We have a problem with a manager who has upgrades his Mac to the latest Lion OS (64 bit), before uograding he could connect without any problem with his mac to our network and work on the terminal server. Since the upgrade he's not able to get it working in 64 bit (normal) mode.
This our setup
Cisco PIX 515
RSA Cisco Pix security Apliance.
802.1x authentication on their Cisco Wifi network using Macbook Pro/Airs running Lion.
We have.. 2x Controllers with WiSMs running 7.0.116.0 A mixture of 1131 and 1142 APs.. ( APs mainly in HREAP mode with some APs located on the same local network as the Controller in Local Mode ) Macbook Airs/ Pro running Lion
[URL]
In summary, we are finding that when our MacBooks are coming out of sleep/standby or roaming between APs, the devices get stuck during the 802.1x authentication process and will either get the self assigned 169 address or continuously try to authenticate.
This can occasionally be solved by turning the wifi interface off and on or manually stopping and starting the 802.1x process on the Mac
From reading various online forums, we have tried the following to resolve this..
- Disabled WPA across our wifi network as we don't use it anymore.. We now just use WPA2 with AES and Dot1x authentication.
- Disabled Client Load Balancing on the SSID configuration… this does not seem to have made things any better or worse although we are seeing more Load Profile threshold notification alerts for some of our APs which are used heavily.
- The 802.1x time out is currently set at 20secs.
- Some APs which are in Local mode ( due to them being on the same local network as our wifi controllers ) have been changed to HREAP mode and assigned a static IP address.. We found that this was required at our spoke sites where we were originally experiencing issues with our old Windows based devices.. Incidentally, we have not experienced any of these delayed authentication issues with our Window laptops, all our problems seem to be with our MacBooks running Lion..
As I mentioned earlier, there seems to be many discussions online regarding problems with the Lion OS and 802.1x authentication..
I've just bought an E2000 and I Cisco Connect doesn't run on OSX-Lion, and I was unable to find it on support downloads. But this is only a comment, my concern is that I'm not able to see on main menu how many DHCP clients are connected nor of course to check their traffic. Other routers usually provide at least DHCP clients
View 4 Replies View Relateddoes lion support hp 6840 can i install on mac i have lion
View 1 Replies View RelatedI am currently have a Cisco 881 router running EasyVPN server. I recently created come IPSec rules that allow trafiic to specific IP's for a specific security group:
access-list 105 permit ip host 10.1.0.5 any
access-list 105 permit ip host 10.1.0.15 any
access-list 105 permit ip host 10.1.0.16 any
access-list 105 permit ip host 10.1.0.32 any
This works as expected with our Windows users, however our Mac users (using native VPN Client) can only reach the FIRST ip in the string of access statements. When I was torubleshooting this, I moved .32 as the first statement and I could only reach it and none of the others.
I have a Cisco ASA 5510 8.2 (3) with clientless SSL VPN portal enabled with some bookmarks pointing to internal servers. I just installed a new Mac OS Lion Server 10.7 box and have a share on it using both AFP and SMB. My old Mac server is 10.6 with a similar share with both AFP and SMB enabled. When using the Portal browser (or bookmarks pointing to cifs://example/server), I get an error "Error contacting host" to the the 10.7 box, but browsing to the 10.6 box works fine.
I have double checked all settings on the 10.7 and permissions, everything appears correct. I can also browse internally via SMB from Windows XP/Windows 7 using default UNC paths \exampleserver, etc., to the 10.7 box.
From what I have read, the 10.7 has a completely different design to the SMB versus the earlier 10.6. [URL].
I'm using the Cisco AnyConnect VPN Client (2.5.3055) to connect to a server "A". It has worked fine. Then I tried to connect to the server "B" from the free university of Berlin and then this installed (3.0.08057) automatically without asking. Connecting to server "A" does not work any more. The error message is: "The AnyConnect package on the secure gateway could not be located. You may be experiencing network connectivity issues. Please try again." So I tried to de-install the client with the shipped uninstaller and installed the previous 2.5 client again. but the Error message is still the same.so which files should I remove/edit to get it working as before. The network is OK, I tried it on a other computer under Windows Vista and there the freshly installed Client works fine. So I guess ther must be some files or configurations from the newer version in the way.
View 0 Replies View Relatedso i have a printer attatched to my mom's computer and it's set up for sharing. i can get to the printer through my macbook, but it's asking for a username and password to the network (which it didn't ask me to do when setting up the sharing settings on the windows pc) what do i need to do?
View 11 Replies View RelatedI recently bought a dell v313w and I finally managed to configure the printer with my mac via wifi.
I'm still very disappointed because I just can't figure out how to scan from my v313w to the mac as it doesn't appear in the possible destination hosts.
I got a problem when I use WLC 5508 connect to LDAP for authentication, but no luck there, it's a simple config, but not easy to work on my job, I got the following messgae. [code]
View 9 Replies View RelatedI'm with one problem, my OS Lion don't authentication in the Secure ACS Version: 5.2.0.26.10.For the Mac Lion operating system to work you must put in execeção the MAC Address of your computer. I wonder how it could cause the OS to authenticate the ACS Lion.
View 1 Replies View Relatedget a status on Mac Lion and/or Windows 7 64-bit SSL VPN support for the RV220W? QuickVPN (for Windows 7 64-bit users) and IPSecuritas (for Mac Lion users) are our current workarounds, but for folks that use/own their own equipment we prefer SSL VPN. This is why we retired our WRVS4400N v2 for the RV220W.
View 3 Replies View RelatedI've been developing Node.js apps on my localhost on port 1337 for last two years with no problem as shown below.
