The AAA authentication & accounting using the command of Ganymede-orders

In the page of the cisco Remote Access Companion guide 394 book we got these configuration lines:

RTA (config) #tacacs - server host 192.168.0.11

RTA (config) #tacacs - host 192.168.0.12 server

RTA (config) #tacacs - server key topsecret

RTA (config) #aaa new-model

Ganymede + RTA (config) #aaa authentication login default group

If I want to add to the configuration above, the following command:

RTA (config) #aaa accounting connection defult stop / start Ganymede +.

Is it necessary that the above lines be in a specific order when I configure the RTA?

No, the order in which you enter commands doesn't matter.

Tags: Cisco Security

Similar Questions

  • I can settings add e-mail account by using the command line?

    Can I programmatically or by using the command prompt add parameters of "e-mail account"? for example: IMAP/POP3 "Incoming mail server" etc.

    No, there is no API to add an account without the help of the default interface of the to do.

  • User names found using the command run "control userpasswords2" do not match my user accounts

    Hello, on the #4 computer, when I use the command run, I get a list of 4 users. A, B, C, and comments.
    When I look in Control Panel I see 4 users, A, C, D and comments.
    When I go to C\:Users I see B, C, D and comments.
    I have problems with this computer #4, I get access denied, check the spelling, error code 8007005 0 x.
    All of these accounts should not match in computer #4?

    On my 3 other computers that can network with each other the results of the run command, results of the Panel control and C:\User results all correspond to A, C, D and are same as seen in Control Panel of the computer #4 comments.

    I think that the problem lies in computer #4 and is linked to the user names/accounts do not match. 4 computers user accounts all corresponding in Control Panel, so no problems.

    Don't you think that this problem of networking is related to incompatibility I describe? How can I fix this?   Gift of TIA

    Hello, on the #4 computer, when I use the command run, I get a list of 4 users. A, B, C, and comments.
    When I look in Control Panel I see 4 users, A, C, D and comments.
    When I go to C\:Users I see B, C, D and comments.
    I have problems with this computer #4, I get access denied, check the spelling, error code 8007005 0 x.
    All of these accounts should not match in computer #4?

    On my 3 other computers that can network with each other the results of the run command, results of the Panel control and C:\User results all correspond to A, C, D and are same as seen in Control Panel of the computer #4 comments.

    I think that the problem lies in computer #4 and is linked to the user names/accounts do not match. 4 computers user accounts all corresponding in Control Panel, so no problems.

    Don't you think that this problem of networking is related to incompatibility I describe? How can I fix this?   Gift of TIA

    I finally thought to it. They wore all the user names that came when I ran the command "control userpasswords2". As I said in my original post, user names in all the names of the Panel user control over all matching computers. The only conflict I've had was in the list of user names in the list found when I ran "control userpasswords2". I went to highlight the 'B' account after that I ran the command, you click Properties and changed his name to 'A'. This solved my access denied problem once and for all. Apparently he does not have all of the accounts in the control panel.

    Don

  • How to create the user account using the command?

    How to create the user account using the command?

    Open cmd as administrator, and then type the following commands one after the other

    NET user / add program mypassword
    net localgroup administrators program / add
    net share concfg * C:------/ grant: program, complete
    This will create a user account with the name "Program" and the password "MonMotpasse".

    You can create the user name and password of your choice.

  • the AAA authentication enable default group Ganymede + activate

    I implement CSACS 4.0. First of all on the client, I will apply aaa authenticatio / authorization under vty. The issure if I use the followin command

    the AAA authentication enable default group Ganymede + activate

    What happens if I connect via the console? I need to enter a name of user and password?

    Here is my configuration

    AAA new-model

    Group authvty of connection authentication AAA GANYMEDE + local

    the AAA authentication enable default group Ganymede + activate

    authvty orders 15 AAA authorization GANYMEDE + local

    RADIUS-server host IP

    Radius-server key

    Ganymede IP source interface VLAN 3

    AAA accounting send stop-record an authentication failure

    AAA accounting delay start

    AAA accounting exec authvty start-stop group Ganymede +.

    orders accounting AAA 15 authvty power group Ganymede +.

