cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1043
Views
0
Helpful
2
Replies

Cisco 3650 SYSLOG

Rene MUGIRANEZA
Level 1
Level 1

Hi All;

I have Cisco 3650 (SW Version: 16.3.8) and it working as Wireless controller,

All four access points I have (AIR-AP3802I-B-K9) joined this controller and clients are connected to the WiFi.

Unfortunately, there 2 syslogs always popping :

 

*Jun 20 20:04:14.851: *%APF-4-ROGUE_CLIENT_UPDATE_FAILED:Switch 1 R0/0: wcm:  Could not update rogue AP 5475.D0A4.DDA0 with rogue client E4B3.1845.2EFA information. Maximum number of 16 rogue clients per rogue AP exceeded[...It occurred 7 times/sec!.]

 

*Jun 20 20:04:20.844: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/0/24 (1), with RWAO-HO-KIGALI-SW-1.wvr.org FastEthernet0/8 (400).

 

What caused those syslogs?

What can I do to resolve those issue?

 

Blessings;

2 Replies 2

omz
VIP Alumni
VIP Alumni

Hi 

*Jun 20 20:04:20.844: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/0/24 (1), with RWAO-HO-KIGALI-SW-1.wvr.org FastEthernet0/8 (400).

There is a native vlan mismatch. 

GigabitEthernet1/0/24 is configured with native vlan 1

RWAO-HO-KIGALI-SW-1.wvr.org FastEthernet0/8 is configured with native vlan 400

 

Enter global configuration mode.

S1# configure terminal

Enter interface configuration mode for a particular port number.

S1(config)# interface interface_id

Specify a native VLAN for untagged 802.1Q frames.S1(config-if)# switchport trunk native vlan vlan_id

 

*Jun 20 20:04:14.851: *%APF-4-ROGUE_CLIENT_UPDATE_FAILED:Switch 1 R0/0: wcm:  Could not update rogue AP 5475.D0A4.DDA0 with rogue client E4B3.1845.2EFA information. Maximum number of 16 rogue clients per rogue AP exceeded[...It occurred 7 times/sec!.]

A rogue is essentially any device that is sharing your spectrum, but is not in your control. This includes rogue Access Points (APs), wireless router, rogue clients, and rogue ad-hoc networks. The Cisco UWN uses a number of methods to detect Wi-Fi-based rogue devices including off-channel scanning and dedicated monitor mode capabilities. Cisco Spectrum Expert can also be used to identify rogue devices not based on the 802.11 protocol, such as Bluetooth bridges.

https://www.cisco.com/c/en/us/td/docs/wireless/technology/roguedetection_deploy/Rogue_Detection.html#wp44450

https://community.cisco.com/t5/wireless-security-and-network/ask-the-expert-wireless-lan-security/td-p/2876849/page/4

omz
VIP Alumni
VIP Alumni

Could not update rogue AP 5475.D0A4.DDA0 with rogue client E4B3.1845.2EFA information. Maximum number of 16 rogue clients per rogue AP exceeded[...It occurred 7 times/sec!.]

There is a rouge client with mac address -  E4B3.1845.2EFA. AP's limit for rogue clients is 16 and this rouge exceeded that limit. This happened 7 times/sec!.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: