Hmmm, what should it be? Authentication is provided by freeradius server.

I don't think so... What kind of radius attributes these ACLs should be carried by to the controller?

Definitely not...

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.797: ****Enter processIncomingMessages: response code=2

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.797: ****Enter processRadiusResponse: response code=2

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798: b4:07:f9:71:72:e9 Access-Accept received from RADIUS server 10.129.0.244 for mobile b4:07:f9:71:72:e9 receiveId = 2

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798: AuthorizationResponse: 0x13c88408^M ^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:   structureSize................................242^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:   resultCode...................................0^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:   protocolUsed.................................0x00000001^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:   proxyState...................................B4:07:F9:71:72:E9-02:08^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:   Packet contains 7 AVPs:^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:       AVP[01] Tunnel-Medium-Type.......................0x00000006 (6) (4 bytes)^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:       AVP[02] Tunnel-Type..............................0x0000000d (13) (4 bytes)^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:       AVP[03] User-Name................................user12 (6 bytes)^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:       AVP[04] Microsoft / MPPE-Recv-Key................DATA (32 bytes)^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:       AVP[05] Microsoft / MPPE-Send-Key................DATA (32 bytes)^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:       AVP[06] EAP-Message..............................0x03090004 (50921476) (4 bytes)^M

Jan 24 18:03:52 wlc1 wlc1: *radiusTransportThread: Jan 24 18:03:52.798:       AVP[07] Message-Authenticator....................DATA (16 bytes)^M

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.800: %LOG-7-Q_IND: acl.c:301 Unable to find an ACL by name "none".

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.800: %APF-6-RADIUS_OVERRIDE_DISABLED: apf_ms_radius_override.c:204 Radius overrides disabled, ignoring source 2

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.801: b4:07:f9:71:72:e9 Applying new AAA override for station b4:07:f9:71:72:e9

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.801: b4:07:f9:71:72:e9 Override values for station b4:07:f9:71:72:e9      source: 4, valid bits: 0x0^M    qosLevel: -1, dscp: 0xffffffff, dot1pTag

: 0xffffffff, sessionTimeout: -1

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.801: b4:07:f9:71:72:e9 Override values (cont..) dataAvgC: -1, rTAvgC: -1, dataBurstC: -1, rTimeBurstC: -1         vlanIfName: '', aclName: ''

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.802: b4:07:f9:71:72:e9 Unable to apply override policy for station b4:07:f9:71:72:e9 - VapAllowRadiusOverride is FALSE

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.802: %APF-6-RADIUS_OVERRIDE_DISABLED: apf_ms_radius_override.c:204 Radius overrides disabled, ignoring source 4

I agree with Steve.  You have something setup in radius to send these back to the wlc:

Jan 24 18:03:52 wlc1 wlc1: *Dot1x_NW_MsgTask_0: Jan 24 18:03:52.801: b4:07:f9:71:72:e9 Override values for station b4:07:f9:71:72:e9 source: 4, valid bits: 0x0^M qosLevel: -1, dscp: 0xffffffff, dot1pTag

: 0xffffffff, sessionTimeout: -1

I have a tcpdump trace in front of me... Nothing makes me beleive that these values come from the radius server... It is like they come from the controller...

Any answer on this? I have the same message over and over. I'm not even using RADIUS and I have no ACLS. is this a bug?

*SNMPTask: Feb 20 10:17:54.880: %ACL-7-ENTRY_DONOT_EXIST: acl.c:301 Unable to find an ACL by name "none".[...It occurred 4 times/sec!.]

*dot1xMsgTask: Feb 20 10:18:09.079: %LOG-7-Q_IND: acl.c:301 Unable to find an ACL by name "none".

It is not really an issue (at least I can't see any relation with my actual issues ), just trying to clean up my logs...

You are right about the overwriting issue (I posted a similar message to the "Radius override disabled?" item), because "overwrited" attributes don't seem to be sent by the radius server...