Continuous Wireless Client Associations and De-authentications
I have a remote site whose wlan consist of a 2112-WLC and twelve 1142N's. The issue I am seeing is that several clients will associate continuously throughout the day. This does not occur for any specific client or ap. These multiple associations appear to take place every 5-10 minutes most of the time. I have 4 other sites using the same wireless network equipment and I do not see this problem. I have verified the ap signal strengths and verified that the noise and interference levels are ok. Any assistance provided will be very appreciated.
Is enable session time out enabled
WLANS-->ADVANCED-->Look at enable session time out ... what does it say ?
Similar Messages
-
Wireless device associating and disassociating fro...
HH3 version A arrived recently to replace a faulty HH1 (why didn't I get a version B?), and in the log, one of our wireless devices, even though it's in standby, is associationg and disassociating from the HH every 5 mins or so
I've switched it from 802.11b/g/n because one of the PCs 'only' has an 802.11g wireless adaptor.
From the log
12:31:51, 25 Sep. (660121.260000) Device disconnected: Hostname: Wii IP: 192.168.1.72 MAC: 00:22:aa:29:d7:da
12:31:50, 25 Sep. ath0: STA 00:22:aa:29:d7:da IEEE 802.11: Client disassociated
12:31:40, 25 Sep. (660109.750000) Lease for IP 192.168.1.72 renewed by host Wii (MAC 00:22:aa:29:d7:da). Lease duration: 30240 min
12:31:40, 25 Sep. (660109.750000) Device connected: Hostname: Wii IP: 192.168.1.72 MAC: 00:22:aa:29:d7:da Lease time: 30240 min. Link rate: 24.0 Mbps
12:31:40, 25 Sep. (660109.730000) Lease requested
12:31:39, 25 Sep. ath0: STA 00:22:aa:29:d7:da IEEE 802.11: Client associated
12:27:51, 25 Sep. (659881.070000) Device disconnected: Hostname: Wii IP: 192.168.1.72 MAC: 00:22:aa:29:d7:da
12:27:50, 25 Sep. ath0: STA 00:22:aa:29:d7:da IEEE 802.11: Client disassociated
12:27:40, 25 Sep. (659869.920000) Lease for IP 192.168.1.72 renewed by host Wii (MAC 00:22:aa:29:d7:da). Lease duration: 30240 min
12:27:40, 25 Sep. (659869.910000) Device connected: Hostname: Wii IP: 192.168.1.72 MAC: 00:22:aa:29:d7:da Lease time: 30240 min. Link rate: 11.0 Mbps
12:27:40, 25 Sep. (659869.900000) Lease requested
12:27:39, 25 Sep. ath0: STA 00:22:aa:29:d7:da IEEE 802.11: Client associated
and the same at 12.21, 12.16, 12.11, etc
What's going on, and how should I iron it out?It looks like an issue with the Wii. You could try altering the settings on the Wii, to give it a static IP address.
See
Using static IP addresses on your home network
It should not keep disassociating with the home hub.Try changing the home hub encryption to WPA only.
There are some useful help pages here, for BT Broadband customers only, on my personal website.
BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones. -
802.1x Wireless - Enforce user AND machine authentication
I am using ACS v5.6 and I'd like to confirm that it is not possible to enforce both user and machine authentication against AD before allowing wireless access to Windows 7 clients, using PEAP/MSCHAPv2 and the built-in 802.1x supplicant.
The only workaround seems to involve MAR (Machine Access Restrictions), which has pretty significant drawbacks.
I'd rather not have to deploy user and machine certificates.
All I want to do is allow access to the wireless network only if the device and the user are in AD.
It's such a simple scenario that I must be missing something.
Any suggestions are welcome. Thanks in advance for your comments.
LucasIn my opinion, the only solution that works is using NAM and EAP-Chaining with ISE as radius backend, last time i looked in ACS release notes was 5.4, and it didn't have eap-chaining support.
Using the built-in windows supplicant will only authenticate user or machine at any time, not both. As you discovered, the feature called MAR used to be what was being recommended (mostly because nothing else existed), What most people miss when they say this will work fine with windows supplicant and acs, is the fact that you cannot be sure that when the user authenticates, he is doing it from an authenticated machine, this is mainly due to the shortcomings.of MAR. You should consider migrating to ISE if you are not using any TACACS features on ACS. -
Wireless Client associated to 2 APs
I searched for my mac address in WCS and I recieved three results. See the attached screenshot. I am just curious why the second entry show I am associated to AP 00:00:00:00:00:00?
I do not have an AP named that.
Running 4.2.130 on all my WLC. Have a mis of WiSM and 4400 Controllers totaling about 10 WLCs.As Jeff mentioned, this is due to your client roaming and most likely due to wlc roaming. The information you see is not real time accurate, especially the wlc information of clients. You can see that 10.92.0.111 shows the client as still being authenticated which is not the case. So most likely what happens is the wlc is cached until flushed or cleared, but ap's keep the real time information, so the all zero's just mean that the wlc knows of the client but not yet flushed the old info and when it tries to detect which ap that user is on, there isn't one.... so it produces the all zero's.
-
XI 3.1 Client Tools and LDAP Authentication
I have Business Objects XI 3.1 SP2 installed. For the web clients (InfoView) single sign on and LDAP authentication are working correctly. However when a user tries to log in using LDAP authentication to one of the client tools (Universe Designer, Webi Rich Client, etc) the error "Cannot access the repository (USR0013)" occurs with the following details:
[repo_proxy 13] SessionFacade::openSessionLogon with user info has failed(Security plugin error: Failed to set parameters on plugin.(hr=#0x80042a01)
Are there troubleshooting or setup guides dealing specifically with LDAP authentication with the various client tools?Make sure that the File and Printer Sharing for Microsoft Networks component is installed and enabled on your clients.
Take a look at note 1272536 (http://service.sap.com/notes)
Regards,
Stratos -
Wireless client association hostname
Hi all,
I'm having issue with the above unit. Currently I have 3 units of AIR-SAP2602E-S-K9 with 15.2(2)JB under 1 SSID. Currently all my clients connected to the AP does not have their computer hostname appearing under the client association. What it is showing instead is the hostname of the AP. For eg;
Device Type
Name
IP Address
MAC Address
State
Parent
VLAN
ccx-client
AP-HOSTNAME
XXX.XXX.XXX.XXX
Xxx.xXx.Xxx
EAP-Associated
self
1
Any Idea how I can get the hostname of the clients instead?If both the SSID and your client were configured for open, and you still couldn't associate, something doesn't jive. There are a couple of things that can cause an issue like this.
1) Is the MFP Client Protection "Required" under the advanced tab?
2) Is the WMM Policy "Required" under the QoS tab?
3) Is the "Aironet IE" enabled under the advanced tab of the SSID? That can cause problems for some clients.
Any of those (especially the first two) would cause a similar issue with not being able to associate, as having mismatched encryption types. -
Cisco aironet 1040: create wireless with wpa2 and mac authentication
Hi,
I created a wireless network setting "Open Authentication" and setting a wpa2 key: everything works.
I would also add the filter mac address and then next to Open Authentication I selected "with mac authentication" but I can not connect. The list of mac is specified in the "Advanced Security".
Can anyone help me? thanks
Hi,
I created a wireless network setting "Open Authentication" and setting a wpa2 key: everything works.
I would also add the filter mac address and then next to Open Authentication I selected "with mac authentication" but I can not connect. The list of mac is specified in the "Advanced Security".
Can anyone help me? thanksap#show configuration
Using 2085 out of 32768 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap
logging rate-limit console 9
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 syslog
dot11 ssid Svez
authentication open mac-address mac_methods
authentication key-management wpa version 2
username 00907a0f2a55 password 7 1249554E425C0D542C79257D66
username 00907a0f2a55 autocommand exit
username administrator privilege 15 password 7 033449040A0620425A0D15564F42
username 0025d3db778b password 7 055B565D74481D0D1B52404A09
username 0025d3db778b autocommand exit
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers tkip
ssid Svez
antenna gain 0
station-role root
world-mode legacy
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address dhcp client-id GigabitEthernet0
no ip route-cache
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
end
ap# -
Enabling CLIENT-CERT and FORM authentication in same web-app
Hi!
I try to enable same behaviour in WLS 8.1 SP4 as is available in WLS 9.2 (one can define in web.xml to have many <auth-method>s, for example <auth-method>CLIENT-CERT,FORM<auth-method>, which states that first one tries authentication with token (Single Sign On case, for example) and if it is not successful then go to log-in page.
My steps are as follows in my custom Servlet. We are using IE 6.0 as our web-client. We have configured our auth-method to be FORM, and in the <form-login-page> we have direction to that custom Servlet, which does the handling described below.
1. If client does not send tokens in request, then set response header:
response.setHeader("WWW-Authenticate", "Negotiate");
response.sendError(response.SC_UNAUTHORIZED);
This works fine and client starts to send his tokens
2. Now check token, if it is valid, let user in, if not forward him to custom log-in page, for example:
RequestDispatcher dispatcher = request.getRequestDispatcher("/login/login.html");
dispatcher.forward(request, response);
3. Client is forwarded to a log-in page as requested and he gives his credentials. Pushes OK
log-in page is as defined in edocs:
<form method="POST" action="j_security_check">
<table border=1>
<tr>
<td>Username:</td>
<td><input type="text" name="j_username"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="j_password"></td>
</tr>
<tr>
<td colspan=2 align=right><input type=submit value="Submit"></td>
</tr>
</table>
</form>
Now the interesting thing happens (I have investigated TCP traffic at server machine): client (in this case IE) seems to override somehow the credentials (j_password and j_username for HTTP headers, does not send them at all) but keeps on sending this 'Authorize'-field with invalid token instead.
I have tried a Servlet that does not request WWW-Authenticate at all (in which case client does not start to send 'Authorize'-field). In this case those values are put to HTTP header OK and authentication is able to take place.
Anyone has any ideas how can I force my clients to send those values from the HTML FORM described above? SHould I set something at response while I do the forward to the custom log-in page. I have tried virtually everything I can imagine (which seems to be not too much :-))...Solution found:
The trick is to return "401" in response if ticket is not valid (do nothing else). This will end the negotiate between client and server
In your web.xml, forward your 401 code to login page:
<error-page>
<error-code>401</error-code>
<location>/form_login_page.html</location>
</error-page>
There might be a more straightforward way to do this (have all the page management within servlet), but I did not have time to investigate it further. This one at least works -
Concept of association and authentication?
Hello, hope someone can enlighten me on this. We have a 5508 WLC with a few WAP's (1131's and 1242's). Our wireless clients use certificate base authentication against our AD (i.e. both computer cert and user cert are required). However, from time to time I see clients being associated but not authenticated as reported by the WLC. Could it be possible, as some literatures indicate that a client can only be "associated" after it's successfully authenticated? Perhaps I'm not quite clear about the concept. Thanks in advance.
EricHey Eric,
Clear as mud isn't it
I like to think of it this way, in the Library at our campus
there are hundreds of students most are using laptops. If we look at the AP's
in this area we might see 120 Associations for example but we may only see 65
Authentications. In this case 55 users laptops have Associated but not gone
through the Authentication process.
Here is Cisco's explanation;
Wireless Client Association
In the client association process, access points send out beacons announcing one or more SSIDs, data rates, and other information. The client sends out a probe and scans all the channels and listens for beacons and responses to the probes from the access points. The client associates to the access point that has the strongest signal. If the signal becomes low, the client repeats the scan to associate with another access point (this process is called roaming). During association, the SSID, MAC address, and security settings are sent from the client to the access point and checked by the access point. Figure 3-6 illustrates the client association process.
Figure 3-6 Client Association
A wireless client's association to a selected access point is actually the second step in a two-step process. First, authentication and then association must occur before an 802.11 client can pass traffic through the access point to another host on the network. Client authentication in this initial process is not the same as network authentication (entering username and password to get access to the network). Client authentication is simply the first step (followed by association) between the wireless client and access point, and it establishes communication. The 802.11 standard specifies only two different methods of authentication: open authentication and shared key authentication. Open authentication is simply the exchange of four "hello" type packets with no client or access point verification, to allow ease of connectivity. Shared key authentication uses a statically defined WEP key, known between the client and access point, for verification. This same key might or might not be used to encrypt the actual data passing between a wireless client and an access point based on user configuration.
http://www.ciscopress.com/articles/article.asp?p=1156068&seqNum=3
Cheers!
Rob -
Client Association,Authentication
Hey All,
In regards to the Assoiciation and Authentication I would just like to check that I am getting the process correct:
1. Authentication( open or shared) this is the client talking to the AP and saying that it is an 802.11 device ( kind of like an ethernet cable being pluged into a wall jack), if it has a PSK then it must have the right details to Auth with the AP. This is Auth'd to the AP but not the network, so no network traffic can pass just yet.
2. Association the client associates with the BSS/AP and data can now pass over to the AP.
3. 802.1x Authentication ( EAP) - if required
In the above Image the Associated status means it passed step 2 and the Auth means in passed 802.1x?
If this is the case in the above Image the Authed clients ( blue line) are the clients that have passed 802.1x? and the red line is clients that have passed stage 2?
ThanksHello,
In the client association process, access points send out beacons announcing one or more SSIDs, data rates, and other information. The client sends out a probe and scans all the channels and listens for beacons and responses to the probes from the access points. The client associates to the access point that has the strongest signal. If the signal becomes low, the client repeats the scan to associate with another access point (this process is called roaming). During association, the SSID, MAC address, and security settings are sent from the client to the access point and checked by the access point. Figure 3-6 illustrates the client association process.
Figure 3-6 Client Association
A wireless clients association to a selected access point is actually the second step in a two-step process. First, authentication and then association must occur before an 802.11 client can pass traffic through the access point to another host on the network. Client authentication in this initial process is not the same as network authentication (entering username and password to get access to the network). Client authentication is simply the first step (followed by association) between the wireless client and access point, and it establishes communication. The 802.11 standard specifies only two different methods of authentication: open authentication and shared key authentication. Open authentication is simply the exchange of four "hello" type packets with no client or access point verification, to allow ease of connectivity. Shared key authentication uses a statically defined WEP key, known between the client and access point, for verification. This same key might or might not be used to encrypt the actual data passing between a wireless client and an access point based on user configuration.
http://www.ciscopress.com/articles/article.asp?p=1156068&seqNum=3 -
Dot11 associations table, client associated with 0.0.0.0
I'm having an issue where wireless client association seam to fail to get IP address, but acctually don't...
MAC Address IP address Device Name Parent State
0016.eaae.c896 0.0.0.0 unknown - self EAP-Assoc
001f.e178.c6d8 192.168.27.192 unknown - self EAP-Assoc
This happens only "sometimes", especially when the clients (laptops) wake up from sleep mode.
Although the association shows IP 0.0.0.0, the state is "EAP-Assoc" and I can confirm that the client passed RADIUS authentication, received IP from DHCP and can ping the gateway.
The wireless network is made up by autonomous/standalone access-points (Cisco aironet 1100, 1130, 1200, 1040).
Network access is PEAP, WPA/AES, dot1x, multiple Vlans...
All access-points have an access-list at the radio IN that is dropping all IP broadcasts.
When I remove the ACL, everything appear to be fine (at least all the times that I checked), but when the ACL is active the issue doesn't always come up.
I must understand what is going on because this ACL (although it's not very common) has proven it's value by saving 30-40% CPU usage on access-points...
Does anyone know how the "dot11 associations" table is built??
Maybe some tips on how to troubleshoot the issue.
thanks in advanceAs an answer to your early quetsions (that I don't know why we did not answer it yet):
Assoc table is mainly built from information in association frames.
Assoc frames have no idea about IP addresses so how the APs know the IP? Not from assoc frames of course.
Each vendor may have different way to know the IP (they can look into the header of the IP traffic of that special client or they an look into dhcp communication).
summarizing the issue so far:
- The issue happens ONLY with the ACL in place.
- It does not happen with all clients.
- It happens ONLY when the clients in power save mode.
- It happens with same clients if they use static ip address even if they are not in power save mode (please confirm or amend this sentence to be more accurate).
Why power save mode do not show the IP? - > answering this quetion almost solves the problem.
what is common among the problematic clients? - > need to know this in order to isolate further.
Is it AP hardware/software related? -> helps to isolate further.
I said that it could possibly be related to information elements but not necessarily.
There are information element that transfer Power Save capability between clietns and the AP. I have no idea though how those can be related.
More information about information elements can be found in the IEEE standard downloadable from here:
http://standards.ieee.org/getieee802/download/802.11-2007.pdf
go to section :
7.3.2 Information elements
in page 99.
I tried to read about power save and tried to link that with our issue with no hope.
It could possibly a bug or so that when PS is used the AP behaves differently.
HTH
Amjad -
Hi All,
We have a WLAN setup with 1 AP 1230 assigned as a WDS, and the 16 APs configured as Infrastructure AP. Off late, I am experiencing a problem where all my clients are getting disconnected frequently. I have checked the logs and the logs indicate the follwoing:
%DOT11-4-TKIP_MIC_FAILURE: TKIP Michael MIC failure was detected on a packet (TSC=0x19B42) received from 0013.ced4.bd48.
Oct 24 12:45:42 172.20.166.22 5673: Oct 24 07:15:42.428: %DOT11-3-TKIP_MIC_FAILURE_REPEATED: Two TKIP Michael MIC failures were detected within 48 seconds on Dot11Radio0 interface. The interface will be put on MIC failure hold state for next 60 seconds.
Oct 24 12:45:42 172.20.166.22 5674: Oct 24 07:15:42.429: %DOT11-4-TKIP_MIC_FAILURE: TKIP Michael MIC failure was detected on a packet (TSC=0x19B43) received from 0013.ced4.bd48.
Oct 24 12:45:42 172.20.166.22 5675: Oct 24 07:15:42.430: %DOT11-4-TKIP_MIC_FAILURE: TKIP Michael MIC failure was detected on a packet (TSC=0x19B44) received from 0013.ced4.bd48.
Oct 24 12:45:42 172.20.166.22 5676: Oct 24 07:15:42.430: Too many MIC failures.
I need a solution to overcome this problems. Please let me know if you need any further information, to help me provide a solution.
regds,
MaheshGood afternoon Mahesh...
Similar to a CRC, TKIP uses Message Integrity Check(MIC) to ensure protection of the payload and headers. Presently the Michael algorithm is used to accomplish this function. Essentially these messages are early warning signs of RF interference, hardware failure and or an active attack.
The initial error message of TKIP_MIC_FAILURE is rather harmless, as there is no effect to surrounding clients. It simply states that the AP has received a packet which failed its integrity check. MIC replaced WEP's CRC-32 checksum for improved security. You will NOT see this issue in LEAP as it does not utilize MIC.
TKIP_MIC_FAILURE_REPEATED, however is another story. If you see this log entry on an access point, you will want to respond quickly. This is stating that a workstation has sent X number of MIC failures in a certain number of seconds. As stated by the 802.11i standard, the access point goes into a blackout period. ( Cisco's default is 60 second blackout period), what this does is disassociates all wireless clients associated with the access point and puts the radio in a type of hold where it does not allow any associations until the blackout is lifted.
The offending client and those associated with the access point do not receive any sort of error. All the user will notice, is that their laptop's wireless has been disconnected. If the user's laptop is able to access another AP it will attempt to connect to it, if behaving and configure correctly. What we have seen in at our facility is the offending client will continue to cause TKIP errors and bring down the AP it just connected to.
Is there a Band-Aid to this problem?
Interface dot11radio x
countermeasure tkip hold-time 0
This is NOT a solution, its simply a fix to keep your APs from going into blackout. Again I would only use this if you had a larger volume of laptops with malfunctioning nics than your local techsupport could handle.
There are two typical causes for these errors, hardware problems and RF issues. RF changes even at 5ft, if you are able to go to multiple areas of your facility (saying you have a large facility) and take still shoot out errors, you likly have a hardware issue. Replace the card and your good to go.
While upgrading to the latest IOS is always the best messure even when not facing problems you will likly not see a decrease/increase.
hope this helps.... Simply put , research if its a single laptop... If it is, attempt to replace the nic.. We had one laptop which even after reloading the IOS, swapping the cards, etc it kept commiting the units. We kept the harddrive and sent the laptop off and was RMA'd. New laptop came in, put the old hdd back in, no problems.
We have not noticed a link between driver version nor firmware... -
WCS reponds slow when generating the Client Association reports
Hello,
I have set a Wireless Network in of our client's corporate office - which consists of one WLC4404, 42 x 1131AG Access Points. WCS is used to mainly to monitor the AP reachability and Client Association and Deassociations from the WLAN.
When i click on Run Now of the Client Association reports; the report is generated successfully. But when i try to view other pages such as Monitor>Network Summary - the WCS stops responding and it takes approximately 7 mins to display the Monitor>network Summary page. At this time i have observed that the server is reachable during the continous ping and the Server CPU utilization remains to 8% and Memory utilization remains to 1.56GB.
Error Message: Error getting dataa from Server. Make sure you have connectivity and the Server is UP.
Server used is a Standard Server HP Proliant ML110 with 1.86GHz Intel Xeon CPU and 2GB RAM. Operating System used is Win 2003 Server with SP1.
