cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
54473
Views
0
Helpful
12
Replies

VPN AnyConnect won't recognize firewall/antivirus

vreelandr
Level 1
Level 1

Hi.  I'm a non-expert with VPN and I have to try finding out the answer to this independently since

my IT organization won't support Windows 7.

I've installed Cisco AnyConnect via instructions from the IT organization aforementioned. Everything appears ok except that when I try to connect, after entering my UserID and password, it comes back with:

Login denied.

Your PC does not have a supported firewall or anti-virus

software. Please contact the Global Help Desk.

Now, I do have the standard Windows 7 firewall up and enabled, and I've tried downloading and installing 3 different anti-virus programs, Norton Internet Securtity, Avast, and AVG. All of them are not recognized by AnyConnect.

Is this a known problem with AnyConnect (I have 2.4.0202)? If so, is there a patch or a fix for it forthcoming?

Thanks,

R

12 Replies 12

Nelson Rodrigues
Cisco Employee
Cisco Employee

Whne you attempt connection with the AnyConnect , does it say it is running secure desktop checks/hostscan? It could be that the headend ASA has a Dynamic Access Policy requiring that the endpoint is running a specif AV, FW, AS package/version. You need to call your IT and ask them what package(s)/versions are required before you are allowed to VPN into the network.

Yudong Wu
Level 7
Level 7

Is csd enabled on ASA?

if yes, what version is it?

check the following two commands under webvpn in ASA configuration

csd enable

csd image

I've noticed this issue too - with Vista AND Windows 7 (yes CSD and DAP are configured properly, and

tested with other OS's and other AV's, working fine)

It seems that CSD is simply not returning values to the ASA for certain antivirus products in Windows 7 and/or Vista.

If you do

debug dap trace

you will see that for some reason, there are no values returned at all for "endpoint.av"

Has anyone else noticed these issues? Is there any kind of fix?

I am noticing similar issues, with certain Antivirus products not being detected even though they exist in the ASA database.

1) What ASA, AnyConnect (if using this client) and CSD versions are you using?

2) show me the output of "debug dap trace"

3) Which packages (AV,FW,AS) where you expecting to be discovered and didn't?

If nothing ovious from those traces, I may ask you to send me your CSD logs.

Thx,

Nelson

Hi Nelson,

AnyConnect Version: 2.5.1025

CSD Version: 3.5.1077

Expected to see AVG Antivirus installed. Version installed is AVG Free Addition 2011. I am not checking for a specific version and have trouble with other Antivirus programs as well. It seems to primarly be newer versions, but I cant confirm that yet as several different vendors and version are being utilized by clients.

No Antivirus is being reported by the Debug DAP Trace.

That explains it. The opswat infrastructure framework version that we use for CSD 3.5.x didn't yet support that AVG version. So once the next opswat  version supports the AVG version, Cisco will follow that up with our next CSD, likely v3.6.

Ok, but to clarify, if a new version of any Antivrus vendor is released, will CSD not support it even when a specific version is not being matched?

For example,

If I am checking my remote clients for Symantec (Any Version) and a new version is released that is not in the CSD database, will it not be recognized?

If this is the functionality, what does Cisco recommend as a workaround. This is an issue for a remote client environment that has a wide variety of Antivirus applications installed, that are not centrally managed and upgraded.

I'm experiencing the same issue with CSD 3.5.  Microsoft Security Essentials 2.0 and AVAST! 6.0 both fail the Endpoint checks for A/V. MS updated Security Essentials first, so we told clients to try AVAST!.  AVAST! just updated to version 6.0.

- Tim

Traking for the last year, CSD lags behind vendor updates by over 6 months in many cases... Looks like Cisco will try to fix this in AnyConnect 3.0 by splitting host scan and CSD into seperate parts so hostscan updates can be release more quickly.

In the mean time, Host scan is nearly useless for allowing "home users" to connect if you want to enforce any kind of limit because if the home users are doing THE RIGHT THING and keeping their AV up to date they will become incompatible with every new MAJOR release of their AV product.

A work around would to be to use LUA and match on the WMI api description returned by windows for the running AV, however this is completely insecure and easily faked.

Actually, we have a customer with the same problem.

Avast was recognized on win7 (32bit), but not on win7 (64bit).

After moving to microsoft essentials, it was actualy working until the next av upgrade.

A "crappy" clamwin was recognized every time.

A process checking through DAP was only working on 32bit client, but not on 64bit...

Bottom line:

I can't understand that cisco release such a service/function that ist more or less a big "try out yourself"....

Norbert

melcara
Level 1
Level 1

I have an issue similar to this.  Two workstation both with same version of windows, (win7) one reports the Sophos AV client one does not. 

Any ideas?

here is the debug info

inside-fw#

inside-fw# DAP_TRACE: Activating: flash:/dap.xml

DAP_TRACE: DAP_config_activate: Using XML translation script

DAP_TRACE: DAP_open: D050FA78

DAP_TRACE: DAP_add_CSD: csd_token = [79FD942647F7FB8133664B68]

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.1 = top

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.2 = person

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.3 = organizationalPerson

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.4 = user

DAP_TRACE: Username: bob1, aaa.ldap.cn = bob1

DAP_TRACE: Username: bob1, aaa.ldap.givenName = bob1

DAP_TRACE: Username: bob1, aaa.ldap.distinguishedName = CN=bob1,OU=Lab & Test,DC=testnet,DC=local

DAP_TRACE: Username: bob1, aaa.ldap.instanceType = 4

DAP_TRACE: Username: bob1, aaa.ldap.whenCreated = 20110630124231.0Z

DAP_TRACE: Username: bob1, aaa.ldap.whenChanged = 20110707102755.0Z

DAP_TRACE: Username: bob1, aaa.ldap.displayName = bob1

DAP_TRACE: Username: bob1, aaa.ldap.uSNCreated = 183326

DAP_TRACE: Username: bob1, aaa.ldap.memberOf.1 = VPN Unrestricted_Test

DAP_TRACE: Username: bob1, aaa.ldap.memberOf.2 = TestRemoteAccess_GG

DAP_TRACE: Username: bob1, aaa.ldap.uSNChanged = 233674

DAP_TRACE: Username: bob1, aaa.ldap.name = bob1

DAP_TRACE: Username: bob1, aaa.ldap.objectGUID = H^.....D.tx6HT.(

DAP_TRACE: Username: bob1, aaa.ldap.userAccountControl = 512

DAP_TRACE: Username: bob1, aaa.ldap.badPwdCount = 1

DAP_TRACE: Username: bob1, aaa.ldap.codePage = 0

DAP_TRACE: Username: bob1, aaa.ldap.countryCode = 0

DAP_TRACE: Username: bob1, aaa.ldap.badPasswordTime = 129545148418198794

DAP_TRACE: Username: bob1, aaa.ldap.lastLogoff = 0

DAP_TRACE: Username: bob1, aaa.ldap.lastLogon = 129545140659548106

DAP_TRACE: Username: bob1, aaa.ldap.pwdLastSet = 129545080759221090

DAP_TRACE: Username: bob1, aaa.ldap.primaryGroupID = 513

DAP_TRACE: Username: bob1, aaa.ldap.objectSid = ..

DAP_TRACE: Username: bob1, aaa.ldap.accountExpires = 129548304000000000

DAP_TRACE: Username: bob1, aaa.ldap.logonCount = 3

DAP_TRACE: Username: bob1, aaa.ldap.sAMAccountName = bob1

DAP_TRACE: Username: bob1, aaa.ldap.sAMAccountType = 805306368

DAP_TRACE: Username: bob1, aaa.ldap.userPrincipalName = bob1@testad.local

DAP_TRACE: Username: bob1, aaa.ldap.objectCategory = CN=Person,CN=Schema,CN=Configuration,DC=testnet,DC=local

DAP_TRACE: Username: bob1, aaa.ldap.dSCorePropagationData = 16010101000000.0Z

DAP_TRACE: Username: bob1, aaa.ldap.lastLogonTimestamp = 129539122878320781

DAP_TRACE: Username: bob1, aaa.cisco.grouppolicy = vpndemo

DAP_TRACE: Username: bob1, aaa.cisco.username = bob1

DAP_TRACE: Username: bob1, aaa.cisco.username1 = bob1

DAP_TRACE: Username: bob1, aaa.cisco.username2 =

DAP_TRACE: Username: bob1, aaa.cisco.tunnelgroup = vpndemo

DAP_TRACE: Username: bob1, DAP_add_SCEP: scep required = [FALSE]

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["1"]="top"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["1"], value = "top"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["2"]="person"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["2"], value = "person"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["3"]="organizationalPerson"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["3"], value = "organizationalPerson"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["4"]="user"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["4"], value = "user"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["cn"]="bob1"

DAP_TRACE: name = aaa["ldap"]["cn"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["givenName"]="bob1"

DAP_TRACE: name = aaa["ldap"]["givenName"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["distinguishedName"]="CN=bob1,OU=Lab & Test,DC=testnet,DC=local"

DAP_TRACE: name = aaa["ldap"]["distinguishedName"], value = "CN=bob1,OU=Lab & Test,DC=testnet,DC=local"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["instanceType"]="4"

DAP_TRACE: name = aaa["ldap"]["instanceType"], value = "4"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["whenCreated"]="20110630124231.0Z"

DAP_TRACE: name = aaa["ldap"]["whenCreated"], value = "20110630124231.0Z"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["whenChanged"]="20110707102755.0Z"

DAP_TRACE: name = aaa["ldap"]["whenChanged"], value = "20110707102755.0Z"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["displayName"]="bob1"

DAP_TRACE: name = aaa["ldap"]["displayName"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["uSNCreated"]="183326"

DAP_TRACE: name = aaa["ldap"]["uSNCreated"], value = "183326"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["memberOf"]["1"]="VPN Unrestricted_Test"

DAP_TRACE: name = aaa["ldap"]["memberOf"]["1"], value = "VPN Unrestricted_Test"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["memberOf"]["2"]="TestRemoteAccess_GG"

DAP_TRACE: name = aaa["ldap"]["memberOf"]["2"], value = "TestRemoteAccess_GG"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["uSNChanged"]="233674"

DAP_TRACE: name = aaa["ldap"]["uSNChanged"], value = "233674"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["name"]="bob1"

DAP_TRACE: name = aaa["ldap"]["name"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa.ldap.objectGUID contains binary data

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["userAccountControl"]="512"

DAP_TRACE: name = aaa["ldap"]["userAccountControl"], value = "512"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["badPwdCount"]="1"

DAP_TRACE: name = aaa["ldap"]["badPwdCount"], value = "1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["codePage"]="0"

DAP_TRACE: name = aaa["ldap"]["codePage"], value = "0"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["countryCode"]="0"

DAP_TRACE: name = aaa["ldap"]["countryCode"], value = "0"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["badPasswordTime"]="129545148418198794"

DAP_TRACE: name = aaa["ldap"]["badPasswordTime"], value = "129545148418198794"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["lastLogoff"]="0"

DAP_TRACE: name = aaa["ldap"]["lastLogoff"], value = "0"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["lastLogon"]="129545140659548106"

DAP_TRACE: name = aaa["ldap"]["lastLogon"], value = "129545140659548106"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["pwdLastSet"]="129545080759221090"

DAP_TRACE: name = aaa["ldap"]["pwdLastSet"], value = "129545080759221090"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["primaryGroupID"]="513"

DAP_TRACE: name = aaa["ldap"]["primaryGroupID"], value = "513"

DAP_TRACE: dap_add_to_lua_tree:aaa.ldap.objectSid contains binary data

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["accountExpires"]="129548304000000000"

DAP_TRACE: name = aaa["ldap"]["accountExpires"], value = "129548304000000000"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["logonCount"]="3"

DAP_TRACE: name = aaa["ldap"]["logonCount"], value = "3"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["sAMAccountName"]="bob1"

DAP_TRACE: name = aaa["ldap"]["sAMAccountName"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["sAMAccountType"]="805306368"

DAP_TRACE: name = aaa["ldap"]["sAMAccountType"], value = "805306368"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["userPrincipalName"]="bob1@testad.local"

DAP_TRACE: name = aaa["ldap"]["userPrincipalName"], value = "bob1@testad.local"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectCategory"]="CN=Person,CN=Schema,CN=Configuration,DC=testnet,DC=local"

DAP_TRACE: name = aaa["ldap"]["objectCategory"], value = "CN=Person,CN=Schema,CN=Configuration,DC=testnet,DC=local"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["dSCorePropagationData"]="16010101000000.0Z"

DAP_TRACE: name = aaa["ldap"]["dSCorePropagationData"], value = "16010101000000.0Z"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["lastLogonTimestamp"]="129539122878320781"

DAP_TRACE: name = aaa["ldap"]["lastLogonTimestamp"], value = "129539122878320781"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["grouppolicy"]="vpndemo"

DAP_TRACE: name = aaa["cisco"]["grouppolicy"], value = "vpndemo"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["username"]="bob1"

DAP_TRACE: name = aaa["cisco"]["username"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["username1"]="bob1"

DAP_TRACE: name = aaa["cisco"]["username1"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["username2"]=""

DAP_TRACE: name = aaa["cisco"]["username2"], value = ""

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["tunnelgroup"]="vpndemo"

DAP_TRACE: name = aaa["cisco"]["tunnelgroup"], value = "vpndemo"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["sceprequired"]="false"

DAP_TRACE: name = aaa["cisco"]["sceprequired"], value = "false"

DAP_TRACE: dap_add_to_lua_tree:endpoint["application"]["clienttype"]="Clientless"

DAP_TRACE: name = endpoint["application"]["clienttype"], value = "Clientless"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.os.version="Windows 7"

DAP_TRACE: name = endpoint.os.version, value = "Windows 7"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.os.architecture="x86"

DAP_TRACE: name = endpoint.os.architecture, value = "x86"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.os.processor_level="unknown"

DAP_TRACE: name = endpoint.os.processor_level, value = "unknown"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.policy.location="Win7 or Vista"

DAP_TRACE: name = endpoint.policy.location, value = "Win7 or Vista"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.protection="none"

DAP_TRACE: name = endpoint.device.protection, value = "none"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.protection_version="3.0.4016"

DAP_TRACE: name = endpoint.device.protection_version, value = "3.0.4016"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.hostname="WIN-RQ4CNEENDBG"

DAP_TRACE: name = endpoint.device.hostname, value = "WIN-RQ4CNEENDBG"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["135"]="true"

DAP_TRACE: name = endpoint.device.port["135"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["445"]="true"

DAP_TRACE: name = endpoint.device.port["445"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49152"]="true"

DAP_TRACE: name = endpoint.device.port["49152"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49153"]="true"

DAP_TRACE: name = endpoint.device.port["49153"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49154"]="true"

DAP_TRACE: name = endpoint.device.port["49154"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49155"]="true"

DAP_TRACE: name = endpoint.device.port["49155"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49156"]="true"

DAP_TRACE: name = endpoint.device.port["49156"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["60808"]="true"

DAP_TRACE: name = endpoint.device.port["60808"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["139"]="true"

DAP_TRACE: name = endpoint.device.port["139"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["5355"]="true"

DAP_TRACE: name = endpoint.device.port["5355"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["1900"]="true"

DAP_TRACE: name = endpoint.device.port["1900"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["55171"]="true"

DAP_TRACE: name = endpoint.device.port["55171"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["59080"]="true"

DAP_TRACE: name = endpoint.device.port["59080"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["137"]="true"

DAP_TRACE: name = endpoint.device.port["137"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["138"]="true"

DAP_TRACE: name = endpoint.device.port["138"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["1900"]="true"

DAP_TRACE: name = endpoint.device.port["1900"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.MAC["000c.2998.582c"]="true"

DAP_TRACE: name = endpoint.device.MAC["000c.2998.582c"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.id="VMware-56 4d 7a 92 fc 79 29 c5-37 71 0e b7 83 98 58 2c"

DAP_TRACE: name = endpoint.device.id, value = "VMware-56 4d 7a 92 fc 79 29 c5-37 71 0e b7 83 98 58 2c"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.protection_extension="3.4.24.1"

DAP_TRACE: name = endpoint.device.protection_extension, value = "3.4.24.1"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.enforce="success"

DAP_TRACE: name = endpoint.enforce, value = "success"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"]={}

DAP_TRACE: name = endpoint.fw["MSWindowsFW"], value = {}

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].exists="true"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].exists, value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].description="Microsoft Windows Firewall"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].description, value = "Microsoft Windows Firewall"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].version="7"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].version, value = "7"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].enabled="ok"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].enabled, value = "ok"

