource using multiple location entries to indicate what sort of pooling behaviour you wish to use.
  If you lookup and use the "location" attribute, you will receive a javax.sql.DataSource object which will not provide connection pooling.
  If you lookup and use the "ejb-location" attribute you will receive a DataSource object that will support connection pooling operations.
  Note that this is using the emulated datasource approach, and transaction support is limited to a single resource (one database) for these datasources - you won't get 2PC support for transactions.
  If you need a transaction to span two separate resources (ie two databases in same tx) then you will need to use the non-emulated datasource approach.
  There is a chapter in the J2EE Services Guide which describes the datasource model we have with OC4J. This might provide you with some more useful information. See Chapter 11 - http://otn.oracle.com/docs/products/ias/doc_library/903doc_otn/generic.903/a97690/ds3.htm#1004903
  cheers
  -steve-

• I am using dreamweaver cs6 and none of the menu's are showing up like the common, form, layout, spry etc...not sure why?

  i am using dreamweaver cs6 and none of the menu's are showing up like the common, form, layout, spry etc...not sure why?

  Which version of CC -- 13, 2014, or 2014.1?  You'll find it under the Help menu > About DW.
  Spry Menus are gone.
  Color is something you add with CSS.
  Nancy O.

• 802.1x problem with non-Cisco IP Phone, VVID enabled.

  I am testing with a 3750 PoE switch running 12.2(25)SEE1 and trying to configure 802.1x to work with Mitel IP phones.
  I have voice and data vlans configured on each port. Turning on 802.1x causes the phone to hang and timeout in DHCP Discovery. The port status from the switch is "Unauthorized".
  interface FastEthernet1/0/2
  switchport access vlan 1
  switchport mode access
  switchport voice vlan 2
  dot1x pae authenticator
  dot1x port-control auto
  no mdix auto
  spanning-tree portfast
  end
  Should anything be configured besides the Voice VLAN to let phones onto the network? There is no computer behind the phone right now. The only information I can find says I need a VVID, and any clients behind it will cross the PVID.
  Thanks.

  Yes it does.
  Apparently the Mitel phones (testing a 5215 dual-mode) we have support EAP-MD5, but we have a primarily PEAP/EAP-TTLS environment. Apparently the phones need to use a username/password entered on each phone before they will send that to a Radius server doing EAP-MD5. Our PEAP clients authenticate to a Microsoft Radius server, and our EAP-TTLS to a Funk box. Hopefully the Microsoft can support both EAP-MD5 phones and PEAP on the laptops, I'll have to find out.
  I was hoping this was a quick and easy Cisco configuration error... oh well.

• Catalyst Express 500 802.1q with non-Cisco Phones

  This weekend we spent hours trying to get 802.1q tagging to work on a VLAN with ShoreTel phones. The user interface on this switch seems to only allow "Cisco-Voice" VLAN, without any specifics. This didn't work. The specs on this switch say that the .1q is supported, but we couldn't figure it out. The more expensive switches were easier to configure for Voip QoS.
  Can anyone advise me on the tricks to getting this to work with the lower end Catalyst Express 500? Or does this switch only support 802.1q with Cisco phones?

  Cisco IP Phone uses CDP to let the ip phone know what vlan it's suppose to be (via voice-vlan). shore tel would definitely not use CDP since CDP is cisco proprietory, so it's voice vlan must be defined on it, I rememer Avaya being the same way. So, having said that, just make sure that the Shore tel Ip phone are in the right vlan. what does not work anyway? shore Tel IP Phone will not come up? Will not get it's configuration from it's software PBX? Use the smartport configuration on CE500.
  Please rate all posts.

• Having 1 router and multiple WCCP cache devices: cisco and non-cisco

  I have a 6500 running WCCPv1. I have two devices single connected to the 6500: a CE565 and a non-cisco device that does WCCPv1. The 6500 is configured for WCCP redirection. What happens to the requests ? Are they serviced by both devices in parallel ? Is only one device servicing the request ? Load balanced ? I know a cluster won't be formed because the device is non-cisco. BTW, the non-cisco device only support WCCP v1.

  Will this detection between devices work if the non-cisco device is not really a cache engine, but a web filter that uses WCCP? In reality, my ideal goal would be that traffic would be redirected to the web filter (non-Cisco), get filtered, and then redirected to the catalyst, and then again redirected to the cache engine to be cached. But I am not sure this will happen due to routing. So I guess is either one or the other, correct ? I don't have the option to connect the web filter in other box, neither the Cache Engine. I thoutht that they would not detect each other at all and the router would be doing a decision there. How do they detect each other ? via which protocol ? WCCP ?

