WRT54G with RADIUS Server

Anyone tried WRT54G connected to RADIUS server for wireless authentication? Can anyone tell me how to go through this? I'm currently using Funk Steel Belted Radius.

Access the router ui by http://192.168.1.1 .. logon by entering the password .. go to the "wireless" tab and click on "wireless security" tab....for the security mode , select RADIUS...Enter the ip address of the radius server , the port and the shared key used by the radius server....then set the wep settings...nothing else....

Similar Messages

  • 3850 switch configure with radius server

    wifi useres authenticate with radius server configure required
    Posted by WebUser Raja Sekhar from Cisco Support Community App

    Kindly check the following links for configuring 802.1x
                 http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/security/configuration_guide/b_sec_1501_3850_cg_chapter_0101.html
                 http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/security/configuration_guide/b_sec_1501_3850_cg_chapter_01110.html

  • Dynamic VLAN Assignment with RADIUS Server and Aironet Access Points

    Hi Guys,
    I would like to go for "Dynamic VLAN Assignment with RADIUS Server and Aironet Access Points 1300". I want the AP to broadcast only 1 SSID. The client find the SSID ->put in his user credential->Raudius athentication->assign him to an specific vlan based on his groupship.
    The problem here is that I don't have a AP controller but only configurable Aironet Access Points 1300. I can connect to the radius server, but I am not sure how to confirgure the AP's port, radio port, vlan and SSID.
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml#switch
    I go through some references:
    3.5  RADIUS-Based VLAN Access Control
    As discussed earlier, each SSID is mapped to a default VLAN-ID on the wired side. The IT administrator may wish to impose back end (such as RADIUS)-based VLAN access control using 802.1X or MAC address authentication mechanisms. For example, if the WLAN is set up such that all VLANs use 802.1X and similar encryption mechanisms for WLAN user access, then a user can "hop" from one VLAN to another by simply changing the SSID and successfully authenticating to the access point (using 802.1X). This may not be preferred if the WLAN user is confined to a particular VLAN.
    There are two different ways to implement RADIUS-based VLAN access control features:
    1. RADIUS-based SSID access control: Upon successful 802.1X or MAC address authentication, the RADIUS server passes back the allowed SSID list for the WLAN user to the access point or bridge. If the user used an SSID on the allowed SSID list, then the user is allowed to associate to the WLAN. Otherwise, the user is disassociated from the access point or bridge.
    2. RADIUS-based VLAN assignment: Upon successful 802.1X or MAC address authentication, the RADIUS server assigns the user to a predetermined VLAN-ID on the wired side. The SSID used for WLAN access doesn't matter because the user is always assigned to this predetermined VLAN-ID.
    extract from: Wireless Virtual LAN Deployment Guide
    http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00801444a1.html
    ==============================================================
    Dynamic VLAN Assignment with RADIUS Server and Wireless LAN Controller Configuration Example
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml#switch
    ==============================================================
    Controller: Wireless Domain Services Configuration
    http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801c951f.shtml
    Any help on this issue is appreicated.
    Thanks.

    I'm not sure if the Autonomous APs have the option for AAA Override.  On the WLC, I can go into the BSSID, Security, Advanced, and there's a checkbox that I would check to allow a Radius server to send back the VLAN.
    I did a little research and it looks like the 1300 may give this option but instead is defined as "VLAN Override".  I've found the release notes for 12.3(7)JA5 (not sure what version you're running) that give mention and a link to configuring EAP on page 4: http://www.ciscosystems.ch/en/US/docs/wireless/access_point/1300/release/notes/o37ja5rn.pdf
    Hope this helps

  • EAP-TLS with Radius Server configuration (1130AG)

