Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1148
Views
0
Helpful
3
Replies

802.1x failure with PSK enabled???

brstrode
Cisco Employee
Cisco Employee

‎12-02-2019 11:53 AM - edited ‎07-05-2021 11:22 AM

I came onto my network this morning to find that one device could not connect.  The following is the message I was getting in the WLC.

 

  Mon Dec 2 14:50:50 2019 Client Excluded: MACAddress:60:57:18:d3:1f:1c, Base Radio MAC:54:7c:69:da:57:00, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4

 

I did a little digging and the only recommendation I could find was to try and change the PSK.  To be clear there were other devices that were connected and working.  So I attempted to change the PSK just to see if that solved the problem.  It did.  So I changed several of the other devices temporarily just to see what was happening.  The other devices connected after I rebooted them.  However now I am running into an issue that the devices are being either removed or just stopped from getting to the internet.  The device will work for 30 minutes or more and then out of no where the internet connection will just drop.  The device remains connected to the AP but the internet is gone. 

 

I am going to include some logs below.  Is there a bug with my version of software or do I have something mis-configured?  I am attaching snippets as well.  Please let me know if further info is needed.

 

0 Mon Dec 2 19:32:23 2019 Client Excluded: MACAddress:2c:54:91:71:d3:51, Base Radio MAC:70:b3:17:c0:49:c0, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
1 Mon Dec 2 19:32:22 2019 Rogue client: 18:65:71:51:36:78 is detected by 1 APs Rogue Client Bssid: 80:3f:5d:5a:e8:75, State: Alert, Last detecting AP :70:b3:17:c0:49:c0 Rogue Client gateway mac 00:23:6a:a1:51:2c.
2 Mon Dec 2 19:32:02 2019 Rogue client: c4:95:00:52:88:83 is detected by 1 APs Rogue Client Bssid: 00:23:6a:a1:51:2d, State: Alert, Last detecting AP :70:b3:17:c0:49:c0 Rogue Client gateway mac 00:23:6a:a1:51:2c.
3 Mon Dec 2 19:31:36 2019 Client Excluded: MACAddress:a8:47:4a:a7:39:57, Base Radio MAC:70:b3:17:c0:49:c0, Slot:1, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
4 Mon Dec 2 19:30:53 2019 Rogue AP: 1e:12:b0:b7:b4:e0 detected on Base Radio MAC: 54:7c:69:da:57:00 Interface no: 0(802.11n(2.4 GHz)) Channel: 11 RSSI: -48 SNR: 49 Classification: unclassified, State: Alert, RuleClassified : N, Severity Score: 0, RuleName: N.A. ,Classified AP MAC: 54:7c:69:da:57:00 ,Classified RSSI: 0
5 Mon Dec 2 19:30:28 2019 Client Excluded: MACAddress:5c:41:5a:cf:ca:c3, Base Radio MAC:54:7c:69:da:57:00, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
6 Mon Dec 2 19:28:50 2019 Client Excluded: MACAddress:2c:54:91:71:d3:51, Base Radio MAC:54:7c:69:da:57:00, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
7 Mon Dec 2 19:28:16 2019 Rogue AP : a4:2b:8c:01:59:b5 removed from Base Radio MAC : 70:b3:17:ad:b0:60 Interface no:0(802.11n(2.4 GHz))
8 Mon Dec 2 19:27:49 2019 Client Excluded: MACAddress:a8:47:4a:a7:39:57, Base Radio MAC:70:b3:17:c0:49:c0, Slot:1, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
9 Mon Dec 2 19:26:25 2019 Client Excluded: MACAddress:5c:41:5a:cf:ca:c3, Base Radio MAC:54:7c:69:da:57:00, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
10 Mon Dec 2 19:25:09 2019 Client Excluded: MACAddress:2c:54:91:71:d3:51, Base Radio MAC:70:b3:17:c0:49:c0, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
11 Mon Dec 2 19:24:04 2019 Client Excluded: MACAddress:a8:47:4a:a7:39:57, Base Radio MAC:70:b3:17:c0:49:c0, Slot:1, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
12 Mon Dec 2 19:22:34 2019 Client Excluded: MACAddress:5c:41:5a:cf:ca:c3, Base Radio MAC:70:b3:17:c0:49:c0, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
13 Mon Dec 2 19:21:36 2019 Client Excluded: MACAddress:2c:54:91:71:d3:51, Base Radio MAC:54:7c:69:da:57:00, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
14 Mon Dec 2 19:21:25 2019 Rogue AP : 60:38:e0:b2:c3:59 removed from Base Radio MAC : 70:b3:17:c0:49:c0 Interface no:0(802.11b/g)
15 Mon Dec 2 19:20:17 2019 Client Excluded: MACAddress:a8:47:4a:a7:39:57, Base Radio MAC:70:b3:17:c0:49:c0, Slot:1, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
16 Mon Dec 2 19:19:51 2019 Rogue client: ec:f0:0e:5b:74:d7 is detected by 1 APs Rogue Client Bssid: cc:2d:e0:2b:96:3f, State: Alert, Last detecting AP :70:b3:17:ad:b0:60 Rogue Client gateway mac ff:ff:ff:ff:ff:ff.
17 Mon Dec 2 19:18:44 2019 Client Excluded: MACAddress:5c:41:5a:cf:ca:c3, Base Radio MAC:70:b3:17:c0:49:c0, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
18 Mon Dec 2 19:18:05 2019 Client Excluded: MACAddress:2c:54:91:71:d3:51, Base Radio MAC:54:7c:69:da:57:00, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
19 Mon Dec 2 19:16:57 2019 Rogue AP : 00:25:f0:af:2d:a4 removed from Base Radio MAC : 70:b3:17:c0:49:c0 Interface no:0(802.11n(2.4 GHz))
20 Mon Dec 2 19:16:35 2019 Client Excluded: MACAddress:5c:52:1e:9b:4c:5e, Base Radio MAC:70:b3:17:c0:49:c0, Slot:0, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4
21 Mon Dec 2 19:16:30 2019 Client Excluded: MACAddress:a8:47:4a:a7:39:57, Base Radio MAC:70:b3:17:c0:49:c0, Slot:1, Username:Unknown, IP Address:Unknown, Reason:802.1x Authentication failed 3 times., ReasonCode:4

 

 

2 people had this problem
Labels:
Preview file
2 KB
Preview file
40 KB
Preview file
39 KB
Preview file
17 KB
Preview file
16 KB
0 Helpful
3 Replies 3

Scott Fella
Hall of Fame
Hall of Fame

‎12-02-2019 11:58 AM

I’m confused here… you are doing 802.1x with psk? Typically you do one or the other.
-Scott
*** Please rate helpful posts ***
0 Helpful

brstrode
Cisco Employee
Cisco Employee
In response to Scott Fella

‎12-02-2019 12:00 PM

My apologies I should have made that more clear.  I am running PSK.  But the error I am getting in the logs is saying 802.1x failure which does not make sense.

0 Helpful

mehmet00
Level 1
Level 1

‎10-24-2022 11:48 PM

I'm getting the same error even though I don't do 802.1x.
Is there any solution about the issue?

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card