Hi folks,

I regularly get these messages from my ACS box, which is (among other things) supporting 802.1x / PEAP authentication for my wireless users.

Note that the misspelling of "authentication" is intentional - e.g. the typo is in the syslog coming out of ACS

Cisco_ACS_3_x_02 1 2 1432610766 Caller-ID=00-22-69-zz-xx-yy,NAS-IP-Address=­10.x.y.100,AAA Server=acssvr1,User-Name=DOMAIN\username,NAS-Port=1,Messa­ge-Type=Authen failed,Authen-Failure-Code=Authetication session invalidated­,Date=02/11/2009,Time=14:23:19,Group-Name=Default Group,Author-Data=,Real N­ame=,Description=,ExtDB Info=EXTERNALDB,Access Device=RemoteOfficeWLAN1,Priv-lvl=,Prox­y-IP-Address=,Source-NAS=,Network Device Group=Wireless Controllers,EAP Typ­e=25,EAP Type Name=MS-PEAP,

Perhaps I'd be better off cross-posting this to the wireless forum, but I figured I should start here first.

So my question is: is the ACS invalidating the session, is it part of PEAP, or is it something on the wireless controller thats forcing the re-auth? Is this cause for concern or further investigation, or should I tune it out (in my MARS box, which is firing alerts for "Failed AAA authentication")