802.1x wireless authenticaiton against RADIUS authenticator
Hi all,
Would like to check out some client side setting on Wireless 802.1x authenticaiton.
Network setup is using
- Cisco WLC 7.2 and AP3500,
- ACS 5.3
- Microsoft Windows server 2008 hosting AD and CA services (same machine)
- Client OS is Microsoft Window 7.
Authentication mehtod would use PEAP-MSChap V2 Combo.
My question :
01. In AD environment, should ACS 5.3 be part of the domain computer?
02. To have secure connectivity, IF the security policy force client to check "Validate server certificate", which certificate it is look for? Is it ACS's identity certifate, that require CA server to sign on the CSR?
03. Back to client side, should the client also need to import this certificate in trusted root certification authorities?
Or the client will trust ACS identity certificate against the root CA certificate store at client's trusted root certification authorities, where they have the identical issuer?
04. Extra question: If no CA environment, would it be sufficient simply export ACS self-signed certificate and import to client computer, and it's trusted?
Thanks
Noel
Hello Noel-
Please find my answers below:
01. In AD environment, should ACS 5.3 be part of the domain computer?
You should not have to make any changes to the ACS machine once you join it to your domain. You need to ensure that the account that you use to join it to the domain has the proper permissions. For more info on that you can check this link:
http://www.cisco.com/en/US/products/ps9911/products_configuration_example09186a0080bc6506.shtml
02. To have secure connectivity, IF the security policy force client to check "Validate server certificate", which certificate it is look for? Is it ACS's identity certifate, that require CA server to sign on the CSR?
Yes, if you want the connection to be secured/encrypted you will need to use a certificate. The certificate can be either a public/paid one. The important part is for that certificate to be pushed to all of the end workstations. This can usually be done via GPO
03. Back to client side, should the client also need to import this certificate in trusted root certification authorities?
Or the client will trust ACS identity certificate against the root CA certificate store at client's trusted root certification authorities, where they have the identical issuer?
See above
04. Extra question: If no CA environment, would it be sufficient simply export ACS self-signed certificate and import to client computer, and it's trusted?
See above
Thank you for rating!
Similar Messages
-
802.1x Wireless Authentication
Hello
I am using a MS Certificate Server and MS Radius server with 802.1x Wireless Authentication. When the macs Authenticate I get a warning so to speak and the Cert will not save or trust. I have enter it in as a 509 anchor and other and still the same thing. Is anyone out there doing this.
The windows says
801x Authentication
The Server Certificate could not be validated becuase the root certificate is missing.
ThanksNo, CA wasn't changed with R2.
Are you able to see the User's certificate in the Keychain app under the login keychain & My Certificates? Can you see the CA's certificate under the X509Anchors?
In the login keychain, when looking at the Users certificate, does it show as valid? -
802.1x RADIUS authentication problem with Cat 2950 to CiscoSecure ACS 3.3
I wondered if anyone can help or shed any light on the following problem.
I am getting an authentication error when doing a RADIUS authentication to CiscoSecure ACS 3.3 running on a Windows 2003 server, the authentication request is coming from a Catalyst 2950 switch which is doing 802.1x for Windows XP clients. This problem only happens when the XP client connects to 2950 switches, Cat 3550s and 3560s work fine.
The Cat2950 is running 12.1.20 (EA1) which is more or less the latest IOS.
The error I get from ACS 3.3 is "Invalid message authenticator in EAP request" when the 2950 tries to authenticate an XP client for 802.1x to the ACS server using RADIUS.
Doing a RADIUS and 802.1x debug on the 2950 I see a message about 'Unknown EAP type', I am using PEAP on the XP client doing EAP-MS-CHAPv2 authentication, the same XP client authenticates fine with 3550 and 3560 switches problem only affects 2950s. Can anyone confirm the 2950 supports EAP-MS-CHAPv2?
I have checked and re-checked the shared secret and it definitely matches on 2950 and ACS.
One thing I noticed in the RADIUS debug is the 2950 sends 18 bytes for attribute 79 when the RFC defines attribute 79 should be 3 bytes or less, I don't know if this is related to the problem or is correct behaviour.Hi, I am new with 802.1x, and was hoping that someone would help with these queries:
1. How is a certificate requested without being allowed on a network that is not authenticated with 802.1x. I had to first connect to an active network, retrieve a certificate with the proper username and password, and then physically connect to the port on the 2950 switch which was enabled to do 802.1x
2. My config is as below:
aaa new-model
aaa authentication dot1x default group radius
aaa authenication login default group radius
dot1x system-auth-control
interface f0/1
switchport mode access
dot1x port-control auto
end
I able to login using the radius server, so radius is working (on ports other than f1/0). However when connecting to f1/0, the port on the 2950 remains blocked.
3. The certificate is issued by the ca server, is viewable via Internet explorer,and is issued to the correct username which is on the active directory.
I even tried using local authenication with 802.1x, this did not work
4. If I have a certificate, will this automatically give me access to the 802.1x port?
5. I have windows 2000, and authenication is set to 'Smart Card or other certificate.
Am I missing anything?
Any advise will be greatly appreciated
Chris -
RADIUS Authentication Problems with NPS Server Eventid 6274
Hi,
We have struggled for a while with RADIUS auth for some clients against an NPS Server when the user or computer tries to connect to the wireless network the following error can be seen on the NPS server:
Network Policy Server discarded the request for a user
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: host/hostname.domainname.com
Account Domain: -
Fully Qualified Account Name: -
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 40-20-B1-F4-BB-15:Wireless-SSID
Calling Station Identifier: C1-18-85-08-10-E1
NAS:
NAS IPv4 Address: 192.168.10.10
NAS IPv6 Address: -
NAS Identifier: AP name
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 0
RADIUS Client:
Client Friendly Name: name
Client IP Address: 192.168.10.10
Authentication Details:
Connection Request Policy Name: Secure Wireless Connections
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: NPS servername
Authentication Type: -
EAP Type: -
Account Session Identifier: -
Reason Code: 3
Reason: The RADIUS Request message that Network Policy Server received from the network access server was malformed.
Network Policy Server discarded the request for a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: domainname\username
Account Domain: -
Fully Qualified Account Name: -
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 20-18-B1-F4-BB-15:Wireless-SSID
Calling Station Identifier: 09-3E-8E-3E-5A-C9
NAS:
NAS IPv4 Address: 192.168.10.10
NAS IPv6 Address: -
NAS Identifier: AP name
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 0
RADIUS Client:
Client Friendly Name: name
Client IP Address: 192.168.10.10
Authentication Details:
Connection Request Policy Name: Secure Wireless Connections
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: NPS server name
Authentication Type: -
EAP Type: -
Account Session Identifier: -
Reason Code: 3
Reason: The RADIUS Request message that Network Policy Server received from the network access server was malformed.
Message seen from the AP's logs:
(317)IEEE802.1X auth is starting (at if=wifi0.2)
(318)Send message to RADIUS Server(192.168.60.166): code=1 (Access-Request) identifier=157 length=162, User-Name=domain\username NAS-IP-Address=192.168.10.10 Called-Station-Id=40-18-B1-F4-BB-15:Wireless-SSID Calling-Station-Id=C0-18-85-08-10-E1
(319)Receive message from RADIUS Server: code=11 (Access-Challenge) identifier=157 length=90
(320)Send message to RADIUS Server(192.168.60.166): code=1 (Access-Request) identifier=158 length=286, User-Name=domain\username NAS-IP-Address=192.168.10.10 Called-Station-Id=40-18-B1-F4-BB-15:Wireless-SSID Calling-Station-Id=C0-18-85-08-10-E1
(321)Send message to RADIUS Server(192.168.60.166): code=1 (Access-Request) identifier=161 length=162, User-Name=domain\username NAS-IP-Address=192.168.10.10 Called-Station-Id=40-18-B1-F4-BB-15:Wireless-SSID Calling-Station-Id=C0-18-85-08-10-E1
(322)Receive message from RADIUSServer: code=11 (Access-Challenge) identifier=161 length=90 BASIC
Output omitted
(330)Sta(at if=wifi0.2) is de-authenticated because of notification of driver
We have other NPS Servers with corresponding policy settings which are working so I am having trouble to understand why this errors occurs.
Initally the problem seemed to be related to the Cert on the NPS server cause it used the cert generated from the Somputer template. Now it uses the template for Domain controller just as the other NPS servers so this should not be the issue(Not sure if
this matters?)
