Mac Filter for TC

I am not able to add more MAC address in Airport Utility to my TC, even though I've just added one. I tried to remove 2 MAC addresses from the list. But I doesn't work - the Done button is always grey. What's wrong here?

Ok, your situation is pretty unique..
What IP range is passed out to the devices.. I am almost betting you get 10.x.x.x
The TC cannot route the same IP range as it uses. Unfortunately even though the TC uses 10.0.1.1 it will often give trouble with any IP based on 10.x range.
The best idea is simply move the TC ip address to 192.168.1.x
You do this via the dhcp page..
Here things start getting a bit weird. TC as far as I can see has no direct access to the home IP so you change it via the dhcp.. it makes no sense but then it is apple product.
When I change the dhcp range the TC automagically changed to IP of 192.168.1.1
It took me a couple of goes to get it to work.. dont change anything on this page except the IP .. first time around.. then I reduced the dhcp range and also set the lease time much shorter as that help reduce issues with clients forgetting where the TC lives. What you do is up to you..
Tell me if the screenshot doesn't show,, I did a copy and paste that doesn't work sometimes. It is working for me.
This is from v5 utility.. not sure..might be easier or impossible from v6.

Similar Messages

  • MAC filter for wireless security????

    I have hooked up my wireless router and had trouble with the security part.  I am now set up with the wireless security disabled but the MAC filter enabled and my wireless computers mac number entered and all is working.  will the MAC filter work as security for my wireless network.  thanks tdm

    MAC address filtering is considered a very low level of security.  It will keep honest people from accidentally logging into your network, but that is about it.  MAC addresses are transmitted wirelessly when you use your router.  Anyone can monitor your transmissions, so it is easy to learn a working MAC address.  They can then fake the MAC address and loggin to your network whenever you are not connected.
    Also, when your transmissions are not encrypted, anyone within range can monitor your wireless transmissions, even without logging into your network.  With a good antenna, your transmissions can probably be picked up for at least half a mile from your home.  So someone could monitor the web sites you visit, your email, etc., and in some cases, your passwords.
    You really should setup wireless security on your network.
    Here are my tips for setting up wireless security:
    To set up wireless security, you must use a computer that is wired to the router.
    Where to find the router settings: The router's login password is usually on one of the "Administration" pages. The other settings are all found in the "Wireless" section of the router's setup pages, located at 192.168.1.1
    First, give your router a unique SSID. Don't use "linksys".
    Make sure "SSID Broadcast" is set to "enabled".
    Next, leave the router at its default settings (except for the unique SSID), and then use your pc to connect wirelessly to the router. Test your wireless Internet connection and make sure it is working correctly. You must have a properly working wireless connection before setting up wireless security.
    To implement wireless security, you need to do one step at a time, then verify that you can still connect your wireless computer to the router.
    Next, encrypt your wireless system using the highest level of encryption that all of your wireless devices will support. Common encryption methods are:
    WEP - poor (see note below)
    WPA (sometimes called PSK, or WPA with TKIP) - good
    WPA2 (sometimes called PSK2, or WPA with AES) - best
    WPA and WPA2 sometimes come in versions of "personal" and "enterprise". Most home users should use "personal". Also, if you have a choice between AES and TKIP, and your wireless equipment is capable of both, choose AES. With any encryption method, you will need to supply a key (sometimes called a "password" ).
    The wireless devices (computers, printers, etc.) that you have will need to be set up with the SSID, encryption method, and key that matches what you entered in the router.
    Retest your system and verify that your wireless Internet connection is still working correctly.
    And don't forget to give your router a new login password.
    Picking Passwords (keys): You should never use a dictionary word as a password. If you use a dictionary word as a password, even WPA2 can be cracked in a few minutes. When you pick your login password and encryption key (or password or passphrase) you should use a random combination of capital letters, small letters, and numbers, but no spaces. A login password, should be 12 characters or more. WPA and WPA2 passwords should be at least 24 characters. Note: Your key, password, or passphrase must not have any spaces in it.
    Most home users should have their routers set so that "remote management" of the router is disabled. If you must have this option enabled, then your login password must be increased to a minumum of 24 random characters.
    One additional issue is that Windows XP requires a patch to run WPA2. Go to Microsoft Knowledge base, article ID=917021 and it will direct you to the patch.
    Sadly, the patch is not part of the automatic Windows XP updates, so lots of people are missing the patch.
    Note:
    WEP is no longer recommended. The FBI has demonstrated that WEP can be cracked in just a few minutes using software tools that are readily available over the Internet. Even a long random character password will not protect you with WEP. You should be using WPA or preferably WPA2 encryption.
    Message Edited by toomanydonuts on 01-16-2008 03:38 AM

  • MAC filter on WRT54GS2 V1 - loses some MAC numbers :(

    I have a WRT54GS2 V1 and I use only the MAC filter for wireless protection.
    It has the annoying habit of losing some of the MAC numbers I have typed in.
    I haven't been able to correlate these events with any other predictable events - the problem seems to happen at random times.
    Is this a known problem? I have had many other earlier versions of the 54G series - use the MAC filter in the same way on them and never had this problem.
    Any suggestions would be appreciated.
    Thanks
    Walt

    Sorry. But you wrote you want to use the MAC filter for "wireless protection". The MAC filter is absolutely unsuitable for "wireless protection".
    MAC addresses are always transferred unencrypted.
    MAC addresses are easily modified and cloned.
    You block my MAC address in the list? I change my MAC address and I am back in.
    You only allow a few MAC addresses on the list? I pick up the allowed MAC addresses with a standard network sniffer and change my MAC address to a whitelisted one.
    Trust me: the wireless MAC filter is absolutely useless for wireless security/protection.
    And don't forget: if you only use the MAC filter without any wireless encryption it is trivial to sniff on all your network traffic. With WEP it takes about 5 minutes to crack the WEP keys and then you can capture and sniff all network traffic again.
    Again: use WPA2 Personal with AES and a strong passphrase. That provides you with real wireless security.

  • Mac Filter Wildcards? WLC

    I'm deploying several hundred handheld scanners and I dont want to create a mac filter for everyone, however that are all the same manufacturer, and that manufacturer only has one mac prefix, is there a way to just put the mac prefix in?  I'm using 5508's running 7.0.116.0.
    Help files and searches turned up nothing.
    Thanks.

    My problem is the opposite. I would like to ban / disable mac address begining to a given manufacturer because:
         - my wireless clients are of the same manufacturer
         - someone is scanning repeatly during months with hundreds of different fake mac address -but all of them begining with 00:0e:8e- and they are highly populating the excluded client table.
    I suppose there is no solution for that until now
    Thanks,
    Jose

  • Can I set up a spam filter for my iPad like I have on my Mac?

    Can I set up a spam filter for my iPad like I have on my Mac?

    The Mac OS X Mail application has a "Junk" function that works locally, on the Mac, and just puts emails from previously designated "junk" addresses into a separete folder, so you don't have to wade thru all that spam in your Inbox. It's a very elegant and simple, local solution, that I dearly miss on iOS.
    I did submit a request for it at Apple Feedback page.
    http://www.apple.com/feedback/

  • Problem with connetction to wrt54g2 via wireless connection with WPA/WPA2 & wireless MAC filter

    Hello,
    I'm Alexey from Novosibirsk, Russia.
    I have a problem with connection to wrt54g2 from my DELL D630 notebook via wireless connection. When I setup WPA/WPA2 in wireless security and wireless MAC filter I can't connect from notebook to WRT - in Windows I see that dynamic IP address from WRT is not assigned. When I switch off security mode to disable always OK, but I need a wireless security between DELL and WRT.
    Connection via cable Ethernet port is OK.
    Can You help me?

