WPA2 enterprise, Can not authenticate with ACS

Similar Messages

• Cisco wlc ios 7.2 with clients windows 8 can not authenticate with 802.1x

  Hello my name is Ivan:
  I have a solution a unified solution wireless with a cisco wlc 7.2 and ap cisco. My issue is the follow:
  My users are using laptops with OS windows 8, and they can not access to the network wireless because they authenticate in to the network using 802.1x wpa/wpa2 with tkip or aes.
  I find a bug in the ios of the wlc. The number is CSCua29504. I would not to change the drivers in the laptop to join the users in to the solution.
  Please is possible to find any software to do the upgrade in the wlc? Or perhaps we need to do an upgrade in to cisco lightweight access point?
  Please help me in this issue.
  Regards
  Ivan

  Bug ID CSCua29504 has been fixed in WLC firmware 7.0.235.3, 7.3.101.X or 7.4.100.X.
  So if you are NOT running any one of these codes, then yes.  Upgrade your firmware is your solution.
  Fixed in:  (12)
  7.4(100.0),7.4(1.20),7.3(112.0),7.3(101.0),7.3(1.67)
  7.2(111.3),7.2(111.1),7.2(110.4),7.0(236.0),7.0(235.3)

• Can not Authenticate WLSE Express with Active Directory

  Hi ,All
  I can not authenticate WLSE Express using external database with AD. I have downloaded the agent to the Domain Controller and install it on AD.
  At WLSE Express I found log
  "Error Server 0 RemoteDomainAuth server domain-auth: Agent API encountered error (1)"
  "Error Server 0 Service domain-auth has no active remote servers available"
  "Warning Protocol 0 Request from AP101 (10.224.20.143): User insee-wds rejected (ServiceUnavailable)"
  "Warning Protocol 0 Request from AP101 (10.224.20.143): User insee-wds rejected (InternalError)"
  maybe something wrong on AD ,
  If anyone has an idea , please help me.
  Thankss.

  I got the problem like you.
  Do you have any solution to solve this issue?
  If you have, please e-mail or post to me and everybody who be like this.
  Thank you so much.

• WLC can't communicate with ACS.

  Hello,
  I have a new for use ACS 1120 with 5.0.0.21 software. The purpose of the ACS is to authenticate Wireless users based on an ACS defined external identity source, LDAP. The following configs are made:
  - LDAP is configured as an external identity source on ACS.
  - WLC is configured on ACS as AAA client.
  - WLC is configured to use ACS RADIUS server (10.140.19.20) and WLANs are configured for [WPA2][Auth(802.1X)] AAA authentication.
  But for some reason AAA requests from WLC can not reach the ACS. Both devices are connected to the same 6506 switch, there is no firewall inbetween. There is no fail/success RADIUS log on ACS.  This is the log from the WLC. PLEASE HELP!!!
  4
  Sat Jun 23 05:41:032012
      RADIUS server 10.140.19.20:1813 deactivated in global list
  5
  Sat Jun 23 05:41:03 2012
      RADIUS server 10.140.19.20:1813 failed to respond to request (ID 70) for client 00:22:fa:1d:3a:ae / user 'unknown'
  6
  Sat Jun 23 05:40:40 2012
       RADIUS server 10.140.19.20:1813 deactivated in global list
  7
  Sat Jun 23 05:40:40 2012
       RADIUS server 10.140.19.20:1813 failed to respond to request (ID 69) for client 00:16:ea:c9:2d:dc / user 'unknown'
  8
  Sat Jun 23 05:40:40 2012
       RADIUS server 10.140.19.20:1813 deactivated in global list
  9
  Sat Jun 23 05:40:40 2012
       RADIUS server 10.140.19.20:1813 failed to respond to request (ID 68) for client 00:16:ea:c9:2d:dc / user 'unknown'

  Yes, you won't see any hits on ACS for PEAP authentication failure. Also, you should have a valid contract with Cisco before you download the latest images.
  If you would like to test, you may download the evaluation vesrion of ACS 5.3 along with the trial license file.
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/installation/guide/csacs_vmware.html#wp1069919
  Regards,
  Jatin
  Do rate helpful posts-

• HT4718 wpa2 enterprise 802.11x protocol with pap authentication.  Lion Reformat

  My school has only wpa2 enterprise 802.11x protocol with pap authentication.  Due to this I can not reinstall lion as a fresh copy.  I realized that I can download lion again from the app store.  Can it do a fresh install?

  I am having the exactly same problem as ecko04. I also tried to intall the certificate provided by my university but it failed. Could somebody help us out? Thanks

• What is "Could not authenticate with LiveConnect" error probably caused by?

  Dear all,
      I excountered another unexpected error while using the new NNTP Server.
      I selected "Logout and Exit" from the menu. Next time when I launched the NNTP Server and clicked "Start", a "LiveAuthForm" dialogue appeared, asked
  for my Microsoft Account and password. I entered, and it seemed I had signed in. The "LiveAuthForm" dialogue changed like this (Displayed in my language ZH-CN. The following are translated by myself):
  >>Microsoft Account
  >>Do you allow this application to access your information?
  >>NNTPBridge_Test needs your permission to continue the following operations:
  >>Keep you signed in automatically.
  >>Access your information at anytime.
  >>You can change these application permissions from your account settings at any time.
  >>Yes or No?
      When I clicked "Yes" in this dialogue, there would be a "Could not authenticate with LiveConnect!" pop-up appeared suddenly. I could not use the NNTP Server at all.
      Any idea what is this "Could not authenticate with LiveConnect" error probably caused by? Is there any LiveConnect addon or plugin I need to reinstall?   
      Suggestions would be deeply appreciated. Thank you all.
  Alexis Zhang
  http://mvp.support.microsoft.com/profile/jie
  http://blogs.itecn.net/blogs/alexis

  Alexis
  I have a different version of the bridge.  Can you give me the link to where you DL'ed it?
  There are 2 versions.  One for here on Technet & One for Microsoft community.
  Wanikiya and Dyami--Team Zigzag
  Is your version of this the same program but an older version (meaning that they updated it)?
  Ed Price, Power BI & SQL Server Customer Program Manager (Blog,
  Small Basic,
  Wiki Ninjas,
  Wiki)
  Answer an interesting question?
  Create a wiki article about it!
  Dear Ed Price,
      I downloaded the new NNTP Server from
  http://communitybridge.codeplex.com/releases/view/114419. Unfortunately all versions on
  this page (from v52 to v55) have the same error on my laptop.
      The issue still persists. I've never properly used this NNTP Server until now. I am still seeking for solutions. Any suggestion
  would be appreciated.
  Alexis Zhang
  http://mvp.support.microsoft.com/profile/jie
  http://blogs.itecn.net/blogs/alexis

