Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
433
Views
0
Helpful
1
Replies

WCS Error

Muhammad Noman
Level 1
Level 1

‎03-26-2014 04:30 AM - edited ‎07-05-2021 12:32 AM

Hai,

We have deployed 5508 WLC along with 3502 AP's, from wcs plus i am receiving the following error. Can anyone help me out what to do in this situation.

 

IDS 'Deauth flood' Signature attack detected on AP <AP NAME >' protocol '802.11b/g' on Controller < IP ADDRESS>. The Signature description is 'Deauthentication flood', with precedence '9'. The attacker's mac address is <MAC ADDRESS >, channel number is '6', and the number of detections is '300'.

 

Regards,

Muhammad Noman

 

Labels:
0 Helpful
1 Reply 1

luckymike33
Level 1
Level 1

‎03-26-2014 04:40 AM

 

Have you thought about the following:

 

- Check with TAC that your version of Controller software does not have a bug know to cause this, some do.

- Once a bug is ruled out, treat this like a genuine attack, and use rssi to detect the rogue AP sending these deauth messages. This shouldn't be too hard if you can see this on multiple APs.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card