Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
932
Views
0
Helpful
4
Replies

ACS 5.1 How to Ignore all host auth requests

pablo1711
Level 1
Level 1

‎03-18-2011 05:25 PM - edited ‎03-10-2019 05:55 PM

I am using ACS5.1 connected to WLC (v7.x) and frequently see host auth requests in the ACS logs.  I am not interested in seeing host auth requests at all.  Is there anyway just to ignore these.

The issue is that these will always fail.  If I enable the lock out facility within WLC and a host continually tries to auth the WLC will lock-out that mac address meaning that when the user is ready to connect with their own credentials they are unable to as the WLC is blocking that mac address from connecting to the wireless network.

I tried disabling the 'process host lookup' option, but this apparently only changes the type of request to appear like a standard PAP auth request which again fails, filling up my RADIUS logs and stopping me from enabling the WLC lookout feature.

So, as I say, I want to simply ignore host requests.  I have no control over the end points so am unable to go and update config etc of these devices.

Many Thanks

Paul

Labels:
0 Helpful
4 Replies 4

Erick Delgado
Level 1
Level 1

‎04-15-2011 07:02 AM

Hello,

The ACS will log everything that he receives. There is no way to avoid the authentications request.

What you can do is to filter the logs and in that way you won't see it but the ACS will keep the logs of everything that he receive.

Hope this clarify your concern.

Erick Delgado


Cisco CSE

0 Helpful

pablo1711
Level 1
Level 1
In response to Erick Delgado

‎04-17-2011 01:20 AM

I wasn't asking about logging.  But surely there must be some configuration that allows ACS to ignore machine auths? - For example there are at least two places where there are check boxes to 'ignore machine auth' or similar, yet checking and unchecking this seems to make no difference.  So if that is the case why have it?

Paul

-

0 Helpful

Bastien Migette
Cisco Employee
Cisco Employee

‎04-18-2011 02:18 AM

Hello Pablo,

In the Active Directory configuration, you can disable support for machine authentication, but that won't prevent host from trying to do so thus generating logs.

If you want that host does not try to do host authenticaiton, you can disable it in the network adapter preferences:

0 Helpful

pablo1711
Level 1
Level 1
In response to Bastien Migette

‎04-18-2011 04:35 AM

Yes, I have done both of these already, yet I am still seeing failed authentications (rather than ignored or anything else) for hosts.

Paul

0 Helpful
Customers Also Viewed These Support Documents