• Using 802.1x and 2 hosts (one physical and one virtual) on the same port

  Hello,
  We trying to utilize the following scenario:
  BYOD with users' windows based laptops and Apple Mac Books
  Virtual machines within each of the physical machines:  For Windows, the VMs will be Windows 7 VMs running within VM Workstation.  For Macs, users will be running Windows 7 VMs within Fusion.
  802.1x set for multi-host
  Using 802.1x, we have a guest network that places the user's physical machine in once it fails authentication.  The virtual machine runs the corporate image, and we'd like to have this VM connected to our corporate VLAN.
  We have been running into this scenario though:
  1.     User plugs his BYOD laptop from into the network.  His laptop gets attached to the guest network because it fails the 802.1x check.
  2.      The VM is powered on.  It successfully is connected to the corporate network.
  3.      Now,  the user unplugs his network cable from his host machine and waits 10 seconds.
  4.      He then re-plugs the network cable to his host machine.
  5.      The VM is the first to authenticate to the 802.1x network and it gains access to the corporate network.
         6.      Due to the VM being the first to authenticate on 802.1x, the host network connection piggybacks off of the VM, and therefore the host gains access to the corporate network
  Obviously this represents a no-go if the user's BYOD computer is able to access the corporate network.  Is there is any specific way that 802.1x can be configured to prevent this from happening?
  Thanks,
  Mooge

  Multi-Host is not the right option for you. In this Multi-Host only one device has to successfully authenticate to authenticate all device on that port.
  You need to set host-mode to  "multi-auth"

• Premiere Pro CC only using 30% CPU and none of the GPU

  Hi,
  I’m very new to video editing (actually I have no Idea what H264, or avi or mp4 or mov is, I just need the video to work) and I have never used Premiere Pro before. Now I'm trying the CC 7.0 trial.
  My goal is to achieve the fastest rendering times possible.
  Today I have upgraded my PC for maximal performance in video editing:
  Intel i7 4930K (12threads)
  Radeon 6950 (2GB)
  16GB RAM
  SSD
  I have a recorded video of me playing a PC game in .avi 2552*1348 resolution (2560*1440 monitor without some borders).
  I have set export to H.264 and settings to match source (resolution 2552*1348, 30 FPS, Progressive, Square pixels, NTSC, main, 5.0).
  But when rendering (no effects, just cutting) the program only uses 22-45% of the entire CPU and none of the GPU.
  The best result with this stress was cca 1:1 rendering:movie length. I'm using 16GB RAM, I tried 32GB and 64GB and the stress on CPU and GPU was the same and the rendering times changed only slightly.
  I have an SSD and the read write speeds during rendering are 1-9 MB/s so there is plenty of performance left.
  Frankly, this 1:1 performance offers Power Director 11 which I have been using so far. (When editing 1080p the ratio in PP is cca 1:2,5, the same as in Power Director.)
  So when the disks are idle, the GPU is idle, more RAM changes nothing and the CPU only works on 1/3 its capacity, what is the bottleneck?
  I want to use 100% of the CPU and 100% of the GPU and have the rendering:movie say 0,3:1 or so.
  What can I change to fully use the processing power of my computer?
  Thanks

  Start reading here: Tweakers Page

• Technical Monitoring one template used for production and non-production system.

  Dear All,
  Is there a way to have one template in Solman Technical Monitoring for production system and non-production system with different alerts ? For example if it exceeds a threshold for production system it will trigger red alert or set automatically an incident and if it's non prod system it will go to yellow warning alert ?
  Regards
  Lukasz Goral 

  Hi Likasz,
  You first create and customize the template, and then assign to a system.
  If it was selecting a system and then customizing a template, then may be such functionality makes sense.
  So, I don't think that is possible.
  Better would be copy the template used for production to non-production and make the adjustment to it.
  Regards,
  Divyanshu

• AP1240 and non Cisco

  We have some non Cisco AP's that I am trying to configure a Cisco AP 1240 to associate with.
  The radio will not come out of "disabled"
  Antenna is connected and I have done the basic config, there is no security set up at all on the existing untit.
  What are the basic setup parameters for the raido to assiciate with teh other side?
  are there any debugs I could look at?

