Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1159
Views
0
Helpful
2
Replies

WLC logs Authentication failed for client xxx ACL override mismatch from AAA server

Not applicable

‎07-09-2017 01:38 PM - last edited on ‎03-11-2019 12:50 AM by

Hi,

 

Have simple setup where the wlc uses ISE for Radius for AAA , and get this message 

%APF-3-CLIENT_NO_ACCESS: Authentication failed for client: 74:8d:08:6a:f1:43. ACL override mismatch from AAA server

The authC policy checks wireless MAB and default network access and continue if user not found.

At this point the from the ISE does not show an error, but the wlc displays the above error in the log, and the user is not able to connect to the WLAN .

Any useful suggestions would be great 

Labels:
0 Helpful
2 Replies 2

Francesco Molino
VIP Alumni
VIP Alumni

‎07-09-2017 02:41 PM

Hi 

Do you have a firewall in between your wlc and ISE? They're communicating through port udp/1700 for CoA.

What are ISE logs? 

Was it working before? Does the acl name in ISE profile and wlc is exactly the same (case sensitive)?

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Gagandeep Kaur
Cisco Employee
Cisco Employee
In response to Francesco Molino

‎07-09-2017 09:13 PM

Duplicate of https://supportforums.cisco.com/discussion/13329386/wlc-logs-authentication-failed-client-xxx-acl-override-mismatch-aaa-server

0 Helpful
Customers Also Viewed These Support Documents