DAP_TRACE: Username: bob1, Selected DAPs: ,test vpn only

DAP_TRACE: dap_process_selected_daps: selected 1 records

DAP_TRACE: Username: bob1, dap_aggregate_attr: rec_count = 1

DAP_TRACE: Username: bob1, dap_concat_fcn: [group only] 10 490

DAP_TRACE: Username: bob1, DAP_close: D050FA78

inside-fw#

inside-fw#

inside-fw#

inside-fw#

inside-fw# DAP_TRACE: DAP_open: D0511D00

DAP_TRACE: DAP_add_CSD: csd_token = [622BEC465C46202129799E88]

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.1 = top

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.2 = person

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.3 = organizationalPerson

DAP_TRACE: Username: bob1, aaa.ldap.objectClass.4 = user

DAP_TRACE: Username: bob1, aaa.ldap.cn = bob1

DAP_TRACE: Username: bob1, aaa.ldap.givenName = bob1

DAP_TRACE: Username: bob1, aaa.ldap.distinguishedName = CN=bob1,OU=Lab & Test,DC=testnet,DC=local

DAP_TRACE: Username: bob1, aaa.ldap.instanceType = 4

DAP_TRACE: Username: bob1, aaa.ldap.whenCreated = 20110630124231.0Z

DAP_TRACE: Username: bob1, aaa.ldap.whenChanged = 20110707102755.0Z

DAP_TRACE: Username: bob1, aaa.ldap.displayName = bob1

DAP_TRACE: Username: bob1, aaa.ldap.uSNCreated = 183326

DAP_TRACE: Username: bob1, aaa.ldap.memberOf.1 = VPN Unrestricted_Test

DAP_TRACE: Username: bob1, aaa.ldap.memberOf.2 = TestRemoteAccess_GG

DAP_TRACE: Username: bob1, aaa.ldap.uSNChanged = 233674

DAP_TRACE: Username: bob1, aaa.ldap.name = bob1

DAP_TRACE: Username: bob1, aaa.ldap.objectGUID = H^.....D.tx6HT.(

DAP_TRACE: Username: bob1, aaa.ldap.userAccountControl = 512

DAP_TRACE: Username: bob1, aaa.ldap.badPwdCount = 1

DAP_TRACE: Username: bob1, aaa.ldap.codePage = 0

DAP_TRACE: Username: bob1, aaa.ldap.countryCode = 0

DAP_TRACE: Username: bob1, aaa.ldap.badPasswordTime = 129545159169154930

DAP_TRACE: Username: bob1, aaa.ldap.lastLogoff = 0

DAP_TRACE: Username: bob1, aaa.ldap.lastLogon = 129545148525072426

DAP_TRACE: Username: bob1, aaa.ldap.pwdLastSet = 129545080759221090

DAP_TRACE: Username: bob1, aaa.ldap.primaryGroupID = 513

DAP_TRACE: Username: bob1, aaa.ldap.objectSid = ..

DAP_TRACE: Username: bob1, aaa.ldap.accountExpires = 129548304000000000

DAP_TRACE: Username: bob1, aaa.ldap.logonCount = 3

DAP_TRACE: Username: bob1, aaa.ldap.sAMAccountName = bob1

DAP_TRACE: Username: bob1, aaa.ldap.sAMAccountType = 805306368

DAP_TRACE: Username: bob1, aaa.ldap.userPrincipalName = bob1@testad.local

DAP_TRACE: Username: bob1, aaa.ldap.objectCategory = CN=Person,CN=Schema,CN=Configuration,DC=testnet,DC=local

DAP_TRACE: Username: bob1, aaa.ldap.dSCorePropagationData = 16010101000000.0Z

DAP_TRACE: Username: bob1, aaa.ldap.lastLogonTimestamp = 129539122878320781

DAP_TRACE: Username: bob1, aaa.cisco.grouppolicy = vpndemo

DAP_TRACE: Username: bob1, aaa.cisco.username = bob1

DAP_TRACE: Username: bob1, aaa.cisco.username1 = bob1

DAP_TRACE: Username: bob1, aaa.cisco.username2 =

DAP_TRACE: Username: bob1, aaa.cisco.tunnelgroup = vpndemo

DAP_TRACE: Username: bob1, DAP_add_SCEP: scep required = [FALSE]

