LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

April 2007

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS April 2007

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Web vs Agent Login -- VISTA CCA SSL Error
From:	"King, Michael" <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Mon, 9 Apr 2007 15:18:54 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (68 lines)

Tony,

Better way to fix this.

Allow the CRL of your signed certificate in your Temporary/
unauthenticated roles.

Then Vista can verify that your Cert is in fact valid.  

 

> -----Original Message-----
> From: Cisco Clean Access Users and Administrators 
> [mailto:[log in to unmask]] On Behalf Of Straw, Steve
> Sent: Monday, April 09, 2007 2:41 PM
> To: [log in to unmask]
> Subject: Re: Web vs Agent Login -- VISTA CCA SSL Error
> 
> Tony,
> 
> #2. IE 7.0 specific problem. Go to Tools/Internet 
> Options/Advanced Uncheck the "Check for Certificate 
> Publishers Revocation" box.
> 
> 
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators 
> [mailto:[log in to unmask]] On Behalf Of Walecka, Tony
> Sent: Monday, April 09, 2007 1:29 PM
> To: [log in to unmask]
> Subject: Web vs Agent Login -- VISTA CCA SSL Error
> 
> I'm a periodic visitor to the list so forgive me if I'm 
> repeating questions that have already been answered.
> 
> Clean Access Server / Manager: 4.1.0.2  (in-line) CCA - v 4.1.0.2
> 
> We have a Wireless Guest VLAN configured so if you select the 
> APs Wireless Guest SSID and know the PreSharedKey the 
> computer will then be assigned to a VLAN that is isolated to 
> Internet access only (i.e., blocked from any internal network 
> access) using PIX ACLs. For this User Role, Clean Access is 
> configured using ALLOW ALL auth server and we are not doing 
> any scanning on these machines. Generally guests do not have 
> the CCA agent on their machine and they use the Web Login 
> page to login.  However, if for some reason there is a CCA 
> agent on their computer the Web login page will not load and 
> the CCA login will  "pop-up".  Both the Web Login and Agent 
> Login have been working as expected.
> 
> 1) For this role is their a way to FORCE the Web Login page 
> to load instead of the CCA Login if a CCA Agent is on a 
> machine?  generally just curious as this would make the Guest 
> experience tidier.
> 
> 2) Workstations w/ VISTA flavors gain access as Wireless 
> Guests using the Web Login page as expected. However, If the 
> CCA Agent is on the machine the CCA Agent Login box 'pops-up" 
> and after we attempt to 'login" (Allow All) we receive the 
> following error:  Network Error!  Detail:  SSL Certificate 
> REV failed [12057].  I assume that this is an unsupprted 
> VISTA issue w/ ver 4.1.0.2, but if it's not, any ideas where 
> we should start to hunt this error down?
> 
> thanks,
> Tony
>

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU