Manualshelf

Release Notes 4.4.0.50

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
12345678910
Release Notes, Version 4.4.0.50
6
Any Identity Profile and presumably gets rights based on the “Unauthenticated” Access
Policy. On the other hand, a Registered Guest is an authenticated user, because its name and
password are in the user database, although it is assigned to the Guest Identity Profile. In this
case, if the Connection Profile associated with the Guest Identity Profile expires, the
Registered Guest will match the default “Authenticated” Identity Profile and get rights based
on the Access Policy associated with that Identity Profile. (18719)
Using a Cisco VPN client with Extended Authentication, and with IPSec enabled in the
Access Policy, the client is unable to browse to the 42.0.0.1 address. This is because in this
particular case the client attempts to use the 42.x.x.x outer tunnel address rather than sending
this traffic through the IPSec tunnel. (18750)
Access Points should be configured to get a real IP address via DHCP, rather than using their
default IP address. If the default IP address conflicts with one of the 700wl Series system
internal addresses, the AP may not reliably stay connected to the system.
There are several issues related to using IPTV multicast streams:
The IPTV stream may not stop immediately when the client is logged out. This is as
expected due to the IPTV protocol. (18829)
If multiple clients are using the same IPTV stream, the stream will continue for users that
log out as long as one client using the same stream remains logged in. (18830)
Multicast streams such as IPTV and VPN tunneling (IPSec, L2TP, or PPTP) are
incompatible. Multicasting will not work for clients using VPN tunneling. (18832)
When using NT Domain Logon, if a client is unable to contact the NT Domain Server
immediately, for example if it has yet to receive an IP address, the client will resort to a
cached logon. However, a cached logon cannot be sniffed, so the 700wl Series system will
not detect that the client has logged on, even though the NT logon appears to succeed on the
client. It is possible to work around this problem by disabling cached logon through the
Windows registry. This can be accomplished by setting
My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\WinLogon\cachedlogonscount
to "0" (zero).
The ProCurve Secure Access 700wl Series products require version 3.0 or greater of the
Network Time Protocol (NTP). Be sure your NTP server is running version 3.0 or greater,
and verify that you have IP connectivity from the ProCurve Secure Access 700wl Series
product to your NTP server.
Roaming from subnet to subnet with a PPTP or L2TP connection is not as efficient as
roaming with a non-encrypted NAT connection. All traffic must be tunneled back through the
original Access Controller when roaming with PPTP or L2TP.
If you change the uplink port, you must reboot the device before you can access the device's
web interface again.
If an administrator's or client's browser fails to successfully negotiate an SSL connection with
the 700wl Series system's web server, the OpenSSL subsystem will place error messages in
the logs. These errors are identified by their references to OpenSSL or to RSA key errors.
These errors are harmless as the browser and server generally do eventually succeed in
establishing an SSL connection.
The SafeNet 7.0.x client in combination with Windows XP does not allow roaming. A roam
away from the initial Access Point causes the interface to go down, and the SafeNet 7.0.x
client cannot recover. A client reboot is required before you can connect again. Roaming