Subject: | |
From: | |
Reply To: | |
Date: | Mon, 9 Apr 2007 15:18:54 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Tony,
Better way to fix this.
Allow the CRL of your signed certificate in your Temporary/
unauthenticated roles.
Then Vista can verify that your Cert is in fact valid.
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Straw, Steve
> Sent: Monday, April 09, 2007 2:41 PM
> To: [log in to unmask]
> Subject: Re: Web vs Agent Login -- VISTA CCA SSL Error
>
> Tony,
>
> #2. IE 7.0 specific problem. Go to Tools/Internet
> Options/Advanced Uncheck the "Check for Certificate
> Publishers Revocation" box.
>
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Walecka, Tony
> Sent: Monday, April 09, 2007 1:29 PM
> To: [log in to unmask]
> Subject: Web vs Agent Login -- VISTA CCA SSL Error
>
> I'm a periodic visitor to the list so forgive me if I'm
> repeating questions that have already been answered.
>
> Clean Access Server / Manager: 4.1.0.2 (in-line) CCA - v 4.1.0.2
>
> We have a Wireless Guest VLAN configured so if you select the
> APs Wireless Guest SSID and know the PreSharedKey the
> computer will then be assigned to a VLAN that is isolated to
> Internet access only (i.e., blocked from any internal network
> access) using PIX ACLs. For this User Role, Clean Access is
> configured using ALLOW ALL auth server and we are not doing
> any scanning on these machines. Generally guests do not have
> the CCA agent on their machine and they use the Web Login
> page to login. However, if for some reason there is a CCA
> agent on their computer the Web login page will not load and
> the CCA login will "pop-up". Both the Web Login and Agent
> Login have been working as expected.
>
> 1) For this role is their a way to FORCE the Web Login page
> to load instead of the CCA Login if a CCA Agent is on a
> machine? generally just curious as this would make the Guest
> experience tidier.
>
> 2) Workstations w/ VISTA flavors gain access as Wireless
> Guests using the Web Login page as expected. However, If the
> CCA Agent is on the machine the CCA Agent Login box 'pops-up"
> and after we attempt to 'login" (Allow All) we receive the
> following error: Network Error! Detail: SSL Certificate
> REV failed [12057]. I assume that this is an unsupprted
> VISTA issue w/ ver 4.1.0.2, but if it's not, any ideas where
> we should start to hunt this error down?
>
> thanks,
> Tony
>
|
|
|