    AAA accounting connection authvty start-stop group Ganymede +.

    line vty 0 15

    connection of authentication authvty

    authorization orders 15 authvty

    authvty connection accounting

    accounting orders 15 authvty

    accunting exec authvty

    Any suggestion will be appreciated!

    It should work because it is a guest message.banner whenever you try to connect (console/vty). I set it up on my router.

    If you have banner motd, it will appear as well (see below). So, I have to remove it to get only the aaa banner & prompt is displayed:

    ************************************************************

    Username: cisco, password: cisco (priv 15f - local) *.

    ************************************************************

    Any unauthorized use is prohibited.

    Enter your name here: User1

    Now enter your password:

    Router #.

    The configuration more or less looks like this:

    AAA new-model

    AAA authentication banner ^ is forbidden to use CUnauthorized. ^ C

    AAA authentication password prompt "enter your password now:

    AAA-guest authentication username "enter your name here:

    Group AAA authentication login default RADIUS

    local authentication AAA CONSOLE connection

    HTH

    AK

  • The AAA authentication configuration

    We have ACS server 3.1 to AAA for authentication for all routers and switches. I want each person to connect the router using its own id, password password and activate. If the ACS server is unavailable, I want to have different id, password and enable password for console and telnet access. What is the right way to do this? I also want to follow all orders entered on the router.

    That's what I have:

    AAA new-model

    AAA authentication login default group Ganymede + local

    enable AAA authentication login no_tacacs

    the AAA authentication enable default group Ganymede + line

    AAA authorization exec default group Ganymede + local

    AAA authorization commands 15 default group Ganymede + local

    AAA accounting exec default start-stop Ganymede group.

    orders accounting AAA 15 by default start-stop Ganymede group.

    !

    username admin password 7 xxxxxxxxxxxxxxxx

    !

    !

    Line con 0

    connection of authentication no_tacacs

    line to 0

    line vty 0 4

    password 7 xxxxxxxxxxxxxxxxxxxxxxxx

    !

    Yes, it's Joy on the right. Thank you, Renault

  • Excluding the lines of Terminal Server in the AAA authentication

    Hi all

    Hope you can help, I'm trying to find a solution to exclude only the following line port by using the AAA authentication (ACS GANYMEDE +) on a map of Terminal Server on a Cisco 2600 router.  Does anyone know how to do this, or point me in the right direction to solve?

    I've included the output below:

    AAA authentication login default group Ganymede + local
    AAA authorization exec default group Ganymede + local
    AAA accounting exec default start-stop Ganymede group.
    AAA accounting network default start-stop Ganymede group.
    AAA accounting default connection group power Ganymede
    AAA accounting system default start-stop Ganymede group.
    AAA - the id of the joint session

    line 41
    session-timeout 20
    decoder location - XXXXXX XXXXXX BT
    No banner motd
    No exec-banner
    absolute-timeout 240
    Modem InOut
    No exec
    transport of entry all
    StopBits 1
    Speed 38400

    Is it a question of disabling the command line or using a defined group?

    Thanks a lot for your help.

    Jim.

    Hi Jim

    You may need to create another group for authentication to the and send your AAA configuration

    line to 0

    connection of authentication aux_auth

    AAA authentication login aux_auth line

    You can also configure a username local/pw and map it on the group to here...

    Console and telnet would still use the configured default group, or you can specify specific groups:

    Line con 0

    console login authentication

    line 4 vty0

    vty authentication login

    and specify the aaa authentication settings individually...

    I hope this helps... all the best

    REDA

  • The AAA authentication not working method and 'by default' list

    Guys,

    I hope someone can help me here to the problem of the AAA. I copied the configuration and debugging below. The router keeps using username/password local name even if the ACS servers are accessible and functional. To debug, it seems he keeps using the method list 'default' ignoring GANYMEDE config. Any help will be appreciated

    Config

    **********************************

    AAA new-model

    !

    username admin privilege 15 secret 5 xxxxxxxxxx.

    !

    AAA authentication login default group Ganymede + local

    the AAA authentication enable default group Ganymede + activate

    authorization AAA console

    AAA authorization exec default group Ganymede + local

    AAA authorization commands 15 default group Ganymede + local

    AAA authorization default reverse-access group Ganymede + local

    orders accounting AAA 0 arrhythmic default group Ganymede +.

    orders accounting AAA 15 by default start-stop Ganymede group.

    Default connection accounting AAA power Ganymede group.

    !

    AAA - the id of the joint session

    !

    RADIUS-server host x.x.x.x

    RADIUS-server host x.x.x.x

    RADIUS-server host x.x.x.x

    RADIUS-server host x.x.x.x

    RADIUS-server application made

    RADIUS-server key 7 0006140E54xxxxxxxxxx

    !

    Ganymede IP interface-source Vlan200

    ***************************

    Debugs

    002344: 5 Dec 01:36:03.087 ICT: AAA/BIND (00000022): link i / f

    002345: Dec 5 01:36:03.087 ICT: AAA/AUTHENTIC/LOGIN (00000022): choose method list "by default".

    002346: Dec 5 01:36:11.080 ICT: AAA/AUTHENTIC/LOGIN (00000022): choose method list "by default".

    core01 #.

    002347: Dec 5 01:36:59.404 ICT: AAA: analyze name = tty0 BID type =-1 ATS = - 1

    002348: Dec 5 01:36:59.404 ICT: AAA: name = tty0 flags = 0 x 11 type = 4 shelf = 0 = 0 = 0 = 0 = 0 channel port adapter slot

    002349: Dec 5 01:36:59.404 ICT: AAA/MEMORY: create_user (0 x 6526934) user = "admin" ruser = "core01" ds0 = 0 port = "tty0" rem_addr = "async" authen_type = service ASCII = NONE priv = 15 initial_task_id = '0', vrf = (id = 0)

    002350: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): Port = "tty0" list = "service = CMD

    002351: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/CMD: tty0 (2162495688) user = "admin".

    002352: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send service AV = shell

    002353: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send cmd = AV set up

    002354: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send AV terminal = cmd - arg

    002355: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send cmd - arg = AV

    002356: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): found the 'default' list

    002357: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): method = Ganymede + (Ganymede +)

    002358: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): user = admin

    002359: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send service AV = shell

    002360: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send cmd = AV set up

    002361: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send AV terminal = cmd - arg

    002362: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC +: (2162495688): send cmd - arg = AV

    Enter configuration commands, one per line.  End with CNTL/Z.

    core01 (config) #.

    002363: Dec 5 01:37:04.261 ICT: AAA/AUTHOR (2162495688): permission post = ERROR

    002364: Dec 5 01:37:04.261 ICT: tty0 AAA/AUTHOR/CMD (2162495688): method = LOCAL

    002365: Dec 5 01:37:04.261 ICT: AAA/AUTHOR (2162495688): position of authorization = PASS_ADD

    002366: Dec 5 01:37:04.261 ICT: AAA/MEMORY: free_user (0 x 6526934) user = "admin" ruser = "core01" port = "tty0" rem_addr = "async" authen_type = ASCII service = NONE priv = 15

    core01 (config) #.

    Ganymede + accessible servers use source vlan 200. Also in the Ganymede server + can you check if the IP address for this device is configured correctly and also please check the pwd on the server and the game of this device.

    As rick suggested sh Ganymede would be good as well. That would show the failures and the successes

    HTH

    Kishore

  • Activate the ASA system context AAA authentication

    Hello!

    We have ASA configured in multiplayer in context with 8.4 (2) software configured for AAA

    Configuration is admin context as follows:

    AAA-server TAC Protocol Ganymede +.

    host of the TAC AAA-server 10.162.2.201 (management)

    key *.

    Console to enable AAA authentication LOCAL TAC

    TAC LOCAL console for AAA of http authentication

    AAA authentication serial console LOCAL TAC

    authentication AAA ssh console LOCAL TAC

    Because of the multiple context, after the connection we enter in the system context. Console port authentication works very well except access to the privileged mode when you connect through the console port.

    After the show 'enable' command ASA accepts only configured activate secret in context and change ID of user system for enable_15, so we are unable to do accounting and authorization of user level control.

    It seems that the ASA in the context of the system is not aware of all the configurations of AAA, and it is not a command to configure AAA in the context of the system.

    Is there a way to configure enable AAA authentication in the context of the system?

    Thanks in advance!

    Hello

    It looks like you hit this known issue that follows:

    http://Tools.Cisco.com/support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsw18455

    Admin context allow mode compared to the context system DB credentials

    Symptom:

    In multi-mode configuration, the user to enter privileged mode credentials
    (enable mode) via the serial console is not sent to an external server
    role of authentication.

    Conditions:

    ASA/PIX is in multi mode. serial console and activate the console authentication
    are configured to use external aaa server in the context of the admin.

    Workaround solution:

    Option 1: Configure enable password in the system context. Option 2: Avoid the use of the interface of the console series and rely on telnet
    or ssh console access.  SSH or telnet consoles, tries to enter
    active mode is authenticated as specified by the configuration of aaa in
    the context of "admin".
    Other Description of the problem:

    When authentication is enabled for the serial console and activate console in
    Executive admin via an external aaa Server (for example: radius or Ganymede +), series
    Console OmniPass is against the external aaa server, but the mode
    credentials are compared with enable db in the context of the system.

    Hope that clarifies it. Unfortunately there is no solution for this problem.

    Kind regards.

  • The AAA authentication and VRF-Lite

    Hello!

    I encountered a strange problem, when you use authentication Radius AAA and VRF-Lite.

    The setting is as follows. A/31 linknet is configured between PE and THIS (7206/g1 and C1812), where the EP sub-si is part of a MPLS VPN and VRF-Lite CE uses to maintain separate local services (where more than one VPN is used..).

    Access to the this, via telnet, console etc, will be authenticated by our RADIUS servers, based on the following configuration:

    --> Config start<>

    AAA new-model

    !

    !

    Group AA radius RADIUS-auth server

    Server x.x.4.23 auth-port 1645 acct-port 1646

    Server x.x.7.139 auth-port 1645 acct-port 1646

    !

    AAA authentication login default group auth radius local

    enable AAA, enable authentication by default group RADIUS-auth

    ...

    touch of 1646-Server RADIUS host x.x.4.23 auth-port 1645 acct-port

    touch of 1646-Server RADIUS host x.x.7.139 auth-port 1645 acct-port

    ...

    source-interface IP vrf 10 RADIUS

    ---> Config ends<>

    The VRF-Lite instance is configured like this:

    ---> Config start<>

    VRF IP-10

    RD 65001:10

    ---> Config ends<>

    Now - if I remove the configuration VRF-Lite and use global routing on the CE (which is OK for a simple vpn installation), AAA/RADIUS authentication works very well. "" When I activate transfer ip vrf "10" on the interface of the outside and inside, AAA/RADIUS service is unable to reach the two defined servers.

    I compared the routing table when using VRF-Lite and global routing, and they are identical. All roads are correctly imported via BGP, and the service as a whole operates without problem, in other words, the AAA/RADIUS part is the only service does not.

    It may be necessary to include a vrf-transfer command in the config of Group server as follows:

    AAA radius RADIUS-auth server group

    Server-private x.x.x.x auth-port 1645 acct-port

    1646 key ww

    IP vrf forwarding 10

    See the document below for more details:

    http://www.Cisco.com/en/us/partner/docs/iOS/12_4/secure/configuration/guide/hvrfaaa.html

  • The AAA authentication failure

    I have a 2500 with configured radius server controller with safety as the WPA system. Few users authenticate not since yesterday (they were connected before) with the same user credentails in another laptop sound work. All a both few customers is not authenticate.

