authentication open for debugging of the aaa on Powerconnect
Hello
We put in place of the switches to use RADIUS. In order to check if all clients authenticate as we think they do, it would be nice to issue a command as they have in Cisco switches "open authentication". This allows 802. 1 x do its work, but allow the customer through anyway. In this way, you can see if the 802. 1 x has failed or succeeded, without worrying about end users.
Is there a similar function in Dell Powerconnect?
Concerning
Kjetil
I looked through several different options to see if the switch can be manipulated to perform the same action as the open authentication, but I couldn't find a way. I thought that the computer-vlan command would work. But with that VLAN must be different from the authenticated VLAN.
Page 508 of the user's guide has a detailed example that you can follow.
Expand each step you need to take to implement. Then during the hours full no implement and test. Be sure to have a backup of the current configuration.
Tags: Dell Switches
Similar Questions
-
Fastest way for debugging on the device of JDE
Hi all
I'm new to the development of BB and struggling to find a way to debug on device effectively. My application has a lot of comm of bluetooth in him so most debugging should occur on the device instead of Simulator (please, correct me if this is not true). Here's my development/debugging process.
1. change the code
2. generate the code
3. the signal code
4. connect device to Desktop Manager via the USB cable
5. delete a previous version of my application
6. load the latest version of my application
7. connect to the device using JDE
8. install a device app
My quesitons are...
1 should I sign the code whenever I have rebuild?
2. is there a more effective way to get the latest version on the device instead of uninstalling then reinstall via Desktop Manager (it takes forever).
There MUST be a better way. Thanks in advance to all those who answer. =)
1. Yes, you sign cod every time after reconstruction you have for debugging on the device.
2. you can load application in the device in various ways. If you use the Desktop Manager, you need to go if the steps you mentioned.
But most developers use javaloader (JDE bin directory) to get the latest version in the device during development.
To do this, run the following command from the bin directory:
JavaLoader-u load applicationName.cod
Also take a look at the article for details on loading the application on the device.
Concerning
Bika
-
Authentication failed for users of the AD and work for users of OID using OAM 11 G
Hi all
I have deployed an Application in OSH where the doors of the web are installed. In OAM 11 G, I created the Userid as OVD store and created policies for that. and I was able to protect the application.
But authentication works very well for users of the OID. But does not not for users of the AD (saying ID user and password are incorrect)
Part of the OID, AD with TPM. but the AD authentication does not work.
could someone help me with this.
Thank you
KiranHi Kiran,
Check that the name attribute of such user as defined in the Data Source is mapped in TPM attribute AD that you plan to hold the user name. Perhaps, it is use usrprincipalname instead of the samaccountname, or something like that? The oam_server1 - diagnostic.log, or newspapers OVD, may give more clues as to which is the problem.
Kind regards
Colin -
Excluding the lines of Terminal Server in the AAA authentication
Hi all
Hope you can help, I'm trying to find a solution to exclude only the following line port by using the AAA authentication (ACS GANYMEDE +) on a map of Terminal Server on a Cisco 2600 router. Does anyone know how to do this, or point me in the right direction to solve?
I've included the output below:
AAA authentication login default group Ganymede + local
AAA authorization exec default group Ganymede + local
AAA accounting exec default start-stop Ganymede group.
AAA accounting network default start-stop Ganymede group.
AAA accounting default connection group power Ganymede
AAA accounting system default start-stop Ganymede group.
AAA - the id of the joint sessionline 41
session-timeout 20
decoder location - XXXXXX XXXXXX BT
No banner motd
No exec-banner
absolute-timeout 240
Modem InOut
No exec
transport of entry all
StopBits 1
Speed 38400Is it a question of disabling the command line or using a defined group?
Thanks a lot for your help.
Jim.
Hi Jim
You may need to create another group for authentication to the and send your AAA configuration
line to 0
connection of authentication aux_auth
AAA authentication login aux_auth line
You can also configure a username local/pw and map it on the group to here...
