Cisco AAA/Identity/Nac :: ACS 5.1 AD Connection Setup DNS Failing To Resolve Address

May 9, 2010

I am trying to configure the ACS with AD in the identity store but am running into the following issue.I enter the AD Domain Name and username and password and hit the 'Test Connection' button and receive a DNS error stating that it 'Cannot resolve network address'.I have logged into the CLI and test to the domain name from there and it works fine.

View 5 Replies


ADVERTISEMENT

Linksys Wireless Router :: WRT310N V2 Failing To Resolve Domains Correctly

Oct 29, 2012

So i see tons of threads here and on google talking about dns issues with their linksys router but I never see a solution other than to locally change the dns servers on the client machine to prevent it from using the linksys router dns.  My router is the WRT310Nv2 running the latest firmware but I see others are affected as well.   url...My issue is this router continues to fail dns resolutions and I have to either reset it or tell my client machine not to use my router as a point of dns resolution. 
 
1. Why is my router failing to resolve domains correctly?

2.  Is there anyway to fix this from the router?

View 7 Replies View Related

My Wireless Connection Is Failing When Acquiring Network Address

Mar 6, 2012

I have fitted a thomson router to my desktop coputer using an ethernet cable and all is working fine. My Sony Vaio laptop recognises the wireless connection but fails to connect at the acquiring network address. I have been into the properties section of the network connection page and am only allowed 8 characters for the network key. But the Network key on the bottom of the modem is longer than 8 digits.

View 1 Replies View Related

Host Names Do Not Resolve With Right IP Address

Nov 30, 2011

where the host names do not properly resolve with the right ip address.Example, I ping a host name, it gives me an IP, but when I VNC into the workstation, it is a totally different host.

View 2 Replies View Related

Cisco VPN :: 5510 Unable To Resolve Server Address

Mar 27, 2011

I am using the Cisco VPN Client 5.0.06.0160 - and am having an issue connecting to my ASA 5510 via VPN.  This issue is happening on 1 of our laptops.  All other laptops connect just fine.  So the problem is not in the ASA.  I have double checked the client setup and config and it too is correct.  The interesting thing is, we are connecting to an IP Address and not a host name.

View 1 Replies View Related

Error 105 - Unable To Resolve Server DNS Address?

Jan 15, 2012

I have been trying to connect to the Internet via a wireless connection but keep receiving the above error. None of the Windows solutions resolve the problem. On Google Chrome I see a screen saying 'This web page is not available', and receive 'Error 105: Unable to resolve the server's DNS address'. I cannot access Internet Explorer either.The strange this is that this problem only seems to occur with some wireless networks, as I can connect fine at home. In certain places, however, I am told that I am connected but that accss is 'Local Only', and I cannot open any browsers. I need the problem resolved as soon as possible as I cannot access the internet where I need it most.

View -1 Replies View Related

Error 105 - Unable To Resolve The Server's DNS Address

Feb 8, 2013

Error 105 (net::ERR_NAME_NOT_RESOLVED): Unable to resolve the server's DNS address.

View 1 Replies View Related

D-Link DIR-655 :: Doesn't Resolve Own Fixed IP Address

Aug 13, 2012

I have a fixed external ip address.I have port forwarding setup for accessing a NAS inside my LAN, lets say port 12345.Now when I use my laptop outside my own LAN, e.g. 99.99.99.99:12345 resolves nicely to my NAS. But when I use the same 99.99.99.99:12345 inside my LAN, it does not resolve. Instead, it gives me a 'server takes too long to answer' error

I have also setup a virtual host to an ip cam inside my network. That one resolves just fine. I tried enabling remote management on the DIR-655 and also that works fine using 99.99.99.99:8888.When I replace the external ip address with the internal ip address of my NAS, thus bypassing port forwarding, it obviously also works ok.

Why the forwarded ports are not accessible when I use my own external fixed IP address? Does the DIR-655 treat it different than other external IP addresses?

View 4 Replies View Related

Cisco WAN :: 2800 Setup Router To Resolve Both Internal / External DNS Requests

Jun 3, 2012

I have a 2800 with one Gigabit interface connection to our Lan and the other interface connected to the internet with a public IP address. Now I'd like to setup the router to resolve both internal and external DNS requests. Thus requests like www.google.co.za and LocalLanPcName should be resolved to their public and private IP's respectively. [code] When I ping any name the only DNS server that is ever queried is 192.168.1.200 (it does resolve internal name correctly though).

None of the other servers are attempted to resolve the name. It does not matter if I specify a FQDN or not.
 
How do I setup the router so that my internal resolution is handled by 192.168.1.200 and .201, while external resolution is handled by 41.160.36 and .37. Or alternatively, how do I configure it to at least try all 4 specified name-servers for resolution, and not fail after trying the first one unsuccessfully.

View 9 Replies View Related

Netgear WGR614 V9 Router - Unable To Resolve Server DNS Address / Error 105?

Dec 27, 2011

I'm connected through the router, a few times a day I cannot open web pages, getting error: Error 105 (net::ERR_NAME_NOT_RESOLVED): Unable to resolve the server's DNS address.Skype continues to work. Here are the results of pinging:

Quote:

Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:UsersSri Guru>ipconfig /all[code]....

One technician said that this is the providers problem, but I don't think so. When I restart the modem everything works.I have a Netgear WGR614 v9 router.I use ESET 5 security. Btw, connection drops on all computers connected through the router, so it's not my firewall.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 1113 SE Upgrade From 4.0.1.44 To 4.1.1.24 Failing

May 2, 2011

we have a Cisco ACS 1113 SE running v4.0.1.44 and are trying to upgrade it to v.4.2.0.124 following the instructions to upgrade it to v4.1.1.24 first.
 
We are using the following CD "ACS SE Overall Upgrade CD ACS 3.3.4 and 4,1,1,24 Upgrades"
 
We can download the 4.1.1.24 image to the ACS appliance via distribution server but the upgrade fails- we obtained the following console output when attempted upgrade was tried;
 
Upgrade package was not verified
Applying this upgrade package may corrupt the appliance
Continue at your own risk!

[Code].....

View 5 Replies View Related

Cisco AAA/Identity/Nac :: ISE2 - NAC Agent Failing To Popup

Jun 24, 2012

I have two ISE appliances installed in a distributed deployment (primary "ISE1" and secondary "ISE2"), each node has the three personas installed on it. The servers are registered together and the replication is working properly between the nodes.When we are working on the first node everything is fine, if I try to disconnect ISE1 and do my tests on ISE2, the cisco NAC agent doesn't popup, unless I uninstall it and reinstall it again from the ISE2. Then it will work properly.

View 31 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Replication Failing Shows Pending

Oct 6, 2010

ACS 5.2 , in my Primary ACS under System Administration > Operations > Distributed System Management I see my Secondary but it shows "PENDING" under Replication Status.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.1 Failing To Authenticate Tacacs Authentication To ASA Firewall?

Jan 5, 2012

ACS 5.1 is failing to authenticate tacacs authentication to the ASA firewall, getting

View 6 Replies View Related

Network Setup Failing (Speedtouch / AirLink 89300)

Jan 13, 2012

I am trying to set up a network with my modem (Speedtouch 546T2) and router (Jensen AirLink 89300), but it won't work. No network connection on the laptop (Toshiba) nor the MacBook.Ipconfig /all (when "connected" wireless) on the laptop:In Norwegian, just ask for translation if needed. Don't think it'll be necessary however.

Quote:
Microsoft Windows [Versjon 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. Med enerett.
C:Windowssystem32>ipconfig /all
Windows IP-konfigurasjon

[code]....

I have updated the router's firmware. Reset both the modem and router as well.

View 5 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 RADIUS Authentication Failing / Active Directory Agent

Mar 3, 2012

I'm somewhat new to ACS and am trying to complete a migration from 4 to 5.3.Currently, I've got ACS joined to my (2003) domain, and it shows status connected (although the test connect fails). I have aaa working without issue for TACACS, but all RADIUS authentication is currently failing. Logs show the message below:  "24401 could not establish connection with acs active directory agent"I'm not seeing anything telling in the logs on the domain controllers.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ISE 3395 Upgrade Failing With % Manifest File Not Found In The Bundle

Nov 16, 2011

I am trying to upgrade a brand new ISE 3395 from 1.0.3.337 to 1.0.4 (latest).  It keeps failing with % Manifest file not found in the bundle Here is the output:

company-ise-01/admin# application upgrade ise-appbundle-1.0.4.573.i386.tar.gpg ftp
Save the current ADE-OS running configuration? (yes/no) [yes] ?
Generating configuration...
Saved the ADE-OS running configuration to startup successfully
Initiating Application Upgrade...
% Manifest file not found in the bundle 

[code]...
 
I can't find anything about this for ISE, although there are a lot of topics for the same error for ACS.

View 7 Replies View Related

SFTP Connection Failing?

Dec 4, 2012

I set up a connection from a laptop (Windows 7) that goes through a LAN proxy server to a secure ftp server (Windows Server 2003).The sftp server is assigned a public ip address.I opened the firewall at the destination and allowed port 22 traffic to the sftp server. Well, the connection is failing.I know for a fact the connection from the client laptop is making it to the sftp server.If I issue this command on the client laptop:

telnet sftpserver 22

The DOS screen clears and tells me the type of SSH server I'm connecting to. While this connection is still active, I logged into the destination sftp server and did a netstat command. I can see the address of the proxy server in the "Foreign Address" column of the netstat results. I also can see the proxy server address when I look at the Application Log on the sftp server, so I know the connection is making it to the sftp server.

I beleive the problem is the control port (return traffic) from the server back to the client. Something is being blocked or is misconfigured. I always thought the router negotiated the control port, and that the control port didn't need to be put into any firewalls.

View 1 Replies View Related

Cisco :: Identify The Point At Which A Connection Is Failing?

Jul 31, 2012

I've got an application running on a Windows 2008 server that I have verified as live on port 8085 at localhost. I've also verified on the server itself that port 8085(and in fact, all ports) are open right now. Despite this, I have no connection to this port on the server. Let me back up a bit an explain the architecture I'm working with.windows_server >> Switch >> Firewall >> Firewall >> InternetEverything but my server is managed by my hosting company who is insistent that this is a server issue. Is there a way to find out at what point my connection to port 8085 is failing? I feel like it's stopping at one of the Firewalls but need proof of this theory to get something done about it

View 3 Replies View Related

Wired Network Connection Keeps Failing

Nov 6, 2012

To start off with, I own the network, and every system connected to it. I run and admin it, so the chances that anyone else has changed anything is essentially zero.This computer has a wired network connection (The issue) and a wireless one. They are connected to two separate networks. A few days ago the wired card stopped getting an IP address from my router, always ended up with a 169 address. Eventually I just disabled it, and installed a PCI network card.

Now what happens is that all works fine for a while, then stops. Suddenly I am "Not connected to network" despite the fact my ip address hasn't changed. I run the network troubleshooter, it tells me the "Gateway is unreachable" Resets the network card, and all is good. Then after a while the network fails again. I did already scan with malwarebytes, and everything is fine as fat as its concerned.

View 4 Replies View Related

Cisco AAA/Identity/Nac :: ACL 122 - Setup Identity Firewall On ASA Version 5.6 On DMZ Interface

Aug 27, 2012

I have setup an Identity Firewall on a ASA version 5.6 on a DMZ interface.I have installed the ADAgent on a domain member Win2008 and configured as follows: [code]
 
where ashdew is a domain user and ACL 122(only one line) is applied on the dmz interface and NAT is properly configured.The ADagent has been properly tested and ASA can register to it.The ASA can connect to AD DC controller and query user database.I have placed a laptop ip 172.17.h.x on the DMZ and can ping the DMZ interface.
 
The laptop cannot authenticate on the domain and the asa does not seem to retrieve the user identity.Do I need to add extra rules in the access-list 122 to permit trafic to DC?Can I check on the AD Agent if it can retrieve the user to ip mapping ?

View 6 Replies View Related

Routers / Switches :: Failing Internet Connection / DNS?

Jul 24, 2011

The connection of the computer before is activating.. after how many days of using,it losses the internet connection.. what is the possible reason for this?

