Timeouts for the RDWeb portal are defined by the choice you made when you logged in, if you selected ‘private’ or ‘public’ on the PC options, this sets the timeout. The default is 240 mins for private, and 20 minutes for public connections.
Solution
To alter these values you need to make changes in the ‘Internet Information Services Management Console’ on the RDWeb server.
Navigate to {Server-name} > Sites > Default Web Site > RDWeb > Pages > Application Settings.
You need to alter;
PrivateModeSessionTimeoutIn… AND PublicModeSessionTimeoutIn…
Edit the values according to your requirements.
If you find that the changes don’t take effect immediately drop to command line and issue an ‘iisreset’ command.
Related Articles, References, Credits, or External Links
Seen on Windows Server 2012, when configuring direct access, while running the ‘Getting Started Wizard’ you have to choose the network topology. You have a choice of edge, behind an edge device (with 1 NIC), or behind an edge device (with 2 NICs). Each choice you make will present you with one of the following errors.
An external adapter with a public IP address, IPv6 enabled and without a domain profile cannot be located.
An internal adapter with a valid IP address, DNS settings and a domain profile cannot be located.
An internal adapter with a valid IP address, IPv6 enabled, DNS settings and a domain profile cannot be located.
Solution
The reason you are getting this error is because the network card (or cards) in this server are NOT set with a domain profile, in my case it had been set to public (which was confusing as this was a domain controller).
The fix is a little unusual, and why it works I have no idea, but it worked for me.
1. Windows Key+R > ncpa.cpl {Enter} > Right click the NIC > Properties > REMOVE the tick from IPv6 > OK > Then RETICK IPv6 > OK.
2. Now if you look in ‘Network and Sharing Center’ you will see it labelled as ‘Domain network’. The wizard should now proceed without error.
Related Articles, References, Credits, or External Links
Outlook will (by default), display a notification on your screen when you receive an email. Generally this is a good thing, but if (like me) your Outlook collects your personal mail as well, then you might not want these notifications flashing up on your screen.
Solution
1. From within Outlook > File > Options.
2. Mail > Untick ‘Display a Desktop Alert’.
Related Articles, References, Credits, or External Links
Private SSID will be on the normal corporate LAN (In this case 172.16.254.0/24).
Public SSID will get its IP addressing from the controllers DHCP Server. (10.220.0.0/16).
The Wireless traffic will traverse the corporate LAN (After being natted on the controller) as 10.210.0.0/16.
My LANDNS Servers are 172.16.254.1 and 172.16.254.2.
Solution
HP Switch Configuration.
1. The switch must be performing LAN routing, if the LAN’s default gateway is a firewall that needs rectifying first. (where 172.16.254.200 is the firewall).
[box]ip routing
ip route 0.0.0.0 0.0.0.0 172.16.254.200[/box]
[box]ip dns server-address priority 1 172.16.254.1[/box]
3. Declare a VLAN for the guest VLAN (210), name it, and give it an IP address > Add a Port (A1) to that VLAN which will connect to the Internet Port of the MSM Controller (Port5).
[box]vlan 210
name WIRELESS-TRAFFIC
ip address 10.210.0.1 255.255.255.0.0
untagged A1 [/box]
4. Tag This VLAN on the ‘Inter Switch’ Links from the core switch to the firewall/perimeter device.
[box]tag D24[/box]
5. Save the Switch changes with a write mem command.
Configure the Cisco ASA To Allow the Wireless Traffic out.
Actions for different firewall vendors will vary but you need to achieve the following;
Make sure that a client on the 10.210.0.0/16 network can get access to the Internet
To do that you will need to achieve the following;
Make sure that the 10.210.0.0/16 network has http and https access allowed outbound on the firewall.
Make sure that 10.210.0.0/16 is getting NATTED through the firewall to the public IP address.
1. Connect to the firewall > Allow the Wireless Traffic out.
[box]
access-list outbound extended permit ip 10.210.0.0 255.255.0.0 any
Note: this permits ALL IP traffic you might prefer
access-list outbound extended permit ip 10.210.0.0 255.255.0.0 any eq http
access-list outbound extended permit ip 10.210.0.0 255.255.0.0 any eq https
Note2: This also assumes you have an ACL called outbound applied to traffic that is destined outbound (show run access-group will tell you)
[/box]
2. Perform NAT on the new wireless outbound traffic.
5. At this point plug a PC/Laptop into the core switch (Port A1) and make sure you can get Internet access (‘you will need a static IP on the 10.210.0.0 range).
Configure the HP MSM 720 Controller
MSM 720 Initial Setup and IP Addressing.
1. Connect to to the MSM 720 controller (Port 1) 192.168.1.1 (username admin, password admin).
2. Go though the initial setup > Stop when you get to the Automated workflows screen (simply press Home).
3. Setup Access Network: Home > Network > Access Network > Set the Addressing and Management IP addresses like so;
Addressing 172.16.254.115/24
Management address 172.16.254.116/25
Save.
Note: There’s two because you can separate the management traffic off to another subnet if you wish.
4. Connect Port 1 on the MSM controller to ANY normal port on the Switch (which will be untagged in VLAN 1) >Then connect to the Controller on its new IP https://172.16.254.115.
5. Setup Internet Network: Home > Network > Internet Network > Static.
6. Configure > IP = 10.210.0.2 > Address Mask 255.255.0.0 > Save (don’t worry if you get a warning about DNS).
7. Connect Port 5 on the MSM to Port A1 on the switch (the one you untagged in VLAN 210).
8. Setup DNS: Home > Network > DNS > Enter the Primary LANDNS servers (172.16.254.1 and 172.16.254.2).
9. Tick DNS Cache > Tick DNS Switch over > Tick DNS interception > Save.
10. Setup Default Route: Home > Network > IP Routes > Add.
11. Enter 10.210.0.1 with a Metric of 1 > Add.
12. Setup DHCP (Note: you will create the scope later)
Obviously only complete this step if you want the Controller to act as a DHCP server for your ‘Public’ Wireless network.
13. Enter the domain name > change Lease tome to 1500.
Note: At this point it automatically fills in DHCP Settings (these will NOT be used don’t panic!)
14. REMOVE the tick form Listen for DHCP Requests on ‘Access Network’
15. MAKE SURE there is a tick in the ‘Client data tunnel’ box > Save.
HP MSM 720 Configure Wireless Access Public and Private
For this procedure we will rename the default VSC which is called HP.
1. Home > Controller (on the left) > VSCs) > HP > Change the Profile name for HP to “Private” > Untick Authentication > Untick Access control.
2. Change the SSID from HP to ‘Private’ > Tick Broadcast Filtering.
3. Ensure Wireless security filters is unticked.
4. Tick Wireless Protection > Set the mode to WPA2 (AES/CCMP) > Change Key Source to ‘Preshared Key’ > Enter and confirm the WPA Password > Save (at the bottom of the screen).
5. Setup Public/Guest VSC: Home > VSC’s > Add New VSC Profile.
6. Set the profile name to ‘Public’ > MAKE SURE authentication and access control ARE ticked.
7. Change the SSID to Public > Tick broadcast filtering.
8. Change Allow Traffic between wireless clients to NO > Expand Client Data Tunnel > Tick ‘always tunnel client traffic’.
9. Ensure Wireless Protection is unticked.
10. If you require HTML based logins, tick that (Note: You will need to create a user later, if you enable this).
11. If using the controller for DHCP > Enable the DHCP Server and specify;