• Slave instance can not synchronized with the master for a long time

  Hi,
  Slave instance can not synchronized with the master for a long time, and the gap of LSNs between slave and master are more and more larger. The transfer bytes per second between master and slave is 118MB/s , upper limit to the ethernet card. Why???
  ENVIRONMENT:
  1. A network program which we called mcdb is based on BDB 4.8.30. It is used to accept get/set requests and then query data from bdb or save data to bdb.
  2. mcdb implements replication with bdb replication manager api. The default start replication policy is DB_REP_ELECTION, rep ack policy is DB_REPMGR_ACKS_ONE_PEER and rep priority is 100.
  3. The bdb data files, bdb log files, region files and rep files are all in the same home directory.
  4. There are two instances of the mcdb are separately on two standalone servers which has no other programs. These two instances are in one replication group which can elect a master automatically.
  5. The master instance is online, which has lots of requests (get, set, delete).
  ACTIONS:
  1. Start two mcdb instances on two servers and the two instance make a replication group. Slave has already synchronized with the master.
  2. Stop the slave for a long time (more than 20 hours).
  3. Start the slave instance to synchronize data with master.
  RESULT:
  1. the gap of LSNs between slave and master are more and more larger.
  2. db_stat of master and slave:
  master db_stat:
  467170     Number of PERM messages not acknowledged
  9245     Number of messages queued due to network delay
  172415     Number of messages discarded due to queue length
  25880     Number of existing connections dropped
  3407     Number of failed new connection attempts
  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  DB_REPMGR site information:
  10.67.15.146 (eid: 0, port: 30011)
  Environment configured as a replication master
  331726/3574994     Next LSN to be used
  0/0     Not waiting for any missed log records
  328872/466092     Maximum permanent LSN
  0     Next page number expected
  0     Not waiting for any missed pages
  0     Number of duplicate master conditions originally detected at this site
  2147M     Current environment ID (2147483647)
  100     Current environment priority
  49     Current generation number
  50     Election generation number for the current or next election
  2323     Number of duplicate log records received
  0     Number of log records currently queued
  6768     Maximum number of log records ever queued at once
  55284     Total number of log records queued
  120M     Number of log records received and appended to the log (120475988)
  111     Number of log records missed and requested
  2147M     Current master ID (2147483647)
  2     Number of times the master has changed
  0     Number of messages received with a bad generation number
  8505306     Number of messages received and processed
  12     Number of messages ignored due to pending recovery
  471869     Number of failed message sends
  12M     Number of messages sent (12959945)
  0     Number of new site messages received
  1     Number of environments believed to be in the replication group
  990543     Transmission limited
  0     Number of outdated conditions detected
  0     Number of duplicate page records received
  0     Number of page records received and added to databases
  0     Number of page records missed and requested
  Startup complete
  6244678     Number of transactions applied
  0     Number of startsync messages delayed
  1     Number of elections held
  1     Number of elections won
  No election in progress
  0.057097     Duration of last election (seconds)
  8944103     Number of bulk buffer sends triggered by full buffer
  0     Number of single records exceeding bulk buffer size
  5273M     Number of records added to a bulk buffer (5273592170)
  10M     Number of bulk buffers sent (10490865)
  0     Number of re-request messages received
  0     Number of request messages this client failed to process
  0     Number of request messages received by this client
  slave db_stat:
  0     Number of PERM messages not acknowledged
  0     Number of messages queued due to network delay
  0     Number of messages discarded due to queue length
  1454     Number of existing connections dropped
  0     Number of failed new connection attempts
  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  DB_REPMGR site information:
  10.67.15.147 (eid: 0, port: 30011)
  Environment configured as a replication client
  329544/2916048     Next LSN expected
  330433/2013808     LSN of first log record we have after missed log records
  329543/5500501     Maximum permanent LSN
  0     Next page number expected
  0     Not waiting for any missed pages
  0     Number of duplicate master conditions originally detected at this site
  2147M     Current environment ID (2147483647)
  100     Current environment priority
  49     Current generation number
  50     Election generation number for the current or next election
  5256M     Number of duplicate log records received (5256599432)
  3925284     Number of log records currently queued
  3925285     Maximum number of log records ever queued at once
  4880561     Total number of log records queued
  3578038     Number of log records received and appended to the log
  1912297     Number of log records missed and requested
  0     Current master ID
  1     Number of times the master has changed
  0     Number of messages received with a bad generation number
  12M     Number of messages received and processed (12980442)
  2     Number of messages ignored due to pending recovery
  0     Number of failed message sends
  1912307     Number of messages sent
  0     Number of new site messages received
  0     Number of environments believed to be in the replication group
  0     Transmission limited
  0     Number of outdated conditions detected
  0     Number of duplicate page records received
  0     Number of page records received and added to databases
  0     Number of page records missed and requested
  Startup incomplete
  110568     Number of transactions applied
  80     Number of startsync messages delayed
  0     Number of elections held
  0     Number of elections won
  No election in progress
  0     Number of bulk buffer sends triggered by full buffer
  0     Number of single records exceeding bulk buffer size
  0     Number of records added to a bulk buffer
  0     Number of bulk buffers sent
  0     Number of re-request messages received
  0     Number of request messages this client failed to process
  0     Number of request messages received by this client
  Edited by: 899585 on 2013-1-4 下午10:54
  Edited by: 899585 on 2013-1-4 下午10:55

