I currently have Cisco WCS 7.0 with 7 controllers and about 150 access points. Everything is working pretty good except for one critical error that I keep getting. It is "
AP Impersonation of MAC '00:23:eb:39:b2:c0' using source MAC '00:23:eb:39:b2:c0' is detected by authenticated AP 'SPECED-1STFLR-SOUTHEAST' on '802.11b/g' radio and Slot ID '0'." I have seen on Cisco documents that it is a way of dealing with rogue ap's, but this one the mac being impersonated and the source mac are both the same and I have about 100 of these critical errors. I looked on my maps and don't see any rogue ap's on them. What is the main cause of this and is there something that I need to do to fix this. If there is any more information needed please let me know, as I am kind of new to the system.
I have seen this caused by some clients as well. Not sure why you are seeing same mac, device being impersonated is the same as the defaulter. a dirty way of dealing it will be to see if you are seeing these messages only for a few APs (see if there is a pattern) or if it is random.
Next step would be to isolate a AP which shows up often in the alarm and sweep the area around the AP (phsyically check the surrounding area using spectrum analyzer or similar) to see if there are any wireless devices which are not supposed to be there.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...