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["1"]="top"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["1"], value = "top"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["2"]="person"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["2"], value = "person"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["3"]="organizationalPerson"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["3"], value = "organizationalPerson"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectClass"]["4"]="user"

DAP_TRACE: name = aaa["ldap"]["objectClass"]["4"], value = "user"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["cn"]="bob1"

DAP_TRACE: name = aaa["ldap"]["cn"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["givenName"]="bob1"

DAP_TRACE: name = aaa["ldap"]["givenName"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["distinguishedName"]="CN=bob1,OU=Lab & Test,DC=testnet,DC=local"

DAP_TRACE: name = aaa["ldap"]["distinguishedName"], value = "CN=bob1,OU=Lab & Test,DC=testnet,DC=local"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["instanceType"]="4"

DAP_TRACE: name = aaa["ldap"]["instanceType"], value = "4"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["whenCreated"]="20110630124231.0Z"

DAP_TRACE: name = aaa["ldap"]["whenCreated"], value = "20110630124231.0Z"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["whenChanged"]="20110707102755.0Z"

DAP_TRACE: name = aaa["ldap"]["whenChanged"], value = "20110707102755.0Z"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["displayName"]="bob1"

DAP_TRACE: name = aaa["ldap"]["displayName"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["uSNCreated"]="183326"

DAP_TRACE: name = aaa["ldap"]["uSNCreated"], value = "183326"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["memberOf"]["1"]="VPN Unrestricted_Test"

DAP_TRACE: name = aaa["ldap"]["memberOf"]["1"], value = "VPN Unrestricted_Test"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["memberOf"]["2"]="TestRemoteAccess_GG"

DAP_TRACE: name = aaa["ldap"]["memberOf"]["2"], value = "TestRemoteAccess_GG"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["uSNChanged"]="233674"

DAP_TRACE: name = aaa["ldap"]["uSNChanged"], value = "233674"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["name"]="bob1"

DAP_TRACE: name = aaa["ldap"]["name"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa.ldap.objectGUID contains binary data

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["userAccountControl"]="512"

DAP_TRACE: name = aaa["ldap"]["userAccountControl"], value = "512"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["badPwdCount"]="1"

DAP_TRACE: name = aaa["ldap"]["badPwdCount"], value = "1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["codePage"]="0"

DAP_TRACE: name = aaa["ldap"]["codePage"], value = "0"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["countryCode"]="0"

DAP_TRACE: name = aaa["ldap"]["countryCode"], value = "0"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["badPasswordTime"]="129545159169154930"

DAP_TRACE: name = aaa["ldap"]["badPasswordTime"], value = "129545159169154930"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["lastLogoff"]="0"

DAP_TRACE: name = aaa["ldap"]["lastLogoff"], value = "0"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["lastLogon"]="129545148525072426"

DAP_TRACE: name = aaa["ldap"]["lastLogon"], value = "129545148525072426"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["pwdLastSet"]="129545080759221090"

DAP_TRACE: name = aaa["ldap"]["pwdLastSet"], value = "129545080759221090"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["primaryGroupID"]="513"

DAP_TRACE: name = aaa["ldap"]["primaryGroupID"], value = "513"

DAP_TRACE: dap_add_to_lua_tree:aaa.ldap.objectSid contains binary data

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["accountExpires"]="129548304000000000"

DAP_TRACE: name = aaa["ldap"]["accountExpires"], value = "129548304000000000"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["logonCount"]="3"

DAP_TRACE: name = aaa["ldap"]["logonCount"], value = "3"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["sAMAccountName"]="bob1"

DAP_TRACE: name = aaa["ldap"]["sAMAccountName"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["sAMAccountType"]="805306368"

DAP_TRACE: name = aaa["ldap"]["sAMAccountType"], value = "805306368"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["userPrincipalName"]="bob1@testad.local"

DAP_TRACE: name = aaa["ldap"]["userPrincipalName"], value = "bob1@testad.local"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["objectCategory"]="CN=Person,CN=Schema,CN=Configuration,DC=testnet,DC=local"

DAP_TRACE: name = aaa["ldap"]["objectCategory"], value = "CN=Person,CN=Schema,CN=Configuration,DC=testnet,DC=local"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["dSCorePropagationData"]="16010101000000.0Z"

DAP_TRACE: name = aaa["ldap"]["dSCorePropagationData"], value = "16010101000000.0Z"

DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["lastLogonTimestamp"]="129539122878320781"

DAP_TRACE: name = aaa["ldap"]["lastLogonTimestamp"], value = "129539122878320781"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["grouppolicy"]="vpndemo"

DAP_TRACE: name = aaa["cisco"]["grouppolicy"], value = "vpndemo"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["username"]="bob1"

DAP_TRACE: name = aaa["cisco"]["username"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["username1"]="bob1"

DAP_TRACE: name = aaa["cisco"]["username1"], value = "bob1"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["username2"]=""

DAP_TRACE: name = aaa["cisco"]["username2"], value = ""

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["tunnelgroup"]="vpndemo"

DAP_TRACE: name = aaa["cisco"]["tunnelgroup"], value = "vpndemo"

DAP_TRACE: dap_add_to_lua_tree:aaa["cisco"]["sceprequired"]="false"

DAP_TRACE: name = aaa["cisco"]["sceprequired"], value = "false"

DAP_TRACE: dap_add_to_lua_tree:endpoint["application"]["clienttype"]="Clientless"

DAP_TRACE: name = endpoint["application"]["clienttype"], value = "Clientless"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.os.version="Windows 7"

DAP_TRACE: name = endpoint.os.version, value = "Windows 7"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.os.architecture="x86"

DAP_TRACE: name = endpoint.os.architecture, value = "x86"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.os.processor_level="unknown"

DAP_TRACE: name = endpoint.os.processor_level, value = "unknown"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.policy.location="Win7 or Vista"

DAP_TRACE: name = endpoint.policy.location, value = "Win7 or Vista"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.protection="none"

DAP_TRACE: name = endpoint.device.protection, value = "none"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.protection_version="3.0.4016"

DAP_TRACE: name = endpoint.device.protection_version, value = "3.0.4016"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.hostname="xyz-mini"

DAP_TRACE: name = endpoint.device.hostname, value = "xyz-mini"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["135"]="true"

DAP_TRACE: name = endpoint.device.port["135"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["445"]="true"

DAP_TRACE: name = endpoint.device.port["445"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["554"]="true"

DAP_TRACE: name = endpoint.device.port["554"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["912"]="true"

DAP_TRACE: name = endpoint.device.port["912"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["2869"]="true"

DAP_TRACE: name = endpoint.device.port["2869"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["5357"]="true"

DAP_TRACE: name = endpoint.device.port["5357"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["10243"]="true"

DAP_TRACE: name = endpoint.device.port["10243"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49152"]="true"

DAP_TRACE: name = endpoint.device.port["49152"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49153"]="true"

DAP_TRACE: name = endpoint.device.port["49153"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49154"]="true"

DAP_TRACE: name = endpoint.device.port["49154"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49155"]="true"

DAP_TRACE: name = endpoint.device.port["49155"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49157"]="true"

DAP_TRACE: name = endpoint.device.port["49157"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["49158"]="true"

DAP_TRACE: name = endpoint.device.port["49158"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["60808"]="true"

DAP_TRACE: name = endpoint.device.port["60808"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["62514"]="true"

DAP_TRACE: name = endpoint.device.port["62514"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["139"]="true"

DAP_TRACE: name = endpoint.device.port["139"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["139"]="true"

DAP_TRACE: name = endpoint.device.port["139"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["139"]="true"

DAP_TRACE: name = endpoint.device.port["139"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["500"]="true"

DAP_TRACE: name = endpoint.device.port["500"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["3702"]="true"

DAP_TRACE: name = endpoint.device.port["3702"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["3702"]="true"

DAP_TRACE: name = endpoint.device.port["3702"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["4500"]="true"

DAP_TRACE: name = endpoint.device.port["4500"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["5004"]="true"

DAP_TRACE: name = endpoint.device.port["5004"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["5005"]="true"

DAP_TRACE: name = endpoint.device.port["5005"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["5355"]="true"

DAP_TRACE: name = endpoint.device.port["5355"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["57362"]="true"

DAP_TRACE: name = endpoint.device.port["57362"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["1900"]="true"

DAP_TRACE: name = endpoint.device.port["1900"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["50011"]="true"

DAP_TRACE: name = endpoint.device.port["50011"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["52896"]="true"

DAP_TRACE: name = endpoint.device.port["52896"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["56297"]="true"

DAP_TRACE: name = endpoint.device.port["56297"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["62514"]="true"

DAP_TRACE: name = endpoint.device.port["62514"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["137"]="true"

DAP_TRACE: name = endpoint.device.port["137"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["138"]="true"

DAP_TRACE: name = endpoint.device.port["138"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["1900"]="true"

DAP_TRACE: name = endpoint.device.port["1900"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["50010"]="true"

DAP_TRACE: name = endpoint.device.port["50010"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["137"]="true"

DAP_TRACE: name = endpoint.device.port["137"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["138"]="true"

DAP_TRACE: name = endpoint.device.port["138"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["1900"]="true"

DAP_TRACE: name = endpoint.device.port["1900"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["50009"]="true"

DAP_TRACE: name = endpoint.device.port["50009"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["137"]="true"

DAP_TRACE: name = endpoint.device.port["137"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["138"]="true"

DAP_TRACE: name = endpoint.device.port["138"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["1900"]="true"

DAP_TRACE: name = endpoint.device.port["1900"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.port["50008"]="true"

DAP_TRACE: name = endpoint.device.port["50008"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.MAC["c80a.a945.862d"]="true"

DAP_TRACE: name = endpoint.device.MAC["c80a.a945.862d"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.MAC["0050.56c0.0001"]="true"

DAP_TRACE: name = endpoint.device.MAC["0050.56c0.0001"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.MAC["0050.56c0.0008"]="true"

DAP_TRACE: name = endpoint.device.MAC["0050.56c0.0008"], value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.id="CNF0146N0T"

DAP_TRACE: name = endpoint.device.id, value = "CNF0146N0T"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.device.protection_extension="3.4.24.1"

DAP_TRACE: name = endpoint.device.protection_extension, value = "3.4.24.1"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.enforce="success"

DAP_TRACE: name = endpoint.enforce, value = "success"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"]={}

DAP_TRACE: name = endpoint.fw["MSWindowsFW"], value = {}

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].exists="false"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].exists, value = "false"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].description="Microsoft Windows Firewall"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].description, value = "Microsoft Windows Firewall"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].version="7"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].version, value = "7"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.fw["MSWindowsFW"].enabled="failed"

DAP_TRACE: name = endpoint.fw["MSWindowsFW"].enabled, value = "failed"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.av["SophosAV"]={}

DAP_TRACE: name = endpoint.av["SophosAV"], value = {}

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.av["SophosAV"].exists="true"

DAP_TRACE: name = endpoint.av["SophosAV"].exists, value = "true"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.av["SophosAV"].description="Sophos Anti-Virus"

DAP_TRACE: name = endpoint.av["SophosAV"].description, value = "Sophos Anti-Virus"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.av["SophosAV"].version="9.5.5"

DAP_TRACE: name = endpoint.av["SophosAV"].version, value = "9.5.5"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.av["SophosAV"].activescan="ok"

DAP_TRACE: name = endpoint.av["SophosAV"].activescan, value = "ok"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.av["SophosAV"].lastupdate="31098"

DAP_TRACE: name = endpoint.av["SophosAV"].lastupdate, value = "31098"

DAP_TRACE: dap_install_endpoint_data_to_lua:endpoint.av["SophosAV"].timestamp="1310011200"

DAP_TRACE: name = endpoint.av["SophosAV"].timestamp, value = "1310011200"

DAP_TRACE: Username: bob1, Selected DAPs: ,test vpn only,test for sophos

DAP_TRACE: dap_process_selected_daps: selected 2 records

DAP_TRACE: Username: bob1, dap_aggregate_attr: rec_count = 2

DAP_TRACE: Username: bob1, dap_concat_fcn: [this is the sophos client] 25 490

DAP_TRACE: Username: bob1, dap_concat_fcn: [this is the sophos client

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: