- Bronze, 100 points or more
I regularly get these messages from my ACS box, which is (among other things) supporting 802.1x / PEAP authentication for my wireless users.
Note that the misspelling of "authentication" is intentional - e.g. the typo is in the syslog coming out of ACS
Cisco_ACS_3_x_02 1 2 1432610766 Caller-ID=00-22-69-zz-xx-yy,NAS-IP-Address=Â10.x.y.100,AAA Server=acssvr1,User-Name=DOMAIN\username,NAS-Port=1,MessaÂge-Type=Authen failed,Authen-Failure-Code=Authetication session invalidatedÂ,Date=02/11/2009,Time=14:23:19,Group-Name=Default Group,Author-Data=,Real NÂame=,Description=,ExtDB Info=EXTERNALDB,Access Device=RemoteOfficeWLAN1,Priv-lvl=,ProxÂy-IP-Address=,Source-NAS=,Network Device Group=Wireless Controllers,EAP TypÂe=25,EAP Type Name=MS-PEAP,
Perhaps I'd be better off cross-posting this to the wireless forum, but I figured I should start here first.
So my question is: is the ACS invalidating the session, is it part of PEAP, or is it something on the wireless controller thats forcing the re-auth? Is this cause for concern or further investigation, or should I tune it out (in my MARS box, which is firing alerts for "Failed AAA authentication")