    Hi All,
    Im currently tryign to get eap-tls user certificate based wireless authentication working. The mismatch of guides im trying to follow has me ocming up trumps with success so far, so heres hoping you guys can right me wrongs and put me on the right path again.
    My steps for radius:- (i think this part ive actually got ok)
    http://technet.microsoft.com/en-us/library/dd283091(v=ws.10).aspx
    Steps for the wirless profile on a win 7 client:- this has me confused all over the place
    http://technet.microsoft.com/en-us/library/dd759246.aspx
    My 1130 Config:-
    [code]
    Current configuration : 3805 bytes
    ! Last configuration change at 11:57:56 UTC Fri Jan 25 2013 by apd
    ! NVRAM config last updated at 14:43:51 UTC Fri Jan 25 2013 by apd
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname WAP1
    aaa new-model
    aaa group server radius RAD_EAP
    server 10.1.1.29 auth-port 1812 acct-port 1813
    aaa authentication login default local
    aaa authentication login EAP_LOGIN group RAD_EAP
    aaa authorization exec default local
    aaa authorization network default local
    aaa session-id common
    ip domain name ************
    dot11 syslog
    dot11 ssid TEST
       authentication open eap EAP_LOGIN
       authentication network-eap EAP_LOGIN
       guest-mode
    crypto pki trustpoint TP-self-signed-1829403336
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-1829403336
    revocation-check none
    rsakeypair TP-self-signed-1829403336
      quit
    username ***************
    ip ssh version 2
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    ssid TEST
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    ssid TEST
    no dfs band block
    channel dfs
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 10.1.2.245 255.255.255.0
    ip helper-address 10.1.1.27
    no ip route-cache
    no ip http server
    ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    radius-server host 10.1.1.29 auth-port 1812 acct-port 1813 key **************
    radius-server key ************
    bridge 1 route ip
    line con 0
    logging synchronous
    transport preferred ssh
    line vty 0 4
    logging synchronous
    transport input ssh
    sntp server 130.88.212.143
    end
    [/code]
    and my current debug
    [code]
    Jan 25 12:00:56.703: dot11_auth_send_msg:  sending data to requestor status 1
    Jan 25 12:00:56.703: dot11_auth_send_msg: Sending EAPOL to requestor
    Jan 25 12:00:56.703: dot1x-registry:registry:dot1x_ether_macaddr called
    Jan 25 12:00:56.703: dot11_auth_dot1x_send_id_req_to_client: Client 74de.2b81.56c4 timer started for 30 seconds
    WAP1#
    Jan 25 12:01:26.698: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,TIMEOUT) for 74de.2b81.56c4
    Jan 25 12:01:26.698: dot11_auth_dot1x_send_client_fail: Authentication failed for 74de.2b81.56c4
    Jan 25 12:01:26.698: dot11_auth_send_msg:  sending data to requestor status 0
    Jan 25 12:01:26.698: dot11_auth_send_msg: client FAILED to authenticate 74de.2b81.56c4, node_type 64 for application 0x1
    Jan 25 12:01:26.699: dot11_auth_delete_client_entry: 74de.2b81.56c4 is deleted for application 0x1
    Jan
    WAP1#25 12:01:26.699: %DOT11-7-AUTH_FAILED: Station 74de.2b81.56c4 Authentication failed
    Jan 25 12:01:26.699: dot11_aaa_upd_accounting: Updating attributes for user: 74de.2b81.56c4
    Jan 25 12:01:26.699: dot11_aaa_upd_accounting: Updating attributes for user: 74de.2b81.56c4
    Jan 25 12:01:26.699: dot11_auth_client_abort: Received abort request for client 74de.2b81.56c4
    Jan 25 12:01:26.699: dot11_auth_client_abort: No client entry to abort: 74de.2b81.56c4 for application 0x1
    Jan 25 12:01:27.580: AAA/BIND(000000
    WAP1#12): Bind i/f
    Jan 25 12:01:27.580: dot11_auth_add_client_entry: Create new client 74de.2b81.56c4 for application 0x1
    Jan 25 12:01:27.580: dot11_auth_initialize_client: 74de.2b81.56c4 is added to the client list for application 0x1
    Jan 25 12:01:27.581: dot11_auth_add_client_entry: req->auth_type 0
    Jan 25 12:01:27.581: dot11_auth_add_client_entry: auth_methods_inprocess: 2
    Jan 25 12:01:27.581: dot11_auth_add_client_entry: eap list name: EAP_LOGIN
    Jan 25 12:01:27.581: dot11_run_auth_methods: Start aut
    WAP1#h method EAP or LEAP
    Jan 25 12:01:27.581: dot11_auth_dot1x_start: in the dot11_auth_dot1x_start
    Jan 25 12:01:27.581: dot11_auth_dot1x_send_id_req_to_client: Sending identity request to 74de.2b81.56c4
    Jan 25 12:01:27.581: EAPOL pak dump tx
    Jan 25 12:01:27.581: EAPOL Version: 0x1  type: 0x0  length: 0x002B
    Jan 25 12:01:27.581: EAP code: 0x1  id: 0x1  length: 0x002B type: 0x1
    01801670:                   0100002B 0101002B          ...+...+
    01801680: 01006E65 74776F72 6B69643D 54455354  ..networkid=TEST
    WAP1#
    01801690: 2C6E6173 69643D41 50445741 50312C70  ,nasid=WAP1,p
    018016A0: 6F727469 643D30                      ortid=0
    Jan 25 12:01:27.582: dot11_auth_send_msg:  sending data to requestor status 1
    Jan 25 12:01:27.582: dot11_auth_send_msg: Sending EAPOL to requestor
    Jan 25 12:01:27.582: dot1x-registry:registry:dot1x_ether_macaddr called
    Jan 25 12:01:27.583: dot11_auth_dot1x_send_id_req_to_client: Client 74de.2b81.56c4 timer started for 30 seconds
    WAP1#
    [/code]
    Can anyone point me in the right direction with this?
    i also dont like it that you can attempt to join the network first before failing
    can i have user cert based + psk? and then apply it all by GPO
    Thanks for any help

    ok ive ammdened the wireless profile as suggested
    i already have the root ca and a user certificate installed with matching usernames
    I had already added the radius device to the NPS server and matched the keys to the AP
    now heres the debug im getting, when i check the NPS server, still doesnt look like its getting any requests at all :|
    Jan 29 11:53:13.501: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,TIMEOUT) for 74de.2b81.56c4
    Jan 29 11:53:13.501: dot11_auth_dot1x_send_client_fail: Authentication failed for 74de.2b81.56c4
    Jan 29 11:53:13.501: dot11_auth_send_msg:  sending data to requestor status 0
    Jan 29 11:53:13.501: dot11_auth_send_msg: client FAILED to authenticate 74de.2b81.56c4, node_type 64 for application 0x1
    Jan 29 11:53:13.501: dot11_auth_delete_client_entry: 74de.2b81.56c4 is deleted for application 0x1
    Jan
    WAP1#29 11:53:13.501: dot11_mgr_disp_callback: Received message from Local Authenticator
    Jan 29 11:53:13.501: dot11_mgr_disp_callback: Received FAIL from Local Authenticator
    Jan 29 11:53:13.501: dot11_mgr_sm_run_machine: Executing Action(BRIDGE,AUTHENTICATOR_FAIL) for 74de.2b81.56c4
    Jan 29 11:53:13.502: dot11_mgr_sm_send_client_fail: Authentication failed for 74de.2b81.56c4
    Jan 29 11:53:13.502: %DOT11-7-AUTH_FAILED: Station 74de.2b81.56c4 Authentication failed
    Jan 29 11:53:13.502: dot11_mgr_disp_auth_abort
    WAP1#: Sending abort request for client 74de.2b81.56c4 to local Authenticator
    Jan 29 11:53:13.502: dot11_auth_client_abort: Received abort request for client 74de.2b81.56c4
    Jan 29 11:53:13.502: dot11_auth_client_abort: No client entry to abort: 74de.2b81.56c4 for application 0x1
    Jan 29 11:53:14.619: AAA/BIND(00000019): Bind i/f
    Jan 29 11:53:14.619: dot11_mgr_disp_auth_request: Send auth request for client 74de.2b81.56c4 to local Authenticator
    Jan 29 11:53:14.619: dot11_auth_add_client_entry: Create new c
    WAP1#lient 74de.2b81.56c4 for application 0x1
    Jan 29 11:53:14.620: dot11_auth_initialize_client: 74de.2b81.56c4 is added to the client list for application 0x1
    Jan 29 11:53:14.620: dot11_auth_add_client_entry: req->auth_type 0
    Jan 29 11:53:14.620: dot11_auth_add_client_entry: auth_methods_inprocess: 2
    Jan 29 11:53:14.620: dot11_auth_add_client_entry: eap list name: EAP_LOGIN
    Jan 29 11:53:14.620: dot11_run_auth_methods: Start auth method EAP or LEAP
    Jan 29 11:53:14.620: dot11_auth_dot1x_start: in the dot11
    WAP1#_auth_dot1x_start
    Jan 29 11:53:14.620: dot11_auth_dot1x_send_id_req_to_client: Sending identity request to 74de.2b81.56c4
    Jan 29 11:53:14.620: EAPOL pak dump tx
    Jan 29 11:53:14.621: EAPOL Version: 0x1  type: 0x0  length: 0x002B
    Jan 29 11:53:14.621: EAP code: 0x1  id: 0x1  length: 0x002B type: 0x1
    01808560: 0100002B 0101002B 01006E65 74776F72  ...+...+..networ
    01808570: 6B69643D 54455354 2C6E6173 69643D41  kid=TEST,nasid=A
    01808580: 50445741 50312C70 6F727469 643D30    WAP1,portid=0
    Jan 29 11:53
    WAP1#:14.621: dot11_auth_send_msg:  sending data to requestor status 1
    Jan 29 11:53:14.621: dot11_auth_send_msg: Sending EAPOL to requestor
    Jan 29 11:53:14.622: dot11_mgr_disp_callback: Received message from Local Authenticator
    Jan 29 11:53:14.622: dot11_mgr_disp_callback: Received DOT11_AAA_EAP from Local Authenticator
    Jan 29 11:53:14.622: dot11_mgr_sm_run_machine: Executing Action(BRIDGE,AUTHENTICATOR_REPLY) for 74de.2b81.56c4
    Jan 29 11:53:14.622: dot11_mgr_sm_send_response_to_client: Forwarding Authenti
    WAP1#cator message to client 74de.2b81.56c4
    Jan 29 11:53:14.622: EAPOL pak dump tx
    Jan 29 11:53:14.622: EAPOL Version: 0x1  type: 0x0  length: 0x002B
    Jan 29 11:53:14.622: EAP code: 0x1  id: 0x1  length: 0x002B type: 0x1
    01808690:                   0100002B 0101002B          ...+...+
    018086A0: 01006E65 74776F72 6B69643D 54455354  ..networkid=TEST
    018086B0: 2C6E6173 69643D41 50445741 50312C70  ,nasid=WAP1,p
    018086C0: 6F727469 643D30                      ortid=0
    Jan 29 11:53:14.623: dot1x-regi

  • WLC not integrating with Radius Server

    Hello world,
    I have the following situation:
    One WLC 2000 Series (software version 7.0.230.0) with multiple SSID`s, one is with 802.1x integrated with a Radius Server.
    Everything worked fine until fiew days ago, when users were unable to logon via they`re certificates on Windows XP.
    The infrastracture didn`t suffer modifications.
    What i have checked: Radius certification isn`t expired, client certification isn`t expired, the password between controller and Radius is correct.
    There are no ACL`s between the WLC and the remote Server. I can ping the devices, other SSIDs on the same controller (wpa/psk) are working correct.
    The AP`s are 1242.
    I have tried deleting the SSID, configure it back. The OS on Windows Server is  2003 Standard. The AP`s are configured H-Reap.
    I have increased the Server Timeout from Radius Authentication Servers from 2 to 30 sec.
    The message logs recived on WLC Trap Logs:
    RADIUS server X.X.X.X:1812 failed to respond to request (ID 161) for client xx.xx.xx.xx.xx.xx/ user 'unknown'
    The message from the debug dot1x aaa enable:
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_CALLING_STATION_ID(31) index=1
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_CALLED_STATION_ID(30) index=2
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_NAS_PORT(5) index=3
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_INT_CISCO_AUDIT_SESSION_ID(7) index=4
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_NAS_IP_ADDRESS(4) index=5
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_NAS_IDENTIFIER(32) index=6
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_VAP_ID(1) index=7
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_SERVICE_TYPE(6) index=8
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_FRAMED_MTU(12) index=9
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_NAS_PORT_TYPE(61) index=10
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_EAP_MESSAGE(79) index=11
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_RAD_STATE(24) index=12
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Adding AAA_ATT_MESS_AUTH(80) index=13
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df AAA EAP Packet created request = 0x1cff348c.. !!!!
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df Sending EAP Attribute (code=2, length=6, id=10) for mobile xx.xx.xx.xx.xx.xx.
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00000000: 02 0a 00 06 0d 00                                 ......
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.318: 00:15:e9:33:75:df [BE-req] Sending auth request to 'RADIUS' (proto 0x140001)
    *radiusTransportThread: Mar 06 09:37:07.328: 00:15:e9:33:75:df [BE-resp] AAA response 'Interim Response'
    *radiusTransportThread: Mar 06 09:37:07.328: 00:15:e9:33:75:df [BE-resp] Returning AAA response
    *radiusTransportThread: Mar 06 09:37:07.328: 00:15:e9:33:75:df AAA Message 'Interim Response' received for mobile xx.xx.xx.xx.xx.xx.
    *Dot1x_NW_MsgTask_7: Mar 06 09:37:07.329: 00:15:e9:33:75:df Skipping AVP (0/27) for mobile xx.xx.xx.xx.xx.xx.
    The messages on Windows 2003 Standard:
    User Y was denied access.
    Fully-Qualified-User-Name = xx.domain.com/Users_T/user
    NAS-IP-Address = X.X>X.X
    NAS-Identifier = Cisco_
    Called-Station-Identifier = ---------------------
    Calling-Station-Identifier = ---------------------
    Client-Friendly-Name = ---------------------
    Client-IP-Address = ---------------------
    NAS-Port-Type = Wireless - IEEE 802.11
    NAS-Port = 1
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = Wireless Policy
    Authentication-Type = EAP
    EAP-Type = Smart Card or other certificate
    Reason-Code = 262
    Reason = The supplied message is incomplete.  The signature was not verified.User Y was denied access.
    Fully-Qualified-User-Name = xx.domain.com/Users_T/user
    NAS-IP-Address = X.X>X.X
    NAS-Identifier = Cisco_
    Called-Station-Identifier = ---------------------
    Calling-Station-Identifier = ---------------------
    Client-Friendly-Name = ---------------------
    Client-IP-Address = ---------------------
    NAS-Port-Type = Wireless - IEEE 802.11
    NAS-Port = 1
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = Wireless Policy
    Authentication-Type = EAP
    EAP-Type = Smart Card or other certificate
    Reason-Code = 262
    Reason = The supplied message is incomplete.  The signature was not verified.
    Can anyone help why i cannot log the users via 802.1x ?