View 1 Replies View Related

Cisco Firewall :: Connection Failing Intermittently - ASA 5520 Version 8.3 (1)

Oct 19, 2011

I have a server in a DMZ behind the ASA, connections to this server work sometimes and then fail others, so I dont think i'm looking at an ACL or NAT problem here.The syslogs report a SYN Timeout,I have taken a trace on the ASA, it seems that a SYN-ACK does come from the destination server within the 30sec timeout, but its not passed through the ASA back to the source ?  there is one odd thing, what seems to be an out of sequence ACK from the destination which arrives before the SYN-ACK at the ASA, i'm wondering if this might be the problem ? This only occurs on the connections which fail, the connections that work, the destination responds quickly to the initial SYN, and the 3way handshake completes.
 
Syslogs :
 
Oct 18 19:17:32 nzlsudfedsi001-pri Oct 18 2011 19:17:32 NZLSUDFEDSI001 : %ASA-6-302013: Built outbound TCP connection 42327212 for IIP-ARCHIVE-PROD:172.24.32.31/21 (172.24.32.31/21) to BPO-TRANSIT:x.x.x.x/59392 (x.x.x.x/59392)
 Oct 18 19:18:02 nzlsudfedsi001-pri Oct 18 2011 19:18:02 NZLSUDFEDSI001 : %ASA-6-302014: Teardown TCP connection 42327212 for IIP-ARCHIVE-PROD:172.24.32.31/21 to BPO-TRANSIT:x.x.x.x/59392 duration 0:00:30 bytes 0 SYN Timeout

[code].....

View 2 Replies View Related

Cisco Infrastructure :: 1941 / Analog Line Connection Failing?

Jul 10, 2012

I have a 1941 Cisco router with WIC-!AM-V2 card that is uning pots( regural phone )  line for data traffic.the problem I am having is the line is establishing connection but it intermittently dropos.The router is configured to dial to Centraal office and I have more that 100 other locations with the same setup that are working fine.  The only differene on htis one is it is going thru a PBX line.

View 1 Replies View Related

Windows 7 64bit OS - Wireless Connection Keeps Failing Repeatedly?

Mar 18, 2011

I am having problems with my wireless internet. I am using windows 7 64-bit OS and am connected to a WRG614v6 Netgear router. I will be on the internet and will have superb connection then my connection will drop, when i view the network it says that i have lost IPv4 connectivity. Pulling the power to my router then powering it on again fixes the problem for a hour or two but then connection is lost again.Here is the readout when connection is stable

Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:UsersKyle>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Kyles-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid[code].....

View 19 Replies View Related

Cisco AAA/Identity/Nac :: How To Setup VPN On ACS 5.2

Jun 28, 2011

I am working on getting ACS to authenticate VPN users. I have a wireless/TACACS policy in place and working.setup of the Authorization profile as well as the policy?

View 6 Replies View Related

Cisco AAA/Identity/Nac :: How To Setup ACS 5.4 And Juniper J-Web

May 29, 2013

I have set up an ACS 5.4 box and have some test devices connected to it.Cisco and Juniper, both working fine using TACACS I can connect to both using SSH or Telnet but my problem is the J-Web Juniper GUI I can access the J-web no problem with the root account. i can not seem to get it to work, no matter what I try. Here is my shell from the ACS box And the following Juniper configuration.  I have tried binding the local-user-name attribute to both the remote and remoteadmin with no luck.
 
version 9.6R1.13;
system {
host-name Juniper-Firewall;
authentication-order [ tacplus password ];
root-authentication {
encrypted-password "$1$1tRuy9o2$LwSPxNwe4XGNMOMIMo1pd1"; ## SECRET-DATA

[code].....

View 17 Replies View Related

Cisco AAA/Identity/Nac :: Setup A Command Set In ACS 5.3?

Nov 26, 2012

I'm trying to set up a command set in Cisco ACS 5.3, I can't get i to work no mather who I try What I'm trying to accomplish is that some users, say Bob can run every priv. level 1 command + show run, or just to specify which commands Bob will be able to run, whatever is easiest to set up.
 
In my switch I have the commands:

aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands
aaa authorization commands 1 default group tacacs+ 
aaa authorization commands 15 default group tacacs+ <--- tried diffrent apporaches whith priv level..
(and specied a tacacs server)
  
is the "default" under "aaa authorization commands 1x default group tacacs+" the name of the command set?
 
In the ACS I have specied a Authorization group and binded it to the command set, should the user have priv 15 for this to work or priv 1?(I have also specied a user and an identity group and specied ip ranges under "Network Devices and AAA Clients")

View 2 Replies View Related

Cisco :: How To Setup NAT-address In LMS 4.1

Nov 10, 2011

Using LMS 4.1 with an address that are natted I see that SWIM-jobs to fetch IOS-images are using the server's "un-natted" address.Can't find how to setup the nat-address in LMS so the devices uses that one instead when communicating with the server with scp for instance..
 
I believe this was possible in LMS 3.x, but how is it configured in LMS 4.1?

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.0.2 Radius Authentication Setup

Jan 9, 2012

I am having ACS 4.0.2 in my network, which I want to use for 802.1x Radius Authentication for Clients on PEAP-MSCHAPv2 methodology.As per the documentation " EAP Authentication with RADIUS Server",  Doc ID: 44844.I have configured Network Configuration and populated AAA client IP range and Secret Key.
 
Question1: Under Authenticate Using option, there are various RADIUS flavors available for selection. For a Non Cisco AAA client, should I select RADIUS IETF?

Question 2: In the above snap shot, It has an option called Global Authentication Setup, where we can setup EAP configuration. Under PEAP subsection there is an option to "Allow EAP-MSCHAPv2" check box.After checking that, is a restart required to the ACS Server? Would it cause any disruptions to the existing services on the ACS?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: How To Setup Sync Between Two New ACS Server V5.3

Dec 4, 2011

I setup one acs v5.3 in one server in NYC and another acs v5.3 in SJC.I want to make the acs.nyc as primary and acs.sjc as the secondary, how do i setup it up?

View 1 Replies View Related

Cisco Firewall :: ASA 5512 - Best Way To Setup Identity NAT

May 2, 2013

I'm porting our configuration from a Pix 515 firewall to an ASA 5512x.  What's vexing me right now is with the deprecation of the "static" command, I can't quite figure out the best way to Identity NAT my inside sub nets (multiple) to the DMZ sub net
 
So on the pix I have my identiy NATs as an example: 
static (inside,dmz) <IntSubA> <IntSubA> netmask 255.255.255.0
static (inside,dmz) <IntSubB> <IntSubB> netmask 255.255.255.0
static (inside,dmz) <IntSubC> <IntSubC> netmask 255.255.255.0
 
Cisco's migration guide seems to do them one object at a time, which I guess is straightforward enough to do: 
object network SubA
subnet <IntSubA> 255.255.255.0
[code]...
 
I'm thinking that there must be an easier way (aka less lines) to implement this for all the sub nets I want to Identity NAT to the DMZ. 
1)  Can I do this creating objects using a sub net with a net mask of 255.255.0.0 - one object to cover multiple internal sub nets?
2)  Can I do this using object groups and trim this down to:  (assuming I have to commands right)
 
Object-group network Inside_Subs
     network-object <IntSubA> 255.255.255.0
     network-object <intSubB> 255.255.255.0
     network-object <intsubC> 255.255.255.0
 
nat (inside,dmz) source static Inside_Subs Inside_Subs no-proxy-ARP route-enabled. What would be the best way to translate my Identity NATs?

View 10 Replies View Related

Cisco Firewall :: 5505 DNS Does Not Resolve Inside DMZ

May 14, 2012

I have a 5505 that currently has inside/outside interfaces and everything is working just fine. I am trying to create a DMZ that will essentially be just for vendors/guests. the DMZ will have full access to the outside (Internet) but no access to the inside. I am using the FW for DHCP, and 8.8.8.8 and 4.2.2.2 for DNS. I currently have 1 laptop in the DMZ vlan, and it is getting a correct IP, and it is showing 8.8.8.8 and 4.2.2.2 in ipconfig. I can ping/tracert 8.8.8.8/ 4.2. 2.2/74.125.137.147(what url... resolved to on a laptop connected to the inside vlan), but I cannot ping nor browse to url.... [code]

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved