We're rolling out 5508's/3600's/ISE's/MSE's, using existing NCS's. using dot1x (machine certs EAP/TLS MS laptops) on one SSID, 2 x other SSID's have open auth.
MSE is flagging Association Table Overflows on loads of WAPS, reseller TAC case tells me its .1x and misconfigured clients
half authing causing this (not uncommon problem apparently), however my desktop support colleagues ideally need at least a mac
address to identify a misconfigured device (if not more)
Been debugging dot1x on the 5508's and looking at MSE/WAP forensic wireshark files created on the Association Table overflow rule, but nothing leaps out immediately for the offending devices
What would be the quickest way to individually identify these devices that are filling the WAP association tables ??
(Can specific WAP Association tables be viewed with controller based WAPS's ???? )
Anyone solved similar ??
thanks
Martyn