Cisco Security :: NAC 4.8 Agent Stays Open After Moving To Trusted VLAN

Feb 6, 2011

We have some Windows 7 clients that are running the 4.8 agent. NAC will process the user and move them to the trusted vlan. However, the agent stays open and appears to keep running/processing something. THe user can minimize the agent and work normally, and a reboot appears to fix the issue.

View 5 Replies


ADVERTISEMENT

Cisco Security :: ACE20-MOD Does Not Recognize 2048 Bit Certificate As Trusted

Dec 16, 2011

I have bought and installed a 2048bit certificate from Thawte on a ACE20-MOD-K9 module. The appliance can't use it and gives the following error: "This certificate cannot be verified up to a trusted certfication authority."I have contacted Thawte about this and they suggest to install an intermediate certificate from Thawte on the module, but I can't find such a certicicate for Cisco on their site. Also I'm not sure how to go about implementing such an intermediate certificate on the ACE.

View 1 Replies View Related

Cisco Security :: Use NAC 4.8 Web Agent Login With Ipad?

Jun 13, 2011

I'm using NAC 4.8, and I'd like to login using NAC Web Agent on Ipad. When I'm trying to do that, I'm receiving a message on Ipad that I need to install Java Plug-In, but there is no JavaPlug-in available for Ipad. Any additional configuration that I have to do on NAC Manager to be able to access the network using NAC Web Login on Ipad ?

View 3 Replies View Related

Cisco Security :: 4.7.2 / Nac Agent Requirement Type Audit?

Feb 7, 2011

i can configure a requirement type as audit (opposed to mandatory or optional), so the client will still access the network, the user will not be notified, and the information will be sent to the cas.It is possibile to generate an email or similar automated process to notify administrators on these audits?
 
(version in use 4.7.2)

View 2 Replies View Related

Cisco Security :: Clean Access Agent 4.0.5 Certificate

Feb 9, 2011

We have NAC 4.0.5 and windows active directory domain the clients log on to the client to access the network with their domain credentials and they used to get the "Certificate is issued from an untrusted." until I installed the url.. certificate to the local certificate store.
 
I seem to have done something on the NAC manager that messed up something, cause now the client considers the certificate issued from a trusted source, BUT a warning stating that the name on the certificate does not match the name.

View 1 Replies View Related

Cisco Security :: Configuration - Moving From PIX To ASA 5505 V8.2?

Feb 15, 2012

I used my Pix config to setup the ASA 5505.Everything seems to be right. I used ASDM to view settings and it seems right. I am missing something minor, but I am going blind looking at it.
 
I can remote into the network from outside, but internatlly I cannot get out of network.  No internet or email is passing through.
 
: Saved
:
ASA Version 8.2(5)
!
hostname textasa
domain-name testcorp.com
enable password 579oWRzSY5syo9yt encrypted
passwd 579oWRzSY5syo9yt encrypted

[code]....

View 5 Replies View Related

Cisco Security :: 7200 - No IP Bootp Server On A DHCP Relay Agent?

Mar 18, 2003

I have a Cisco 7200 acting as the DHCP relay agent on my network. From a security standpoint, I want to disable the bootp server, with 'no ip bootp server'. What bearing, if any, does 'no ip bootp server' have on DHCP activity?

View 8 Replies View Related

Cisco Switches :: Can't Open Port To VLAN Menu In SG200 -08

Jan 29, 2012

I get a empty blue window when I try to open "port to VLAN"
 
We have upgraded the software but it doesn't work.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: C3750 What Would Cause NAC To Untrusted And Trusted IP Address

Oct 4, 2011

We have c3750s running NAC 4.8.  Occassionally, a workstation will flap between the untrusted and trusted vlans.  We updated the NIC drivers on the workstation, we verified SNMP was functioning correctly on the switch, and we allowed the phones to act as the pass-through between the workstation and the switch.  What could cause the workstation IP Address to not redirect to a TRUSTED VLAN from the NAC_UNTRUST VLAN?  All updates have been downloaded to the workstation.

View 1 Replies View Related

Broadband :: Ie8 Can't Open Ssl128 Bit Security

Mar 1, 2011

My IE 8 willnot open pages secured with ssl128 encryption. i can not open my account at[URL].. A box appears with "OK" message at the centre and "!" sign at the left side. it carries the following web address-[URL]

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS4.2 Windows Authentication To Other Trusted Domain?

Jun 6, 2011

I'm installing ACS4.2 in our lab domain and want to leverage the corporate domain for authentication.  The one way trust is in place, but there is a facet that I'm not clear on in regards to the installation requirement.
 
I'd like to install ACS on a lab domain member server, but I'm not sure that will work.  The installation docs seem to imply that a member server must be in the same domain as the authentication server, but its not very clear. if I want to use the one way trust to the Corporate Domain, am I required to install ACS on the domain controller of the Lab Domain?

View 3 Replies View Related

Cisco Firewall :: ASA5505 - With Two Trusted Interfaces / Traffic Not Going Out Of Inside2?

Nov 14, 2011

I'm going nuts with this ASA5505. This is a secondary firewall used only in emergencies when the primary Checkpoint failes.
 
The basics, it has two trusted interfaces, E0/1 and E0/2-6. E0/1, inside2 has 192.168.01/29 and inside is 192.168.200.1/24.  I'd like any traffic to be allowed from inside and inside2 to outside and any traffic from the inside interfaces should be routed. No restrictions should apply between the two interfaces.
 
inside works just fine but no traffic is going out of inside2, not to outside or to inside.

View 8 Replies View Related

Static IP Alternative - Access Other Network As Trusted User

Sep 14, 2012

I am in need of a Static IP alternative (My ISP chooses not to offer the service). I do not need the Static IP to access my own devices. I need to access other networks as a "trusted" user.

View 10 Replies View Related

Cisco Security :: 7606 - Unknown Open TCP Ports On Router

Oct 19, 2011

Any know how to close these open ports on my Cisco 7606 router? Any know what these TCP ports are used for?
:
49   - Not sure what this one is other than what IANA reports about TCP port 49
4510
4509
2222
:
I'm sure I could add an ACL to block communications to my router based on this ports but would rather figure out how to close 'em so this already overloaded router doesn't have additional processing.

View 3 Replies View Related

Security / Firewalls :: How To Open Restricted Sites On Network

Jan 27, 2012

How to bypass a MaAfee firewall implemented on network to open restricted sites.

View 3 Replies View Related

Security / Firewalls :: Cannot Open Or Save Email Attachments

Apr 14, 2011

I have an old Win XP (SP3) desktop that just recently has a problems with attachments to emails. It simply won't allow me to open or save them.

I have tried both hotmail and btinternet.com (yahoo) emails. When I click on an attachment and choose either 'open' or 'save' the small grey box appears that usually shows the file action and download time info. However no info appears in the grey box and it just sits there (for hours). I have tried the same email attachment on another PC and it works fine so the problem is specific to this PC.

The file size is not a factor, as it fails to open attachments of only 100kb, nor is the file type (pdf). I can download large pdf files from a website with no trouble. the problem is just email attachments.

I tried switching off the Windows firewall, but this made no difference. The a/v is AVG9.0.

View 1 Replies View Related

Cisco Security :: Does Catalyst 3750 Supports NAC Fail Open Feature?

Feb 29, 2012

Does Catalyst Cisco 3750 supports NAC Fail Open Feature? Symantec Network Access control has been deployed in our network to protect the end user systems and access control.we initiate to enhance failover/fail open solutions on the switches to minimize the minimum downtime for disaster recovery in case of major disasters in the Data centres.Kindly request to let us know if NAC fail Open works on Cisco Catalyst 3750 Switches or not?

View 0 Replies View Related

Security / Firewalls :: Port 30005 Open In Firewalled Router?

Jan 16, 2012

I have D-Link's DSL-2730U modem/router. I've enabled the router's firewall and disabled TR-069 (putting in some dummy ACS URL and login credentials as well). However port scans show 30005 as open. I believe this is used by the TR-069 client. How do I definitively filter this port?