    Okay that is good..... this is what I would do next.  I would create a test ssid that uses PEAP MSchapv2 and create a new policy in IAS that is basic.  Allow 802.1x wireless and user group only and see if you can reconfigure one of the XP machines for PEAP.  Can you also post a screen shot of your polices (connection and network) so we can review it. 

  • Problems with Radius Server

    Hi
    I am trying to setup the Radius server on my Mac OSX 10.5.2 server. I have two Airport Extreme 802.11n base stations connected to my network, one which we use normally for wireless access and another that I am using to test and get the Radius Server configured. One has an address of 192.168.10.5 and the other is 192.168.10.6. All my wireless clients can browse the net without any issues.
    When I go into Server Admin and select Radius and then Configure Radius Service, I select the default certificate and am then presented with a screen where I add my base stations. Now, the puzzling thing is that both of my base stations appear, but they are showing 169.254.xxx.xxx addresses. So, my first question is why do they show self assigned IPs? Is it because they are being found using Bonjour?
    If I then back out of this screen and select the Base Stations icon in the menu, I can click browse and again it shows the AEBSs but again with a self assigned IP. Another interesting point is that if I select my normal base station, in the info below it shows the Ethernet and Airport ID info showing V7.3.1 software version but a picture of the old dome shape Airport Extreme Base Station. If I select the test base station, I get the same info but THE RIGHT PICTURE !
    If I then select the test base station and enter the password, it says it's the wrong password, even though I know it's the right one.
    I'd like to get past this point, but can't see how to proceed until the IPs are right. What's going on? Any ideas gratefully received.
    Paul

    I have just purchased a new AirPort Extreme to begin testing to rollout wireless using RADIUS on our Mac OS X 10.5 server.
    I am having a bit of trouble setting up the actual base station. I too was having the same problem with the IP address showing up on the RADIUS server as self-assigned 169. but noticed that when I changed the Primary RADIUS IP address to something different to the AirPorts Ethernet IP address it showed up correctly. Maybe I am wrong but that's what I think happened.
    The problem I am having is this: I have created a wireless RADIUS network. My client was able to log in and connect to the wireless system, but I am not getting any DHCP information from my DHCP server running on Mac OS X Server. What am I doing wrong. What settings should be entered for Primary RADIUS IP Address, Shared Secret, etc. I am a bit confused an Apple hasn't provided technical documentation on this aspect.
    Help!

  • Web authentication with Radius server problem

    Hello,
    I'm having problem to web authenticate users via radius server for one WLC. Here is the outpu from WLC:
    *emWeb: Mar 26 14:17:31.537: 20:7d:xx:xx:d8:f0 Username entry (aaaaaa) created for mobile, length = 7
    *emWeb: Mar 26 14:17:31.537: 20:7d:xx:xx:d8:f0 Username entry (aaaaaa) created in mscb for mobile, length = 7
    *aaaQueueReader: Mar 26 14:17:31.537: Unable to find requested user entry for aaaaaa
    *aaaQueueReader: Mar 26 14:17:31.537: ReProcessAuthentication previous proto 8, next proto 1
    *aaaQueueReader: Mar 26 14:17:31.537: AuthenticationRequest: 0x1e08eb94
    *aaaQueueReader: Mar 26 14:17:31.538:   Callback.....................................0x10908d90
    *aaaQueueReader: Mar 26 14:17:31.538:   protocolType.................................0x00000001
    *aaaQueueReader: Mar 26 14:17:31.538:   proxyState...................................20:7D:xx:xx:D8:F0-00:00
    *aaaQueueReader: Mar 26 14:17:31.538:   Packet contains 11 AVPs (not shown)
    *aaaQueueReader: Mar 26 14:17:31.538: apfVapRadiusInfoGet: WLAN(1) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
    *aaaQueueReader: Mar 26 14:17:31.538: 20:7d:xx:xx:d8:f0 Successful transmission of Authentication Packet (id 67) to 10.xx.33.249:1645, proxy state 20:7d:xx:xx:d8:f0-00:01
    *aaaQueueReader: Mar 26 14:17:31.538: 00000000: 01 43 00 8c 48 7c a7 ff  df 06 53 30 c0 be e1 8e  .C..H|....S0....
    *aaaQueueReader: Mar 26 14:17:31.538: 00000010: d7 fd 8b d3 01 09 73 65  66 72 73 76 65 02 12 7b  ......aaaaaa..{
    *aaaQueueReader: Mar 26 14:17:31.538: 00000020: ae 2e f5 eb fa cf f5 cc  3b 08 65 d7 04 0e ba 06  ........;.e.....
    *aaaQueueReader: Mar 26 14:17:31.538: 00000030: 06 00 00 00 01 04 06 0a  2e 09 14 05 06 00 00 00  ................
    *aaaQueueReader: Mar 26 14:17:31.538: 00000040: 0d 20 0d 73 65 76 73 74  2d 6c 77 63 31 30 3d 06  ...xxxxx-lwc10=.
    *aaaQueueReader: Mar 26 14:17:31.538: 00000050: 00 00 00 13 1a 0c 00 00  37 63 01 06 00 00 00 01  ........7c......
    *aaaQueueReader: Mar 26 14:17:31.538: 00000060: 1f 0e 31 39 32 2e 31 36  38 2e 31 2e 36 31 1e 0c  ..192.168.1.61..
    *aaaQueueReader: Mar 26 14:17:31.538: 00000070: 31 30 2e 34 36 2e 39 2e  32 30 50 12 95 11 7c d9  10.xx.9.20P...|.
    *aaaQueueReader: Mar 26 14:17:31.538: 00000080: 75 8e 01 6e bf 62 38 f8  38 ab 68 4a              u..n.b8.8.hJ
    *radiusTransportThread: Mar 26 14:17:31.603: 00000000: 03 43 00 14 e5 8c e7 75  52 04 af e0 07 b7 fb 96  .C.....uR.......
    *radiusTransportThread: Mar 26 14:17:31.603: 00000010: c1 4a fb 40                                       .J.@
    *radiusTransportThread: Mar 26 14:17:31.603: ****Enter processIncomingMessages: response code=3
    *radiusTransportThread: Mar 26 14:17:31.603: ****Enter processRadiusResponse: response code=3
    *radiusTransportThread: Mar 26 14:17:31.603: 20:7d:xx:xx:d8:f0 Access-Reject received from RADIUS server 10.xx.33.249 for mobile 20:7d:xx:xx:d8:f0 receiveId = 0
    *radiusTransportThread: Mar 26 14:17:31.603: ReProcessAuthentication previous proto 1, next proto 2
    *radiusTransportThread: Mar 26 14:17:31.603: AuthenticationRequest: 0x1da9fa4c
    *radiusTransportThread: Mar 26 14:17:31.603:    Callback.....................................0x10908d90
    *radiusTransportThread: Mar 26 14:17:31.603:    protocolType.................................0x00000002
    *radiusTransportThread: Mar 26 14:17:31.603:    proxyState...................................20:7D:xx:xx:D8:F0-00:00
    *radiusTransportThread: Mar 26 14:17:31.603:    Packet contains 11 AVPs (not shown)
    *radiusTransportThread: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Returning AAA Error 'No Server' (-7) for mobile 20:7d:xx:xx:d8:f0
    *radiusTransportThread: Mar 26 14:17:31.605: AuthorizationResponse: 0x2dd03648
    *radiusTransportThread: Mar 26 14:17:31.605:    structureSize................................32
    *radiusTransportThread: Mar 26 14:17:31.605:    resultCode...................................-7
    *radiusTransportThread: Mar 26 14:17:31.605:    protocolUsed.................................0x00000002
    *radiusTransportThread: Mar 26 14:17:31.605:    proxyState...................................20:7D:xx:xx:D8:F0-00:00
    *radiusTransportThread: Mar 26 14:17:31.605:    Packet contains 0 AVPs:
    *emWeb: Mar 26 14:17:31.605: Authentication failed for aaaaaa
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Username entry deleted for mobile
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Plumbing web-auth redirect rule due to user logout
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 192.168.1.61 WEBAUTH_REQD (8) Deleting mobile policy rule 42461
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Adding Web RuleID 42464 for mobile 20:7d:xx:xx:d8:f0
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Web Authentication failure for station
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 192.168.1.61 WEBAUTH_REQD (8) Reached ERROR: from line 5069
    That was pretty clear for me that Radius is refusing to give user access.
    Fully-Qualified-User-Name = NMEA\aaaaaa
    NAS-IP-Address = 10.xx.9.20
    NAS-Identifier = xxxxx-lwc10
    Called-Station-Identifier = 10.xx.9.20
    Calling-Station-Identifier = 192.168.1.61
    Client-Friendly-Name = YYY10.xx
    Client-IP-Address = 10.xx.9.20
    NAS-Port-Type = Wireless - IEEE 802.11
    NAS-Port = 13
    Proxy-Policy-Name = Use Windows authentication forall users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = YYYYY Wireless Users
    Authentication-Type = PAP
    EAP-Type = <undetermined>
    Reason-Code = 66
    Reason = The user attempted to use an authentication method that is not enabled on the matching remote access policy
    That output is from WLC 5508 version 7.0.235
    What is strange, that user was able to authenticate from other before refresh WLC 4402 ver 4.2.207. I cannot change WLC because of AP which cannot run old version.
    this is output from working client connection from old WLC
    NAS-IP-Address = 10.xx.9.13
    NAS-Identifier = xxxxx-lwc03
    Client-Friendly-Name = YYY10.46
    Client-IP-Address = 10.xx.9.13
    Calling-Station-Identifier = 192.168.19.246
    NAS-Port-Type = <not present>
    NAS-Port = <not present>
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = YYYYY Wireless Guest Access
    Authentication-Type = PAP
    EAP-Type = <undetermined>
    I know there is different Policy Name used, but my question is why it is not using the same as on old WLC when configuration is same.
    Is there any way I can force users to use different policy from WLC or AP configuration or is this solely configuration of Radius?
    Is it maybe problem of version 7.0.235?
    Any toughts would be much appriciated.

    Scott,
    You are probably right. The condition that is checked for the first policy name (we have 2) is to match
    NAS-Port-Type = Wireless - IEEE 802.11, and this is basically used to differentiate guests from other company users.
    as you can see from the logs the one that is working correctly is not sending NAS-Port-Type. The question is why.
    As I said before.
    WLC 5508 ver. 7.0.235 is sending NAS-Port-Type
    WLC 4402 ver. 4.2.207 is not.
    The same user was working OK on 4402 WLC and after refresh and associating APs to 5508 it all broke, so client did not changed anything on adapter.

  • RADIUS Server is Unreachable

    Hi All
    i am using Cisco 3640 router.i have a problem with radius server.
    i did basic aaa configuration but i still have problem...the problem is
    01:30:39: RADIUS: Initial Transmit id 6 171.68.118.115:1645,
    Access-Request, Len 67
    01:30:39: Attribute 4 6 0A1F0196
    01:30:39: Attribute 61 6 00000000
    01:30:39: Attribute 1 11 70726F78
    01:30:39: Attribute 2 18 E552A3E5
    01:30:39: Attribute 6 6 00000005
    01:30:44: RADIUS: Retransmit id 6
    01:30:49: RADIUS: Retransmit id 6
    01:30:59: RADIUS: Marking server 171.68.118.115 dead
    01:30:59: RADIUS: Tried all servers.
    01:30:59: RADIUS: No valid server found. Trying any viable server
    01:30:59: RADIUS: Tried all servers.
    01:30:59: RADIUS: No response for id 6
    01:30:59: RADIUS: No response from server
    01:30:59: AAA/AUTHEN (1597176845): status = ERROR
    Can anyone help me....
    Thanks

    Dear Rick,
    thanks for your reply.
    We have check all options you've mentioned one by one. All are ok.
    - We can ping - and get reply back
    - No firewalls - direct connection via ethernet
    We connected the same Radius server directly to a 4000 series Cisco Router and it worked fine.
    When we use the same commands and setup on the Cisco 3640 we get the above message.
    - Could it be the ethernet ports?
    - or maybe the IOS of the router?
    The IOS is: IOS (tm) 3600 Software (C3640-IK9S-M), Version 12.2(17a),
    Any help will be much appreciated,
    Kind Regards
    Shefik
    ==================
    sh version:
    isco Internetwork Operating System Software
    IOS (tm) 3600 Software (C3640-IK9S-M), Version 12.2(17a), RELEASE SOFTWARE (fc1)
    Copyright (c) 1986-2003 by cisco Systems, Inc.
    Compiled Thu 19-Jun-03 11:24 by pwade
    Image text-base: 0x60008930, data-base: 0x61296000
    ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
    ISPACCESS uptime is 1 day, 2 hours, 24 minutes
    System returned to ROM by power-on
    System image file is "flash:c3640-ik9s-mz.122-17a.bin"
    cisco 3640 (R4700) processor (revision 0x00) with 125952K/5120K bytes of memory.
    Processor board ID 17632609
    R4700 CPU at 100Mhz, Implementation 33, Rev 1.0
    Bridging software.
    X.25 software, Version 3.0.0.
    SuperLAT software (copyright 1990 by Meridian Technology Corp).
    2 FastEthernet/IEEE 802.3 interface(s)
    DRAM configuration is 64 bits wide with parity disabled.
    125K bytes of non-volatile configuration memory.
    32768K bytes of processor board System flash (Read/Write)
    Configuration register is 0x2102
    Building configuration...
    Current configuration : 1136 bytes
    version 12.2
    service config
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    hostname ISPACCESS
    aaa new-model
    aaa group server radius test
    server 202.52.62.104 auth-port 1812 acct-port 1813
    aaa authentication login secure1 group test
    aaa authentication ppp default group radius
    aaa authorization network default group radius
    enable secret 5
    username xxxx password 7
    username xxxxx password 7
    ip subnet-zero
    call rsvp-sync
    interface FastEthernet0/0
    ip address 192.168.1.250 255.255.255.0
    duplex auto
    speed auto
    interface FastEthernet0/1
    ip address 220.245.140.46 255.255.255.248
    ip access-group 115 in
    duplex auto
    speed auto
    ip classless
    ip route 0.0.0.0 0.0.0.0 220.245.140.41
    ip http server
    access-list 115 permit tcp any any
    radius-server host 202.52.62.104 auth-port 1812 acct-port 1813
    radius-server key 7
    dial-peer cor custom
    privilege exec level 7 clear line
    line con 0
    password 7
    line aux 0
    line vty 0 3
    password 7
    line vty 4
    login authentication secure1
    end

  • WLC- dynamic Vlan assignment with Radius

    Hello, we would like to use this feature in our company and because of that I am now testing it. But I found one problem.
    I created one testing SSID and two Vlans on WLC. On ACS I use an IETF atributes (064,065,081) for my account and I am changing Vlan ID (081) during testing.
    It works with LEAP but when I use PEAP-GTC (which we use commonly in our company) the ip address is not assigned properly (ip which was assigned before remains).
    Could you please help me?

    There is good document which explains how to configure Dynamic VLAN Assignment with RADIUS Server and Wireless LAN Controller. This will help you. You will find the document at http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml

  • WLC "radius server overwrite interface" setting

    Hello
    I'm looking at using "radius server overwrite interface" on a WLAN as a replacement for Called-Station-ID for Radius to match on SSID.
    When I enable "radius server overwrite interface" on a WLAN and join a client to the SSID I can see (via packet capture) that the WLC is correctly sourcing the Radius packets with the WLAN's "dynamic" interface IP Address. The problem is that the Radius server doesn't repond to these requests. Radius is configured with rules to match the new IP address but I see nothing (pass or fail) in the logs.
    Interestingly, the packet captures shows the correct NAS IP address (the WLAN interface IP Address) but always shows the WLC hostname as NAS-ID (regardless of NAS-ID settings on the WLAN or WLAN interface)
    I've tried WLC software 7.4.110.0, 7.4.121.0 and 7.6.100.0 with the same results but Radius never responds. Radius is Cisco ACS 5.5.0.46. Any ideas as to why this is happening?
    Thanks
    Andy

    Hi Scott
    installed ACS 5.4 0.46.6 and I still have the same problem - ACS doesn't respond to request from WLC when  "radius server overwrite interface" is enabled on WLAN and nothing appears in the logs. With  "radius server overwrite interface" disabled on the WLAN, authentication is a success and I can see this in the logs.
    I had a look a the packet captures I took earlier and the attributes in the Access-Request look ok - the only attribute I wasn't sure about was Message-Authenticator. Found this ietf document http://www.ietf.org/rfc/rfc2869.txt which mentions "silent discards" of Radius packets with non existent or incorrect Message-Authenticator attributes. I'm not sure if this is what I'm seeing on ACS when it receives the  "radius server overwrite interface" Access-Request packets. ACS is under contract so I will contact TAC about this.
    Mt production ACS cluster was upgraded from latest version of 5.3 to 5.5 with no loss of historic logs (logging after upgrade worked fine also). The upgrade did take a while with the log-collector. When it had completed I checked the Data Upgrade Status under Monitoring configuration and it showed that the upgrade was successful.
    Thanks for your help with this.
    Cheers
    Andy

  • Cisco ISE with both internal and External RADIUS Server

    Hi
    I have ISE 1.2 , I configured it as management monitor and PSN and it work fine
    I would like to know if I can integrate an external radius server and work with both internal and External RADIUS Server simultanously
    So some computer (groupe_A in active directory ) will continu to made radius authentication on the ISE internal radius and other computer (groupe_B in active directory) will made radius authentication on an external radius server
    I will like to know if it is possible to configure it and how I can do it ?
    Thanks in advance for your help
    Regards
    Blaise

    Cisco ISE can function both as a RADIUS server and as a RADIUS proxy server. When it acts as a proxy server, Cisco ISE receives authentication and accounting requests from the network access server (NAS) and forwards them to the external RADIUS server. Cisco ISE accepts the results of the requests and returns them to the NAS.
    Cisco ISE can simultaneously act as a proxy server to multiple external RADIUS servers. You can use the external RADIUS servers that you configure here in RADIUS server sequences. The External RADIUS Server page lists all the external RADIUS servers that you have defined in Cisco ISE. You can use the filter option to search for specific RADIUS servers based on the name or description, or both. In both simple and rule-based authentication policies, you can use the RADIUS server sequences to proxy the requests to a RADIUS server.
    The RADIUS server sequence strips the domain name from the RADIUS-Username attribute for RADIUS authentications. This domain stripping is not applicable for EAP authentications, which use the EAP-Identity attribute. The RADIUS proxy server obtains the username from the RADIUS-Username attribute and strips it from the character that you specify when you configure the RADIUS server sequence. For EAP authentications, the RADIUS proxy server obtains the username from the EAP-Identity attribute. EAP authentications that use the RADIUS server sequence will succeed only if the EAP-Identity and RADIUS-Username values are the same.

  • Exchange Server 2013 with RADIUS authentication

    Hello,
    I am a student and doing an internship. I have to test Microsoft Exchange Server 2013.
    I am using Windows Server 2012, I already installed Exchange Server 2013 on it and everything works as intended.
    But I couldn't find out how to configure my Windows Server 2012 in order to authenticate my mailbox users from Exchange Server 2013 with a RADIUS server which is not on my Windows Server 2012. I have to use their RADIUS server, the RADIUS server from the
    company where I am doing my internship.
    I already created a NPS and added the RADIUS Client + Remote RADIUS Server Groups. I created a Connection Request Policies with the condition:
    User Name *
    I forwarded the Connection Request to the Remote RADIUS server that I created in Remote RADIUS Server Groups and then I registered the NPS in th AD. But it's still not working. 
    Maybe I did something wrong or I misunderstood something or does this even work with Exchange Server 2013? To authenticate mailbox users with a RADIUS server before they can login into their mailbox and use their mailbox?
    Thanks in advance.

    On Wed, 26 Mar 2014 09:21:25 +0000, DavidIntern wrote:
    I already put the NPS as a RADIUS proxy. I followed this check list http://technet.microsoft.com/en-us/library/cc772591.aspx
    But the things is I want to make it work with our freeRADIUS2 that we have in place here. Without changing our freeRADIUS2. But I found out this is not possible since we are not using any Active Directory with it. Since I am still a newbie in this environment,
    I am not sure if it is possible.
    But my main question was if it was possible to use freeRADIUS2 and that my NPS would be the RADIUS proxy. So my question is answered, if I understood right, without making any changes to our freeRADIUS2 this is not going to be possible right? Because we have
    no AD?
    Our setup is freeRADIUS2 + MySQL database where all the users are stored.
    As I mentioned in my previous response this really isn't the right place
    for this question but why would you want to try to use a MySQL store for
    authenticating against Exchange in the first place when you've already got
    an authentication store (Active Directory) that is tightly integrated with
    Exchange?
    I still really don't understand what it is you're trying to accomplish nor
    why you're trying to use such a complicated, convoluted method to
    authenticate Exchange users.
    Paul Adare - FIM CM MVP
    Any sufficiently advanced bug is indistinguishable from a feature.

  • Exchange Server 2013 with a RADIUS server (freeRADIUS).

    Hello,
    I am a student and doing an internship. I have to test Microsoft Exchange Server 2013.
    I am using Windows Server 2012, I already installed Exchange Server 2013 on it and everything works as intended.
    But I couldn't find out how to configure my Windows Server 2012 in order to authenticate my mailbox users from Exchange Server 2013 with a RADIUS server which is not on my Windows Server 2012. I have to use their RADIUS server (freeRADIUS), the RADIUS server
    from the company where I am doing my internship.
    I already created a NPS and added the RADIUS Client + Remote
    RADIUS Server Groups. I created a Connection Request Policies with the condition:
    User Name *
    I forwarded the Connection Request to the
    Remote RADIUS server that I created in Remote RADIUS Server Groups and then I registered the NPS in th AD. But it's still not working. 
    Maybe I did something wrong or I misunderstood something or does this even work with Exchange Server 2013? To authenticate mailbox users with a RADIUS server before they can login into their mailbox and use their mailbox?
    Thanks in advance.

    Hi,
    I suggest we refer to the following article to double confirm the Network Policy Server is registered properly.
    http://technet.microsoft.com/library/cc732912.aspx
    Thanks,
    Simon Wu
    TechNet Community Support

  • Server 2008 R2 RADIUS Server with a Cisco Aironet 1040 Wireless AP

    I am trying to get Server 2008 R2 RADIUS Server to work with a Cisco Aironet 1040 Wireless AP. I have installed the RADIUS server by MS standards and performed some searches on Google to configure the Cisco Aironet. I see others using a Wireless LAN Controller, which I do not have. I found this post below:
    https://supportforums.cisco.com/discussion/11546056/wlc-2504-radius-2008-r2-server
    But I have yet to locate a good step by step document on how to set it up and I have found so many different ways that others have set it up, but none have yet to work. I am having authentication issues that I have know of and I do not see any errors in the Windows Event Viewer and I do not know where the Acess Point stores it logs for any sort of error. Keep in mind this is the first time I am doing this. I do not have a Wireless LAN Controller and all my network / domain services are on individually built servers and not on one single server as I have seen with most of the documentation they all say the same thing by putting the Certificate Services, Domain Services (AD / ADS, etc), and NPS. I do not want that configuration and my setup should not be any different, but something is not right. I know from reading that this is not rocket science, but from someone who has never done it before this is difficult as I keep reading on and so many people do it different ways including what I have been reading according to what Cisco says to configure in the environment. Does anyone know where I can find good step by step documentation along with where I can look for logs on either device? I find that all the documentation I see on Cisco's website and from searching that it is old and outdated and not been updated in a long time so it is hard to determine what works and what does not work. I am stumped here and have been doing this for several weeks now with no luck. Thank you in advance.

    I did configure the Server 2008 R2 RADIUS Server using this video below: 
    https://www.youtube.com/watch?v=g-0MM_tK-Tk
    I also referenced Technet to make sure it was configured correctly as well. I am still not sure if I am 100% setup correctly on the Windows Server side, but I for sure want to make sure I have the AP side setup correctly. Do you know of a better article for the Windows Server 2008 R2 setup? Does it matter that I do not have all the services installed on the same server? Instead I have them installed on multiple servers.
    I have image number c1140-k9w7-tar.124.25d.JA1 on the AP. The part that confused me in that article, which I have seen before was the part about "Setting up access point must be configured in the authentication server as an AAA client." What is the AAA Client? I also am not aware of having Cisco Secure ACS anywhere built into the AP as that part through me off completely. Do I need to skip these steps? Thank you for help on this.

  • Authentication Policy ISE with External RADIUS Server

    Hi All,
    I would like to authenticate client by using External RADIUS. Once I create authentication policy using the new compound condition (wireless dot1x + Radius Username Matches "domainB\") I would like to forward the user authentication who make an authen using domainB\username to the External RADIUS Server Sequence. But when I check on the authentication dashboard, it still authenticate using the default authentication rule.
    Please suggest about this scenario.
    Regards,
    Sent from Cisco Technical Support Android App

    Hi jrabinow,
    Which details you would like to see ?
    Here is some infos.
    ISEs are deployed in 2 domains such as "acme.com" and "sub.acme.com"
    Each domain does not make a trusted relationship so these 2 domains cannot communicate between them.
    Each domain has owned Enterprise Root CA (Microsoft)
    Client who need to access the network need to authenticate with EAP-TLS.
    My environment
    My ISE node joined into domain "acme.com"
    User will be "[email protected]"
    Once the user from "[email protected]" try to authenticate, I would like to forward the RADIUS request from ISEs (acme.com) to other ISEs (sub.acme.com)
    After ISEs in "sub.acme.com" return RADIUS-ACCEPT then ISEs in "acme.com" will process an authorization policy.
    Regards,
    Pongsatorn

Maybe you are looking for

  • Save and Save As do not work

    Hi all, i'm feeling really stupid asking this question, but after an import from Data Dictionary (from an Oracle 9i Database) y can see the tables, relationships, etc, but when trying to Save (or Save As) and setting the right values on the "file/dir

  • IBooks not downloading my books?

    So im on the iBooks store looking through free books and then I find like 10 that I like. (on my mac air btw) So I download them. Normally when i'm downloading books it takes like a few minutes, but now i'm downloading books and its taking like 2 day

  • SO_OBJECT_SEND - Email failure notification

    Hi all, I have an issue with Email failure notification. The requirement is if an email is not delivered to the receiver, I need a failure notification to some alias so that the original email can be re send. The function module used to send email is

  • Hi how can i unlock my iphone to any sim

    i got iphone 4 and want to unlock it o any sim to all the country please help if you know how to do it thanks

  • Oracle RAC server's IP and Subnetmask change

    Oracle DB Version:10.2.0.3.0 OS version : RedHat linux 4 Number of Nodes: 2 We need to move our RAC db servers from Atlanta to NJ. This move requires IP and subnet mask change. How we can do this chanse in for nodeapps / CRS components?