Device grouping with the IP address of subnet
Hello
We are GBA for authentication GANYMEDE +.
We have two network in the administrative field 2 with IP address 172.16.0.0/25 and 172.16.128.0/25.
I want to configure the authentication policy so that the administrator of a domain will not be able to access other field devices.
In the configuration of the peripheral ACS group, there is an option to include the address of IP network with wild-card mask.
But how do we separate/mention one IP network in the form of 172.16.0.0/25 and 172.16.128.0/25.
Kind regards
Salome.
You will need to set up two groups of devices. I recommend you set up a simple NAS in each group using the multi-NAS addressing.
The first NAS system should have the following IP address: 172.16.0.1 - 127
The second NAS server should have the following IP: 172.16.0.129 - 255
Once these are configured, you can use Network Access Restrictions to limit access to different users or groups.
Jeff
Tags: Cisco Security
Similar Questions
-
M1536dnf - the installation program could not connect to your device. Check the IP address
I recently bought a LserJet Pro M1536dnf for my business, then we would have network printing and scanning. We have both Mac and Linux PC with a single machine Windows solitaire which is kept away from the network for his own protection, and I expect from Linux but this is not where the problem is. Due to our network configuration, the only way to connect to the printer is by IP, not not using Hello. When installing using the installer of HP on the Mac, I choose 'Add intellectual property arrangements', enter the IP (192.168.1.247) and click OK. After that, he always comes back 'the installer could not connect to your device. Check the IP address, make sure that the device is powered, and then try again. "I know I can get to the printer because I can access its web interface in Safari. I tried to reset, update firmware, reboots, power-off/power-on different computers, nothing works.
Curiously, I could add the printer very well on Ubuntu Linux computers and print immediately, although the scanner still doesn't work here. So my problem is on the Mac.
OK, I have now works. The HP installation program provided on the CD-ROM supplied with the printer does not work. After you download the new version of support.hp.com, I could successfully add the printer by IP address.
Also, just a quick note to all the world using Linux (although it is not officially supported by HP):
The printer works fine, using HPLIP, but requires at least version 3.11.1 to work. I had to add an additional to my linux installations software source to make it work.
Under Ubuntu 10.04/10.10, add:
PPA:hplip - isv/ppa
Other Linux distributions will be different, if you are having problems check to see how to install the latest version of HPLIP software.
-
Impossible to connect a network drive by name of host but able to match with the ip address
is the act as an application server and the file server. We use it as normal, but it is suddenly unable to resolve host name for other machines. All servers and workstations are not able to map the drive network under
with the name of host, but every server and workstation still able to map the network drive with the IP address. When we try to connect the network drive with the host name, it invites with the error shows that there is error authorizcation.
We tried and discover a few points as below for your reference:
- Able to ping and resolve the hostname via all other servers and workstations.
- Able to access
the Terminal Server service name - Able to network with the IP address drive
- Power of the card
itself with the host name
Hello
The question you posted would be better suited in the TechNet Forums. I would recommend posting your query in the TechNet Forums.
http://social.technet.Microsoft.com/forums/en-us/categories/
-
Why have I not spam with the email address for the answer
Hello
I posted this because I have a little problem, I Hotmail to send and receive e-mail messages in the 'Sent' folder there are the email address which I replied to and reply with the e-mail address, for example:
Sent Reply:
* E-mail address is removed from the privacy * Yo * address email is removed from the privacy *
* E-mail address is removed from the privacy * Hello * address email is removed from the privacy *
If features Yo, Hi and Hello new features for Hotmail replies that it is something, but have the answer (in the 'Sent' folder) with the email address is another, any help on this, please?
Thank you
Sincerely,
Frampton rocks
Hello
I'm sorry, but we cannot help with hotmail problems in these forums in response to vista
Please repost your question in hotmail in the hotmail link below forums
http://windowslivehelp.com/product.aspx?ProductID=1
ForumsConsult with Microsoft Certified Solutions____________________________________________For the different Forums for Windows Live Applications, select the link belowWelcome to Windows Live Solution Center -
Hi all
My apologies if this is a trivial question, but I spent considerable time trying to search and had no luck.
I encountered a problem trying to set up a temporary L2L VPN from a Subscriber with CISCO2911 sitting behind the router of the ISP of an ASA. ISP has informed that I can't ignore their device and complete the circuit Internet on the Cisco for a reason, so I'm stuck with it. The Setup is:
company 10.1.17.1 - y.y.y.y - router Internet - z.z.z.z - ISP - LAN - 10.x.x.2 - XXX1 - ASA - 10.1.17.2 - CISCO2911 - 10.1.15.1 LAN
where 10.x.x.x is a corporate LAN Beach private network, y.y.y.y is a public ip address assigned to the external interface of the ASA and the z.z.z.z is the public IP address of the ISP router.
I have forwarded ports 500, 4500 and ESP on the ISP router for 10.1.17.2. The 2911 config attached below, what I can't understand is what peer IP address to configure on the SAA, because if I use z.z.z.z it will be a cause of incompatibility of identity 2911 identifies himself as 10.1.17.2...
! ^ ^ ^ ISAKMP (Phase 1) ^ ^ ^!
crypto ISAKMP policy 5
BA 3des
md5 hash
preshared authentication
Group 2
lifetime 28800
isakmp encryption key * address no.-xauth y.y.y.y! ^ ^ ^ IPSEC (Phase 2) ^ ^ ^!
crymap extended IP access list
IP 10.1.15.0 allow 0.0.0.255 10.0.0.0 0.255.255.255
Crypto ipsec transform-set ESP-3DES-SHA 3rd-esp esp-sha-hmac
card crypto 1 TUNNEL VPN ipsec-isakmp
defined peer y.y.y.y
game of transformation-ESP-3DES-SHA
match the address crymapGi0/2 interface
card crypto VPN TUNNELHello
debug output, it seems he's going on IPSEC States at the tunnel of final bud QM_IDLE's.
What I noticed in your configuration of ASA box, it's that you're usig PFS but not on 2911 router.
So I suggest:
no card crypto OUTSIDE_map 4 don't set pfs <-- this="" will="" disable="" pfs="" on="" asa="">
Then try tunnel initiate.
Kind regards
Jan
-
Computer XP versus, Brother printer with the IP address of the old computer inside info.
my daughter has a 'new' xp windows computer, but still has its old brother mfc printer. the printer prints the computer because its IP address is from his old computer. I have tried everything and you can't change the numbers mask IP, gateway or subnet on the printer in the menu.
can someone help me? PLEASE AS SOON AS POSSIBLE, THANK YOU
I contacted the brother who was a 6 hour ordeal to get no. WHERE. online, it says hit the + button until NETWORK appears, there no + key!
I can copy documents without any problems.
also the scroll on the mouse does not scroll while she has to slide to the bottom of a page to read slowly.
Thank you!!!
If the computer is connected with a USB cable (which is what you describe), then IP addresses of the computer and the printer are simply not relevant to the printer connection. The printer's IP address is used ONLY if the printer is connected to a network using an Ethernet cable (which is the picture above in my previous post).
Now that we know what is wrong, we will try to understand why the printer does not print.
Probably the easiest way to proceed is to uninstall the printer (assuming that it has never been installed, which seems dubious) and then reinstall it.
I'm going to assume that you don't have the CD that came with the printer (if you do not have the CD, see pages 16 to 18 of the Quick Start Guide).
The following instructions are "Article One" of Cori Bright (http://www.coribright.com/windows/Article_One.htm) which unfortunately seems to be offline at the moment:
- Unplug the printer from the PC
- Go to the control panel and click on Add/Remove programs. Highlight any printer software that is listed here. Select Remove. (Note that simply delete the Brother here software)
- In Control Panel, click printers & faxes. Right click on the printer in question and select delete
- Look at the toolbar. Select the file, then server properties. Look in the tab drivers. Highlight the printers drivers listed here and click on remove for each one. [(Notez que vous n'avez pas à supprimer les pilotes pour les autres imprimantes).]
4. Note that brother has a 'Uninstall tool' which should perform steps 2 to 4. I have no experience with this tool, that's why I gave you the manual steps above. I provided the link to be complete, not because I think that you need to use this tool: http://welcome.solutions.brother.com/bsc/public/us/us/en/dlf/dlf/000000/002700/dlf002701.html?reg=us&c=us&lang=en&prod=mfc440cn_all&type2=2&os=7&flang=4&dlid=dlf002701
- Restart the PC. Do NOT reconnect the printer!
- Go to the website of the manufacturer of your printer. Search for new XP drivers for your model. Download the correct software. If there is no Windows XP drivers for your printer, try to watch those for Windows 2000. In most cases, these will do almost as well. For the Brother MFC-440CN, go here--> http://welcome.solutions.brother.com/bsc/public/us/us/en/dlf/download_index.html?reg=us&c=us&lang=en&prod=mfc440cn_all&dlid=&flang=English&os=7&type2=-1 download the file named "Full Driver & Software Package." Make sure that you are connected as a user with "Computer administrator" privileges before you do the next step.
- Run the exe that you just downloaded. He has auto-démarrer Setup
- The software will tell you when to connect the printer.
- Once the software is installed and the printer connected, try a test page. He should feel great now!
-
Problems with the MAC address duplicate when creating new jobs virtual
We use the MAC addresses of vWorkspace management. This means that we have the option set as an attachment with the basic MAC address pic01. This has worked well so far. We now extend our VDI environment with the new Virtual Machines in a new group. But now, we got the question if we create a new desktop computers, the broker for connections will distribute double MAC addresses (see the pic02 attachment). And as you know it will end in a messy DHCP and TCP/IP. Even if we put the basic MAC address to a new range, the broker for connections always distributes the old MAC address range. We restart the broker for connections rather than on the time and the problem is still the same!
Does anyone have ideas or solutions to this problem?
If you need additional information just let me know.
Versions:
vWorkspace Broker for 7.6.305.845 connections
Client tools PN 7.6.0.820 (former VM) or 7.6.0.845 (new VM)
THX and greetings
Thomas
Additional accessories:
Hello
Address management Mac is for groups of clouds. With groups of clouds, the machines get deleted/re-created very often so we need mac address management to allow the mac address be reused after a certain period of time.
With traditional groups, the machines are kept for long periods of time if you don't use mac addresses that you will get the number you have described management.
Thank you, Andrew.
-
Satellite L10-202: how to bring yellow pop up with the IP address?
Hello
I have the Satellite L10-202. When I bought it, it had already installed Windows XP Home. Of course, a few hours after I reinstall the software, but before I did I saw that when I plugged the computer to Internet/LAN by ethernet or WiFi NETWORK card there was yellow pop-up windows (sometimes called ball) with information which IP address, I received.Now, after the reinstallation, I only "information network connected.
Anyone know how I can restore it? It is characteristic of some software on CD with the drivers or that certain configuration in operating system? It was very useful. I tried with almost all utilities on CD.Kind regards.
Hello
Maybe this helps:
In the registry trying to change this entry:The key: NtVersion ntVersion\Explorer\Advanced
Create a new DWORD value and name it EnableBalloonTips equal to 1.
If EnableBalloonTips is already there and equal to 0, equal to 1.
Quit the registry editor, log out and log in. -
I changed my email address and now I can't download my updates because my apple ID always happens with my old email address. I changed it to my new address, and it always happens with the former. How can I solve this problem?
This is because any download/purchase the app store is linked to the Apple ID used to get forever.
-
VPN does not work with the ip address of overlap?
When I plugged my adsl router and I have ip address is 10.1.1.1/8 can I use remote access vpn closing on firewall and authentication works very well and I put the ip address of the pool is 10.7.0.1/16 but I can not access this local lan if I made up of my pc and got 2x2.102.x.y ip address then I connected I can't access no problem local network and vpn remote access authentication.
It is question of routing on pc with overlapping ip or not?
Please clarify or provide useful link
Thank you
Hello
It seems that it is a problem of nat - t.
Make sure that the head of VPN network has "isakmp nat - t" (if that's a PIX). If a hub, make sure that "IPsec NAt - T" is enabled.
Additionally, make sure that on the client, "Enable Transparent tunneling" is checked, with IPSec over UDP NAT/PAT selected.
HTH,
-Kanishka
-
VPN site to Site with the IP address range internal Natting?
This is our real internal LAN address: 10.40.120.0/26 (internal range) and I want to translate to
Translated the address: 10.254.9.64.255.255.255.192 (Internal)
Our remote local address is: 10.254.5.64 site 255.255.255.192(Remote adresse Ip interne ajouter plage)
Based on the above parameters I did this configuration
outside_cryptomap ip 10.254.9.64 access list allow 255.255.255.192 10.254.5.64 255.255.255.192
policy-nat of ip 10.40.120.0 access list allow 255.255.255.192 10.254.5.64 255.255.255.192
public static 10.254.9.64 (inside, outside) - list of access policy-natI had all the phase 1 and Phase 2 required parameters and add public ip peer.
I had set up vpn by using ASDM before but this scenario is new for me, all I was wondering is there anything I need to properly configure Setup VPN
If you see TX increases but not RX which means that traffic is sent to the remote end however there is no response.
I suggest that you check with the remote end of VPN to see where is the problem. It is very probably the remote side.
-
Hallo,
I create a stubborn workflow that begins with a create operation on the table where a new record should be added.
The recording fields must be filled in by the user, but before committing, I have to fill a field of the reocord with the address IP of the PC of the user.
Could you kindly advice me which are the possible recommended approaches to achieve this?
Thank you
Federico
Hello
See this post: Blog of Zeeshan Baig: how to get the IP address of the customer in ADF merge request
You can use a createWithParams operation and to fill in this field.
Reference: Andrejus Baranovskis Blog: CreateWithParams operation for Oracle ADF 11g BC
Kind regards
Ruben.
-
Create Comma seperated list of groups with the same number
Hi all
I have a table that has 2 columns and the data are as below
API_Number nom_du_groupe
1234 A group
3241, Group A
Group B 1234
4567, Group C
7896 Group D
3241, Group E
I wanted to find the API numbers repeating in different groups. In the output, I want
API_Number nom_du_groupe
1234 Group A, Group B
3241, Group A, Group E
4567, Group C
7896 Group D
Please help me with the query. I'm new to PL/SQL. Appreciate your help,
Thank you
It is a solution with hierarchical query (CONNECT BY):
T (API_Number, Group_Name) AS
(SELECT 1234, "Group A" dual UNION ALL)
SELECT 3241, "Group A" double UNION ALL
SELECT 1234, 'Group B' FROM dual UNION ALL
SELECT 4567, "Group C" dual UNION ALL
SELECT 7896, "group of FROM dual UNION ALL
SELECT 3241, 'Group E' OF THE double)
SELECT api_number, ltrim (sp, ',') gn
Of
(SELECT API_Number, sp SYS_CONNECT_BY_PATH (groupname, ','),
CONNECT_BY_ISLEAF he, row_number() OVER (PARTITION BY GroupName ORDER BY level DESC) rn
T
CONNECT NOCYCLE PRIOR API_Number = API_Number AND GroupName PRIOR<>
WHERE it = 1
AND rn = 1
ORDER BY API_Number;
API_NUMBER GN
1234 Group A, Group B
3241, Group A, Group E
4567, Group C
7896 Group D
-
Email link with the email address of the admin client
We include an e-mail to Webhelp to our product link to allow our users to send us your comments on specific topics (none received to date, but I live in hope that someone, somewhere, reads for help...).
A customer asked if it is possible to include an email link in the help topics that will send an email to that client sys admin.
Obviously, a search / replace on all htm files would be the case, for example to replace the email address of my company doc feedback with email of the customer on the link send comments. But is there a more elegant way to do it?
- The e-mail address used in the link could be specified when using the product is installed. The installer should go through all of the htm files and do the replacement.
- The e-mail address may be specified in a file separate and included somehow in all htm, while a single file would need to be changed by the installer.
Someone at - it solved this problem already? Is the 2nd option above even possible?
Cheers, Julie
I guess you want to simply send e-mail to the user's system, right? If it is to be sent automatically in the background, you need a solution on the side server.
I see two options: sets of variables and JavaScript.
- With the sets of variables, you set the email as a variable. And that you configure a set for each customer. But you will end up with a single output by customer.
- With JavaScript, you put all the logic for the email link in a script. Then you have just the single file where the e-mail address is stored. Then only one place to update. See the site of Peter for the sample scripts: Email this theme
-
ESX uses network adapter with the mac address that is different than virtual connect reports
Hi all
Our ESX environment consists of HP C7000 enclosure, virtual connect 1 gb ethernet with a mixture of BL480c and BL460c. We just bought some new BL460c G7 with NIC NC553i to replace some of the oldest BL480c. We have configured Virtual Connect to assign mac addresses. In vc management consoleI see the addresses assigned to the server, but when I start the server displays a different mac address for nic #2 that vc does. NIC #1 has the same mac address of console management vc and in the server BIOS. When I install ESX also sees the 'wrong' for #2 nic mac address. According to vmware nic #2 has not any network connected to what should be if it was really nic #2 (according to the vc management console).
When I look at the mac addresses in the BIOS none of the network interface card have the mac address assigned by vc. VC firmware is 3.01. I have attached the photos I see information in the management of VC and BIOS console. Someone at - it for clues to what is happening and how can I solve it? Thanks in advance.
Kind regards
GB
Please refer to:
Note: The ESX host uses following addresses starting with 00:50:56 (as opposed to the address embedded in the interface itself).
To determine the MAC address of the interface Board of the ESX host, run the command:# ifconfig | grep-i hwThe output looks like:vswif0 Link encap HWaddr 00:50:56:41:5 A: 59The MAC address is in the first line after HWaddr. In this example, the MAC address is 00:50:56:41:5 has: 59.Note: The ESX host uses following addresses starting with 00:50:56 (as opposed to the address embedded in the interface itself).You can also review the output information and the esxcfg-NICS - l order MAC addresses.
Maybe you are looking for
-
Last update of Firefox 28.0 would have removed the part my printer HP scanner?
I have not used my scanner on my HP printer/copier/scanner for a few weeks. Since then, I've had the latest updates of downloaded Microsoft and a new version of Firefox 28.0 thus put on it.The printer/copier part works very well so far. But when I we
-
Is it possible to receive two authentication factor on Apple Watch codes?
See title
-
Toshiba STOR. E basics 1 TB - extremely slow
Hello I recently bought this Toshiba STOR. E basics 1 TB USB 3.0 HDTB110EK3BA and it's extremely slow, taking already about 48 h for a copy of less than 100 GB.I am formatting it Mac Os more and using a Mac Book Pro with USB3 Why is this happening? T
-
protection antivirus and virus definitions
I just learned that I have an anti-virus with virus definitions and not an anti-virus, it hurt anything to download an anti-virus?
-
Download booted from the games online for high ping rates
Original title: high ping rate When you try to play online multiplayer games in Windows 7, I keep getting starts to have a medium too high ping. Is it possible to accelerate only? I have done speed tests and am running at speed more than enough for a