  Hello,
  The issue is that Cisco IOS Autonomous APs will only bridge with other Cisco model APs and Bridges. If these APs can act like client then the Cisco AP will associate as a client but this is not common for an AP. Hope this helps.
  Regards,
  Aaron

• Using 802.1x and vpn on t-mobile hotspot

  hi all,
  how do i configure 802.1x and vpn to enhance security on t-mobile hotspot?
  thanx for your help.

  Multi-Host is not the right option for you. In this Multi-Host only one device has to successfully authenticate to authenticate all device on that port.
  You need to set host-mode to  "multi-auth"

• 802.1X single-host; workstation attached to non-cisco IP Phone

  Hello everyone,
  I am doing some design piece of work and I need to understand (because I couldn't find it clearly written anywhere) the following thing:
  If I am using LLDP-MED in order to assign the VVID (Voice Vlan), instead of Cisco's CDP,  will that be just fine with the Single-Host mode? I want to bypass phone authentication, if it is recognized by the LLDP-MED, but to keep authenticating the workstation that is attached physically to the phone.
  If that has any mater - the phones will be Avaya.
  Cheers & thanks in advance!
  Dani

  Hi Danail,
  In addition to the private message I replied to you, I think MAB is more feasible way to depoly VOIP in dot1x network environment than LLDP-MED for the following reason:
  1. MAB complies with dot1x framework, it works in very simliar way as dot1x.
  2. MAB has been widely deployed on Cisco switches and works fine.
  3. MAB can be deployed for any kind of endpoints which doesn't support dot1x supplicant function in dot1x network environment.
  While LLDP-MED IMO is a revision of LLDP, you may have the capablity to bypass the phone on switches of some vendors with LLDP-MED, but it will be higher risk on deployment than MAB on Cisco switches.
  BTW, generate 2000 MAC for VOIP phone is not biggy as normally you can ask the vendor send you the list of MAC. The OUI check with wildcard is definitely doable but it is Radius software related. IMO these two questions actually are not design questions, they are more likely deployment questions which should be considered after your high level design.
  Which can win the race: increasing bandwidth with new technologies VS QoS?

• Use ear buds and blue tooth ear phones at same time

  My wife and I want to listen to a walking tour at the same time using my iPhone 5S.  Can I plug in a set of wired ear buds into my iPhone for me, and at the same time have my wife listen to the same recording using a blue tooth head phones?

  No. But you  pick up a "Y" splitter for the headphone jack for just a few bucks and use two sets of earbuds.

• Using FCoE connection to non Cisco switches

  Hello,
  does anyone know what port configuration needs to be configured on a Nexus switch that is connected to say Brocade switch or any other vendor that supports FCoE. I have created VLAN to VSAN mapping, i assume next step is to create a vfc device ? Since this is not connection to an initiator or a target but another FCoE capable switch, how do i need to configure this vfc ?  Any tips ?
  Thanks

  Hi,
  Looks like from the document that you referenced that this switch runs in NPV mode for FCoE:
  FCoE features
  Fibre Channel over Ethernet (FCoE*)
  FIP & FCoE packets are all forwarded when DCB is configured
  * FCoE frames as defined by T11 Committee
  So, I would configure the Cisco Nexus switch for FCoE and NPIV
  Configure the Nexus 5000 for FCoE and NPIV
  There are several procedures that are required in order to configure the Nexus 5000 for FCoE and NPIV:
      Enable Feature FCoE
      Enable N Port Identifier Virtualization (NPIV) on the Nexus 5000
      Enable Nexus 5000 Quality of Service (QoS) for FCoE
      Enable Link Layer Discovery Protocol (LLDP)
      Configure VLAN
      Configure VSAN
      Map the VLAN to VSAN
  Example:
  feature lldp
  feature fcoe
  feature npiv
  interface vfc130
    bind interface Ethernet1/30
    switchport mode F
    no shutdown
  interface Ethernet1/30
    switchport mode trunk
    switchport trunk allowed vlan 1,100
    spanning-tree port type edge trunk
  vsan database
    vsan 100 interface vfc130
  vlan 100
    fcoe vsan 100
  Example of QOS:
   system qos
    service-policy type qos input fcoe-default-in-policy
    service-policy type queuing input fcoe-default-in-policy
    service-policy type queuing output fcoe-default-out-policy
    service-policy type network-qos fcoe-default-nq-policy
  Best regards,
  Jim

• Is there any way to remotely wipe an iPhone 4 without the use of iCloud and the find my phone app?

  Hey, my phones been taken off me and i need to wipe it asap. i havnt downloaded and set up the find my phone app though. Can it be done?

  check out www.icloud.com an log in there. Then, go to 'Find my iphone' and see if your device is listed