Please can one help me solving this problem.
Regards,
Keshava RajuSorry, i missed out to mention - WCS V4.1 is used for monitoring the WLAN.
-
Wireless Client List keeps getting strange addresses
I am having some issues with the wireless client list in my Linksys E3000 wireless router. I want to use the wireless client list and enter the MAC addresses of the devices that I want to have access. Any where from 5 minutes to a couple days, more MAC's have been added to the list, from devices that don't off hand belong there (not mine). Sometimes, some of the devices that I have put there, will be removed and replaced with the others. Those that are replaced then do not have access. There are about 18 common MAC's that show up.
As an experiment, after many times of replacing these stray MAC's, I tried putting all of the stray MAC's in and restricting them from access. That was good for about 24 hours and the list was misteriously deleted from the restricted list. There is no common thread between time or devices connected.
The following is a list of devices as they appear. Most will reappear after being deleted from the list:
0A:60:76 Unknown
00:FF:30 Unknown
00:25:F0 Suga Electronics Limited
00:1F:16 Wistron Corporation
70:1A:04 Liteon Tech Corp.
0C:60:76 Hon Hai Precision Ind. Co.,Ltd.
00:1F:16 Wistron Corporation
70:1A:04 Liteon Tech Corp.
00:26:22 COMPAL INFORMATION (KUNSHAN) CO., LTD.
08:00:27 cadmus computer systems
90:E6:BA ASUSTek COMPUTER INC.
00:23:CC Nintendo Co., Ltd.
00:16:44 Liteon Tech Corp.
F0:B4:79 Unknown
00:1E:8C ASUSTek COMPUTER INC.
00:26:9E Quanta Computer Inc
08:00:27 cadmus computer systems
00:10:75 Maxtor Corp. (was: creative design solutions,inc.)
I have assigned IP's to the devices that I want connected.
I have reset to factory settings.
I have the current firmware. I even reinstalled the current firmware.
I have scanned for viruses and malware.
I am using WPA2 security.
The only hardwired computer that I am on now is running Windows 7. All other computers are running W7. All computers are up to date. All antivirus and malware soft is up to date. All other devices, (cameras, drives, printers, etc.) have firmware up to date.
Any suggestions?Here is the issue:
If I use Permit, MAC's are added to the list which eventually fills up and starts knocking off the one's that I want there.
If I use Prevent, the MAC's that have appeared in the Permit list will start disappearing from the Prevent list.
I have WPA2 Personal encryption on. Remote access turned off.
If I have the Prevent list on with Remote access off, how are these stray MAC's being removed.
If I have the Permit list on with Remote access off, how are these MAC's being added and removing the correct one's. -
Syslog command for Clients associations
Hello.
For WLC 5508 software version 7.0.235.0, Does anyone know which command is needed to get the WLC send syslog messages everytime a wireless client associate and desassociate?
Greettings.I believe of you set your staking level to debug or informational, it will show that info.
Sent from Cisco Technical Support iPhone App
Maybe you are looking for
-
I am using Windows XP, & I am running Mozilla Firefox 3.6.16 and keep getting a "Microsoft Feed Synchronization has encountered a problem and needs to close" message.
-
Vendor Changes History Missing
Hi Team, There are some changes done for the vendor master but the history is missing in both t code MK04 and XK04. Please help the other methods to find. Also i checked CHDHR and CDPOS and the change history is not available. The table is ADRT and t
-
Variable is used in description text Task description, but does not exist
Hi, I am getting following error in the standard task 207914 ERMS_DECSN. Workflow Error Variable &REQREQ.REQUISITIONERUSER.ITSDESTINATIONSY& exists in description text Task description, but not in the container Message no. 5W146 Diagnosis Variable i
-
Help. Can't see Volume in My Network folder!!!!!!
Hi all, I have a 7 G5s and 1 G4 computer, of which I upgraded to 10.4 from 10.3.9. I have updated all OS to 10.4.6. I have 2 small hubs with which I network the computers and 2 printers. All but 1 G5 can see and access the Public folder of each compu
-
Hello everyone, i would like to get an opinion on wether i should get the MacBook Air 13'' i7 3.3 Ghz 8GB Ram 128GB SSD Vs the MacBook Pro with retina Display 13'' i5 3.3 Ghz 8GB Ram 128GB SSD? I would used it for engineering study stuff, looking u