Please guide me on how to take this further
Thank you :)
//CrisHi,
NPS Event ID: 6274.
This condition occurs when the NPS discards accounting requests because the structure of the accounting request message that was sent by a RADIUS client does not comply with the RADIUS protocol. You should reconfigure, upgrade, or replace the RADIUS client.
Detailed information reference:
Event ID 6274 — NPS Accounting Request Message Processing
https://technet.microsoft.com/en-us/library/cc735339(v=WS.10).aspx
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
WPA2-Enterprise + EAP (PEAP) and 802.1x to authenticate to RADIUS server NPS
I need to connect my iPhone and my iPad to the corporate wireless network using WPA2-Enterprise and 802.1x to authenticate against a RADIUS server with my corporate user. What is the procedure to configure the clients? Certificates is not necessary on the client. Radius server is a NPS of Microsoft and the WLC is a 5508 of Cisco.
thanks !!!WPA and WPA2 are all actually interim protocols that are used until the standardization of IEEE 802.11i standard. Wi-fi appliance decided that ratification and standardization of 802.11i standards will take more time. So, they came up with WPA.
Now, WPA2 is advanced version of WPA. WPA2 uses AES as encryption algorithm. Whereas, WPA use TKIP as encryption mode which in turn uses RC4 encryption algorithm.
WPA and WPA2 are actually are of 2 types respectively.
WPA/WPA2-PSK - This is mainly for small offices. This uses Pre-Shared Key for authentication.
WPA/WPA2 -Enterprise - This uses a RADIUS Server for authentication. This is an extension to 802.1x authentication. But this uses stronger encryption scheme(WPA uses RC4 and WPA2 uses AES).
Any authentication mechanism that involves a separation authentication server for authentication like ACS server is called 802.1x authentication.
EAP stands for Extensible Authentication Protocol. It refers to the type or method of 802.1x Authentication by the RADIUS/Tacacs server. A RADIUS server can authenticate a wireless client with various EAP methods.
LEAP is one type of EAP. It uses username and password for authenticating wireless clients. LEAP is cisco proprietory.
There are also EAP types which uses other user credentials like Certificates, SIM etc for authentcation.
The following document might clarify your doubts.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e8297.shtml -
MacBook Pro will not connect to RADIUS authenticated SSID
We are having problems with MacBook Pros and a MacBook Air not connecting to our wireless network. We have successfully connected hundreds of iPads and multiple other machines. All of the non-working machines are running OS X 10.9.5. The MacBook Air is brand new.
We have a centrally managed wireless system made by Avaya. The SSID they are trying to connect to is protected by a password and RADIUS authentication. The SSID is called KT_MAC.
A typical scenario looks like this:
I add the device's MAC address to the RADIUS server (add it to the MAC OU in AD and add it to the MACAuth group)
I attempt to connect to the KT_MAC SSID
I am prompted for the password, which I type in
Sometimes it connects on the first try, but usually it doesn't. It will say something along the lines of Unable to join KT_MAC network or something.
I then attempt to connect to the KT_MAC SSID again
I am prompted for the password again, which I type in again
It generally connects on this second attempt but not always.
We have tried resetting the PRAM as well as deleting the saved profiles from each machine. Any guidance you can provide would be appreciated. Thank you.
Here is the wifi.log from one of the affected MacBook Pros:
Wed Apr 16 06:45:25.344 ***Starting Up***
Wed Apr 16 06:45:38.389 <airportd[79]> airportdProcessDLILEvent: en1 attached (down)
Wed Apr 16 06:45:39.056 <airportd[79]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Apr 16 10:40:37.435 ***Starting Up***
Wed Apr 16 10:40:53.769 <airportd[79]> airportdProcessDLILEvent: en1 attached (down)
Wed Apr 16 10:40:53.786 <airportd[79]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Apr 16 10:44:46.113 ***Starting Up***
Wed Apr 16 10:44:46.130 <airportd[61]> airportdProcessDLILEvent: en1 attached (up)
Thu Apr 17 09:20:53.884 ***Starting Up***
Thu Apr 17 09:21:09.766 <airportd[79]> airportdProcessDLILEvent: en1 attached (down)
Thu Apr 17 09:21:09.794 <airportd[79]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Thu Apr 17 09:25:11.200 ***Starting Up***
Thu Apr 17 09:25:11.223 <airportd[62]> airportdProcessDLILEvent: en1 attached (up)
Fri Jun 6 09:31:42.478 ***Starting Up***
Fri Jun 6 09:31:58.966 <airportd[80]> airportdProcessDLILEvent: en1 attached (down)
Fri Jun 6 09:31:59.026 <airportd[80]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Fri Jun 6 09:36:06.250 ***Starting Up***
Fri Jun 6 09:36:06.270 <airportd[62]> airportdProcessDLILEvent: en1 attached (up)
Fri Jun 6 09:45:40.827 ***Starting Up***
Fri Jun 6 09:45:41.100 <airportd[64]> airportdProcessDLILEvent: en1 attached (up)
Thu Aug 7 14:07:36.331 ***Starting Up***
Thu Aug 7 14:07:51.354 <airportd[79]> airportdProcessDLILEvent: en1 attached (down)
Thu Aug 7 14:07:51.362 <airportd[79]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Thu Aug 7 14:09:52.852 ***Starting Up***
Thu Aug 7 14:09:52.863 <airportd[65]> airportdProcessDLILEvent: en1 attached (up)
Thu Aug 7 14:18:27.352 ***Starting Up***
Thu Aug 7 14:18:27.478 <airportd[64]> airportdProcessDLILEvent: en1 attached (up)
Wed Aug 13 10:08:40.677 ***Starting Up***
Wed Aug 13 10:08:54.747 <airportd[79]> airportdProcessDLILEvent: en1 attached (down)
Wed Aug 13 10:08:54.775 <airportd[79]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Aug 13 10:11:16.001 ***Starting Up***
Wed Aug 13 10:11:16.019 <airportd[65]> airportdProcessDLILEvent: en1 attached (up)
Wed Aug 13 10:36:42.311 <airportd[65]> _processSystemPSKAssoc: No password for network <CWNetwork: 0x7fb319c0c600> [ssid=KT_MAC, bssid=cc:f9:54:9c:0c:95, security=WPA/WPA2 Personal, rssi=-48, channel=<CWChannel: 0x7fb319c0be20> [channelNumber=11(2GHz), channelWidth={20MHz}], ibss=0] in the system keychain
Wed Aug 13 10:37:06.172 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 10:37:06.319 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 10:42:28.162 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 10:42:28.927 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 10:46:15.069 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 10:55:15.558 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 10:55:48.574 ***Starting Up***
Wed Aug 13 10:55:48.607 <airportd[65]> airportdProcessDLILEvent: en1 attached (up)
Wed Aug 13 10:57:06.316 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 11:01:36.170 <airportd[65]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 11:02:08.821 ***Starting Up***
Wed Aug 13 11:02:08.860 <airportd[66]> airportdProcessDLILEvent: en1 attached (up)
Wed Aug 13 11:03:30.508 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 11:51:20.003 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 11:51:21.436 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 11:51:28.110 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:19:51.335 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:19:51.881 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:20:42.635 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:24:03.774 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:24:04.289 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:24:13.201 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:28:39.658 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:28:40.139 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:29:19.235 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:30:30.152 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:30:30.639 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:30:39.280 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:41:45.386 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:41:45.870 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:42:01.343 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:45:19.733 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:45:20.322 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:46:21.947 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:46:46.015 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:46:46.938 <airportd[66]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:47:23.876 ***Starting Up***
Wed Aug 13 14:47:23.980 <airportd[76]> airportdProcessDLILEvent: en1 attached (down)
Wed Aug 13 14:47:30.166 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:47:49.006 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:50:45.857 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:50:46.733 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:50:53.301 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:53:50.650 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:53:51.139 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:53:55.950 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:54:04.344 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:54:04.890 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 14:54:10.672 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 15:29:37.354 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 15:29:37.949 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 13 15:29:43.381 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 07:45:08.606 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 07:45:09.095 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 07:45:15.685 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 07:52:36.817 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 07:52:37.317 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 07:52:43.699 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 10:35:31.857 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 10:35:32.343 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 10:35:37.513 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 14 15:14:58.070 <airportd[76]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Aug 20 09:02:37.988 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 09:04:16.526 <airportd[76]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Aug 20 13:38:15.045 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 13:42:00.449 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 13:42:00.947 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 13:42:06.664 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:00.054 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:00.467 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:05.892 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:12.064 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:12.709 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:17.467 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:26.654 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:27.140 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:32.104 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:38.083 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:38.597 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:19:44.561 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:20:58.990 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 20 14:20:59.540 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:48:48.223 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:51:31.070 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:51:31.627 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:51:44.224 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:55:39.838 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:55:40.309 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:55:48.012 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:56:10.669 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:56:11.170 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:56:16.734 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:56:38.283 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:56:38.782 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:56:43.755 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:57:27.425 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 07:57:27.862 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 11:00:35.541 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 11:07:15.263 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 11:07:20.996 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 11:07:35.210 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 11:08:08.856 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 11:08:09.394 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 11:09:40.498 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 14:00:57.796 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 14:00:58.388 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 14:01:09.718 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 14:02:10.320 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 14:02:10.841 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 14:02:16.251 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 21 15:19:57.730 <airportd[76]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Thu Aug 21 17:20:21.212 <airportd[76]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Tue Aug 26 09:40:29.421 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Aug 26 09:40:31.018 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Aug 26 09:40:39.112 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Aug 26 12:33:17.002 <airportd[76]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Aug 27 11:19:57.907 <airportd[76]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Aug 27 13:39:45.540 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 13:39:49.983 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 13:39:51.109 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 13:40:03.295 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 13:40:24.889 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 13:40:25.379 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 13:40:25.412 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 13:43:14.013 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 14:00:05.235 <airportd[76]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Aug 27 14:39:41.454 <airportd[76]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Aug 27 14:40:24.778 ***Starting Up***
Wed Aug 27 14:40:24.962 <airportd[74]> airportdProcessDLILEvent: en1 attached (up)
Wed Aug 27 16:19:03.698 <airportd[74]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Thu Aug 28 08:46:43.526 <airportd[74]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 10:17:27.689 <airportd[74]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Thu Aug 28 11:28:30.790 <airportd[74]> _handleLinkEvent: Got an error trying to query WiFi for power. Resetting state variables.
