Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

WLC excluding client with reason Identity Theft

Hi,

Gear: 5508 (7.4.100) + AIR-CAP3502I-E-K9 (all in local mode)

Setup: 2 SSIDs: SSID1 (802.1x - PEAP/MSCHAP v2) and SSID2 (Webauth)

Issue: Encountered an issue where a client (Windows phone 8.1) which used to work fine was unable to connect to SSID1. It has been working fine until yesterday. From the client debug, I see that it authenticates fine and goes to DHCP_REQD (although on client device I see the IP, it has the Ip from the correct subnet) but do not get and IP and I see the following:

'Ignoring assoc request due to mobile in exclusion list or marked for deletion'

When looked on the WLC, I see the reason of exclusion as 'Identity Theft' and following message:

'Client Excluded: MACAddress: xx:xx:xx:xx:xx:xx Base Radio MAC :xx:xx:xx:xx:xx:xx Slot: 0 User Name: host/xyz.domain.com Ip Address: unknown Reason:Attempted to use IP Address assigned to another device. ReasonCode: 3'

I checked on the DHCP server to see if there is any IP conflict but found none. I released the IP of this client from DHCP server and tried to reconnect, issue still persists.

As of now, only this client has reported issues, but I see a couple more clients on the WLC with same message as the reason for exclusion. It would be helpful if anyone could let me know more info about that error code/message and how should I approach this issue?

Also, as soon as I enable debug client on the WLC, it floods the terminal session with following messages:

*apfMsConnTask_3: Sep 23 12:12:02.527: Stats update: Non Zero value

*apfMsConnTask_3: Sep 23 12:12:02.527: Stats update: Non Zero value

*apfMsConnTask_3: Sep 23 12:12:02.527: Stats update: Non Zero value

*apfMsConnTask_3: Sep 23 12:12:02.527: Stats update: Non Zero value

I don't believe this has to do anything with the issue at hand, however I would like to know what does this mean and how can I stop this?

 

Thanks,

Utkarsh 

Everyone's tags (2)
920
Views
0
Helpful
0
Replies
CreatePlease to create content