    Have you tried the different laptop...?
    Download 1.71 MB the firmware for WRT54G2 v1 and reflash the router's firmware.After reflashing/upgrading the router's firmware,reset the router for 30 seconds and reconfigure the router from scratch. 

  • Where can I find a 17" desktop anti-glare filter for my iMac?

    I checked a couple of sites that sell anti-glare filters. I'm trying to find one to fit my widescreen 17" iMac, however, both sites charged exorbitant prices, one $80, another $100. I remember ten years ago I was able to buy an anti-glare filter for my old Windows PC, but for some reason, neither the Apple Store, nor Best Buy sell them today. I need one because for the second time in two years, I had to get new glasses as the glare from my iMac is hurting my eyesight.

    As I said, I don't think the result from putting a filter over the glass will be satisfactory, regardless of cost.
    You may want to find an external matte screen digital (DVI) LCD that you find comfortable to look at, and connect it to your iMac as a second display. Then set System Preferences Displays pane so that it is your primary display (with the menu bar and dock on it). Put that display in front of you, with the iMac off the right as the secondary display. You can still use it (as you desktop extension); hopefully the "glare" will be less of a problem if you are not staring at it constantly. You can go up to 1920x1200 resolution for an external digital display, which is a typical 23 or 24-inch (measured diagonally) widescreen LCD display. I use my iMac that way, with an external display (that I really like) as my primary display and the iMac to the right as the secondary display. Note: It's to the right because putting it to the left blocks the optical drive.
    Alternately, if the iMac is in good shape, you can sell it and put the proceeds toward a new Mac mini, and get a display that is comfortable for you.

  • How to install plugin and exta filter in photoshop cs ? and any special filter for special effects ?

    how to install plugin and exta filter in photoshop cs ? and any special filter for special effects ?
    kindly recommend me any best one and tel me step by step how i will add more plugins n filters

    A Plug_in normally come with an installer or install instructions. Check the documentation for the plug-in you trying to install.  It sounds like you don't know what plug-ins you want to install.  In that case you don't need to install any.  At some point you may read about a plug-in and what it can do and feel you have a need for it.  Then you will have a reason to install a plug-in that is not installed by default.  There may also be a cost involved most worthwhile plug-ins are not free.
    Adobe Optional Plug_ins downloads are Plugins Adobe want to remove from Photoshop  and no longer install by default. Also at some point in time these will no longer install into the current Photoshop for Adobe will remove feature or interfaces the use. For example the CS5 optional plugins will install in Windows CS6 perpetual version 13.0.1.3 but not in Subscription version 13.1.2 or perpetual Mac version 13.0.6 fot its 64bit only and the Mac CS5 optional plug-in for Picture package is only a 32bit plug-in.
    You will need to keep and maintain old versions of Photoshop if Adobe remove features you use in new versions of Photoshop.

  • Wireless MAC filter can not be active to connect to WIFI?

    I use a Linksys router with WEP security and a Wireless MAC filter. When I turned off WEP I was unable to connect to the router with my iphone 3g but when I enabled WEP and turned off the MAC filter I connected right away.
    Has anybody else seen this or has anyone successfully connected to a router with a MAC filter?
    Thanks

    I have no problems connecting to a router with MAC filtering enabled... I would just double check that you entered the correct MAC address into your router (Settings>General>About>Wi-Fi Address) and make sure the permissions are set correctly for that MAC address (if applicable)...

  • WRT160N wireless MAC Filter settings reset on their own

    I recently purchased and setup a WRT160N router.  Having no real problems with router - it works fine with exception of the MAC filter settings.  I most often access the router config from an XP machine (used to initially setup the router) which is wired, as well as from a VISTA notebook that is wireless.  I am noticing that when I check the MAC filter settings, the previous setup is missing - meaning that all MAC addresses are gone, and the filtering option is removed.
    I have set this up numerous times, and VERIFIED that I click on save at the bottom of the page, verify I have enable checked, etc.  I am wondering if there is something I'm missing - the settings don't appear to "stay" - the filtering option simply disappears and returns to disabled.  I may answer my own question here (or point myself in the right direction), but is there a dependancy on some other setting that is causing my filter to "disappear" on me?