    Here are the logs of problem with the command show debugging client client mac address

    (Cisco Controller) > * Dot1x_NW_MsgTask_3: 18:30:37.487 Mar 20: 98:03:d8:7 d: d0:83 received EAPOL START of mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.487 Mar 20: 98:03:d8:7 d: d0:83 dot1x - moving d mobile 98:03:d8:7: d0:83 in the State of connection

    * Dot1x_NW_MsgTask_3: 18:30:37.487 Mar 20: 98:03:d8:7 d: d0:83 send request/identity EAP to d 98:03:d8:7 mobile: d0:83 (EAP Id 2)

    * Dot1x_NW_MsgTask_3: 18:30:37.493 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.493 Mar 20: 98:03:d8:7 d: d0:83 response received identity (count = 2) d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.493 Mar 20: 98:03:d8:7 d: d0:83 EAP State update of login authentication for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.493 Mar 20: 98:03:d8:7 d: d0:83 dot1x - moving d mobile 98:03:d8:7: d0:83 by authenticating the State

    * Dot1x_NW_MsgTask_3: 18:30:37.493 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.551 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.551 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 220) for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.551 Mar 20: 98:03:d8:7 d: d0:83 WARNING: Update 2 EAP-identifier ===> 220 for STA 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.551 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 220)

    * Dot1x_NW_MsgTask_3: 18:30:37.566 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.566 Mar 20: 98:03:d8:7 d: d0:83 response EAP received from mobile 98:03:d8:7 d: d0:83 (220 Id EAP, EAP Type 3)

    * Dot1x_NW_MsgTask_3: 18:30:37.566 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.627 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.627 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 221) for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.627 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 221)

    * Dot1x_NW_MsgTask_3: 18:30:37.643 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.643 Mar 20: 98:03:d8:7 d: d0:83 response EAP received from mobile 98:03:d8:7 d: d0:83 (221 Id EAP, EAP Type 25)

    * Dot1x_NW_MsgTask_3: 18:30:37.643 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.701 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.701 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 222) for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.701 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 222)

    * Dot1x_NW_MsgTask_3: 18:30:37.723 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.723 Mar 20: 98:03:d8:7 d: d0:83 response EAP received from mobile 98:03:d8:7 d: d0:83 (222 Id EAP, EAP Type 25)

    * Dot1x_NW_MsgTask_3: 18:30:37.723 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.782 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.782 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 223) for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.782 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 223)

    * Dot1x_NW_MsgTask_3: 18:30:37.809 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.809 Mar 20: 98:03:d8:7 d: d0:83 response EAP received from mobile 98:03:d8:7 d: d0:83 (223 Id EAP, EAP Type 25)

    * Dot1x_NW_MsgTask_3: 18:30:37.809 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.892 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.892 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 224) for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.892 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 224)

    * Dot1x_NW_MsgTask_3: 18:30:37.903 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.903 Mar 20: 98:03:d8:7 d: d0:83 response EAP received from mobile 98:03:d8:7 d: d0:83 (224 Id EAP, EAP Type 25)

    * Dot1x_NW_MsgTask_3: 18:30:37.903 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.959 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.959 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 225) for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.959 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 225)

    * Dot1x_NW_MsgTask_3: 18:30:37.976 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:37.976 Mar 20: 98:03:d8:7 d: d0:83 response EAP received from mobile 98:03:d8:7 d: d0:83 (225 Id EAP, EAP Type 25)

    * Dot1x_NW_MsgTask_3: 18:30:37.976 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:38.051 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:38.051 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 226) d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:38.051 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 226)

    * Dot1x_NW_MsgTask_3: 18:30:38.059 Mar 20: 98:03:d8:7 d: d0:83 EAPPKT EAPOL received from mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:38.059 Mar 20: 98:03:d8:7 d: d0:83 response EAP received from mobile 98:03:d8:7 d: d0:83 (226 Id EAP, EAP Type 25)

    * Dot1x_NW_MsgTask_3: 18:30:38.059 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth response for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:38.116 Mar 20: 98:03:d8:7 d: d0:83 treatment Access-Challenge for mobile 98:03:d8:7 d: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:38.116 Mar 20: 98:03:d8:7 d: d0:83 State entering Backend Auth Req (id = 227) for d 98:03:d8:7 mobile: d0:83

    * Dot1x_NW_MsgTask_3: 18:30:38.116 Mar 20: 98:03:d8:7 d: d0:83 send EAP request of AAA to d mobile 98:03:d8:7: d0:83 (EAP Id 227)

    Please help me solve this problem

    Make sure that policies of login GBA allowing a user for several sessions as well.

    Rating of useful answers is more useful to say "thank you".

  • I can not use the command share in safari, mail, notes, etc. since I updated to El Capitan (10.11.5). No way to solve it. Please help me.

    I can not use the command share in safari, mail, notes, etc. since I updated to El Capitan (10.11.5). No way to solve it. Please help me.

    There is a problem with your installation of OS X. The easiest way, but not the fastest way to fix it is to reinstall the operating system. Unless you are in a hurry or have measured access to the network, it is what I suggest, especially since I don't know if there are any problems with the installation. Please backup all data before reinstalling. You won't need the backup unless something is wrong.

    The below, advanced shortcut if it works, can save you some downtime (and the cost of a download of several gigabyte, if necessary.)

    1 back up all data.

    2. disconnect all external storage devices.

    3. start in recovery mode. Select a language, if you are prompted. The OS X Utilities appears. One of the options is to install OS X. This is not what you do.

    4. This step is only necessary if you use FileVault 2. If you don't know what's FileVault, you use it. Go to the next step. Otherwise, launch utility disk, then select the icon for the volume FileVault ("Macintosh HD", unless you have given it a different name.) It will be nested under another icon of the disc. Select open in the file menu and enter your login password when you are prompted. Then quit disk utility must be returned to the main screen.

    5. Select get online help. Safari will launch. While in recovery, you will have no access to your Favorites, but you won't need them. Load this web page.

    6. triple - click anywhere in the line below to select this option:

    chflags -R norestricted /V*/*/S*/*/Caches

    Copy the selected text in the Clipboard by pressing Control-C key combination.

    7. Quit Safari. You go back to the OS X Utilities screen.

    In the menu bar, select

    Utilities ▹ Terminal

    Launch the Terminal application. Paste in the Terminal window by pressing the command-V key combination.

    Wait for a new line ending with a number sign (#) to appear. Quit the Terminal must be returned to the main screen.

    8. Select

    ▹ Restart 

    in the menu bar.

    9. This step must be performed after the restart, and while you are logged as administrator, not in recovery mode. If you have only one user account, you are the administrator.

    Select and copy this line as in step 6:

    sudo /usr/libexec/xpchelper --rebuild-cache

    Paste in a Terminal as before. You will be asked for your login password. Nothing displayed when you type. Type carefully, and then press return. If you do not have a password, you will need to configure one before you can run the command. You can get a warning to be careful. Confirm. You don't need to display the warning.

    If you see a message that your user name "is not in the sudoers file", then you have not logged as an administrator. Log in as one and repeat this step. You don't have to repeat the previous steps.

    Wait for a new line ending with a dollar sign ($) below what you entered.

    10. make as in step 9 with this line:

    sudo /usr/libexec/*/app_sandbox_cache_builder --rebuild-cache

    You can then quit Terminal.

  • Satellite L - can I add new accounts via the command prompt?

    Is it possible that I can add new accounts to the machine via the command prompt on the screen of "recovery"?

    (When you start in recovery mode and select command prompt)

    I tried the normal commands "net user username / add ', but the accounts are not added to the machine.

    Y at - it another command which can be used?
    Thank you.

    Hello

    I don't know if it will work using the in my opinion Mr. recovery console, it is not possible.
    As far as I know that you can add the user and the password using the CMD, but this might work only when the Windows operating system has been loaded.

    In this case, you can use this command to add the user account: + net user username / add +.
    If you want to add a password for the user account, then you must use this way: + net user username password / Add +.

  • CMD. EXE: IS IT POSSIBLE TO USE TWO COMMANDS INSIDE OF THE COMMAND CMD 'FOR '?

    HAY EVERYONE.
    I WROTE A PROGRAM TO CMD. EXE.
    AND I WANT TO SET A VARIABLE TO THE NUMBER OF FILES PRESENT IN A DIRECTORY.
    THE PROBLEM IS THAT I DON'T KNOW HOW TO USE THE TWO COMMANDS INSIDE OF THE COMMAND.
    HERE IS THE EXAMPLE OF MY PROBLEM INSIDE THE BAT FILE:

    OFF @ECHO
    FOR /F %%D IN (' DIR/W/D / N / L ' "C:\WINDOWS\SYSTEM32\*." ") DLL | TROUVER/C/I/N 'B' ') SET FILES_NUMBER = % Y
    ECHO: % FILES_NUMBER %
    BREAK
    OUTPUT

    I EXPECT THAT THIS PROGRAM WAS TELLING ME HOW MANY DLL FILES THAT BEGIN WITH THE LETTER B, I HAVE IN MY SYSTEM32 DIRECTORY.
    HOWEVER, THIS PROGRAM HAVE A MISTAKE DURING ORDERING.

    | WAS NOT PLANNED AT THIS TIME.

    "WHEN I USE IT JUST COMMAND DIR/W/D O:N: C ' C:\WINDOWS\SYSTEM32\*. "DLL" | " FIND/C/I/N "B" WITHOUT THE FOR ORDER THIS ORDER WRITE A NUMBER ON THE SCREEN. THE NUMBER OF DLL FILES THAT BEGIN WITH THE LETTER B IN MY SYSTEM32 DIRECTORY.
    IF THESE TWO COMMANDS (DIR AND FIND) COMBINED ALL WORK OK.

    BUT I WANT TO REDIRECT THE OUTPUT OF THESE COMMANDS IN A VARIABLE. FOR THIS I USE THE COMMAND FOR.

    WHEN I USE JUST A COMMAND INSIDE THE ORDER, HE DIDN'T THERE WAS NO ERROR.
    BUT WHEN I USE PIPES, A MISTAKE SE PRODUCT.

    SO, MY QUESTION IS: HOW TO USE TWO COMMANDS INSIDE OF COMMAND? OR HOW TO USE A PIPE TO COMMAND INSIDE.

    YBY

    A slightly different method, but will set the Files_Number variable to what you want:

    Off @Echo
    C:
    cd\Windows\System32
    Dir B *. DLL | FindStr.Exe 'File (s)' > Temp.Txt
    FOR /F "Tokens = 1-4" %% IN (Temp.Txt) Set Files_Number = %% a
    Echo number of records Files_Number is %

    Note: You can add a Temp.Txt DEL if you want, but it is not necessary because the > causes the replaced every time that you run this. (If we had used > as our redirector, it adds to the Temp.Txt file, which we don't want.)

    In addition, when you use the / w with the DIR command that calls the large format so you get 1 account per line regardless of the number of files has the letter B in them. Also, your search for the letter B in each line through FIND counted the Bs if they're the first letter.

    My method deliberately DIRs for only these DLLs that begins with the letter B. FindStr allows us to give us only the row that contains the number of files. In the FOR-IN-DO we know that this line will have four elements of the text, so we settled our chips to 1-4. They will be placed in temporary variables a, b, c & d.

    Given that the actual number of files, that's what we want, we have Files_Number = %% a.  Had we wanted to know the total number of bytes of the file, WE Set Total_Bytes = % c.

    You can do both if you want to do like this:

    Off @Echo
    C:
    cd\Windows\System32
    Dir B *. DLL | FindStr.Exe 'File (s)' > Temp.Txt
    FOR /F "Tokens = 1-4" %% IN (Temp.Txt) Set Files_Number = %% a
    FOR /F "Tokens = 1-4" %% IN (Temp.Txt) define Total_Bytes = %% c
    Echo number of records Files_Number is %
    Echo Total number of bytes is Total_Bytes % %

  • The AAA authentication: not configured

    I have cisco 851 using ccp to configure EASY VPN

    I click on TEST VPN SERVER, and then click Start the State shows successful

    When I tried to connect a client I mm_no_state

    When I considered the report of the test I found

    The AAA authentication: not configured

    My AAA

    AAA new-model

    !

    !

    AAA authentication login tgcsusers local

    AAA authorization tgcsvpn LAN

    !

    AAA - the id of the joint session

    I have also attached my config

    Ideas or thoughts?

    You will need to get my client work...

    I logged by user name password you provided.

    Please check the pictures I downloaded to you.

    Good night, sleep tight.

    Thank you

    Rizwan James

Maybe you are looking for