  Hi,
  Unfortunately, this issue is beyond the level of what is supported over the forum. Performance related issues are extremely complex and require an in-depth understanding of your environment and dedicated support. In a generic sense, you can look at this as a basic queueing problem. You have a server that went down and work is still coming in. When the server gets started it is possible that it may never catch up depending on new work coming in and the rate at processing the old work.
  So what would you do in this case --- one thing would be to reduce the new work coming in. In HA terms this would be slowing the master down and you can increase DB_REP_ACK_TIMEOUT for this. Another thing you could do is add fresh servers to help reduce the workload. In HA terms, this would be the equivalent of restarting the client and give it a fresh look at everything. Another thing you could do is replan the system and load balance. In HA terms, it would mean something like take a hot backup of the master and reinit a client from scratch.
  If you are interested in getting a dedicated support person working on this concern, please let me know and we can move forward down that path. Just respond to the thread with your email address and I will get in contact with you so we can pursue that approach.
  thanks
  mike

• I have an account for apple but this is not acceptable for i cloud. It say it is correct ID and password but this is not icloud account. So my phone can not connect with my computer and not synchronization too

  I have an account for apple but this is not acceptable for i cloud. It say it is correct ID and password but this is not icloud account. So my phone can not connect with my computer and not synchronization too. Last a few months i have not use this phone. Just i start to use again. So most probably i gave my old mail address as a ID or password. So how can i clearing this subject. regards

  ErolSinan wrote:
  ... there is no button for update between the About and Usage buttons in the General. ...
  Correct. That is only a feature of iOS 5 or later...
  ErolSinan wrote:
  ... yes my phone is 3G.
  then it can only go as far as iOS 4.2.1

• My iphone 5 can not sync with my itunes cloud

  my iphone 5 can not sync with my itunes cloud, how can i sync my iphone 5 with my library or is it not possible please help

  Is your iPhone connected to your computer using the lightning cable or are you doing WiFi sync?
  Sometimes the iPhone doesn't show up in the side bar if you're using WiFi syncing, if its not working, then be connected to your WiFi on your phone and on your computer (Same network) let me know how it's going, if it doesn't work still. Turn your phone off and on again and put in your pass code then try to sync it (keep your phone unlocked and not in sleep mode) tel me if it appears in the side bar.

• Since I'd installed the new version of iTunes, iCal and Address book do not sync with my iPhone 3GS through iTunes anymore and I get an error message stating that iTunes can not sync with this iPhone. Was must i do to correct this issue?

  Since I'd installed the new version of iTunes, iCal and Address book do not sync with my iPhone 3GS through iTunes anymore and I get an error message stating that iTunes can not sync with this iPhone. Was must i do to correct this issue and if i must, how dI reintall iTunes without loosing my content?
  P.S. I am able to sync postcasts and music though!

  http://support.apple.com/kb/TS3694
  http://support.apple.com/kb/TS3125
  http://support.microsoft.com/kb/299357

• Can not print with HP LaserJet 6L since the upgrade to Mavericks.

  Can not print with HP LaserJet 6L since the upgrade to Mavericks. Any alternative driver for this printer?

  I have an HP LaserJet 5P and had the same problem. My LaserJet is connected to a D-Link ethernet print server, then to an Airport Express to support wireless printing.
  As recommended in earlier posts, I first downloaded the Gutenprint HP drivers at Sourceforge, version 5.2.9 That did not work. Then found the reference to the Apple kb here: http://support.apple.com/kb/dl907
  Downloaded these drivers. When setting up the printer, I got the autoselect option for Generic Postscript Printer and used that. Printer worked, but printed out garbage. I then deleted the printer, and this time selected the HP LaserJet 5P CUPS + Gutenprint v.5.2.9 THAT WORKED! I don't know if was the combination of downloading the drivers from Sourceforge and the Apple kb, or just the Apple kb that solved the problem, but I'm glad this is now sorted.
  I was a bit surprised when I hit this snag to begin with because the last upgrade I did from Lion to Mountain Lion, I did not have this issue. It was seamless.

• Can not Print with HP LaserJet 5000 and Epson AcuLaser C9100

  I am using MacBook Pro 2.3 GHz Intel Core i7 with Mac OS X (10.6.6)
  I already install the latest print driver from the Apple Software Update website.
  The driver for HP is Ver. 17.5 & for Epson is Ver. 5.2
  I connect two of the printer to my Belkin Surf N300 wireless N Router with ethernet cable.
  The error when print to HP LaserJet 5000 is as follow:-
  Unable to get printer status (Not Implemented)!
  Network host 'x.x.x.x' is busy; will retry in 30 seconds...
  This error can stay forever if I do not delete the print job
  The error when print to Epson AcuLaser C9100 is as follow:-
  Printer not responding
  This error can stay forever if I do not delete the print job
  Previously I can print with my emac with OS X 10.4.10, but now I can not print with 2 of my printer.
  My 2 printer are in good condition, so this is not the printer problem.
  Please, do anyone know how to fix this problem fast, because I need to use this two printer for my business.
  Thanks in advance.

