Showing results for 
Search instead for 
Did you mean: 
Amjad Abdullah

Failed attempts on radius from a strange user

Hello all,

I have ACS server 4.2 and I have noticed that there are too many failed attempts from usernames just like:

The number before the "@" changes for different users! (I am not ev

I tried to search for those I noticed it is something related to using 3G networks over Wi-Fi!!

I am not familiar with this technology (if my undrestanding about thi is correct).

I just want to know what type of devices would possibly use this feature (what mobile phones vendors for example) and how to stop it (configure it correctly on the end station).

apprecaite your help.


Rating useful replies is more useful than saying "Thank you"
Cisco Employee

Hey Amjad

First of all , you need to know which AAA client submit authentication requests with such user ids.

If it is wireless supporting equipment such as WLC or autonomous AP, you need to verify if you have SSIDs

configured for dot1x. The reason why those clients might be using special type of EAP that is not supported

on your ACS 4.x. You need to check the EAP types configured , the failed attempts as well the auth.log the RDS.log

in after making sure to set the logging level to full.

Then you should try to track those devices and identify where they might be located within your premises.


Thanks Mohammad for your quick reply.

I already know that failed attempt is due improper configuratoin on client. failure code in ACS is "EAP type not configured". Those stations -that high likely a mobile phones - usually use EAP-SIM which is not even supported by our ACS.

EAP-SIM configuration by default has "User name in Use" configured as "From SIM card". This is why we possibly seeing those.

Tracking the device is very difficult due to users are mobile and there are too many users around in same area/areas.

I just now successfully isolated that all devices reported this are Nokia devices!! Now it is easier to go to some area and ask about those who have Nokia phones rather than checking everyone's phone.

Thanks ya m3almi.


Rating useful replies is more useful than saying "Thank you"

I said So , but just wanted to confirm it systematically.

yalla rate me ya m3alim

Recognize Your Peers
Content for Community-Ad