WPA2 and Radius server configuration

On the page: http://cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008054339e.shtml
is described how to setup a WPA2 and Radius server.
If I follow this, the Radius server does not work. In the document they descibe that I need to use 10.0.0.1 as the IP, but my AP has a 192.168.1.251 address. Even if I enter that adres, or the 10.0.0.1, it does not work.
Normal WPA2 personal, without Radius does work.
I use a 1100 series AP, (AIR-AP1120B-E-K9) with a AIR-MP21G and the firmware of the radio module is 5.90.11.
The IOS version is 12.3(8)JA2.
Does anyone know what to do?
Haik

Hello,
I understand that. I have given the AP a fixed address, 192.168.1.251. This is outside the DHCP pool, from the router.
Even if I use this address in th Radius configuration, it still does not work. My client (laptop with Intel Pro Wireless 2200 card), detects that there is a Radius server, and asks for a username / password.
But even if I fill it in correctly (copy / paste) it does not work.
So what can be wrong with this configuration?
Haik

Similar Messages

Wrv200 and radius server does not work

I am "upgrading" from a dlink di-524 to a wrv200 because I want multiple ssid's. I have my old ssid configured to use the same radius server, port, password, etc. on the wrv200 as on the dlink. When I try to connect it does not authenticate. (Using certificates - wpa2 Enterprise.) The dlink will still authenticate if I plug that back in. The wrv200 seems to be getting to the radius server since it will complain if I change the ip address of the wrv200 to something unexpected. However, the authentication never finishes. It's as if something just does not pass through the router or is dropped. There are no messages on the radius server, not even a rejected or successful message. Does anyone have any ideas on this? I'd hate to have to use 2 routers to add an ssid (I already have 3 in my network.)
Message Edited by Howlie on 12-11-2007 06:48 PM

Sorry to take so long to reply. I'm using freeradius under Fedora 7. Thanks for the url but I already saw that when I was setting up the radius server. I chatted with tech support about the issue and, since I'm using a wrvs4400n with the same radius settings and working, it is probably a firmware issue. I guess I'll have to just wait for the firmware to catch up.
Message Edited by Howlie on 12-15-2007 03:44 AM

Question about RADIUS server configuration with a MacBook Pro

Hello,
I own a modem router which is capable of WPA2 Enterprise and I want to use it with a RADIUS server for authentication and security purposes.
However, I have a few doubts about this.
MY CONFIGURATION:
The modem router would be connected to a fixed PC with Windows and to a MacBook Pro (both with Ethernet)
The RADIUS server would be running on the MacBook Pro (freeRADIUS)
The bold is the issue, that comes when I disconnect the MBP (it's a notebook, so I use it disconnected from the router sometimes).
Supposing the router would have recognized it (correct configuration), it would disconnect from it.
My questions:
Would Wi-Fi be lost in this manner? Or would the modem router automatically switch to another Wi-Fi authentication?
If I reconnected the MBP to the modem router and re-run the RADIUS server, would I need to access the control panel and re-configure the WPA2 Enterprise in order for Wi-Fi to work again?
Thanks in advance,
Tyrexionibus

"Full HD 3DD camcorder..." Marketing at it's best.
This is HDV, right? HDV has the same data rate as DV...13.6GB/hour. But because of the MPEG-2 Long GOP format the HDV format employs, it can be a bit tough to edit, but mainly when rendering effects. IT will be slower than DV, and you can't monitor thru the camera like you can with DV, but a simple FW400 drive and Intel Mac will be fine. Better if you can convert to ProRes upon ingest, but then that eats up a LOT more space and requires at least FW800...
http://library.creativecow.net/articles/poisson_chris/hdv-prores.php
Shane

Exchange Server 2013 and RADIUS server(freeRADIUS2)

I am a student and doing an internship. I have to test Microsoft Exchange Server 2013.
I am using Windows Server 2012, I already installed Exchange
Server 2013 on it and everything works as intended.
But I couldn't find out how to configure my Windows Server 2012 in order to authenticate my mailbox users from Exchange Server 2013 with a RADIUS
server which is not on my Windows Server 2012. I have to use their RADIUS server ( freeRADIUS2 ), the RADIUS server from
the company where I am doing my internship.
I already did the checklist that is on http://technet.microsoft.com/en-us/library/cc772591.aspx. I configured the NPS as
a RADIUS proxy, because that's what I need.
So after doing everything that is on that checklist, my question is:
Is it possible that the Exchange Server 2013 will use my NPS which is now configured as a NPS RADIUS proxy to authenticate my mailbox users that I have on my Exchange Server 2013?

thanks for such a quick response.
Just a small question about the link that you put. Does member server mean other server other than domain controller?
Regards,
Yes, Also the server on which you are installing Exchange should have exchange installed.
Cheers,
Gulab Prasad
Technology Consultant
Blog:
http://www.exchangeranger.com    Twitter:
  LinkedIn:
   Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Bridging a WPA2 Enterprise Radius Server (Lion Server) to Apple TV

Hello,
I was wondering if anyone can help me out with this setup that I have with Lion Server. Recently I set up my Airport Extreme to use Radius and bind it to my Lion Server for Authentication. Radius works with most of my devices, except for my ATV2 (which is in a different room from the AIrport Extreme.) As most of you may know, ATV2 doesn't support WPA2 Enterprise networks.
Ideally what I would like to do is have the Apple TV connect to my wireless network for all of my videos that are shared on a HD connected to my Lion Server. I was thinking about looking for a WPA2 enterprise wireless bridge with an Ethernet port so that I can connect the ATV to the bridge and have the bridge connect to my Airport Extreme. However, here is what I can not figure out. How can I get that bridge to authenticate to the Radius Server on Lion Server? From my understanding the Radius service on the Lion Server uses its own proprietary radius server to where I couldn't get the bridge to cnnect.
Please let me know your thoughts. If it helps, I have a 1st generation TC that I can place in the other room. However, I couldn't see any functionality in Airport Utility that would allow me to bridge that box to the WPA 2 Enterprise network.

Hello,
I was wondering if anyone can help me out with this setup that I have with Lion Server. Recently I set up my Airport Extreme to use Radius and bind it to my Lion Server for Authentication. Radius works with most of my devices, except for my ATV2 (which is in a different room from the AIrport Extreme.) As most of you may know, ATV2 doesn't support WPA2 Enterprise networks.
Ideally what I would like to do is have the Apple TV connect to my wireless network for all of my videos that are shared on a HD connected to my Lion Server. I was thinking about looking for a WPA2 enterprise wireless bridge with an Ethernet port so that I can connect the ATV to the bridge and have the bridge connect to my Airport Extreme. However, here is what I can not figure out. How can I get that bridge to authenticate to the Radius Server on Lion Server? From my understanding the Radius service on the Lion Server uses its own proprietary radius server to where I couldn't get the bridge to cnnect.
Please let me know your thoughts. If it helps, I have a 1st generation TC that I can place in the other room. However, I couldn't see any functionality in Airport Utility that would allow me to bridge that box to the WPA 2 Enterprise network.

EAP-TLS with Radius Server configuration (1130AG)

Hi All,
Im currently tryign to get eap-tls user certificate based wireless authentication working. The mismatch of guides im trying to follow has me ocming up trumps with success so far, so heres hoping you guys can right me wrongs and put me on the right path again.
My steps for radius:- (i think this part ive actually got ok)
http://technet.microsoft.com/en-us/library/dd283091(v=ws.10).aspx
Steps for the wirless profile on a win 7 client:- this has me confused all over the place
http://technet.microsoft.com/en-us/library/dd759246.aspx
My 1130 Config:-
[code]
Current configuration : 3805 bytes
! Last configuration change at 11:57:56 UTC Fri Jan 25 2013 by apd
! NVRAM config last updated at 14:43:51 UTC Fri Jan 25 2013 by apd
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname WAP1
aaa new-model
aaa group server radius RAD_EAP
server 10.1.1.29 auth-port 1812 acct-port 1813
aaa authentication login default local
aaa authentication login EAP_LOGIN group RAD_EAP
aaa authorization exec default local
aaa authorization network default local
aaa session-id common
ip domain name ************
dot11 syslog
dot11 ssid TEST
   authentication open eap EAP_LOGIN
   authentication network-eap EAP_LOGIN
   guest-mode
crypto pki trustpoint TP-self-signed-1829403336
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1829403336
revocation-check none
rsakeypair TP-self-signed-1829403336
quit
username ***************
ip ssh version 2
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
ssid TEST
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
ssid TEST
no dfs band block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 10.1.2.245 255.255.255.0
ip helper-address 10.1.1.27
no ip route-cache
no ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
radius-server host 10.1.1.29 auth-port 1812 acct-port 1813 key **************
radius-server key ************
bridge 1 route ip
line con 0
logging synchronous
transport preferred ssh
line vty 0 4
logging synchronous
transport input ssh
sntp server 130.88.212.143
end
[/code]
and my current debug
[code]
Jan 25 12:00:56.703: dot11_auth_send_msg: sending data to requestor status 1
Jan 25 12:00:56.703: dot11_auth_send_msg: Sending EAPOL to requestor
Jan 25 12:00:56.703: dot1x-registry:registry:dot1x_ether_macaddr called
Jan 25 12:00:56.703: dot11_auth_dot1x_send_id_req_to_client: Client 74de.2b81.56c4 timer started for 30 seconds
WAP1#
Jan 25 12:01:26.698: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,TIMEOUT) for 74de.2b81.56c4
Jan 25 12:01:26.698: dot11_auth_dot1x_send_client_fail: Authentication failed for 74de.2b81.56c4
Jan 25 12:01:26.698: dot11_auth_send_msg: sending data to requestor status 0
Jan 25 12:01:26.698: dot11_auth_send_msg: client FAILED to authenticate 74de.2b81.56c4, node_type 64 for application 0x1
Jan 25 12:01:26.699: dot11_auth_delete_client_entry: 74de.2b81.56c4 is deleted for application 0x1
Jan
WAP1#25 12:01:26.699: %DOT11-7-AUTH_FAILED: Station 74de.2b81.56c4 Authentication failed
Jan 25 12:01:26.699: dot11_aaa_upd_accounting: Updating attributes for user: 74de.2b81.56c4
Jan 25 12:01:26.699: dot11_aaa_upd_accounting: Updating attributes for user: 74de.2b81.56c4
Jan 25 12:01:26.699: dot11_auth_client_abort: Received abort request for client 74de.2b81.56c4
Jan 25 12:01:26.699: dot11_auth_client_abort: No client entry to abort: 74de.2b81.56c4 for application 0x1
Jan 25 12:01:27.580: AAA/BIND(000000
WAP1#12): Bind i/f
Jan 25 12:01:27.580: dot11_auth_add_client_entry: Create new client 74de.2b81.56c4 for application 0x1
Jan 25 12:01:27.580: dot11_auth_initialize_client: 74de.2b81.56c4 is added to the client list for application 0x1
Jan 25 12:01:27.581: dot11_auth_add_client_entry: req->auth_type 0
Jan 25 12:01:27.581: dot11_auth_add_client_entry: auth_methods_inprocess: 2
Jan 25 12:01:27.581: dot11_auth_add_client_entry: eap list name: EAP_LOGIN
Jan 25 12:01:27.581: dot11_run_auth_methods: Start aut
WAP1#h method EAP or LEAP
Jan 25 12:01:27.581: dot11_auth_dot1x_start: in the dot11_auth_dot1x_start
Jan 25 12:01:27.581: dot11_auth_dot1x_send_id_req_to_client: Sending identity request to 74de.2b81.56c4
Jan 25 12:01:27.581: EAPOL pak dump tx
Jan 25 12:01:27.581: EAPOL Version: 0x1 type: 0x0 length: 0x002B
Jan 25 12:01:27.581: EAP code: 0x1 id: 0x1 length: 0x002B type: 0x1
01801670:                   0100002B 0101002B          ...+...+
01801680: 01006E65 74776F72 6B69643D 54455354 ..networkid=TEST
WAP1#
01801690: 2C6E6173 69643D41 50445741 50312C70 ,nasid=WAP1,p
018016A0: 6F727469 643D30                      ortid=0
Jan 25 12:01:27.582: dot11_auth_send_msg: sending data to requestor status 1
Jan 25 12:01:27.582: dot11_auth_send_msg: Sending EAPOL to requestor
Jan 25 12:01:27.582: dot1x-registry:registry:dot1x_ether_macaddr called
Jan 25 12:01:27.583: dot11_auth_dot1x_send_id_req_to_client: Client 74de.2b81.56c4 timer started for 30 seconds
WAP1#
[/code]
Can anyone point me in the right direction with this?
i also dont like it that you can attempt to join the network first before failing
can i have user cert based + psk? and then apply it all by GPO
Thanks for any help

ok ive ammdened the wireless profile as suggested
i already have the root ca and a user certificate installed with matching usernames
I had already added the radius device to the NPS server and matched the keys to the AP
now heres the debug im getting, when i check the NPS server, still doesnt look like its getting any requests at all :|
Jan 29 11:53:13.501: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,TIMEOUT) for 74de.2b81.56c4
Jan 29 11:53:13.501: dot11_auth_dot1x_send_client_fail: Authentication failed for 74de.2b81.56c4
Jan 29 11:53:13.501: dot11_auth_send_msg: sending data to requestor status 0
Jan 29 11:53:13.501: dot11_auth_send_msg: client FAILED to authenticate 74de.2b81.56c4, node_type 64 for application 0x1
Jan 29 11:53:13.501: dot11_auth_delete_client_entry: 74de.2b81.56c4 is deleted for application 0x1
Jan
WAP1#29 11:53:13.501: dot11_mgr_disp_callback: Received message from Local Authenticator
Jan 29 11:53:13.501: dot11_mgr_disp_callback: Received FAIL from Local Authenticator
Jan 29 11:53:13.501: dot11_mgr_sm_run_machine: Executing Action(BRIDGE,AUTHENTICATOR_FAIL) for 74de.2b81.56c4
Jan 29 11:53:13.502: dot11_mgr_sm_send_client_fail: Authentication failed for 74de.2b81.56c4
Jan 29 11:53:13.502: %DOT11-7-AUTH_FAILED: Station 74de.2b81.56c4 Authentication failed
Jan 29 11:53:13.502: dot11_mgr_disp_auth_abort
WAP1#: Sending abort request for client 74de.2b81.56c4 to local Authenticator
Jan 29 11:53:13.502: dot11_auth_client_abort: Received abort request for client 74de.2b81.56c4
Jan 29 11:53:13.502: dot11_auth_client_abort: No client entry to abort: 74de.2b81.56c4 for application 0x1
Jan 29 11:53:14.619: AAA/BIND(00000019): Bind i/f
Jan 29 11:53:14.619: dot11_mgr_disp_auth_request: Send auth request for client 74de.2b81.56c4 to local Authenticator
Jan 29 11:53:14.619: dot11_auth_add_client_entry: Create new c
WAP1#lient 74de.2b81.56c4 for application 0x1
Jan 29 11:53:14.620: dot11_auth_initialize_client: 74de.2b81.56c4 is added to the client list for application 0x1
Jan 29 11:53:14.620: dot11_auth_add_client_entry: req->auth_type 0
Jan 29 11:53:14.620: dot11_auth_add_client_entry: auth_methods_inprocess: 2
Jan 29 11:53:14.620: dot11_auth_add_client_entry: eap list name: EAP_LOGIN
Jan 29 11:53:14.620: dot11_run_auth_methods: Start auth method EAP or LEAP
Jan 29 11:53:14.620: dot11_auth_dot1x_start: in the dot11
WAP1#_auth_dot1x_start
Jan 29 11:53:14.620: dot11_auth_dot1x_send_id_req_to_client: Sending identity request to 74de.2b81.56c4
Jan 29 11:53:14.620: EAPOL pak dump tx
Jan 29 11:53:14.621: EAPOL Version: 0x1 type: 0x0 length: 0x002B
Jan 29 11:53:14.621: EAP code: 0x1 id: 0x1 length: 0x002B type: 0x1
01808560: 0100002B 0101002B 01006E65 74776F72 ...+...+..networ
01808570: 6B69643D 54455354 2C6E6173 69643D41 kid=TEST,nasid=A
01808580: 50445741 50312C70 6F727469 643D30    WAP1,portid=0
Jan 29 11:53
WAP1#:14.621: dot11_auth_send_msg: sending data to requestor status 1
Jan 29 11:53:14.621: dot11_auth_send_msg: Sending EAPOL to requestor
Jan 29 11:53:14.622: dot11_mgr_disp_callback: Received message from Local Authenticator
Jan 29 11:53:14.622: dot11_mgr_disp_callback: Received DOT11_AAA_EAP from Local Authenticator
Jan 29 11:53:14.622: dot11_mgr_sm_run_machine: Executing Action(BRIDGE,AUTHENTICATOR_REPLY) for 74de.2b81.56c4
Jan 29 11:53:14.622: dot11_mgr_sm_send_response_to_client: Forwarding Authenti
WAP1#cator message to client 74de.2b81.56c4
Jan 29 11:53:14.622: EAPOL pak dump tx
Jan 29 11:53:14.622: EAPOL Version: 0x1 type: 0x0 length: 0x002B
Jan 29 11:53:14.622: EAP code: 0x1 id: 0x1 length: 0x002B type: 0x1
01808690:                   0100002B 0101002B          ...+...+
018086A0: 01006E65 74776F72 6B69643D 54455354 ..networkid=TEST
018086B0: 2C6E6173 69643D41 50445741 50312C70 ,nasid=WAP1,p
018086C0: 6F727469 643D30                      ortid=0
Jan 29 11:53:14.623: dot1x-regi

Cisco and Radius Server

Hello Guys
I am trying to install Radius server for a cisco 2801 router. I am not able to configure it properly. Is there anybody who can guide me to solve this issue.
Can anybody please tell me why these error messages are coming.. how i can fix the error and make it ready for the router??

