cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5621
Views
0
Helpful
8
Replies

AAA Authentication Failure for UserName:anonymous User Type: WLAN USER

umar bhatti
Level 1
Level 1

Hello guys,

I am getting above error on my WLC and I've got setting to exclude the client for 20 minutes. After checking in Rogues there are two SSID's whos mac address is causign this.I am not sure why I am getting these logs.

Client Excluded: MACAddress:e0:75:7d:30:75:bb Base Radio MAC :3c:ce:73:9b:72:50 Slot: 1 User Name: unknown Ip Address: unknown Reason:802.1x Authentication failed 3 times. ReasonCode: 4

Rogue AP : 00:14:1b:5b:c9:10 detected on Base Radio MAC : 3c:ce:73:9b:72:50 Interface no:0(802.11b/g) on Channel 6 with RSSI: -87 and SNR: 4 and Classification: unclassified

Also could any one explain what should we do with Rogues Clients. In my case my WLC is detecting all the SSID's around where i am.

Please give me advise on this as I am bit confused.

Thanks for your help and support.

Umar

8 Replies 8

Scott Fella
Hall of Fame
Hall of Fame

It's probably someone who tried connecting to one of your SSID's and didn't know the login. So now its stored on the device and the device constantly tries to connect.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Hi Scott thanks for the reply. I think I will add these MAC address in to disable clients prbably best thing to do..

Yeah thats what I would do until a user complains and then you can figure out who it is.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

George Stefanick
VIP Alumni
VIP Alumni

Do you have Cisco VoIP phones by chance ?

Sent from Cisco Technical Support iPhone App

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Not yet but may be soon in the future.

Thanks guys for your help and advices.

Hi George,

I have a similar Problem and we use Cisco 7925G phones. 

The phones are authenticating via a local user on the WLC. APs are connected via flex connect. a the message log from the wlc I see the following error, wich is from the phones:

 

AAA Authentication Failure for UserName:anonymous User Type: WLAN USER

therafter I got several messages from a good authentication:

Client Authenticated: MAC Address:f4:cf:e2:aa:8a:06 base Radio MAC:80:e0:1d:bd:0f:20 Slot: 1 User Name:cphone IP Addr:172.20.9.138 SSID:test

 

do you have any idea?

Local Authentication is designed as a backup authentication system. If any RADIUS servers are configured on the controller, the controller tries to authenticate the wireless clients with the RADIUS servers first. Local Authentication is attempted only if no RADIUS servers are found, either because the RADIUS servers timed out or no RADIUS servers were configured...

Thanks for the answer. 

We use EAP-Fast with a configured User on the WLC. If you will check the Box from the advanced tab "FlexConnect Local Auth" we have extreme voice problems, even when you are at the same position. The connection breakes down with the message "Authentication failed" on the phone. then you see this messages on the WLC:

 

AAA Authentication Failure for UserName:anonymous User Type: WLAN USER

Client Authenticated: MAC Address:f4:cf:e2:aa:8a:06 base Radio MAC:80:e0:1d:bd:0f:20 Slot: 1 User Name:cphone IP Addr:172.20.9.138 SSID:test

 

after a few seconds the phone is connected again and you can go ahead with the call but the same error comes back within a few second / minutes.

when I do uncheck the box then I have this Problems only when de phone roams to the next access point. 

 

does someone has an idea? 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: