Friday, July 27, 2012

Aptigen .NID File Format

            <Location XPos="94" YPos="79" />
          <Paging Enabled="True" Forward="Next" Previous="Prev" RecordsPerScreen="32" />
        <Title>Speed Dials Site A-Z</Title>
            <Location XPos="243" YPos="42" />
          <Paging Enabled="True" Forward="Next" Previous="Prev" RecordsPerScreen="32" />
          <Name>Alaa AJ</Name>
          <Name>Aline Cara</Name>
            <Location XPos="238" YPos="80" />
          <Paging Enabled="True" Forward="Next" Previous="Prev" RecordsPerScreen="32" />
          <Name>Magd Dan</Name>
          <Name>Magd Darren</Name>
            <Location XPos="240" YPos="120" />
          <Paging Enabled="True" Forward="Next" Previous="Prev" RecordsPerScreen="32" />
          <Name>Pierre John</Name>
          <Name>Raymond Edward</Name>
    <Connectors />
    <Queries />
    <LDAPConnectors />
    <LDAPQueries />
    <AptigenWebFiles />
    <AptigenControls />
    <SessionVars />

Wednesday, June 20, 2012

Wireless clients getting DHCP Server in a different subnet


  • Running "ipconfig /all" on the client shows that the wireless DHCP server is in a different subnet and/or a different DHCP server than expected;
  • Confirmed no network connections observed from wireless client;
  • Wireless network infrastructure consists of Lightweight Access Points controlled by Wireless LAN Controller (WLC);
  • Even if IP address is released and renewed, client is still getting the correct IP address but DHCP Server is still in the different subnet.


Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6200 AGN
   Physical Address. . . . . . . . . : 00-27-EE-EE-EE-EE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c010:5d39:eeee:eee%11(Preferred)
   IPv4 Address. . . . . . . . . . . :
   Subnet Mask . . . . . . . . . . . :
   Lease Obtained. . . . . . . . . . : Saturday, June 09, 2012 6:56:11 PM
   Lease Expires . . . . . . . . . . : Sunday, June 10, 2012 12:56:11 AM
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 218113808
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-9D-76-61-00-EE-EE-EE-EE-EE
   DNS Servers . . . . . . . . . . . :
   Primary WINS Server . . . . . . . :
   Secondary WINS Server . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled



  • First thing to confirm is if there is any actual network issue; i.e., does the client have any network connectivity issues? In this example, it's already confirmed that there are no issues.
  • In this case, there is actually no network/configuration issue; the WLC is configured as a DHCP Relay (as opposed to instead of as a DHCP Server); hence, the client sees a virtual IP address of the WLC, instead of the actual DHCP server.
  • Here's the rough run-through of the process;
    • Wireless Client DHCP request --> AP --> WLC (dhcp relay) ---> DHCP Server
    • DHCP Server reply --> WLC --> AP --> Wireless Client

Wireless LAN Controller (WLC) FAQ

Monday, April 30, 2012

Case Study: Juniper client disconnects randomly with

Below is an actual issue seen several times in our working environment involving Juniper VPN client (NC Connect)

System Log Message: The Network Connect session terminated. Do you want to reconnect? ( 

- Juniper Networks > Network Connect 7.1.0
- MS Windows 2000, Windows XP, Windows Vista, Windows 7


This error indicates that some installed software or program in your laptop is trying to modify the network routes within your laptop. The Juniper VPN application see this as a threat and therefore throws this message and disconnects the VPN tunnel.

Historically, this is widely caused by the older version of the Bonjour service (versions earlier than 1.06) used by Apple. Recently though, we have discovered that some device management applications are also causing the same issue.

I have experienced this at home myself. I have a Canon printer management suite that auto-runs on startup of my laptop. It automatically scans my home network for my printer. When I connect to the company network via VPN, I lose connection to my home network, thus losing connection to my home printer. To look for the printer, one of the things that the Canon management suite does is modify the route table of my laptop, which is the "threatening" action detected by Juniper which then causes the VPN to be disconnected. Luckily though, the simple solution here is to turn off the Canon management suite before I connect via VPN.

Troubleshooting with debugs/Logs:

Below steps may help confirm if the above error is indeed generated by "unauthorized" modification of the computer's routing table. We've had multiple issues in which there is nothing indicated on the logs, but later on we determined the cause is the same.
  1. Launch NC troubleshooting (Start > All Programs > Juniper Networks > Network Connect 7.1.0
  2. On the Logs tab, select "Detailed Info"
  3. On the Information tab, select "Show All" from the dropdown, and click "Copy to Log"
  4. On the Diagnostics tab, click "Start Diagnostics, then after completing successfully, click "Copy to Log"
  5. Connect via VPN.
  6. Once the connection breaks and you get the error message, go back to NC Troubleshooting > Logs tab > click Explore Log Files
  7. Search each of the log files for "unauth"


First thing to check is the Bonjour service version installed; versions earlier than 1.06 are known to cause this issue.

Next, check the computer for any device management applications/application suites. These refers to any device managed by this computer remotely over the network (wired or wireless), such as printers, scanners, fax, modems, and cameras. If so, turn them off (via Task Manager) and connect again to test.

Tuesday, March 20, 2012

Apple iOS Upgrade Not Working over Wireless

Some iPhone and iPad users are trying to update to iOS 5 through wireless connection but fails.

Apple iOS OTA (over-the-air) update is not proxy-aware.

To check if using proxy, go to Settings > Wi-Fi > the name wifi network, and scroll down to HTTP Proxy.

Workaround: use other methods to update (such as using wired connection iTunes).

Laptop WiFi Connection fails

Laptop cannot get any IP address on the wireless adapter; previously connected via both wired and wifi.
AlwaysResolved by toggling or turning off/on the wifi switch of the laptop.

Windows XP, Windows 7

Checking the AP and/or WLC shows authentication failure due similar to below:
Mar 12 06:54:04.731: %DOT11-4-MAXRETRIES: Packet to client ABCD.EFGH.IJKL reached max retries, removing the client
Mar 12 06:54:04.731: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating Station ABCD.EFGH.IJKL Reason: Previous authentication no longer valid
Mar 12 06:54:04.738: %DOT11-4-MAXRETRIES: Packet to client ABCD.EFGH.IJKL reached max retries, removing the client
This happens usually during the following situations:
  1. laptops go back from standby/hibernate mode;
  2. when laptop is using both wired and wifi connections then disconnects from wired; or
  3. combination of above both situations.
Change 802.1X Authentication to use 'user authentitcation' only. Computer authentication uses only the cached information which maybe stale, inactive, and/or expired. Specifying user authentication forces the laptop to re-authenticate with the authentication servers -- essentially 'refreshing' the authentication information.

Note that this may not apply to every office network.