If you need help on micrsoft radius server . you need to check with Microsoft

Primary-secondary radius server configuration

Hi all ,
I have a couple of ACS 5.2 configured as active and backup and I am doing dot 1x authentication using these servers . I have configured the switch with the bellow configuration.
radius-server host 10.0.10.15 auth-port 1645 acct-port 1646
radius-server host 10.0.10.16 auth-port 1645 acct-port 1646
radius-server key 7 aaaaaaaaaaaaaa
please help to understand what will happen in switch
1) in case of primary failure
2)in case if primary returns alive .
thanks in advance ,
Selva

Hi Selva,
You need to post all your AAA config. the above lines show you added the radius servers but it is not necessarily all server will be reached. We need to look into the AAA config to see what server groups are configured and what servers under the groups.
In general, if things are configured correctly:
- If the primary did not reply at all (down, not reachable...etc) the AAA client (switch in your case) will try the next radius server.
- If the primary server replies (with access-reject, error, ...etc) the AAA client (switch in your case) send auth failure to the host.
HTH
Amjad
Rating useful replies is more useful than saying "Thank you"

Upstream and Downstream Server Configuration Issues

Hello
We're trying to configure an upstream and downstream server infrastructure. We believe that we have this configured and working properly but our issue is that local clients and servers are appearing on the downstream server and not the upstream server.
It would be useful for all clients to be managed from the upstream server to reduce administration time.
We manually assign computers to groups and use Group Policy to specify the client configuration. The client and server settings have these keys specified:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Name: WUServer    Type: REG_SZ    Data: (Downstream Server)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Name: WUStatusServer    Type: REG_SZ    Data: (Upstream Server)
To me, this should mean that clients only get updates from the downstream server and are conmpletely managed from the upstream server but maybe it doesn't work that way?
All downstream servers are set to replicas.
Can anyone help? I'm sure you shouldn't have to assign every client to group at downstream level. I have thought about using GPO to assign to groups but it would be complicated with our structure due to testing containers and I think I would
have the same result.
Basically, I would like to assign computers to groups from all sites using the upstream server only.
Thanks in advance,
Luke

our issue is that local clients and servers are appearing on the downstream server and not the upstream server.
Number one cause associated with this symptom is not enabling Reporting Rollup on the upstream server in Options->Reporting Rollup.
It would be useful for all clients to be managed from the upstream server to reduce administration time.
This won't happen in any case. Clients are managed from the WSUS server they are assigned to. You can, however, register more than one WSUS server in the WSUS console and manage multiple WSUS servers from a single console.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Name: WUServer    Type: REG_SZ    Data: (Downstream Server)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Name: WUStatusServer    Type: REG_SZ    Data: (Upstream Server)
This is not correct, but it's not a critical issue since "WUServer" is set correctly. The WUA is just ignoring the incorrect value for "WUStatusServer". Both of these strings should be set to the same value -- the assigned WSUS server.
To me, this should mean that clients only get updates from the downstream server and are conmpletely managed from the upstream server but maybe it doesn't work that way?
It doesn't.
Basically, I would like to assign computers to groups from all sites using the upstream server only.
Not an option. You have two choices with replica servers:
Assign the group memberships from the assigned replica server.
Assign the group memberships via Group Policy.
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

DMS and Content Server configuration

After installing the Content Server and creating a Content Repository, I have to make that documents be stored in that contet repository. Please, help me with this becasue it is not clear for me how to solve it.
Thanks!
Patricia

Hello Everybody,
my team and me need your help.
We have the same problem...
- Installed Content server on Win 2003 server
- Using SAP ECC 5.0 and trying to create and configure content repository via 'OAC0'
- This is initially our test environment so here we are not using any certificates
When we try to connect the Content Server from ECC 5.0, an error popup appeared : HTTP error 401 "Error in configSet".
Is somebody has an idea ?
Latheef (or someone else), could you please forward me the Configuration document on SAP Content server ?
My mail is : <email address deleted by moderator>
Thanks in advance & Regards,
Christophe

LSO and Content Server Configuration

Hi,
I need to connect LSO to the Content Server - how and what should I configure to do it properly?
What information should I get from a client to be able to establish this connection?
Regards,
Otocon

Hi Otocon,
Please check this thread - LSO - Enterprise Portal Integration
Regards,
Sen

Import and Syndicate Server Configuration

Hi All,
Is it possible to setup the time interval in Import and Syndicator, with specific to one repository.
For example, if i have one repository, for which the import has to run every 30 mins, and for another if it has to run every 3 mins.
Is it possibel to do it?.
Same for syndicator as well?
Thanks,
Priya.

Hello Priya,
This is possible in MDM 7.1 without PI .
1. For MDSS, there is a repository level MDSS.ini configuration setting for such a delay
From the MDM 7.1 Console Reference Guide:"
Auto Syndication Task Delay= (seconds) .
Integer.The number of seconds MDSSu2019s automatic syndication task waits after syndicating to all ports associated with the repository. Value copied from the corresponding property in MDM Console
2. With MDIS it is a bit more complicated as MDIS is able to process in chunks of data.
Therefore you are able to define the delay between chunks
From the MDM 7.1 Console Reference Guide:"
Inter-Chunk Delay= (MS)
Integer. The number of milliseconds MDIS waits between processing chunks of records to allow other clients access to MDS.
These are all explained in the Console reference guide.
I advise you to read the appropriate sections.
Regards,
Hedda Cohen.

Login problem in that the radius server is not configured. And the local user does not authenticate

When trying to login, the message appears "No radius server configured" and the local user does not authenticate. How do I access without rebooting the Switch 6500 with CatOS.

Hi PK.
Thanks for your Attention. You know how to insert a line configuration via SNMP RW "set radius server 10.112.15.21 auth-port 1645 primary"?
I believe this way or can I work around the problem.

How to configure a Cisco 3560 with MAC-based 802.1x authentication by radius server

Hi dearI
How can I configure a Cisco 3560 to authenticate a client based on its mac address with 802.1x and radius server. Many tanks in advance!

Olivier,
You can't reference WLP visitor roles in weblogic.xml, but you can
reference global roles (created using the WLS console):
- <security-role-assignment>
<role-name>PortalSystemAdministrator</role-name>
<externally-defined />
</security-role-assignment>
-Phil
"Olivier" <[email protected]> wrote in message
news:[email protected]..
>
We need to have login page to our portal app.
When using "form based" authentication is it possible to map the securityon a
"entitlement role" ?
Our need is to be abled to give direct url acces to some pages of theportal (for
exemple by sending urls like"http://server/appcontextpath/appmanager/myportal/mydesktop?_nfpb=true&_page
Label=mypage")"
by email to portal users) and need a simple mecanism of authenticationbefore
redirecting to the portal page.
Inste

Accounting-Start and Accounting-Stop recorded on diffrent RADIUS server.

1.If a NAS configured to have a primary and a backup RADIUS server. To start with all the “Accounting-Start” records will be in the primary RADIUS server. Later on the primary server goes down (Primary server won’t tell the NAS?). When sessions stop, the NAS sends the “Accounting-Stop” to the secondary. I understand the “Start-Stop” record with the same “user name” and “session-id” ideally should be recorded in the same server. If this situation happens what should both the NAS and RADIUS server do?
2.A NAS configured to have a primary and backup RADIUS server. To start with all the “Accounting-Start” records will be in the primary RADIUS server. Later on the administrator decided to change the primary server (as there are problems with the previous primary). sessions stop, the NAS sends the “Accounting-Stop” to the new primary. This ends up the “Accounting-Start” and “Accounting-Stop” with the same “user name” and “session Id” in two RADIUS servers.
To summarize, how to avoid the ”start-stop” pair ends up in different servers ? If it does, is it an issue for RADIUS application ?
Cheers,

It is my understanding that the 'NAS_PORT' value in authentication and accounting request are unique and a different value for each authentication request allows it to identify those users that are logged in. However, sending one Acct-Unique-Session-Id at the Start and a different one at stop does sound fishy. However, I could not find any bugs related to this problem. Do let me know if you manage to locate something.

WPA2 and Radius server configuration

Similar Messages

Maybe you are looking for