$ node app
App started on port 1337
Today I wanted to test how things go with default port 80, so I did:
$ sudo node app
App started on port 80
But after that my network went crazy. Now I can't access any local address including localhost. When I ping to localhost it points to some weird public IP address (218.38.137.125) instead of 127.0.0.1.
[code]....
Apparently the setup cd does not work with Mac OS Lion. Anyone else out there is using this router on a Mac running Lion...if so, how did you set up the router.
View 3 Replies View RelatedI just purchased a new E4200 router. When I try to set it up, , it says that my software (Lion v. 10.7.2) is unsupported. Is there a download that will allow me to use this router?
View 2 Replies View RelatedThe USB storage drive is not found when I attempt to map the drive on my Mac Mini Lion OS, it is not found. My question is, does the wrt160nl storage feature work with Mac OS? I have upgraded firmware to 1.0.0.3 and latest version of Lion
View 2 Replies View RelatedRunning an E4200 with Mac OS X Mountain Lion?
View 3 Replies View RelatedI just purchased a new E4200 router. When I try to set it up, , it says that my software (Lion v. 10.7.2) is unsupported. Is there a download that will allow me to use this router?
View 2 Replies View RelatedThe latest Mountain Lion (OSX 10.8) update somehow broke the Cisco VUSB software. I downloaded and installed Mountain Lion yesterday, and now the VUSB software is not working correctly. When I try to connect to my printer, an error appears saying the connection failed, but the dashboard shows it's connected. When I try to print, the printer is shown as unavailable. I have Cisco VUSB version 1.0.0 for OSX and the EA3500 Router.
View 9 Replies View RelatedSince lion is there for a while, it is still not possible to make a time machine backup on an USB hdd that's connected to the router. is Cisco coming with an firmware update?
View 9 Replies View RelatedAfter a ugrade from Snow Leopard to Lion on my Imac, the software witch i have by mine E3000 router, works not longer anymore
View 1 Replies View RelatedI have a repating 2901 router failure when people attempt to download Apple Mac OS X Moutnain Lion upgrade from App Store.
The 2901 just hangs following getting a series of ZBFW packet drop failures:
001928: Jul 26 22:37:18.783 UTC: %APPFW-4-HTTP_PROTOCOL_VIOLATION: HTTP protocol violation (0) detected - session 192.168.223.109:49310 184.25.254.67:80 on zone-pair ZP-PRIVATE-OUT class ccp-protocol-http appl-class ccp-http-blockparam
[Code].....
The web authentication page comes up but as soon as the user hits Submit, the following error appears:
Error Opening Page Hot Spot login cannot open the page because the network connection was lost.
I've tried all the suggestions on these forums but none have worked: [URL]
I'm using a Services Ready Engine Service Module in a 2921 router as my WLC. The same i Phones/i Pads can connect fine using MAC filtering and WPA2.
We are planning to implement Cisco wireless in our central office and branch office using Cisco 2504 WLC and Cisco 1602i Ap. Our branch office is connected via ip vpn and a separate broadband connection for urgent requirements. Usually all users are allowed to browse through central proxy server.I have been trying to find any possibility of giving guest access (web authentication) for branch office guests utilizing only the broadband connection which is connected to the branch office. Is there a possibility that Central WLC is reached using NAT from the BranchOffice AP and allowing guests to authenticate and surf the web at times IP VPN is unreachable.
View 4 Replies View RelatedI cannot connect Android Tablet to home WiFi. Getting Authentication Problem" as error.All other devices connected. Have tried all of the solutions on this and other sites
View 3 Replies View Relatedhow many of you use 802.1x for authenticating users on a wired LAN. We have a new site which supports a ton of users and before implementing an RA VPN solution for them I was thinking about using 802.1x to ensure they've got proper credentials before they're put on the production VLAN.
View 11 Replies View Relatedhow can I config Auth-proxy In ACS 4.0 in ACS 3.3 we can Add this in the Interface , but I can't see any thing for Add Auth-proxy in This menu
View 2 Replies View RelatedCurrently working on Proxy Authentication on a catalyst 3750GCisco's documentation says that I can customize my own web pages for the login, success, failure, and expire web pages. However, I am having a difficult time finding a template to build upon.
View 8 Replies View RelatedJust a sanity check, but setting up NTP authetication on our switches to sync with our Core first, then our NTP server that the Core syncs to second.
View 3 Replies View RelatedI have a access point model WAP4410N , I want to configure for mac authentication by using MS IAS , but when I set MY SSID to radius in wireless connection control and try to connect to that SSID by a laptop I didn't get any logs in my IAS. My methods for radius mac authentication is correct or not ?
View 1 Replies View RelatedIn order to restrict access to websites on our internal network, would we be able to put an ASA in front of the web server and force users to authenticate through the ASA and, once authenticated, allow only port 80 or 443 traffic for that use? The ASA would query the ACS 5.1 server for authentication/authorization using AD as the identity store. Is this even possible with TACACS?
View 1 Replies View RelatedMy customer has a large installed base of MACs, all connected via controller-based (5508) WLAN. He wants to grant access to the network based on the device's mac addresses and move the WLAN-clients to a specific VLAN.I added all devices with their mac addresses to the ACS internal identity store for hosts.According to the following message the client sends the user-login credentials (chegger) within the RADIUS-request instead of the clients mac address and of course it has to fail. After many configuration changes, I ended up always with the same result.
View 2 Replies View RelatedI have set up an ACS (5.2) to do EAP-TLS Machine and User Authentication.I am getting intermittent results with the machine authentication using the same laptop as a test client.When the machine authentication succeeds the RADIUS name shows as host/xxx-yyy.When the machine authentication fails the RADIUS name shows as xxx-yyy without the host/.
View 9 Replies View Related