Console and telnet would still use the configured default group, or you can specify specific groups:
Line con 0
console login authentication
line 4 vty0
vty authentication login
and specify the aaa authentication settings individually...
I hope this helps... all the best
REDA
-
I have operators who are still on my desktop 24/7/365. Assuming that there are no other problems, they get kicked out of their sessions from view after about 24 days. We use Thin Clients HP running ThinOS and VMware View Client. When I check the log for debugging on the Windows 7 VM, I see that when the connection is established, he wrote the following line:
2014-09-09 08:44:30, 807 DEBUG < MessageFrameWorkDispatch > [wsnm_desktop] sessionDisconnectTimer: set the timer to 2147480 seconds
After the expiration of the time limit, I get the following messages in the same newspaper and the client disconnects:
2014-09-09 08:30:08, 571 DEBUG < TimerService > [wsnm_desktop] sessionDisconnectTimer: triggered timer, session is disconnected.
2014-09-09 08:30:08, 571 DEBUG < TimerService > [wsnm_desktop] session::SessionDisconnectTimedOut: Disconnect message posted on the desktop
Where it becomes this timer of? The global setting on the display server is maxed at 9 999 999 minutes.
The host is EXSi 5.0.0
VMware View Server is 5.0.0 - 481677
See Agent 5.0.1
Operating system is Windows 7 Pro running on the virtual version 7 machine
It is a known problem that has been fixed in 5.3.2 view - the global time-out in minutes is converted to a time in milliseconds, which then overflows a 32-bit counter. See Overview of VMware View Release Notes
A desktop session is timeout and be disconnected after about 24 days, 20 hours and 31 minutes, even if the Session time-out setting has been set to a higher value.
Mike
-
JDeveloper debug: start the automatic extension debugging session
Hello
I'm trying to start a debugging session from a remote process in the extension. (The idea is that the user simply clicks on a button provided by the extension and remote debugging is started without any other parameters necessary user.)
From the description of the API, the javax.ide.debug.Debugger class seems to be very promising.
Unfortunately, Debugger.getClientConnector (Context) always throws an UnsupportedOperationException. I have no idea what to do, so my current project supports the operation.
Can anyone help? No results for a search on the net or this forum.
If this is not the right place to ask this question, can someone point me in the right direction?
Thanks, SteffenSteffen,
Now JDeveloper has no support for debugging of the JSR 198 through the javax.ide.debug.Debugger class. I filed a request for improvement for this, and we will implement this in a future release.
Keimpe Bronkhorst
Team JDev IDE -
Test command of the AAA for EAP - TLS authentication for wireless users
Hi all
Can anyone suggest me the test command to verify the eap - tls authentication for the Cisco WAP's wireless.
If it's an authetication jump we can use the command to test the connection below
Radius of group aaa Testwap-01 #test [email protected] / * / o4 & yJ) NoL$ new-code %0
Trying to authenticate with the server radius group
User successfully authenticatedBut eap - tls is not delivered with the password. He insists that for the user name.
We strive for remote location then test remotely before production.
If someone help pls in that if we have a command to test or debug command to test this authentication.
EAP - TLS requires a client certificate. How can you have a simple command that analysis without loading any certificate on the router/switch? It does not exist. This is why eap - tls is not considered an easy to deploy eap method: because it can go wrong on several levels.
The aaa command test performs a PAP authentication, therefore, it tests the connectivity of the base RADIUS and name of user and password.
If it works, the only thing that can break for eap - tls are certificates, as well as the radius server will be able to tell if something worng.
-
The AAA for PIX515E 6.3 rules (5)
Hello. If I wanted to configure the PIX for the authentication of an ACS server (for the purpose of management of PIX), what else would need apart from what follows:
AAA-server Admin-FW Protocol Ganymede +.
AAA-Server Admin-FW max-failed-attempts 3
AAA-Server Admin-FW deadtime 10
!
AAA-Server Admin-FW (inside) host 192.168.2.9 access timeout 10
!
console series FW-Admin-AAA authentication
Console telnet authentication AAA Admin-FW
authentication AAA ssh console Admin-FW
As far as I KNOW, I did not specify which IP addresses can someone telnet from to connect on the PIX. I tried the following, but I do not know I did not provide the correct instructions:
the AAA authentication include telnet inside 192.168.0.0 255.255.0.0 Admin-FW
... and I have a username / password to invite him on the PIX but it keeps asking for a user name and password. I know my account GANYMEDE is good because I can connect on the routers with the same details as what I use to authenticate on the PIX.
I also ran a debugging on the PIX when I was trying to authenticate. The output is attached.
Thank you
Timothy
Hi Tim,.
There is no need to order,
the AAA authentication include telnet inside 192.168.0.0 255.255.0.0 Admin-FW
Try it now and see if you get hits on ACS. Incase it is not working, pls get again him debugs.
Thank you
Jagdeep
-
The AAA authentication not working method and 'by default' list
Guys,
I hope someone can help me here to the problem of the AAA. I copied the configuration and debugging below. The router keeps using username/password local name even if the ACS servers are accessible and functional. To debug, it seems he keeps using the method list 'default' ignoring GANYMEDE config. Any help will be appreciated
Config
**********************************
AAA new-model
!
username admin privilege 15 secret 5 xxxxxxxxxx.
!
AAA authentication login default group Ganymede + local
the AAA authentication enable default group Ganymede + activate
authorization AAA console
AAA authorization exec default group Ganymede + local
AAA authorization commands 15 default group Ganymede + local
AAA authorization default reverse-access group Ganymede + local
orders accounting AAA 0 arrhythmic default group Ganymede +.
orders accounting AAA 15 by default start-stop Ganymede group.
Default connection accounting AAA power Ganymede group.
!
AAA - the id of the joint session
!
RADIUS-server host x.x.x.x
RADIUS-server host x.x.x.x
RADIUS-server host x.x.x.x
RADIUS-server host x.x.x.x
RADIUS-server application made
RADIUS-server key 7 0006140E54xxxxxxxxxx
!
Ganymede IP interface-source Vlan200
***************************
Debugs
002344: 5 Dec 01:36:03.087 ICT: AAA/BIND (00000022): link i / f
002345: Dec 5 01:36:03.087 ICT: AAA/AUTHENTIC/LOGIN (00000022): choose method list "by default".
002346: Dec 5 01:36:11.080 ICT: AAA/AUTHENTIC/LOGIN (00000022): choose method list "by default".
core01 #.
002347: Dec 5 01:36:59.404 ICT: AAA: analyze name = tty0 BID type =-1 ATS = - 1
002348: Dec 5 01:36:59.404 ICT: AAA: name = tty0 flags = 0 x 11 type = 4 shelf = 0 = 0 = 0 = 0 = 0 channel port adapter slot
002349: Dec 5 01:36:59.404 ICT: AAA/MEMORY: create_user (0 x 6526934) user = "admin" ruser = "core01" ds0 = 0 port = "tty0" rem_addr = "async" authen_type = service ASCII = NONE priv = 15 initial_task_id = '0', vrf = (id = 0)
002350: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): Port = "tty0" list = "service = CMD
002351: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/CMD: tty0 (2162495688) user = "admin".
002352: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send service AV = shell
002353: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send cmd = AV set up
002354: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send AV terminal = cmd - arg
002355: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send cmd - arg = AV
002356: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): found the 'default' list
002357: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): method = Ganymede + (Ganymede +)
002358: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): user = admin
002359: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send service AV = shell
002360: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send cmd = AV set up
002361: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send AV terminal = cmd - arg
002362: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send cmd - arg = AV
Enter configuration commands, one per line. End with CNTL/Z.
core01 (config) #.
002363: Dec 5 01:37:04.261 ICT: AAA/AUTHOR (2162495688): permission post = ERROR
002364: Dec 5 01:37:04.261 ICT: tty0 AAA/AUTHOR/CMD (2162495688): method = LOCAL
002365: Dec 5 01:37:04.261 ICT: AAA/AUTHOR (2162495688): position of authorization = PASS_ADD
002366: Dec 5 01:37:04.261 ICT: AAA/MEMORY: free_user (0 x 6526934) user = "admin" ruser = "core01" port = "tty0" rem_addr = "async" authen_type = ASCII service = NONE priv = 15
core01 (config) #.
Ganymede + accessible servers use source vlan 200. Also in the Ganymede server + can you check if the IP address for this device is configured correctly and also please check the pwd on the server and the game of this device.
As rick suggested sh Ganymede would be good as well. That would show the failures and the successes
HTH
Kishore
-
The AAA authentication configuration
We have ACS server 3.1 to AAA for authentication for all routers and switches. I want each person to connect the router using its own id, password password and activate. If the ACS server is unavailable, I want to have different id, password and enable password for console and telnet access. What is the right way to do this? I also want to follow all orders entered on the router.
That's what I have:
AAA new-model
AAA authentication login default group Ganymede + local
enable AAA authentication login no_tacacs
the AAA authentication enable default group Ganymede + line
AAA authorization exec default group Ganymede + local
AAA authorization commands 15 default group Ganymede + local
AAA accounting exec default start-stop Ganymede group.
orders accounting AAA 15 by default start-stop Ganymede group.
!
username admin password 7 xxxxxxxxxxxxxxxx
!
!
Line con 0
connection of authentication no_tacacs
line to 0
line vty 0 4
password 7 xxxxxxxxxxxxxxxxxxxxxxxx
!
Yes, it's Joy on the right. Thank you, Renault
-
The AAA authentication and VRF-Lite
Hello!
I encountered a strange problem, when you use authentication Radius AAA and VRF-Lite.
The setting is as follows. A/31 linknet is configured between PE and THIS (7206/g1 and C1812), where the EP sub-si is part of a MPLS VPN and VRF-Lite CE uses to maintain separate local services (where more than one VPN is used..).
Access to the this, via telnet, console etc, will be authenticated by our RADIUS servers, based on the following configuration:
--> Config start<>
AAA new-model
!
!
Group AA radius RADIUS-auth server
Server x.x.4.23 auth-port 1645 acct-port 1646
Server x.x.7.139 auth-port 1645 acct-port 1646
!
AAA authentication login default group auth radius local
enable AAA, enable authentication by default group RADIUS-auth
...
touch of 1646-Server RADIUS host x.x.4.23 auth-port 1645 acct-port
touch of 1646-Server RADIUS host x.x.7.139 auth-port 1645 acct-port
...
source-interface
IP vrf 10 RADIUS ---> Config ends<>
The VRF-Lite instance is configured like this:
---> Config start<>
VRF IP-10
RD 65001:10
---> Config ends<>
Now - if I remove the configuration VRF-Lite and use global routing on the CE (which is OK for a simple vpn installation), AAA/RADIUS authentication works very well. "" When I activate transfer ip vrf "10" on the interface of the outside and inside, AAA/RADIUS service is unable to reach the two defined servers.
I compared the routing table when using VRF-Lite and global routing, and they are identical. All roads are correctly imported via BGP, and the service as a whole operates without problem, in other words, the AAA/RADIUS part is the only service does not.
It may be necessary to include a vrf-transfer command in the config of Group server as follows:
AAA radius RADIUS-auth server group
Server-private x.x.x.x auth-port 1645 acct-port
1646 key ww
IP vrf forwarding 10
See the document below for more details:
http://www.Cisco.com/en/us/partner/docs/iOS/12_4/secure/configuration/guide/hvrfaaa.html
-
Whenever I try to open the App Store it will remain open for more than 30 seconds before the close. Or it just restarts as soon as a home screen scroll above him. I can't keep it open long enough to even download an application.
Hello monorayfromportland,
If you are unable to connect to the iTunes Store on your Apple TV, take a look at the troubleshooting steps below:
If you cannot connect to the iTunes Store
If you cannot connect to the iTunes Store on your Apple TV (4th generation):
- Make sure that your date and time are correct. Go to settings > general > Date and time.
- Check if your Apple TV software is up-to-date. To check the updates, select settings > system > software updates > software update.
- Make sure you have an active network connection. Go to settings > network.
- Check to see if other devices, such as computers or tablets, can connect to Wi - Fi and access to the Internet.
- Reset the wireless router by turning and then again.
Take care.
-
Hello
I installed an Alfred Workflow (see code below) that will mark all my mails as read. After you run it for a minute, the mail has crashed and I had to forcequit. However, now, when you open the Mail it crashes instantly, even after restart and repair the permissions. I also used the Ctrl + C and CTRL-Z commands in the Terminal to leave the alfred_script, but nothing helped. I'm running out of ideas here, so I hope you could help me either reinstall the mail.app. I could always just switch to a different mail application, but it's kind of a last resort.
Code:
Tell application "Mail".
Define allAccounts on each account name
Repeat with currAccount in allAccounts
the unreadMboxes value (each mailbox to the account currAccount the unread number is not 0)
Repeat with currMbox in unreadMboxes
(read status of each message to currMbox including the playback State is set to false) true value
end repeat
end repeat
tell the end
Any input would be greatly appreciated. Can post the report of crash on demand.
Not sure that Alfred's, but it's just an Applescript script and it would not cause Mail to be planted.
However, when running through all the messages, it is possible Mail database has been corrupted and it crashes because of this.
I'll probably get anything out of the accident report, but others might.
My first instinct would be to rebuild the mailbox. Because you can't do that with him crashing, you can simply delete the databases and it will rebuild them.
Navigate to this folder:
~/Library/Mail/v3/MailData/
You can either manually through the files, or copy the full path and paste it into go the folder in the menu go to the Finder.
Remove the envelope Index files. Open Mail and see if it works well.
If your library does not appear in your folder, hold down the Option key and select library in the menu go to in the Finder.
-
See the question
You can change a hidden preference to make the search results from the search (top right) to open in a new tab bar:
- type of topic: config in the location/URL bar and press the Enter key
- on the caveat, promise to be careful
- Filter = browser.search.openintab
- in the lower panel, double-click that preference to switch the column value true or false (see below)
- value =true open search results in a new tab
- value =false (default) open search results in the active tab
If this answer solved your problem, please click 'Solved It' next to this response when connected to the forum.
Not related to your question, but...
You must update some plug-ins:
- Plugin check: https://www-trunk.stage.mozilla.com/en-US/plugincheck/
- Adobe PDF plugin for Firefox and Netscape: Installation/update Adobe Reader in Firefox
-
I keep seeing pop up ads powered by '' cn tatami '' whenever I have to navigate using Safari or open a link on the FB Adblocker app does not work for this. Any suggestions? There is no option to cross the pop-up ad that it redirects to various Web sites.
Cache and history of the site Clear settings - Safari -.
(1232)
Maybe you are looking for
-
I am trying to export my address book in excel. I'm going to address book/tools/export. I chose the csv, the name of the file and click Save. The result is a file with the address book titles, but no data. Can you help me?Thank you!Nancy
-
How can I access the Thunderbird spelling dictionary and make manual changes?
I have several bad words that have been added to the dictionary, and I want to delete them. How can I do?
-
long delays opening app, switching between messages, spinning wheel. I deleted 100s of garbage and junk to no effect. No further action seems to be performed
-
Portege A600 - can not find the driver for hotkey
Hi guys,. I ve a problem with my laptop. I ve installed Windows 7 64-bit Professional on my device. Diver most were installed automatically by Windows. Other one I found on the homepage of Toshiba. But I can´t find a driver for my shortcut key. Sorry
-
Infested scammed my Inbox...
.. made with an attachment that does not open: Attention Microsoft online winner, You have been selected as the winner for the help of the Microsoft Services. To findattachment email with more details. Congratulations on behalf of staff &Microsoft Go