    Have you tried to reset your Router and Re-configure all the settings back on your Router? If not then Reset your Router and re-configure all the settings. If still doesn't work, then you need to upgrade the firmware of your Router. Download the latest firmware for your Router from the Linksys website, Go to http://www.linksysbycisco.com/US/en/support/wrt160n/downloads and select the proper version number of your Router and download and save the firmware on your computer.
    Login to the Routers GUI and click on the Administration tab and below click on the sub tab "Firmware Upgrade" and click on the browse button and select the firmware file and click on upgrade...Once the firmware upgrade is successful... Then you need to Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...

  • 802.1x peap mschap v2 with MAC Filter + IP Address Permanent

    Hi my name is Ivan, i have an issue
    I have one cisco wlc 5508 with  ios 7.4.100 with a ssid is working with 802.1x peap mschap v2 with mac filter, and I need configure in the web page of the WLC Security > Mac Filter, a MAC and one IP Address permanent to the users.
    I have a service dhcp into the wlc to this profile.
    This configuration works fine for 3 or 4 days. At the  fifth day , my users renew the ip address, and they can not surfing to internet, because in my firewall i have a policy to the users with exactly ip address, for example.
    MAC Filter - IP Address A - UserA
    My policy say:
    PolicyUserA - Internet
    Please, i can establish an filter mac associate to one ip address permanent to one user, when service dhcp in the cisco wlc is active?
    I possible to do it?.
    How can i do it?

    Hi Ivan,
    You can not map the mac-ip address pairs on the WLC DHCP.
    The WLC has a limited DHCP server functionalities. You better to use an external DHCP server with full functionalities and then you can configure the DHCP server to provide the same IP address everytime to each client in your network.
    HTH
    Amjad
    Rating useful replies is more useful than saying "Thank you"

  • Wireless Guest Network, iPADS and MAC Filteing

    Hello, I have a question regarding our wireless guest network and using iPADs
    Our wireless network consist of (3) 5508 WLC’s running 6.0.188. 2 internal WLC and 1 external anchor WLC for guest.  Presently we are only using one of the internal controllers for users the second is only used for fail over.  The anchor controller is set up as the DHCP server for guest. We also have a Cisco NAC Guest Server in the DMZ for guest authentication.
    We have (10) iPads that need Internet access though our guest portal. We do not want these iPADs to have to enter any credentials just pass through to the internet. We do not want any other device to be able to connect to this SSID.  Here’s my question; Getting to the Internet is no problem however when I try to set up a MAC filter just for these devices, they never receive an IP address and never get connected.  I have tried setting the filter on both the internal controller and the anchor controller identically and in about every combination I can think of.  Does anyone know how to set up a MAC filter on a guest network configured as per Cisco’s recommendation?  I also plan to use WPA2 and 802.1x once I get the MAC filter to work.  Any help would be appreciated.
    Thank You
    John

    Not all layer 2 and layer 3 security mechanisms are compatible. Refer to this doc
    http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080987b7c.shtml#matrix
    What security settings have you configured. The settings also need to be identical on both the internal and anchor controller.

  • CSCuh08009 - WPA2-PSK mac-filter assign interface wrong after client roaming back

    Hi All,
    Does anyone here experienced the same problem in WLC 5500 controllers?
    FW: 7.4.110
    WPA2-PSK with MAC-Filter, ACS has the database of allowed host MAC addresses
    Regards,
    Mikhail Veran

    Thanks Scott, The code version is 7.6.130.0 which supports Sleeping Client feature. However, as per the docu "http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-6/configuration-guide/b_cg76/b_cg76_chapter_010111.html#reference_7008E6F7D7094BA7AD39491D7361622D"
    The authentication of sleeping clients feature is not supported with Layer 2 security and web authentication enabled.
    and as you mentioned as well
    ...Sleeping client like George mentioned is a better way than adjusting the idle timer but strictly for layer 3 only...
    Sleeping Client wasn't an option in my case. That is why I was hoping that Idle Timeout may do the trick here. This is an actual case where a client with an existing wireless network just wanted to enable sleeping client feature so that their guests don't need to re-auth if their device sleeps or they go out (break) and come back after some time. Layer-3 Web Auth alone should be enough I think. Keeping L2-PSK is probably their security team's decision, as they also use the same SSID for BYOD devices and don't want nearby people/buildings to see that there is an Open Wifi available and on joining would see the Web Auth portal and company disclaimer. 
    George, I agree with Dot1X method. It can be used for the BYOD devices (separate SSID) while we can keep the Guest WLAN as L3-WebAuth only on controller (or do CWA through ISE if available). 
    Thanks for all your help.
    Rick.

  • Why is Web Page Auth on MAC Filter Failure not working on Anchor Controller?

    Hi,
    I have implemented a Guest WLAN solution as per the recommended design from Cisco. We have two internal WiSM2 controllers providing services for Internal secure SSIDs. Both these controllers are members of a Mobility and RF management group.
    Two 5508 controllers have been installed in our DMZ for resilience and have been placed into a separate Mobility group. All controllers (internal and external) have been linked together as mobility neighbours in a full mesh and a new SSID for Web Guest traffic has been anchored to the controllers in the DMZ.
    Web page authentication works perfectly fine, but I cannot for the life of me get the MAC filtering override to work, i.e. if a MAC address is present, do not redirect to the splash page for web auth.
    I can get MAC auth working by iteself, but not with the Layer 3 option selected for web page auth on mac filter failure.
    I know I can get around this by just creating two separate SSIDs. But the business is used to just having the one SSID for all guest traffic.
    Is this a known limitation when anchoring SSIDs to controllers in the DMZ ?

    Hi Nicolas,
    I guess they changed their mind to add this fix in 7.0MR3. Now the fix will be in 7.2 release planned to be release in FEB.
    There is a documentation bug opened to add this to configuration guide :
    CSCtw48727    Document CSCts54424. Limitations webauth on mac filter fail for anchor
    Regards..Salil
    CSCtw48727    Document CSCts54424. Limitations  webauth on mac filter fail for anchor

  • WLC Webauth on mac filter / Bypass

    Hi
    I am currently experimenting with the webauth 'On MAC Filter failure' feature.
    In most cases things work fine, meaning that: user arrives in SSID coverage, if his MAC is registered in our radius he is allowed through, if not heassociates to the AP and gets the usual splashscreen. But, in some weird cases things dont happen as expected: user arrives in SSID coverage, if his MAC is registered in our radius he is allowed through, if not he can not associated.
    I tryed to run some debugs but with little success as I dont know what I am looking for.
    As far as I can say, the problem appears with devices I used for testing (allow through MAC filter, then removed ...) and make me think of some kind of caching mechanism. (things like fastpath come into my mind).
    Did someone implement the feature successfully?
    Thanks,
    seb.

