LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

February 2009

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS February 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	OS Mismatch
From:	"Speight, Howard" <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Tue, 24 Feb 2009 11:20:45 -0500
Content-Type:	multipart/mixed
Parts/Attachments:	text/plain (104 bytes) , OS-MisMatch.txt (2326 bytes)

Just following up on this topic, see attached. Opened TAC case, service request# 610802775.

Thanks, Howard



                                                                                          Anatomy of OS MisMatch





Authentication 2009-02-23 09:05:55 [00:21:E8:15:30:DA ## 150.216.230.134] xxxxxxx - Successfully logged in, Provider: PirateID, L2 MAC address: 00:21:E8:15:30:DA, Role: AllowAll, OS: Windows CE 



Authentication 2009-02-23 13:25:28 Unable to ping 150.216.230.134, going to logout user xxxxxxx 



>AT this point the lease has exipired and the Heart Beat Timer has removed this client from the Online Users List



Authentication 2009-02-23 13:53:22 [00:13:E8:6F:68:B3 ## 150.216.230.134] xxxxxxx - Successfully logged in temporary role, Provider: PirateID, 

L2 MAC address: 00:13:E8:6F:68:B3, Role: SmartEnforcerQuarantine, OS: Windows Vista Home Premium 



Authentication 2009-02-23 13:53:23 [00:13:E8:6F:68:B3 ## 150.216.230.134] xxxxxxx - Successfully logged in, Provider: PirateID, L2 MAC address: 00:13:E8:6F:68:B3, Role: AllowAll, OS: Windows Vista Home Premium 



>This client logs in with same IP address, different OS (Vista vs CE). Lease expired, client still in Online Users list. New Client picks up IP address with different OS (XP vs. Vista), receives message "OS Mismatch", at this point client is stuck.

NOTE: Client can close Agent and login using Web browser.



Administration 2009-02-23 16:11:06 <User:xxxxxxx IP:150.216.230.134> - forcefully logged out by Administrator



>Kicked user off, ADSSO immediately logs on current client.



Authentication 2009-02-23 16:11:13 [00:18:F8:AA:95:DB ## 150.216.230.134] [log in to unmask] - Successfully logged in temporary role, Provider: ADSSO, 

L2 MAC address: 00:18:F8:AA:95:DB, Role: SmartEnforcerQuarantine, OS: Windows XP Pro/Home 



Authentication 2009-02-23 16:11:14 [00:18:F8:AA:95:DB ## 150.216.230.134] [log in to unmask] - Successfully logged in, Provider: ADSSO, L2 MAC address: 00:18:F8:AA:95:DB, Role: AllowAll, OS: Windows XP Pro/Home





CCA version 4.1.3.1, CCA Agent 4.1.8.0. 



The Heart Beat Timer (240 minutes) is set longer than the Lease Time (60 minutes).



I'm guessing CCA is looking at the IP address instead of the Mac address (perhaps both) in the Online Users List? The client that recieved the OS Mismatch is currently holding the IP address, the previous client is not holding a DHCP lease at all.

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU