WLC for GUEST network hangs and requires restart

Similar Messages

• Screen sharing hangs and requires restart of target macintosh

  Discovered a recurring problem with screen sharing in Mountain Lion.  Note I have Apple Remote Desktop installed on many of my machines, as well as the build in VNC Screen Sharing application.  I am able to remotely control a target Mac using ARD, however, issues come up when using Screen Sharing.  The first connection from client Mac to target Mac (both on 10.8) works fine.  However, if I quit the screen share and then try again 15 mins later, screen sharing seems to hang.   The connection attempts to be made, but no dialog box comes up.  At this point, ARD will not connect to the target mac either.  If I use ARD to restart the target mac, a hidden dialog box flashes on my screen (not long enough for me to fully see, but looks like the user/password screen or a varient thereof), followed by a "connection failed" dialgoue on the client.  It seems that on the second connection, the client is flashing a dialog and waiting for a response, but the user does not see the dialogue and cannot respond.
  Not sure what processes to look for on the client.  I have scanned the console and do not see anthing on the client side.  On the target side, it appears the connection is being made, even though the client does not realize it.  This is from the console of the target machine.   By the way, I have replicated this behavior on iMacs and Mac Minis.
  7/31/12 3:42:37.170 PM kdc[52]: Got a canonicalize request for a LKDC realm from 192.168.0.101:54288
  7/31/12 3:42:37.170 PM kdc[52]: LKDC referral to the real LKDC realm name
  7/31/12 3:42:37.170 PM kdc[52]: Got a canonicalize request for a LKDC realm from fe80::ca2a:14ff:fe24:5a23%en0:54289
  7/31/12 3:42:37.170 PM kdc[52]: LKDC referral to the real LKDC realm name
  7/31/12 3:42:37.195 PM kdc[52]: AS-REQ com.apple.idms.appleid.prd.48754677515363427155546442422b5a642b325872413d3d@LKD C:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A from 192.168.0.101:54290 for krbtgt/LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A@LKDC:SHA1.3A3F14EB43C CE771F87D6E1E53C5F49DD2E6636A
  7/31/12 3:42:37.196 PM kdc[52]: UNKNOWN -- com.apple.idms.appleid.prd.48754677515363427155546442422b5a642b325872413d3d@LKD C:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A: no such entry found in hdb
  7/31/12 3:42:37.196 PM kdc[52]: AS-REQ com.apple.idms.appleid.prd.48754677515363427155546442422b5a642b325872413d3d@LKD C:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A from fe80::ca2a:14ff:fe24:5a23%en0:54291 for krbtgt/LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A@LKDC:SHA1.3A3F14EB43C CE771F87D6E1E53C5F49DD2E6636A
  7/31/12 3:42:37.198 PM kdc[52]: UNKNOWN -- com.apple.idms.appleid.prd.48754677515363427155546442422b5a642b325872413d3d@LKD C:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A: no such entry found in hdb
  7/31/12 3:42:37.344 PM kdc[52]: AS-REQ 563A9892EA210311A5167D3D71B50ECC2A6170DB@LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5 F49DD2E6636A from 192.168.0.101:54292 for krbtgt/LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A@LKDC:SHA1.3A3F14EB43C CE771F87D6E1E53C5F49DD2E6636A
  7/31/12 3:42:37.345 PM kdc[52]: UNKNOWN -- 563A9892EA210311A5167D3D71B50ECC2A6170DB@LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5 F49DD2E6636A: no such entry found in hdb
  7/31/12 3:42:37.345 PM kdc[52]: AS-REQ 563A9892EA210311A5167D3D71B50ECC2A6170DB@LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5 F49DD2E6636A from fe80::ca2a:14ff:fe24:5a23%en0:54293 for krbtgt/LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5F49DD2E6636A@LKDC:SHA1.3A3F14EB43C CE771F87D6E1E53C5F49DD2E6636A
  7/31/12 3:42:37.346 PM kdc[52]: UNKNOWN -- 563A9892EA210311A5167D3D71B50ECC2A6170DB@LKDC:SHA1.3A3F14EB43CCE771F87D6E1E53C5 F49DD2E6636A: no such entry found in hdb
  7/31/12 3:42:37.492 PM screensharingd[390]: Authentication: SUCCEEDED :: User Name: logan gershon :: Viewer Address: 192.168.0.101 :: Type: DH
  7/31/12 3:47:43.173 PM WindowServer[81]: Created shield window 0x68 for display 0x04273740
  7/31/12 3:47:43.173 PM WindowServer[81]: device_generate_desktop_screenshot: authw 0x0(0), shield 0x0(0)
  7/31/12 3:47:43.181 PM WindowServer[81]: device_generate_lock_screen_screenshot: authw 0x0(0), shield 0x0(0)
  ANYBODY HAVE ANY THOUGHTS ON HOW TO GET PAST THIS.  SEEMS LIKE A BUG ON APPLE'S PART.

  I repaired permissions on target mac and removed a corrupted file from preferences (com.apple.VNCpref.txt).  Now working.

• Wireless Guest Network, iPADS and MAC Filteing

  Hello, I have a question regarding our wireless guest network and using iPADs
  Our wireless network consist of (3) 5508 WLC’s running 6.0.188. 2 internal WLC and 1 external anchor WLC for guest.  Presently we are only using one of the internal controllers for users the second is only used for fail over.  The anchor controller is set up as the DHCP server for guest. We also have a Cisco NAC Guest Server in the DMZ for guest authentication.
  We have (10) iPads that need Internet access though our guest portal. We do not want these iPADs to have to enter any credentials just pass through to the internet. We do not want any other device to be able to connect to this SSID.  Here’s my question; Getting to the Internet is no problem however when I try to set up a MAC filter just for these devices, they never receive an IP address and never get connected.  I have tried setting the filter on both the internal controller and the anchor controller identically and in about every combination I can think of.  Does anyone know how to set up a MAC filter on a guest network configured as per Cisco’s recommendation?  I also plan to use WPA2 and 802.1x once I get the MAC filter to work.  Any help would be appreciated.
  Thank You
  John

  Not all layer 2 and layer 3 security mechanisms are compatible. Refer to this doc
  http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080987b7c.shtml#matrix
  What security settings have you configured. The settings also need to be identical on both the internal and anchor controller.

• TS1559 i hav an iphone 4s and its wifi is greyed out (dimmed). I tried by resetting the network settings and also restarted my device but it didn't worked. but i haven't unlocked my phone yet and im running it in ios 6.1.3. now wat to do?

  i hav an iphone 4s and its wifi is greyed out (dimmed). I tried by resetting the network settings and also restarted my device but it didn't worked. but i haven't unlocked my phone yet and im running it in ios 6.1.3. now wat to do?

  Just an update it is a hardware issue and very common for iPhone 4s. I have to get my phone rewired which basically means new wireless chip. The amount of money I spent on buying an iPhone I should not expect to have anyway hardware problems happening. Make sure you have a warranty as luckily I've saved myself from spending more money to get this problem fixed.

• Hi, i cannot shut down my mac, and there is several times lagging, hanging, and auto restart. what should I do ?

  Hi, i cannot shut down my mac, and there is several times lagging, hanging, and auto restart. what should I do ?

  Hold the power button till it shuts off (10 seconds or so)
  Then try a SMC reset:
  http://support.apple.com/kb/HT3964
  Follow directions for a battery you should not remove yourself.
  You can also try a pram reset, which has a link at the bottom of the page of the first link above.

• I'm running an iBook G4. On occasion, a black and white display appears (in multiple languages) and requires restarting by holding the power button.

  I'm running an iBook G4. On occasion, a black and white display appears (in multiple languages) and requires restarting by holding the power button.

  What you are seeing is a kernel panic.
  Check out the X Lab's article on Resolving Kernel Panics. Maybe something there will help.

• I was trying to update for macbook book pro. and i restart then it's loading for 4 hours

  i was trying to update for macbook book pro. and i restart then it's loading at the lock screen for 4 hours

  About the only thing you can try is using the Online Internet Recovery system to reinstall Lion on your Mac over the top of the current install. that will reset all system files and should not touch your personal files or the apps you have installed.
  Or iof you have a recent Time Machine backup use that to restore your Mac to that point in time.

• I plugged my phone into my computer for the first time and it restarted my whole phone so now all my apps say waiting put I'm let my phone sync a view different times and it still doesn't work. Has anyone else had this problem?

  I plugged my phone into my computer for the first time and it restarted my whole phone so now all my apps say waiting put I'm let my phone sync a view different times and it still doesn't work. Has anyone else had this problem?

  Have a read here...
  https://discussions.apple.com/message/18409815?ac_cid=ha
  And See Here...
  How to Use Multiple iDevices with One Computer

• Cisco WLC Whitelist for Guest Access? and securing guest-access?

  Is it possible to allow certain websites to bypass the web authentication pages, so that they do not need to autnehticate to get to our own website, but do have to if they wish to go anywhere else?
  Looking at a 5508 model at the moment
  Thanks

  Hello Stephen,
  Exactly how long is "an extended period of time?" Also, is this period enforced in the controller in some way, and if so, can it be configured?
  I'm asking because I have a WLAN for guests with a pre-authentication ACL allowing VPN traffic (ESP, IKE, SSL).
  For "normal" use of this guest WLAN you have to click on an "accept" button on a captive portal page before you can get anywhere with traffic not matching the pre-auth ACL.
  The pre-auth ACL does actually work, but it stops passing any traffic after 5 minutes of use per user. This happens every time and is 100% repeatable.
  So I'm very interested to know if we can change this apparent 5 minute restriction in some way.
  Thanks!
  Chris Slater-Walker
  Senior System Analyst
  Nokia UK Ltd.

• Airport routinely locks up and requires restart

  I have to frequently restart my ae. It would work great, then suddenly hang and I loose access to the internet. I then force a restart of the base station and it works great for some period of time until once again it requires restarting.
  My old airport never had this problem.
  The problem affects both wired and wireless access.
  Very perplexing and frustrating.

  software update apparently solved this problem

• Wireless device can't get IP address for Guest network

  I have a wireless network setup at my main location.  The access points allow Internal and Guest access.  The Internal access uses DHCP from a Windows Server.  The Guest access looks like it uses DHCP from my ASA, I did not set this up originally.  My question is... I am installing a new WAP in a branch location.  I can get the Internal access to work because it uses the Windows Server DHCP.  I cannot figure out how to get the Guest access configured to use the DHCP from the ASA.  The ASA is on a DMZ.  Any help would be appreciated. 
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname WAPMadisonOffice
  logging rate-limit console 9
  enable secret 5 $1$f1/9$SWBosxmjEGfSW4U.t4FnW.
  no aaa new-model
  dot11 syslog
  dot11 vlan-name Internal vlan 141
  dot11 vlan-name Guest vlan 99
  dot11 ssid Bard
  vlan 141
  authentication open
  authentication key-management wpa
  mbssid guest-mode
  wpa-psk ascii 7 141500120D0A7B72757C31343017
  dot11 ssid Guest
  vlan 99
  authentication open
  authentication key-management wpa
  guest-mode
  mbssid guest-mode
  wpa-psk ascii 7 070D33554F07485C4646090D162E
  power inline negotiation prestandard source
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption mode ciphers aes-ccm
  encryption vlan 141 mode ciphers aes-ccm
  encryption vlan 99 mode ciphers aes-ccm
  ssid Internal
  ssid Guest
  antenna gain 0
  mbssid
  channel least-congested 2412 2437 2462
  station-role root
  bridge-group 1
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio0.99
  encapsulation dot1Q 99
  no ip route-cache
  bridge-group 99
  bridge-group 99 subscriber-loop-control
  bridge-group 99 block-unknown-source
  no bridge-group 99 source-learning
  no bridge-group 99 unicast-flooding
  bridge-group 99 spanning-disabled
  interface Dot11Radio0.141
  encapsulation dot1Q 141
  no ip route-cache
  bridge-group 141
  bridge-group 141 subscriber-loop-control
  bridge-group 141 block-unknown-source
  no bridge-group 141 source-learning
  no bridge-group 141 unicast-flooding
  bridge-group 141 spanning-disabled
  interface GigabitEthernet0
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  no keepalive
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface GigabitEthernet0.99
  encapsulation dot1Q 99
  no ip route-cache
  bridge-group 99
  no bridge-group 99 source-learning
  bridge-group 99 spanning-disabled
  interface GigabitEthernet0.141
  encapsulation dot1Q 141
  no ip route-cache
  bridge-group 141
  no bridge-group 141 source-learning
  bridge-group 141 spanning-disabled
  interface BVI1
  ip address 10.10.20.20 255.255.255.0
  no ip route-cache
  ip default-gateway 10.10.20.11
  ip http server
  ip http authentication local
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  snmp-server community internal RO
  bridge 1 route ip
  bridge 141 protocol ieee
  bridge 99 protocol ieee
  line con 0
  logging synchronous level all
  login local
  line vty 0 4
  logging synchronous level all
  login local
  end

  Jennifer,
  The ASA is connected on this interface:
  interface GigabitEthernet1/0/2
  switchport trunk allowed vlan 1,10
  switchport mode trunk
  switchport priority extend trust
  mls qos trust dscp
  spanning-tree portfast
  and the Access Point, what interface?
  10.10.10.251 - IP of ASA?
  If you set vlan 99 in one interface and connect one computer do you get ip?
  I only see the interfaces 1/0/27 and 1/0/48 with access for guest vlan 99.
  Regards.

• NAC guest server hangs and guest portal is not working

  Hi all ,
  Our guest nac server NAC3315 is oftenly getting hung state . And our guest wireless network is not working . We are able to ping the NAC server but web page is not opening for the clients if they connected to guest network.
  Any clue on this ....
  Thanks!,
  Regards,
  Vijay.

  All  actions within the Cisco NAC Guest Server are logged into the database.  This enables you to see any action that occurred as part of the normal  operating process of the application.
  To access the system log from the administration interface select Server > System Log from the left hand menu
  Please check the Error Logs for troubleshooting of NGS

• Recommended setup of WSA for guest network

  I am currently implementing a WSA in a Cisco ASA environment. For all internal devices I use WCCP (the WSA is on inside from the firewall perspective).
  However, in the environment there is also a guest network terminating on a DMZ of the firewall. Because of the limitiations in ASA I cant use WCCP for this traffic.
  Which is the recommended approach to "proxify" the guest users internet traffic? If possible I want to avoid proxy settings in the devices since this is a network with unknown device types. Also, I want to avoid proxy auto-discovery for the same reason.
  what do you recommend?
  Best regards
  Jimmy

  Hi Jimmy,
  One option is to seperate a guest network by using a seperate subnet rather internally rather then have the guests on the DMZ. Then you may setup an identity based on that subnet. Once you have that identity setup add it to a access policy and define which categories you would like to block, monitor or allow. Remeber when you allow a category the WSA will not use its scanning engines for example, WBRS Web Reputation Score, Webroot or Anti Virus. This will allow you to seprately control the guest network through the WSA. This is the most common setup which I see often.
  Sincerely,
  Erik Kaiser
  WSA CSE
  WSA Cisco Forums Moderator

• After multiple reboots, FF will start hanging and require re-install

  I have a really strange issue. All of a sudden, FF started responding VERY slowly. Not completely hanging, but taking upwards of 3-4 minutes to start up, and then every action is another 3-4 minutes.
  I uninstalled and re-installed, which appeared to fix the issue. However, after rebooting a few times the issue appears to resurface, requiring another uninstall/re-install cycle.
  Has anyone else had similar issues? Any resolution?

  Which security software (firewall, anti-virus) do you have?
  A possible cause is security software (firewall,anti-virus) that blocks or restricts Firefox or the plugin-container process without informing you, possibly after detecting changes (update) to the Firefox program.
  Remove all rules for Firefox and the plugin-container from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox and the plugin-container process and the updater process.
  See:
  *https://support.mozilla.org/kb/Server+not+found
  *https://support.mozilla.org/kb/Firewalls

• Activating email spellchecker often freezes screen and requires restart

  I complete the email and it contains spelling errors.
  Hitting the spell check button starts the little circular ball (thing) and the screen freezes.
  I have to finally exit the Thunderbird email programme entirely and restart. If I am lucky, the draft file might have captured some of the email, however I then have to manually correct spelling errors or I get a repeat of the above.
  Any assistance much appreciated. Thanks

  How do I fix this?
  Use iOS 6, wait for iOS 7.1.