    Hi,
    Sure (debug client 00:24:d6:23:d0:58). Problem is visible around  12:26:47.612
    *pemReceiveTask: Sep 22 12:25:38.048: 2c:a8:35:cf:20:14 Sent an XID frame
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Adding mobile on LWAPP AP 00:08:30:4a:d6:50(0)
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Association received from mobile on AP 00:08:30:4a:d6:50
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 0) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Applying site-specific IPv6 override for station 00:24:d6:23:d0:58 - vapId 3, site 'UNAIDS-HQ', interface 'unaids-guests'
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Applying IPv6 Interface Policy for station 00:24:d6:23:d0:58 - vlan 113, interface id 11, interface 'unaids-guests'
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Applying site-specific override for station 00:24:d6:23:d0:58 - vapId 3, site 'UNAIDS-HQ', interface 'unaids-guests'
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 STA - rates (8): 130 132 139 150 12 18 24 36 0 0 0 0 0 0 0 0
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 STA - rates (12): 130 132 139 150 12 18 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 apfProcessAssocReq (apf_80211.c:5122) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Idle to AAA Pending
    *aaaQueueReader: Sep 22 12:26:26.258: Unable to find requested user entry for 0024d623d058
    *aaaQueueReader: Sep 22 12:26:26.258: ReProcessAuthentication previous proto 8, next proto 40000001
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Scheduling deletion of Mobile Station:  (callerId: 20) in 10 seconds
    *aaaQueueReader: Sep 22 12:26:26.258: AuthenticationRequest: 0x2aeb3be8
    *aaaQueueReader: Sep 22 12:26:26.258:   Callback.....................................0x100df840
    *aaaQueueReader: Sep 22 12:26:26.258:   protocolType.................................0x40000001
    *aaaQueueReader: Sep 22 12:26:26.258:   proxyState...................................00:24:D6:23:D0:58-00:00
    *aaaQueueReader: Sep 22 12:26:26.258:   Packet contains 14 AVPs (not shown)
    *aaaQueueReader: Sep 22 12:26:26.258: apfVapRadiusInfoGet: WLAN(3) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
    *aaaQueueReader: Sep 22 12:26:26.259: 00:24:d6:23:d0:58 Successful transmission of Authentication Packet (id 255) to 10.83.40.111:1812, proxy state 00:24:d6:23:d0:58-00:01
    *aaaQueueReader: Sep 22 12:26:26.259: 00000000: 01 ff 00 b0 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *aaaQueueReader: Sep 22 12:26:26.259: 00000010: 00 00 00 00 01 0e 30 30  32 34 64 36 32 33 64 30  ......0024d623d0
    *aaaQueueReader: Sep 22 12:26:26.259: 00000020: 35 38 1e 21 30 30 2d 30  38 2d 33 30 2d 34 61 2d  58.!00-08-30-4a-
    *aaaQueueReader: Sep 22 12:26:26.259: 00000030: 64 36 2d 35 30 3a 55 4e  41 49 44 53 2d 54 45 53  d6-50:UNAIDS-TES
    *aaaQueueReader: Sep 22 12:26:26.259: 00000040: 54 2d 32 1f 13 30 30 2d  32 34 2d 64 36 2d 32 33  T-2..00-24-d6-23
    *aaaQueueReader: Sep 22 12:26:26.259: 00000050: 2d 64 30 2d 35 38 05 06  00 00 00 0d 04 06 0a 53  -d0-58.........S
    *aaaQueueReader: Sep 22 12:26:26.259: 00000060: 05 80 20 0d 47 45 2d 44  43 57 4c 43 2d 30 31 1a  ....GE-DCWLC-01.
    *aaaQueueReader: Sep 22 12:26:26.259: 00000070: 0c 00 00 37 63 01 06 00  00 00 03 02 12 0d e4 89  ...7c...........
    *aaaQueueReader: Sep 22 12:26:26.259: 00000080: d6 a8 35 ae 7e ee 86 d9  65 0e 78 f5 5d 06 06 00  ..5.~...e.x.]...
    *aaaQueueReader: Sep 22 12:26:26.259: 00000090: 00 00 0a 0c 06 00 00 05  14 3d 06 00 00 00 13 40  .........=.....@
    *aaaQueueReader: Sep 22 12:26:26.259: 000000a0: 06 00 00 00 0d 41 06 00  00 00 06 51 05 31 31 33  .....A.....Q.113
    *radiusTransportThread: Sep 22 12:26:27.262: 00000000: 03 ff 00 14 64 b5 1e e0  41 f9 08 3f 47 46 3c 2b  ....d...A..?GF<+
    *radiusTransportThread: Sep 22 12:26:27.262: 00000010: 33 38 28 a3                                       38(.
    *radiusTransportThread: Sep 22 12:26:27.262: ****Enter processIncomingMessages: response code=3
    *radiusTransportThread: Sep 22 12:26:27.262: ****Enter processRadiusResponse: response code=3
    *radiusTransportThread: Sep 22 12:26:27.262: 00:24:d6:23:d0:58 Access-Reject received from RADIUS server 10.83.40.111 for mobile 00:24:d6:23:d0:58 receiveId = 0
    *radiusTransportThread: Sep 22 12:26:27.262: 00:24:d6:23:d0:58 Returning AAA Error 'Authentication Failed' (-4) for mobile 00:24:d6:23:d0:58
    *radiusTransportThread: Sep 22 12:26:27.262: AuthorizationResponse: 0x3c4fd8b4
    *radiusTransportThread: Sep 22 12:26:27.262:    structureSize................................32
    *radiusTransportThread: Sep 22 12:26:27.262:    resultCode...................................-4
    *radiusTransportThread: Sep 22 12:26:27.262:    protocolUsed.................................0xffffffff
    *radiusTransportThread: Sep 22 12:26:27.262:    proxyState...................................00:24:D6:23:D0:58-00:00
    *radiusTransportThread: Sep 22 12:26:27.262:    Packet contains 0 AVPs:
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Applying new AAA override for station 00:24:d6:23:d0:58
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values for station 00:24:d6:23:d0:58
                                                                                                            source: 2, valid bits: 0x0
            qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values (cont..) dataAvgC: -1, rTAvgC: -1, dataBurstC: -1, rTimeBurstC: -1