Thu Aug 28 11:29:13.259 <airportd[74]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 11:29:44.661 ***Starting Up***
Thu Aug 28 11:29:45.001 <airportd[69]> airportdProcessDLILEvent: en1 attached (up)
Thu Aug 28 11:30:36.331 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 11:46:38.432 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 11:46:39.745 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 11:46:47.701 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 11:57:42.197 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 11:57:42.769 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 11:58:11.783 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Thu Aug 28 14:20:25.408 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 14:24:19.381 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 14:24:19.850 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Aug 28 14:24:31.421 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Fri Aug 29 14:56:26.295 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:22:35.627 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:22:36.623 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:22:55.827 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:23:02.069 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:23:02.769 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:23:09.667 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:23:16.290 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:23:16.963 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:23:22.575 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:25:26.678 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:25:27.200 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:25:32.201 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:26:13.725 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:26:14.253 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:26:20.486 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:26:42.304 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:26:42.817 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:26:47.337 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:27:16.340 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:27:16.796 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:27:23.720 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:29:15.644 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:29:16.061 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Aug 29 15:29:18.938 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Sep 3 09:35:54.553 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 09:35:55.902 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 09:36:02.003 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 10:16:04.232 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 10:16:05.097 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 10:16:11.571 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:23:20.719 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:23:41.332 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:23:42.272 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:24:19.455 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:24:26.410 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:24:56.452 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:25:01.587 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 3 11:25:01.710 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 08:07:04.320 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 08:07:05.150 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 09:30:29.203 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 15:37:43.025 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 15:37:43.637 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 15:39:31.062 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 15:42:25.933 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 15:42:26.467 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 4 15:42:34.515 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Fri Sep 5 07:50:25.167 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Sep 5 07:50:25.648 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Fri Sep 5 07:50:42.279 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Fri Sep 5 11:54:40.981 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Sep 10 08:41:58.791 <airportd[69]> _handleLinkEvent: Got an error trying to query WiFi for power. Resetting state variables.
Thu Sep 11 10:07:01.271 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Sep 17 15:36:49.049 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 17 16:01:44.231 <airportd[69]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Thu Sep 18 08:56:41.771 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 18 08:56:43.081 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 18 08:56:43.186 <airportd[69]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Thu Sep 18 09:00:32.568 ***Starting Up***
Thu Sep 18 09:00:33.214 <airportd[64]> airportdProcessDLILEvent: en1 attached (up)
Mon Sep 22 09:22:24.363 <airportd[64]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Mon Sep 22 09:22:32.890 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Sep 23 14:41:33.196 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Sep 23 14:45:22.840 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Sep 23 14:45:23.438 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Sep 23 14:45:32.513 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 14:30:58.274 <airportd[64]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Wed Sep 24 14:56:26.902 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 14:57:33.995 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 14:57:34.531 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 14:57:34.646 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 15:39:07.563 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 15:40:16.183 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 15:40:16.637 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Wed Sep 24 15:40:43.234 <airportd[64]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Fri Oct 3 07:41:49.370 <airportd[64]> _handleLinkEvent: WiFi is not powered. Resetting state variables.
Tue Oct 7 07:54:00.397 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Oct 7 08:10:14.340 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Oct 7 08:10:15.306 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Oct 7 08:10:21.639 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Oct 7 09:04:53.718 <airportd[64]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Oct 7 09:05:55.913 ***Starting Up***
Tue Oct 7 09:05:55.937 <airportd[63]> airportdProcessDLILEvent: en1 attached (down)
Tue Oct 7 09:08:48.018 <kernel> IO80211ScanManager::startScanMultiple: Scan request received from 'airportd' (pid 63) (2 SSIDs, 0 BSSIDs).
Tue Oct 7 09:08:48.018 <kernel> IO80211ScanManager::startScanMultiple: Initiating scan.
Tue Oct 7 09:08:48.323 <airportd[63]> userOnConsole: user: physed
Tue Oct 7 09:08:48.323 <airportd[63]> __startAutoJoinForInterface_block_invoke: AUTOJOIN: Already in progress for interface en1 in wake context 0.
Tue Oct 7 09:08:48.437 <airportd[63]> userOnConsole: user: physed
Tue Oct 7 09:08:48.437 <airportd[63]> __startAutoJoinForInterface_block_invoke: AUTOJOIN: Already in progress for interface en1 in wake context 0.
Tue Oct 7 09:08:48.870 <kernel> IO80211ScanManager::startScan: Broadcast scan request received from 'locationd' (pid 41) ().
Tue Oct 7 09:08:48.870 <kernel> IO80211ScanManager::getScanResult: All scan results returned for 'airportd' (pid 63).
Tue Oct 7 09:08:48.871 <kernel> IO80211ScanManager::getScanResult: All scan results returned for 'locationd' (pid 41).
Tue Oct 7 09:08:48.881 <airportd[63]> matchAndJoinNetworkListAgainstScanResults: matched with SSID “KT_MAC”
Tue Oct 7 09:08:48.881 <airportd[63]> _doAssociate: network: “KT_MAC”, systemMode: 1, userOnConsole: 1
Tue Oct 7 09:08:48.888 <airportd[63]> _doAssociate: Successfully pulled the password from the keychain. Now trying to associate.
Tue Oct 7 09:08:48.920 <airportd[63]> _handleNewMessage: Received XPC message, event = ASSOC_EVENT, pid = 63
Tue Oct 7 09:08:48.921 <airportd[63]> associate: INFO: airportd associate: network=<CWNetwork: 0x7fb243510a20> [ssid=KT_MAC, bssid=cc:f9:54:9c:0c:95, security=WPA/WPA2 Personal, rssi=-46, channel=<CWChannel: 0x7fb2435157d0> [channelNumber=1(2GHz), channelWidth={20MHz}], ibss=0], is8021X=0, remember=1
Tue Oct 7 09:08:48.930 <airportd[63]> associate: INFO: Checking if admin authorization is required
Tue Oct 7 09:08:48.936 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/CachedScanRecord' 'State:/Network/Interface/en1/AirPort/Power Status' }
Tue Oct 7 09:08:48.936 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CachedScanRecord'
Tue Oct 7 09:08:48.936 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Power Status'
Tue Oct 7 09:08:48.936 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Busy' }
Tue Oct 7 09:08:48.936 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Busy'
Tue Oct 7 09:08:48.937 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/CHANNEL' 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp' }
Tue Oct 7 09:08:48.937 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CHANNEL'
Tue Oct 7 09:08:48.937 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp'
Tue Oct 7 09:08:48.982 <kernel> parseRSNIE: groupCipherType = 3 pairwiseCipherType = 5 authSel = 2
Tue Oct 7 09:08:48.982 <kernel> initWithInterfaceAndIE: _myMacAddress 2c:be:08:eb:fc:9e
Tue Oct 7 09:08:48.982 <kernel> setPMK: PMK SET!
Tue Oct 7 09:08:48.988 <airportd[63]> _p2pSupEventCallback: APPLE80211_M_LINK_CHANGED
Tue Oct 7 09:08:48.988 <airportd[63]> _p2pSupEventCallback: Primary interface link marked up
Tue Oct 7 09:08:48.988 <airportd[63]> _p2pSupEventCallback: New channel = 36 (flags=0x214)
Tue Oct 7 09:08:48.988 <airportd[63]> _bsd_80211_event_callback: LINK_CHANGED (en1)
Tue Oct 7 09:08:48.988 <airportd[63]> airportdProcessDriverEvent: link changed
Tue Oct 7 09:08:48.993 <airportd[63]> _bsd_80211_event_callback: SSID_CHANGED (en1)
Tue Oct 7 09:08:48.993 <airportd[63]> _bsd_80211_event_callback: BSSID_CHANGED (en1)
Tue Oct 7 09:08:48.993 <airportd[63]> _p2pSupEventCallback: APPLE80211_M_BSSID_CHANGED
Tue Oct 7 09:08:48.993 <airportd[63]> __AirPortOpportunisticRoamBSSIDChanged: <en1> BSSID Change Event old <CC:F9:54:9C:0C:85>, new <CC:F9:54:9C:0C:85>reset Opp Roam to <-2147483648>
Tue Oct 7 09:08:48.993 <airportd[63]> _bsd_80211_event_callback: Frequency Band updated <2>
Tue Oct 7 09:08:48.993 <airportd[63]> BluetoothCoexHandleUpdateForNode: <en1> Handle Bluetooth Coex: FrequencyBand <2>, Bluetooth Bandwidth Utilization <0>, Clamshell Mode <0>
Tue Oct 7 09:08:48.993 <airportd[63]> BluetoothCoexModeSet: <en1> already set to BT Coex mode 'Off', do not perform APPLE80211_IOC_BTCOEX_MODE
Tue Oct 7 09:08:48.993 <airportd[63]> BluetoothCoexSettingPerChainTransmitPowerOffsets: Per TX Chain Power Offset Control (
Tue Oct 7 09:08:48.993 0,
Tue Oct 7 09:08:48.993 0,
Tue Oct 7 09:08:48.993 0
Tue Oct 7 09:08:48.993 )
Tue Oct 7 09:08:48.996 <kernel> en1: Received EAPOL packet (length = 113)
Tue Oct 7 09:08:48.996 <kernel> inputEAPOLFrame: 0 extra bytes present in EAPOL frame.
Tue Oct 7 09:08:48.996 <kernel> inputEAPOLFrame: Received message 1 of 4
Tue Oct 7 09:08:48.996 <kernel> FULL RSN IE FOUND:
Tue Oct 7 09:08:48.996 [00000000] 30 18 01 00 00 0F AC 02 02 00 00 0F AC 04 00 0F AC 02 01 00 00 0F AC 02 0C 00
Tue Oct 7 09:08:48.996 <kernel> storeFullRSNIE: getAP_IE_LIST returned 0
Tue Oct 7 09:08:48.996 <kernel> PMK:
Tue Oct 7 09:08:48.996 [00000000] 61 35 71 AB 2C F6 AF 24 23 06 8D C5 1E 5F 75 88 0A B9 72 A4 5E 05 BA F2 54 A5 2E 64 0E 2F
Tue Oct 7 09:08:48.996 [0000001E] F1 E3
Tue Oct 7 09:08:48.996 <kernel> TPTK:
Tue Oct 7 09:08:48.996 [00000000] 35 38 A9 BA 8C C2 A7 E2 8B FF 84 0B AC 62 21 01 E8 7C 00 CB 0C 64 36 C7 17 F7 BD 4A 20 1C
Tue Oct 7 09:08:48.996 [0000001E] 59 9E 58 DC 8C 88 BF 46 31 43 7F 3D 63 07 BC E4 2D B8 B9 4D AA D7 D0 AB 2F CB 49 F0 CB F7
Tue Oct 7 09:08:48.996 [0000003C] B5 D1 85 CC
Tue Oct 7 09:08:48.996 <kernel> KEY MIC:
Tue Oct 7 09:08:48.996 [00000000] 47 E1 FD 97 16 21 0F 8F BE 93 08 63 65 E7 83 50
Tue Oct 7 09:08:48.996 <kernel> process1of4: sending replyPacket 135 bytes
Tue Oct 7 09:08:48.996 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Power Status' 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp' 'State:/Network/Interface/en1/AirPort/Busy' }
Tue Oct 7 09:08:48.997 <kernel> en1: Received EAPOL packet (length = 217)
Tue Oct 7 09:08:48.997 <kernel> inputEAPOLFrame: 0 extra bytes present in EAPOL frame.
Tue Oct 7 09:08:48.997 <kernel> inputEAPOLFrame: decrypting key data
Tue Oct 7 09:08:48.997 <kernel> inputEAPOLFrame: Received message 3 of 4
Tue Oct 7 09:08:48.997 <kernel> process3of4: Performing IE check.
Tue Oct 7 09:08:48.997 <kernel> process3of4: sending replyPacket ( len = 113 ).
Tue Oct 7 09:08:48.997 <kernel> process3of4: received pairwise GTK
Tue Oct 7 09:08:48.997 <kernel> ptkThread: Sleeping!
Tue Oct 7 09:08:48.997 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/SSID' 'State:/Network/Interface/en1/AirPort/CachedScanRecord' 'State:/Network/Interface/en1/AirPort/SSID_STR' }
Tue Oct 7 09:08:48.999 <kernel> ptkThread: Installing PTK!
Tue Oct 7 09:08:48.999 <kernel> PTK:
Tue Oct 7 09:08:48.999 [00000000] 58 DC 8C 88 BF 46 31 43 7F 3D 63 07 BC E4 2D B8
Tue Oct 7 09:08:48.999 <kernel> ptkThread: Installing GTK!
Tue Oct 7 09:08:48.999 <kernel> installGTK: setting cipher key (flags = 0x0)
Tue Oct 7 09:08:49.000 <kernel> RSC:
Tue Oct 7 09:08:49.000 [00000000] 22 0B 1F 01 00 00
Tue Oct 7 09:08:49.000 <kernel> GTK:
Tue Oct 7 09:08:49.000 [00000000] 12 64 92 29 99 8D 4C 8A D2 D5 CC E5 5B CB B7 09 96 6B 53 F9 88 F4 C7 B7 71 72 DD 88 F1 EB
Tue Oct 7 09:08:49.000 [0000001E] 0C FC
Tue Oct 7 09:08:49.000 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/CHANNEL' }
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessDriverEvent: SSID changed
Tue Oct 7 09:08:49.000 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/BSSID' }
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessDriverEvent: BSSID changed
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Power Status'
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp'
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Busy'
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID'
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CachedScanRecord'
Tue Oct 7 09:08:49.000 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID_STR'
Tue Oct 7 09:08:49.001 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CHANNEL'
Tue Oct 7 09:08:49.001 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/BSSID'
Tue Oct 7 09:08:49.028 <airportd[63]> _bsd_80211_event_callback: LINK_QUALITY (en1)
Tue Oct 7 09:08:49.103 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Power Status' 'State:/Network/Interface/en1/AirPort/UserMode8021X' }
Tue Oct 7 09:08:49.103 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Power Status'
Tue Oct 7 09:08:49.104 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/UserMode8021X'
Tue Oct 7 09:08:49.105 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp' }
Tue Oct 7 09:08:49.105 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp'
Tue Oct 7 09:08:49.109 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Busy' 'State:/Network/Interface/en1/AirPort/SSID' 'State:/Network/Interface/en1/AirPort/CachedScanRecord' }
Tue Oct 7 09:08:49.110 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Busy'
Tue Oct 7 09:08:49.110 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID'
Tue Oct 7 09:08:49.110 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CachedScanRecord'
Tue Oct 7 09:08:49.110 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/SSID_STR' 'State:/Network/Interface/en1/AirPort/CHANNEL' }
Tue Oct 7 09:08:49.110 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID_STR'
Tue Oct 7 09:08:49.110 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CHANNEL'
Tue Oct 7 09:08:49.110 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/BSSID' }
Tue Oct 7 09:08:49.111 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/BSSID'
Tue Oct 7 09:08:49.112 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/WEPOpenSystem' }
Tue Oct 7 09:08:49.112 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEPOpenSystem'
Tue Oct 7 09:08:49.112 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/WEP40' }
Tue Oct 7 09:08:49.113 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEP40'
Tue Oct 7 09:08:49.383 <airportd[63]> userOnConsole: user: physed
Tue Oct 7 09:08:49.383 <airportd[63]> __startAutoJoinForInterface_block_invoke: AUTOJOIN: Already in progress for interface en1 in wake context 0.
Tue Oct 7 09:08:49.394 <kernel> IO80211ScanManager::startScan: Broadcast scan request received from 'airportd' (pid 63) ().
Tue Oct 7 09:08:49.395 <kernel> IO80211ScanManager::getScanResult: All scan results returned for 'airportd' (pid 63).
Tue Oct 7 09:08:49.512 <kernel> IO80211ScanManager::startScan: Broadcast scan request received from 'airportd' (pid 63) ().
Tue Oct 7 09:08:49.513 <kernel> IO80211ScanManager::getScanResult: All scan results returned for 'airportd' (pid 63).
Tue Oct 7 09:08:49.522 <airportd[63]> _doAssociate: assocError (0)
Tue Oct 7 09:08:49.522 <airportd[63]> matchAndJoinNetworkListAgainstScanResults: successfully associated to “KT_MAC”
Tue Oct 7 09:08:49.527 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Power Status' 'State:/Network/Interface/en1/AirPort/UserMode8021X' }
Tue Oct 7 09:08:49.527 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Power Status'
Tue Oct 7 09:08:49.527 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/UserMode8021X'
Tue Oct 7 09:08:49.528 <kernel> IO80211ScanManager::startScan: Broadcast scan request received from 'SystemUIServer' (pid 167) ().
Tue Oct 7 09:08:49.528 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp' 'State:/Network/Interface/en1/AirPort/WEPOpenSystem' }
Tue Oct 7 09:08:49.529 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp'
Tue Oct 7 09:08:49.530 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEPOpenSystem'
Tue Oct 7 09:08:49.530 <kernel> IO80211ScanManager::getScanResult: All scan results returned for 'SystemUIServer' (pid 167).
Tue Oct 7 09:08:49.530 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/WEP40' }
Tue Oct 7 09:08:49.532 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEP40'
Tue Oct 7 09:08:49.532 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Busy' }
Tue Oct 7 09:08:49.532 <airportd[63]> interfaceBusyStateChanged: Busy state for en1 changed to not busy. gSystemSleeping = 0, gMaintenanceWake = 0
Tue Oct 7 09:08:49.532 <airportd[63]> _updateInterfaceBusySetting: Disabling P2P scan suppress
Tue Oct 7 09:08:49.532 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Busy'
Tue Oct 7 09:08:49.534 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/SSID' 'State:/Network/Interface/en1/AirPort/CachedScanRecord' 'State:/Network/Interface/en1/AirPort/SSID_STR' 'State:/Network/Interface/en1/AirPort/CHANNEL' }
Tue Oct 7 09:08:49.534 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID'
Tue Oct 7 09:08:49.534 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CachedScanRecord'
Tue Oct 7 09:08:49.534 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID_STR'
Tue Oct 7 09:08:49.534 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CHANNEL'
Tue Oct 7 09:08:49.534 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/BSSID' }
Tue Oct 7 09:08:49.534 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/BSSID'
Tue Oct 7 09:08:49.535 <airportd[63]> __startAutoJoinForInterface_block_invoke_2: exiting
Tue Oct 7 09:08:52.043 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Service/7916B194-D6E3-4D97-947E-70FBB10ECCED/DHCP' }
Tue Oct 7 09:08:52.043 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Service/7916B194-D6E3-4D97-947E-70FBB10ECCED/DHCP'
Tue Oct 7 09:08:52.043 <airportd[63]> _processDHCPChanges: State:/Network/Service/7916B194-D6E3-4D97-947E-70FBB10ECCED/DHCP
Tue Oct 7 09:08:52.043 <airportd[63]> _processDHCPChanges: DHCP airport_changed = 1
Tue Oct 7 09:08:52.044 <airportd[63]> _setDHCPMessage: dhcpInfoKey "State:/Network/Interface/en1/AirPort/DHCP Message" = (null)
Tue Oct 7 09:08:54.695 <kernel> IO80211ScanManager::startScanMultiple: Scan request received from 'SystemUIServer' (pid 167) (2 SSIDs, 0 BSSIDs).
Tue Oct 7 09:08:54.695 <kernel> IO80211ScanManager::startScanMultiple: Initiating scan.
Tue Oct 7 09:08:57.902 <kernel> IO80211ScanManager::getScanResult: All scan results returned for 'SystemUIServer' (pid 167).
Tue Oct 7 09:08:57.902 <kernel> IO80211ScanManager::startScan: Broadcast scan request received from 'locationd' (pid 41) ().
Tue Oct 7 09:08:57.903 <kernel> IO80211ScanManager::getScanResult: All scan results returned for 'locationd' (pid 41).
Tue Oct 7 09:08:58.788 <airportd[63]> _SC_callback: Changed keys = { 'Setup:/Network/Interface/en1/AirPort' }
Tue Oct 7 09:08:58.788 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'Setup:/Network/Interface/en1/AirPort'
Tue Oct 7 09:08:58.798 <airportd[63]> userOnConsole: user: physed
Tue Oct 7 09:08:58.798 <airportd[63]> __startAutoJoinForInterface_block_invoke_2: AUTOJOIN: Starting for interface en1 in wake context 0.
Tue Oct 7 09:08:58.802 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Power Status' 'State:/Network/Interface/en1/AirPort/UserMode8021X' 'State:/Network/Interface/en1/AirPort/BSSID' }
Tue Oct 7 09:08:58.802 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Power Status'
Tue Oct 7 09:08:58.802 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/UserMode8021X'
Tue Oct 7 09:08:58.802 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/BSSID'
Tue Oct 7 09:08:58.803 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp' }
Tue Oct 7 09:08:58.803 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp'
Tue Oct 7 09:08:58.805 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/WEPOpenSystem' 'State:/Network/Interface/en1/AirPort/CHANNEL' 'State:/Network/Interface/en1/AirPort/WEP40' }
Tue Oct 7 09:08:58.805 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEPOpenSystem'
Tue Oct 7 09:08:58.805 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CHANNEL'
Tue Oct 7 09:08:58.805 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEP40'
Tue Oct 7 09:08:58.808 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Busy' }
Tue Oct 7 09:08:58.808 <airportd[63]> interfaceBusyStateChanged: Busy state for en1 changed to busy. gSystemSleeping = 0, gMaintenanceWake = 0
Tue Oct 7 09:08:58.808 <airportd[63]> _updateInterfaceBusySetting: Enabling P2P scan suppress
Tue Oct 7 09:08:58.809 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Busy'
Tue Oct 7 09:08:58.809 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/SSID' 'State:/Network/Interface/en1/AirPort/CachedScanRecord' }
Tue Oct 7 09:08:58.809 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID'
Tue Oct 7 09:08:58.809 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CachedScanRecord'
Tue Oct 7 09:08:58.809 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/SSID_STR' }
Tue Oct 7 09:08:58.809 <airportd[63]> _doAutoJoin: Wi-Fi supports multiple-directed scans
Tue Oct 7 09:08:58.809 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID_STR'
Tue Oct 7 09:08:58.809 <airportd[63]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Oct 7 09:08:58.812 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Power Status' 'State:/Network/Interface/en1/AirPort/UserMode8021X' }
Tue Oct 7 09:08:58.812 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Power Status'
Tue Oct 7 09:08:58.812 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/UserMode8021X'
Tue Oct 7 09:08:58.812 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/BSSID' }
Tue Oct 7 09:08:58.812 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/BSSID'
Tue Oct 7 09:08:58.813 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/SSID_STR' }
Tue Oct 7 09:08:58.813 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID_STR'
Tue Oct 7 09:08:58.814 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp' }
Tue Oct 7 09:08:58.814 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/AutoJoinTimestamp'
Tue Oct 7 09:08:58.815 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/CachedScanRecord' }
Tue Oct 7 09:08:58.815 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CachedScanRecord'
Tue Oct 7 09:08:58.816 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/WEPOpenSystem' }
Tue Oct 7 09:08:58.816 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEPOpenSystem'
Tue Oct 7 09:08:58.816 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/CHANNEL' }
Tue Oct 7 09:08:58.816 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/CHANNEL'
Tue Oct 7 09:08:58.817 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/WEP40' }
Tue Oct 7 09:08:58.817 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/WEP40'
Tue Oct 7 09:08:58.819 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/Busy' }
Tue Oct 7 09:08:58.819 <airportd[63]> __startAutoJoinForInterface_block_invoke_2: exiting
Tue Oct 7 09:08:58.819 <airportd[63]> interfaceBusyStateChanged: Busy state for en1 changed to not busy. gSystemSleeping = 0, gMaintenanceWake = 0
Tue Oct 7 09:08:58.819 <airportd[63]> _updateInterfaceBusySetting: Disabling P2P scan suppress
Tue Oct 7 09:08:58.819 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/Busy'
Tue Oct 7 09:08:58.819 <airportd[63]> _SC_callback: Changed keys = { 'State:/Network/Interface/en1/AirPort/SSID' }
Tue Oct 7 09:08:58.819 <airportd[63]> airportdProcessSystemConfigurationEvent: Processing 'State:/Network/Interface/en1/AirPort/SSID'
Tue Oct 7 09:08:58.995 <airportd[63]> _handleNewMessage: Received XPC message, event = DEBUG_FLAGS_EVENT, pid = 274
Tue Oct 7 09:08:59.037 <airportd[63]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.
Tue Oct 7 09:08:59.147 <airportd[63]> _doAutoJoin: Already associated to “KT_MAC”. Bailing on auto-join.Eventually ended up on the phone with an Apple Engineer through Educational Support. They reported to us there are known issues with some RADIUS connections and didn't have any solutions beyond installing the new version of OS X 10.10 Yosemite
We did install 10.10 on a spare machine and it did appear to solve the issue but was still in beta at the time. -
WPA2-Enterprise Radius Authentication Windows Server 2008 R2
Hello,
I have tried a few online tutorials for providing secure wireless access. I currently have a server running Server 2008 R2 that has RRAS, NAP, and AD CS installed on it. My goal is to create a wireless SSID that utilizes WPA2-Entperise for users
to connect. Their AD credentials would need to belong to my "Wireless Users" group. I have seen tutorials that involved certificates, and some tutorials that simply added the RADIUS clients along with the network/connection policies,
and then added the settings to the router. When I've tried both ways, the wireless network never connects to the network. If I un-check the "Use Windows login credentials" a username/password field pops up. I enter the credentials
(tried both username and domain\username) of an account that is part of "Wireless Users". When I hit OK it sits for a few moments, and then pops back up again. When I do check "Use Windows login credentials" it says it can't
connect.
I have tried different firmware on the router, and I know the router is not the issue. This server is joined to my domain controller. It feels like the NAP server is not reaching the domain to authenticate credentials. Am I doing anything
wrong that I should be made aware of? In NAP if I right click the server, the "register in active directory" is greyed out, which I assume is because it's already joined to the domain.
I appreciate any help you can provide.
-KenI've searched in "Event Viewer" on the NPS server, and came across an interesting error. I have Google'd the error, and there are only a select few articles about it. If I try to connect, often times I will get two information events:
Event ID 4400 "A LDAP connection with domain controller DC-VPN-IIS-01.dc.cooper.org for domain COOPER is established."
And now...the issue
Event ID 6273
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: COOPER\LAPTOP3-W7$
Account Name: host/laptop3-w7.dc.cooper.org
Account Domain: COOPER
Fully Qualified Account Name: COOPER\LAPTOP3-W7$
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: c0c1c074bfb6
Calling Station Identifier: 00216a902b70
NAS:
NAS IPv4 Address: 172.16.4.2
NAS IPv6 Address: -
NAS Identifier: c0c1c074bfb6
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 11
RADIUS Client:
Client Friendly Name: CiscoAP
Client IP Address: 172.16.4.2
Authentication Details:
Connection Request Policy Name: Use Windows authentication for all users
Network Policy Name: Connections to other access servers
Authentication Provider: Windows
Authentication Server: dc-vpn-iis-01.dc.cooper.org
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 65
Reason: The Network Access Permission setting in the dial-in properties of the user account in Active Directory is set to Deny access to the user. To change the Network Access Permission setting to either Allow access or Control access through NPS Network Policy, obtain the properties of the user account in Active Directory Users and Computers, click the Dial-in tab, and change Network Access Permission.
Clearly, when I try to connect, it's completely bypassing the network policy I created, but going to the "Connections to other access servers", which by default denys access. I've tried everything....removed and re-added the security policy...added
2 network policies for wireless. Does anyone know why the network policy I create for wireless is not being recognized? -
WLC 4402 RADIUS Authentication with IAS
Hello
I configured a WLAN with PEAP (CHAP v2)and Radius authentication to a Win 2003 IAS Radius Server.
On the controller 4402 the layer 2 security is set to WPA1+WPA2 with 802.1x authentication.
The IAS server don't use the configured policy when a authentication reguest arrive.
I there an issue with special RADIUS attributes or configuration items on the IAS Server?
The following event appear in the windows logs:
User STANS\kaesmr was denied access.
Fully-Qualified-User-Name = STANS\kaesmr
NAS-IP-Address = 172.17.25.6
NAS-Identifier = keynet-01
Called-Station-Identifier = 00-18-74-FB-CA-20:keynet
Calling-Station-Identifier = 00-16-CE-52-C8-EB
Client-Friendly-Name = Wireless-Controller
Client-IP-Address = 172.17.25.6
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 1
Proxy-Policy-Name = Windows-Authentifizierung f?r alle Benutzer verwenden
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = Extension
EAP-Type = <undetermined>
Reason-Code = 21
Reason = The request was rejected by a third-party extension DLL file.What I understand from your post is that the authentication is not handled by your IAS server. IF I am correct, the problem might be with the "Allow AA override" option disabled in your WLAN. If it is enabled, then the AAA server or your IAS server will override the security parameters set locally on the controller.
So, first ensure whether "Allow AAA override" is enabled under Controller--->WLAN field.
Also, chek out the logs of the IAS server for obtaining more info on this. -
802.1X wirelss restriction on user authentication
Hi,
In the 802.1x wireless environment, I would like to know is there any method to control single user credential only able to be autheticated for one time, at any given time.
Example: user ABC in domain XYZ.ORG authenticated via his/her desktop, this is using user authentication method.
After this he/she not able to use the same username/password trying to get authenticate neither using any another PC/tablet/smartphone devices.
The motive is to prevent user using same user credential able sign-in after he/she made the authenticaiton at first place.
Meaning to say he/she only able to authenticate to single device, at any given time. Same user credential is not allow to be use for authenticate purpose on other device.
The components as below:
supplicant: Window 7, authentication method using PEAP/MSCHAPv2; Apple iPhone iOS version 5.x, 6.x
Authenticator: Cisco Wireless Controller 5800 Series on code version 7.2
Authentication server: Cisco secure server ACS 5.3
Identity Source : Microsoft server 2008 ADDS, single forest single domain.
Question:
01. What we can configure on WLC, or ACS to enable above mention requirement
Thanks
Noelhttp://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/112175-acs51-peap-deployment-00.html
-
Wirelss AP1140 Radius authentication with Microsoft IAS
Hi,
I have a Cisco C1140 Ap. I have cnfigured the device. Initially for testing i used WPA and authenticated locally. I have now setup a radius server and added my AP in as a client etc. I have changed my SSID's to authenticate with the radius server and i am having issues authenticating.
I can connect via a PC and an iphone. They say that i am connected but i get no ip address and the debugs state that the authentication fails:
000466: Sep 5 14:33:07.074 AEST: %DOT11-7-AUTH_FAILED: Station 40a6.d967.8b13 Authentication failed
000467: Sep 5 14:33:28.368 AEST: %DOT11-7-AUTH_FAILED: Station bc77.3771.b15f Authentication failed
000468: Sep 5 14:33:39.837 AEST: %DOT11-7-AUTH_FAILED: Station 40a6.d967.8b13 Authentication failed
I can see the Radius server as connected
imc-syd-ap1#show aaa servers
RADIUS: id 4, priority 1, host 10.10.0.2, auth-port 1645, acct-port 1646
State: current UP, duration 4337s, previous duration 0s
Dead: total time 0s, count 0
Authen: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Author: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Account: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Elapsed time since counters last cleared: 1h12m
The debugs show:
000474: Sep 5 14:36:00.969 AEST: %DOT11-7-AUTH_FAILED: Station bc77.3771.b15f Authentication failed
000475: Sep 5 14:36:01.485 AEST: AAA/BIND(00000109
show dot11 associations:
imc-syd-ap1#show dot11 associations
802.11 Client Stations on Dot11Radio0:
SSID [IMC-Wireless-Data] :
MAC Address IP address Device Name Parent State
bc77.3771.b15f 0.0.0.0 ccx-client DAVID self AAA_Auth
Any ideas or recomendations would be greatly appreciated
Thanks
Below is a copy of my wireless config:
version 12.4
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname xxxxxxxxxxxxxx
logging buffered 40960 debugging
enable secret 5 xxxxxxxxxxxxx
aaa new-model
aaa group server tacacs+ IMC
server 172.16.100.3
aaa group server radius AUTHVPN
server 10.10.0.2 auth-port 1645 acct-port 1646
server 10.11.0.24 auth-port 1645 acct-port 1646
aaa authentication login default group IMC local enable
aaa authorization exec default group IMC local if-authenticated
aaa session-id common
clock timezone AEST 10
clock summer-time AEDT recurring 1 Sun Oct 2:00 1 Sun Apr 3:00
no ip domain lookup
ip domain name imc.net.au
dot11 syslog
dot11 ssid IMC-Wireless-Data
vlan 10
authentication open eap AUTHVPN
authentication network-eap AUTHVPN
guest-mode
mbssid guest-mode
infrastructure-ssid optional
information-element ssidl
dot11 ssid IMC-Wireless-Voice
vlan 14
authentication open eap AUTHVPN
authentication network-eap AUTHVPN
mbssid guest-mode
information-element ssidl
dot11 aaa authentication attributes service login-only
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode wep mandatory
ssid IMC-Wireless-Data
ssid IMC-Wireless-Voice
antenna gain 0
mbssid
station-role root
interface Dot11Radio0.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.14
encapsulation dot1Q 14
no ip route-cache
bridge-group 14
bridge-group 14 subscriber-loop-control
bridge-group 14 block-unknown-source
no bridge-group 14 source-learning
no bridge-group 14 unicast-flooding
bridge-group 14 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
encryption mode wep mandatory
ssid IMC-Wireless-Data
ssid IMC-Wireless-Voice
antenna gain 0
no dfs band block
mbssid
channel dfs
station-role root
interface Dot11Radio1.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1.14
encapsulation dot1Q 14
no ip route-cache
bridge-group 14
bridge-group 14 subscriber-loop-control
bridge-group 14 block-unknown-source
no bridge-group 14 source-learning
no bridge-group 14 unicast-flooding
bridge-group 14 spanning-disabled
interface GigabitEthernet0
description IMC-Wireless-Data
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
interface GigabitEthernet0.10
description IMC-Wireless-Data
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface GigabitEthernet0.14
description IMC-Wireless-Voice
encapsulation dot1Q 14
no ip route-cache
bridge-group 14
no bridge-group 14 source-learning
bridge-group 14 spanning-disabled
interface BVI1
description IMC-Wireless-Data
ip address 10.10.0.245 255.255.255.0
no ip route-cache
ip default-gateway 10.10.0.254
ip http server
ip http authentication local
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
access-list 111 permit tcp any any eq telnet
access-list 111 permit tcp any any eq www
access-list 111 permit tcp any any eq 22
snmp-server community public RO
snmp-server enable traps tty
tacacs-server host 172.16.100.3 key 7 xxxxxxxxxxxxxxxxxxx
tacacs-server directed-request
radius-server host 10.10.0.2 auth-port 1645 acct-port 1646 key 7 xxxxxxxxxxxxxxxxxxx
bridge 1 route ip
wlccp wds aaa authentication attributes service login-only
line con 0
line vty 0 4
access-class 111 in
exec-timeout 5 0
line vty 5 15
access-class 111 in
exec-timeout 5 0
sntp server 10.10.0.254
endInside the ssid, when you put "authentication open" it's an eap_method that follows. You put your AUTHVPN aaa server group name. that's wrong.
aaa authentication login group AUTHVPN
and adjust your "authentication open eap " to match with that method name.
Also your group authvpn contains a 2nd server that is undefined in yoru global config ...
Nicolas -
Can not do radius authentication via WLC 4400... Please help!
Hey,
I am configuring an old WLC4400 with V4.2.130.0. I added a new sub-interface for VLAN 50 with proper IP for the subnet and then add the Radius server(Windows server 2008 with NPS) onto WLC4400. I then created new WLAN with WPA+WPA2 Encryption and 802.1x key management and selected the Radius server under AAA for authentication.
Configured the test XP with WPA-Enterprise and PEAP as EAP method. I purposely configured computer to prompt for username and password.
When I try to connect, I did get prompt for username and password. However after that nothing happens. It seems like laptop just keep trying to authenticate.
I checked windows event log and do not see anything under NPS. I know this windows server NPS setup works as it is also the authentication server for our remotevpn.
So my question: is there any special option I need to turn on for WLC in order for Radius authentication work? Or is there any known bug with V4.2.130 (I searched bug toolkit but did not see anything).
Any suggestion is appeciated!
Thanks,
/SConfiguration
Open Network Connections by clicking on the Windows Start button, right-clicking on My Network Places, Properties, or Start > Control Panel then double-click on Network Connections.
Right-click on your wireless network adaptor and choose Properties.
Note: If your wireless connection is part of a Network Bridge you must remove it from the Bridge before continuing.
Click on the Wireless Networks tab at the top of this dialog box.
In the Preferred Networks section click Add...
Enter "Imperial-WPA" as the Network Name (ssid). Note: this is case-sensitive.
Either select WPA2 for Network Authentication: and AES for Data Encryption:
or select WPA for Network Authentication: and TKIP for Data Encryption:
(WPA2 + AES is more secure)
Check that the This is a computer-to-computer (adhoc) network check-box is not ticked.
Then click on the Authentication tab at the top of this dialog-box.
For EAP type: select Protected EAP (PEAP).
Check that the Authenticate as computer... and Authenticate as guest... check boxes are not checked.
Then click on the Properties button.
Then click on Configure...
Un-tick the Automatically use my Windows logon name... check box.
Click OK, then click OK on the previous two dialog boxes to exit.
First connection
Once you are within range of the wireless network a balloon should appear on the task bar prompting you for credentials.
Click on this balloon and you will be prompted for your logon credentials
Enter your college username, password and "IC" for the Logon domain. Then click on OK.
You should also be prompted to accept the server certificate.
Note: If you change your college password at any time you will be prompted to enter your new password when you next connect to the network.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Wlc 5508 radius authentication fail
I am trying to setup a wireless lan for the first time using 5508, all is working to a point, until i try to setup client authentication using the following
so settings are:
Layer Wlan settings:
Layer 2 security:WPA+WPA2
AES
Auth Key mgmt:802.1x
We have the authentication server enabled:
Ip an port are correct
AAA overide not enabled
Order for authentication, radius only
Advanced: dafault settings
Radius authentication servers:
Call Station ID Type: IP address
MAC Delimiter: Colon
Network User
Management
Server Index
Server Address
Port
IPSec
Admin Status
Server Index
Server Address
Shared Secret Format
ASCII Hex
Shared Secret
Confirm Shared Secret
Key Wrap
(Designed for FIPS customers and requires a key wrap compliant RADIUS server)
Port Number
Server Status
Enabled Disabled
Support for RFC 3576
Enabled Disabled
Server Timeout
seconds
Network User
Enable
Management
Enable
IPSec
Enable
*radiusTransportThread: Dec 21 12:07:46.488: %AAA-4-RADIUS_RESPONSE_FAILED: radius_db.c:412 RADIUS server X.X.X.X:1812 failed to respond to request(ID 115) for STA 00:19:d2:b9:d5:e1 / user 'unknownUser'
*radiusTransportThread: Dec 21 12:07:46.012: %AAA-4-RADIUS_RESPONSE_FAILED: radius_db.c:412 RADIUS server X.X.X.X:1812 failed to respond to request(ID 114) for STA 00:19:d2:b9:d5:e1 / user 'unknownUser'
*Dot1x_NW_MsgTask_1: Dec 21 12:07:29.811: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:3028 Max EAP identity request retries (3) exceeded for client 00:19:d2:b9:d5:e1
*Dot1x_NW_MsgTask_1: Dec 21 12:07:29.811: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:447 Authentication aborted for client 00:19:d2:b9:d5:e1
*radiusTransportThread: Dec 21 12:07:16.412: %AAA-4-RADIUS_RESPONSE_FAILED: radius_db.c:412 RADIUS server X.X.X.X:1812 failed to respond to request(ID 113) for STA 00:19:d2:b9:d5:e1 / user 'unknownUser'
*Dot1x_NW_MsgTask_1: Dec 21 12:06:59.741: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:3028 Max EAP identity request retries (3) exceeded for client 00:19:d2:b9:d5:e1
Radius server occasionally sees attempts from user "XXZZYY"Osvaldo,
Your observation is correct and this should be documented on the WLC help tab if you search for keyword network user under radius auth.