View 9 Replies View Related

D-Link DIR-655 :: Security Scan Fails With TFTP Server Open / How To Close

Mar 18, 2013

Recently had an external security scan done on my DIR 655 and scan results are stating I have an accessible TFTP Server running. i've been through all the settings, and even upgraded to the latest firmware. Yet security scans are telling me I've got a TFTP Server running. Why would one be showing on the external interface, and how can I stop it?

View 7 Replies View Related

Cisco :: Controller T1 0/0/1 Stays Down Even If PRI Comes Up?

Dec 8, 2011

In one of my 2911's I have a VWIC3-4MFT-T1/E1 that terminates two pri circuit.s0/0/0:23 and s0/0/1:23 are in a trunk group. I've noticed that if the PRI flaps/bounces and comes back up, controller 0/0/1 and serial 0/0/1 stay down.Controller 0/0/0 and serial 0/0/0 always come back up. I have to restart the gateway everytime for 0/0/1 to come up. Thoughts? Interface config is below.

View 8 Replies View Related

Cisco :: 3502i - Unit Stays Powered Over PoE?

Nov 1, 2011

3502i's LED light turn white?  Ifso, what does it mean?  The info on the LED lights does not mention white.  The serial port and the data port are non responsive, but the unit stays powered over PoE.

View 22 Replies View Related

Cisco Firewall :: ASA5510 - Same Security Level VLan Routing?

Jun 25, 2011

I'm facing a problem with two vlans. Each vlan has internet access by NAT.
 
In each vlan there is at least one server, who should be accessible from the other vlan and vice versa.
 
The function "same-security-traffic permit inter-interface" doesn't work, because NAT control is in place - so an expert.
 
Some experts told me it's not possible to route back out the same interface, and also not route back out the seperate subinterfaces as well.

View 12 Replies View Related

Cisco Security :: Subinterface Stops When Use VLan 1 Default ASA 5520

Mar 17, 2011

I´m trying to configure a subinterface named Inside with vlan 1 but the interface stops work with this vlan.My switch is a Cisco and use the lan with vlan 1 too.If I change de vlan for other i.e vlan13 works fine. And all others vlans works fine too.Is there a problem to use the vlan 1?
 
My configuration is:
 
Cisco ASA:
interface gig0/3
no ip address
no security
no nameif
 
Interface gig0/3.1
vlan 1
nameif Inside
Securirity-level 100
ip address 10.x.y.x 255.255.224.0

The  giga port of the swtich is configure to trunk model.

View 2 Replies View Related

Cisco Security :: SNMP OID For VLAN And Port 2960 Series

Jan 19, 2011

Cisco Catalyst 2960 series,i want do a SNMP request over OID. When the output should be like this: Portnumber and VlanID. Is there a OID for this output?

View 1 Replies View Related

Cisco Security :: Catalyst 3750 Support Private Vlan?

Feb 12, 2004

i want to know if the new Catalyst 3750 Support Private Vlan ?
 
or any other small Switches

View 3 Replies View Related

D-Link DIR-655 :: Web Surfing Shuts Down / Everything Else Stays OK

Aug 27, 2011

I am ignorant with networking.  The most I know is /ipconfig.I am stationed in Japan and have a fiber modem going into my DIR-655.  For about two years everything has been fine...no problems ever.About a month ago, I started getting timeouts and page not found errors when surfing the web, but my online games (EVE, WoW, etc) and our Xbox360/PS3 work fine.  The only thing I could think was to unplug and plug back the DIR-655.  Sometimes that works for a day or a week, but ultimately it always comes back. Is there a setting on the router I can change to avoid this, or a software command I can issue from the computer to clear something?

View 5 Replies View Related

Cisco Routers :: SA520 Diag Light Stays On

Jul 17, 2012

So I went to update the firmware on my SA520 last night and aparently something failed, the device restarted and now it doesn't respond to anything.  The Diag light stays light and the factory reset button does nothing no matter how long I hold it in.  Is there another way to reset the device?

View 2 Replies View Related

Cisco WAN :: 6509 OSPF Stays In Route Table

Apr 5, 2012

I have an MPLS router that connects to the core network.This router distributes (per route maps) routes from OSPF into BGP and from BGP into OSPF.The OSPF Process conencts a 6509 to the 7206 MPLS router. There are some routes in the OSPF process that I have filtered out of the 6509. They do not show up inthe 6509 at all and this is the only way they can be getting into the 7206.Checking the 6509 database, this route is gone, but it stays in the 7206 until I clear the route manually. The result is the route still gets distributed into MPLS. [code]

One thing to note, there are two possible OSPF paths the route gets into OSPF, one of them, the route is filtered with distribute-list on the 6509, which means it is still in the database, so it is still in the 7206 database, and still get distributed into BGP on the 7206, correct?

View 3 Replies View Related

Cabling / Cards :: WOL Enabled - Computer Never Stays Off

Jan 24, 2012

I might fancy having my desktop stay in a sleep state, waking whenever I need to access it for a file or something, so I tried to use WOL. The nic and bios support it, however when I enable it...

The machine only stays off off for 5-10 seconds at a time. I think this is because instead of waking from only a magic packet, it is waking from ANY packet.

View 1 Replies View Related

Wireless Network Stays As Identifying And Not Connecting

Jan 19, 2012

Where I tried to conect to my home wifi or the school's wifi and it just says "identifying" on the network connections and on the list of wifi networks around in the notification area it says "No internet acces" and can't connect to the internet. I stoped trying to look for a solution but I don't have internet at home

[code]....

View 5 Replies View Related

LAN Disconnects Randomly Router Stays Connected?

Jan 18, 2012

Issue: Working on the internet, my computer (LAN) disconnects, Laptop (WAN) disconnects, but the router does not disconnect. The light that shows connection to net flashes like crazy (showing ADHD *** activity), the network lights just stay stable (showing no activity).After 5-10 minutes the problem sometimes fixes itself, or, more likely, I unplug the router, wait 2 minutes, plug it back in. Sometimes it works right away, sometimes it takes a second unplug.My computer is wired to the router which connects to a modem. The modem is not mine, its installed by my ISP.

Failed attempts to fix:Replace router. Bought brand new Netgear (will put numbers in here later) to replace the Dir-825.Same issues.In fear of malware, spyware, etc (I run a tight ship on my computer, I love it dearly and I'm mildly paranoid), I formatted the SSD, reinstalled Windows 7 64bit. Same issues.My ISP has to authorize every connection, so I've used the router to use my Mac Address and I can connect with the cable directly in the back of the computer, or to the router

View 12 Replies View Related

Cisco Firewall :: ASA 5550 Hangs On Booting System And Stays There

Jun 16, 2011

I've a Cisco 5550 which hangs on powering up and stays at " Booting System, please wait..." forever and it has a flashing green Status LED.
 
The steps I've taken so far are:
 
1. Consoled with a different computer and tried to send the break signals (didn't work)
2. Open up the unit tried to remove the RAM's and reseated them again.
3. Taken out the CMOS battery on the board and replaced it with the new one (no luck still)
 
What is the next step, or shall I assume that the unit is dead.

View 1 Replies View Related

Cisco Switching/Routing :: 3560 Port Security And Voice Vlan On Newer IOS

May 20, 2010

For many years we've had the following vlan and port security config on our 3560s: [code] This has worked great on 12.2(37)SE1, 12.2(40)SE and 12.2(46)SE. However since 12.2(50)SE, and I've tried all the versions since then, we have a problem with 7900 phones and ATA186s taking upwards of 20 minutes before they can get a valid IP number.The problem on the newer IOSes seems to be related to the inactivity aging.On the older IOS versions the mac address of the voice device appears on the voice vlan straight away.
 
On the newer IOS versions the mac address of the voice device appears on the DATA vlan and seems to be stuck there until the inactivity aging removes it. It then gets re-learned, sometimes on the voice vlan, and sometimes on the data vlan. If you're unlucky and it gets re-learned on the data vlan you've got to wait until the inactivity time ages the address out again. Repeat until the mac address eventually gets learned on the voice vlan. I don't want to be stuck on 12.2(46)SE forever.

View 11 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved