08-09-2013 11:40 AM - edited 07-04-2021 12:37 AM
I have a WLC 2504 that is using RADIUS authentication for two of our three SSIDs. In my logs, I keep getting two hosts that are attemtpting to authenticate over and over, with obviously incorrect usernames for our environment. I have the suspicion that these constant authentication requests are causing issues with our Windows servers that actually handle authentication, so I'm wondering is there a way to find the MAC addresses for the offending machines and ban them from the wireless network so they stop spamming my RADIUS server I mean they're not getting access through our network anyway so I don't have a problem kicking them entirely.
All I have in the log is this:
0 | Fri Aug 9 13:38:12 2013 | AAA Authentication Failure for UserName:1310260130521226@wlan.mnc260.mcc310.3gppnetwork.org User Type: WLAN USER |
1 | Fri Aug 9 13:38:07 2013 | AAA Authentication Failure for UserName:1310260130521226@wlan.mnc260.mcc310.3gppnetwork.org User Type: WLAN USER |
2 | Fri Aug 9 13:37:42 2013 | AAA Authentication Failure for UserName:1310260130521226@wlan.mnc260.mcc310.3gppnetwork.org User Type: WLAN USER |
3 | Fri Aug 9 13:37:37 2013 | AAA Authentication Failure for UserName:1310260130521226@wlan.mnc260.mcc310.3gppnetwork.org User Type: WLAN USER |
4 | Fri Aug 9 13:37:31 2013 | AAA Authentication Failure for UserName:1310260130521226@wlan.mnc260.mcc310.3gppnetwork.org User Type: WLAN USER |