Quote:
Network User—Network user authentication check box. If this option is enabled, this entry is considered as the network user RADIUS authenticating server entry. If you did not set the RADIUS server entry on the WLAN configuration (WLANs > Edit > Security > AAA Servers), you must enable this option for networkusers.
Management—Management authentication check box. If this option is enabled, this entry is considered as the management RADIUS authenticating server entry. If you enable this option, authentication requests go to the RADIUS server
AAA server defined on WLAN takes precedence over global. -
Local Radius Authentication - Fails
Hello all,
Access Point 1230AG (c1200-k9w7-mx.123-2.JA)
Client Adapter ABG (PCI)
I am new to Wireless Lan configuration with Aironet products (first project). I am configuring an Access Point for a small LAN and i can not get local radius authentication working. The password always fails if I try:
test aaa group radius xxxxx port 1812 new-code
although the password is matching..........
another thing is that in the configuration, it always defaults to 'nthash' mode. is this normal? in other words if i type:
radius-server local
user dgarnett password xxxx
when i do a 'show run' it displays as
user xxxx
I also get the following during a debug:
There is no RADIUS DB Some Radius attributes may not be stored
any help greatly appreciated
ap#test aaa group radius dgarnett 123456789 port 1812 new-code
Trying to authenticate with Servergroup radius
User rejected
ap#
Feb 19 20:57:44.535: RADIUS(00000000): Config NAS IP: 10.14.14.14
Feb 19 20:57:44.535: RADIUS(00000000): Config NAS IP: 10.14.14.14
Feb 19 20:57:44.535: RADIUS(00000000): sending
Feb 19 20:57:44.535: RADIUS(00000000): Send Access-Request to 10.14.14.14:1812 id 21645/14, len 64
Feb 19 20:57:44.535: RADIUS: authenticator 9C C4 E8 64 80 8B 64 8A - E7 5F 0A 64 14 2F 5D B6
Feb 19 20:57:44.536: RADIUS: User-Password [2] 18 *
Feb 19 20:57:44.536: RADIUS: User-Name [1] 10 "dgarnett"
Feb 19 20:57:44.536: RADIUS: Service-Type [6] 6 Login [1]
Feb 19 20:57:44.536: RADIUS: NAS-IP-Address [4] 6 10.14.14.14
Feb 19 20:57:44.536: RADIUS: Nas-Identifier [32] 4 "ap"
Feb 19 20:57:44.537: RADSRV: Client dgarnett password failed
Feb 19 20:57:44.537: RADIUS: Received from id 21645/14 10.14.14.14:1812, Access-Reject, len 88
Feb 19 20:57:44.538: RADIUS: authenticator 3C B3 9A 7F 61 27 3A A6 - 84 39 B6 DF 22 DF 45 26
Feb 19 20:57:44.538: RADIUS: State [24] 50
Feb 19 20:57:44.538: RADIUS: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF [????????????????]
Feb 19 20:57:44.539: RADIUS: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF [????????????????]
Feb 19 20:57:44.539: RADIUS: 6B 7C 18 EA F0 20 A4 E5 B1 28 0E BD 57 61 24 9A [k|??? ???(??Wa$?]
Feb 19 20:57:44.539: RADIUS: Message-Authenticato[80] 18 *
Feb 19 20:57:44.539: RADIUS(00000000): Received from id 21645/14
Feb 19 20:57:44.539: RADIUS(00000000): Unique id not in use
Feb 19 20:57:44.540: RADIUS/DECODE(00000000): There is no RADIUS DB Some Radius attributes may not be storedJust as an update.......I set this up authenticating to an external (ACSNT) Radius server and it authenticates successfully. But still will not for the local dbase. My goal is to use the Corporate ACS as primary and the local as backup. I think my problem has to do with the Radius attributes 24 (State) and 80 (Message Auth). I also think that it points back to the NTHash stuff. Please advise as I am not new security practices and wireless, but I am new to Cisco Wireless networking.
-
ACS 4.0.2 Radius Authentication Setup
Dear Experts,
I am having ACS 4.0.2 in my network, which I want to use for 802.1x Radius Authentication for Clients on PEAP-MSCHAPv2 methodology.
As per the documentation " EAP Authentication with RADIUS Server", Doc ID: 44844
I have configured Network Configuration and populated AAA client IP range and Secret Key.
Question1:
Under Authenticate Using option, there are various RADIUS flavors available for selection. For a Non Cisco AAA client, should I select RADIUS IETF?
Question 2:
In the above snap shot, It has an option called Global Authentication Setup, where we can setup EAP configuration. Under PEAP subsection there is an option to "Allow EAP-MSCHAPv2" check box.
After checking that, is a restart required to the ACS Server? Would it cause any disruptions to the existing services on the ACS?
Kindly help as it is not mentioned in the documentation available with me.
Regards,
KarthikHello,
As per the ASCII and HEXA settings concern you might want to ignore those fields and leave them as they are by default.
As per the "Bad request from NAS" and "Invalid message authenticator in EAP request" it is 99% of the times a Shared Secret Mismatch.
Under the ACS Interface Configuration > Advanced Options > Is the Network Device Groups option enabled? If yes, please check the Shared Secret Key at the NDG level where the device was created. Remember the NDG Shared Secret takes precedence over the one configured on the AAA Client entry itself.
Attaching an Example:
AAA client with Shared Secret as "Cisco123":
NDG Entry (which allocates AAA clients) with Shared Secret as "cisco"
In order to check the NDG Shared Secret go to Network Configuration > Click the appropriate NDG > Scroll to the bottom and click on Edit Properties.: -
What do IPSEC mean under Security - AAA - Radius - Authentication
I can't find exact information regarding the IPSec checkbox in Security -> AAA -> Radius -> Authentication.
On the Cisco Wireless LAN Controller Configuration Guide 5.1, it says "Check the IPSec check box to enable the IP security mechanism, or uncheck it to disable this feature.
The default value is unchecked."
What is exactly mean by IP security mechanism?
Does this mean that I can terminate VPN client over my WLC?
Take note that this options appeared even though no crypto card installed in my controller.This is old code from the Airespace days. There used to be a VPN module that would ride in the WLC. No longer supported, well can't buy it new, but if you had one already...you get the idea.
HTH,
Steve
Maybe you are looking for
-
Error 1003 occurred at Invoke Node
Good morning. I work with LW8.5 and created with the following architecture: There is main.vi on the links at the user's calls and runs the other VI. That is, not directly, these are not included in the VI block diagram main.vi. In the deve
-
How do i transfer contacts from HTC to iphone5?
trying to find out how to transfer contacts from my old HTC phone to new iphone5?
-
Urgent I need help about Problem with macbook pro
The first sorry for my english, I have a macbook pro buy it me almost one year ago, and these days me the mouse remains I want and cannot do anything have to wait a few seconds and it returns to work, and also when it puts in rest it touched all the
-
[2.1.1-64] Right-clicking to "Copy" text in Script Output and other windows
Right-clicking should bring up a menu to "Copy" text in Script Output. The short cut key for copy does work as a workaround.
-
When using the debugger in FlexBuilder 3, it often crashes (closes). An error popup from Flexbuilder opens and the application closes immediately. Some of the error message is below: JVM Terminated. Exit code = 1. C:\Program Files\Adobe\Flexbuilder 3