                                                                                                                                                    vlanIfName: '', aclName: ''
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Applying site-specific override for station 00:24:d6:23:d0:58 - vapId 3, site 'UNAIDS-HQ', interface 'unaids-guests'
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Inserting AAA Override struct for mobile
            MAC: 00:24:d6:23:d0:58, source 2
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Inserting new RADIUS override into chain for station 00:24:d6:23:d0:58
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values for station 00:24:d6:23:d0:58
                                                                                                            source: 2, valid bits: 0x0
            qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values (cont..) dataAvgC: -1, rTAvgC: -1, dataBurstC: -1, rTimeBurstC: -1
                                                                                                                                                    vlanIfName: '', aclName: ''
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Initializing policy
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state AUTHCHECK (2)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 AUTHCHECK (2) Change state to L2AUTHCOMPLETE (4) last state L2AUTHCOMPLETE (4)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 L2AUTHCOMPLETE (4) DHCP Not required on AP 00:08:30:4a:d6:50 vapId 3 apVapId 3for this client
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Not Using WMM Compliance code qosCap 00
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 00:08:30:4a:d6:50 vapId 3 apVapId 3
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state DHCP_REQD (7)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 apfMsAssoStateInc
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 apfPemAddUser2 (apf_policy.c:223) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from AAA Pending to Associated
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Scheduling deletion of Mobile Station:  (callerId: 49) in 1800 seconds
    *apfReceiveTask: Sep 22 12:26:27.264: 00:24:d6:23:d0:58 Sending Assoc Response to station on BSSID 00:08:30:4a:d6:50 (status 0) ApVapId 3 Slot 0
    *apfReceiveTask: Sep 22 12:26:27.264: 00:24:d6:23:d0:58 apfProcessRadiusAssocResp (apf_80211.c:2153) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Associated to Associated
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) State Update from Mobility-Incomplete to Mobility-Complete, mobility role=Local, client state=APF_MS_STATE_ASSOCIATED
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 4431, Adding TMP rule
    *apfReceiveTask: Sep 22 09:31:33.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
      type = Airespace AP - Learn IP address
      on AP 00:08:30:4a:d6:50, slot 0, interface = 13, QOS = 0
      ACL Id = 255, Jumbo F
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 7006  IPv6 Vlan = 113, IPv6 intf id = 11
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (ACL ID 255)
    *pemReceiveTask: Sep 22 12:26:29.212: 00:24:d6:23:d0:58 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
    *pemReceiveTask: Sep 22 12:26:29.212: 00:24:d6:23:d0:58 Sent an XID frame
    *spamApTask4: Sep 22 12:26:46.641: 00:24:d6:23:d0:58 Received Idle-Timeout from AP 00:08:30:4a:d6:50, slot 0 for STA 00:24:d6:23:d0:58
    *spamApTask4: Sep 22 12:26:46.641: 00:24:d6:23:d0:58 apfMsDeleteByMscb Scheduling mobile for deletion with deleteReason 4, reasonCode 4
    *spamApTask4: Sep 22 12:26:46.641: 00:24:d6:23:d0:58 Scheduling deletion of Mobile Station:  (callerId: 30) in 1 seconds
    *osapiBsnTimer: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsExpireCallback (apf_ms.c:608) Expiring Mobile!
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsExpireMobileStation (apf_ms.c:5009) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Associated to Disassociated
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 Sent Deauthenticate to mobile on BSSID 00:08:30:4a:d6:50 slot 0(caller apf_ms.c:5094)
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 Sending Accounting request (2) for station 00:24:d6:23:d0:58
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsAssoStateDec
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsExpireMobileStation (apf_ms.c:5132) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Disassociated to Idle
    *apfReceiveTask: Sep 22 12:26:47.612: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Deleted mobile LWAPP rule on AP [00:08:30:4a:d6:50]
    *apfReceiveTask: Sep 22 12:26:47.612: 00:24:d6:23:d0:58 Deleting mobile on AP 00:08:30:4a:d6:50(0)
    *pemReceiveTask: Sep 22 12:26:47.612: 00:24:d6:23:d0:58 0.0.0.0 Removed NPU entry.
    *aaaQueueReader: Sep 22 12:31:04.526: Unable to find requested user entry for 2ca835cf2014
    *aaaQueueReader: Sep 22 12:31:04.526: ReProcessAuthentication previous proto 8, next proto 40000001
    *aaaQueueReader: Sep 22 12:31:04.526: apfVapRadiusInfoGet: WLAN(3) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
    *radiusTransportThread: Sep 22 12:31:05.530: 00000000: 03 00 00 14 cd cd cd 40  48 d9 c9 26 10 81 e3 5b  .......@H..&...[
    *radiusTransportThread: Sep 22 12:31:05.530: 00000010: b0 35 95 73                                       .5.s
    *radiusTransportThread: Sep 22 12:31:05.530: ****Enter processIncomingMessages: response code=3
    *radiusTransportThread: Sep 22 12:31:05.530: ****Enter processRadiusResponse: response code=3
    Thanks,
    Seb.

Maybe you are looking for

  • What's the best way to hook up the a macbook pro to an HDTV?

    I want to use my LCD HDTV to color correct and adjust levels. What's the best way to do this? I've never done it before so I'm not sure. Thanks in advance. Jordan

  • IPhoto download issue

    I upgraded to Yosemite.  Then of course i photo does not work.. I went to the app store.  told the system to download the app.  Its a huge app.  1.2gig.  then nothing.  for two days.. I have a box in preview that says op_Iphoto_loading.prig and it ha

  • Sort by Expense Report Number in PR05

    Hi Gurus Is there a way to sort out by the Expense Report Numbers in PR05 ? My client wants to see all the Trips with status "Trip Completed" and "Open/To be Settled", on the top for easy identification, rather than looking for the Expense Report wit

  • Having trouble with report total row with expression based condition

    Hi, I have a simple SQL region that has 2 columns (country and pnl). I then had a request to display negative PNL in red. To do this I copied the Standard Alternating Row Colors report Template and changed the condition so that it uses one class (nam

  • 5/28/2014 - Beta - AIR 14.0.0.103

    Adobe AIR Beta Channel Update This beta release provides access to the latest AIR runtime and SDK (with compiler) for Windows, Mac OS, iOS and Android.  You can download the AIR beta here: Download Adobe AIR 14 Beta - Adobe Labs Below are some of the