Hello guys,
I am getting above error on my WLC and I've got setting to exclude the client for 20 minutes. After checking in Rogues there are two SSID's whos mac address is causign this.I am not sure why I am getting these logs.
Client Excluded: MACAddress:e0:75:7d:30:75:bb Base Radio MAC :3c:ce:73:9b:72:50 Slot: 1 User Name: unknown Ip Address: unknown Reason:802.1x Authentication failed 3 times. ReasonCode: 4
Rogue AP : 00:14:1b:5b:c9:10 detected on Base Radio MAC : 3c:ce:73:9b:72:50 Interface no:0(802.11b/g) on Channel 6 with RSSI: -87 and SNR: 4 and Classification: unclassified
Also could any one explain what should we do with Rogues Clients. In my case my WLC is detecting all the SSID's around where i am.
Please give me advise on this as I am bit confused.
Thanks for your help and support.
Umar
It's probably someone who tried connecting to one of your SSID's and didn't know the login. So now its stored on the device and the device constantly tries to connect.
Sent from Cisco Technical Support iPhone App
Hi Scott thanks for the reply. I think I will add these MAC address in to disable clients prbably best thing to do..
Yeah thats what I would do until a user complains and then you can figure out who it is.
Sent from Cisco Technical Support iPhone App
Do you have Cisco VoIP phones by chance ?
Sent from Cisco Technical Support iPhone App
Not yet but may be soon in the future.
Thanks guys for your help and advices.
Hi George,
I have a similar Problem and we use Cisco 7925G phones.
The phones are authenticating via a local user on the WLC. APs are connected via flex connect. a the message log from the wlc I see the following error, wich is from the phones:
AAA Authentication Failure for UserName:anonymous User Type: WLAN USER
therafter I got several messages from a good authentication:
Client Authenticated: MAC Address:f4:cf:e2:aa:8a:06 base Radio MAC:80:e0:1d:bd:0f:20 Slot: 1 User Name:cphone IP Addr:172.20.9.138 SSID:test
do you have any idea?
Local Authentication is designed as a backup authentication system. If any RADIUS servers are configured on the controller, the controller tries to authenticate the wireless clients with the RADIUS servers first. Local Authentication is attempted only if no RADIUS servers are found, either because the RADIUS servers timed out or no RADIUS servers were configured...
Thanks for the answer.
We use EAP-Fast with a configured User on the WLC. If you will check the Box from the advanced tab "FlexConnect Local Auth" we have extreme voice problems, even when you are at the same position. The connection breakes down with the message "Authentication failed" on the phone. then you see this messages on the WLC:
AAA Authentication Failure for UserName:anonymous User Type: WLAN USER
Client Authenticated: MAC Address:f4:cf:e2:aa:8a:06 base Radio MAC:80:e0:1d:bd:0f:20 Slot: 1 User Name:cphone IP Addr:172.20.9.138 SSID:test
after a few seconds the phone is connected again and you can go ahead with the call but the same error comes back within a few second / minutes.
when I do uncheck the box then I have this Problems only when de phone roams to the next access point.
does someone has an idea?