  That is not what Greg needs to know. That is just the way that the IP addresses are assigned to the printers.
  Your problem is probably that the printers were probably originally found by AppleTalk. AppleTalk is not included in Snow Leopard. If the printers support Bonjour, they should be found that way. Otherwise, you have to use other methods.
  How did you add your printers on the new computer? If you delete them from Print & Fax, how would you add them again?

• I have a Power Mac G5 Dual 2.3 running 10.5.8, I understand that I can not upgrade to Lion, so what will happen to my Mobile me, which I can not live with out?

  I have a Power Mac G5 Dual 2.3 running 10.5.8, I understand that I can not upgrade to Lion, so what will happen to my Mobile me, which I can not live with out? Also will I be able to get Icloud to work?

  Hi Mary, the other so called "Features" of iClound will not work for like Syncing, but eMail will.
  MobileMe & dot Mac will still work last I heard.
  iCloud Mail setup, even in 10.4/10.5…
  Don't delete your old account yet. Just setup a new one in Mail>Preferences>Accounts, little plus icon. Choose IMAP as account type, not ,mac or MobileMe.
  IMAP (Incoming Mail Server) information:
            ▪          Server name: imap.mail.me.com
            ▪          SSL Required: Yes
            ▪          Port: 993
            ▪          Username: [email protected] (use your @me.com address from your iCloud account)
            ▪          Password: Your iCloud password
  SMTP (outgoing mail server) information:
            ▪          Server name: smtp.mail.me.com
            ▪          SSL Required: Yes
            ▪          Port: 587
            ▪          SMTP Authentication Required: Yes
            ▪          Username: [email protected] (use your @me.com address from your iCloud account)
            ▪          Password: Your iCloud password

• I have Firefox 10.0.2. and OSX 10.6.8. and the latest PDF adobe reader, and still can not open with the browser PDF files.Can someone help,pls?Thanx

  Dear Ones,
  I have Firefox 10.0.2. and OSX 10.6.8. and the latest PDF adobe reader, and still can not open with the browser PDF files.Can someone help,pls?Thanx

  see if this is helpful : [http://support.mozilla.org/en-US/kb/Opening%20PDF%20files%20within%20Firefox Opening PDF files within Firefox]
  thank you
  Please mark "Solved" the answer that really solve the problem, to help others with a similar problem.

• How can I authenticate with card which status is 'OP_READY' ?

  Hello~
  I'm doing personalization of smart card.
  I'm able to personalize the card which status is 'INITIALIZED'.
  However...
  According to spec , server follow below process to authenticate with card which status is 'OP_READY'. In that process, select CM is ignored.
  Reset Card->Generate Server_Challenge->Intialize session
  During that process, I wonder about a few things.
  1) When I receive a card from suppliers , what is the status of card?
  Is it 'OP_READY' or "INITIALIZED' ?
  If it is 'OP_READY' , I have to establish a secure session using ISK
  to change the status to 'INITIALIZED'.
  How can I authenticate with card using ISK?
  Any comments would be greatly appreciated

  Hello there,
  If you can Authenticate (by that I mean send an Initialise Update command and External Authenticate command) successfully the ISD keys are already on the card. If you cannot Authenticate then you will need to load these onto the card and this is done with the Put Key command. You need to load 3 keys - these are 16 byte keys usually all with the same value e.g. 41 42 ...........4F. Once these keys are on the card you need to set the SCP option (which should be 0105) and then you will be able to Authenticate. You will then be able to send a Set Status command to change the life cycle state of the card (either with the apdu or from an applet using the setCardContentState() method).
  I'm guessing that your JCOP card probably has the ISD keys on already and has the SCP option set so there is no need for any additional keys to be loaded at this stage.
  Hope this helps,
  Stephanie