issue: wireless client 64:27:37:9b:ed:97 spoofed the MAC of AP 18:ef:63:9b:bb:96 and trying to send data. Sure this wireless client is connected to the AP 18:ef:63:9b:bb:96 when the issue occured.
64:27:37:9b:ed:97, it is a culprit that causing this issue. 64:27:37 belong to hon hai(may be wireless client vendor for dell or something). Update the latest good known driver on those clients and you will be fine.
Wireless packet capture between the client and ap should prove the issue.
The reason of the erros is that there are other access points that use your AP's mac address.
Your AP's MAC address is being used by some other party and your WLC detects that the MAC address is being used by somebody else while it actually belongs to one of the APs joined to it.
This happens usually if there is another wireless system can your hear the signal from your wireless system. Some wireless systems use some security features by impersonating another (rogue) wireless system in neighbor.
What you can do:
- If you are using more than one WLC, mac sure they are all on same mobility and RF groups.
- If all WLCs under same mobility/RF groups, then try to look in neighbor of AP "APc84c.75f3.e51a" that detected the attack and find any other wireless systems around. If any exist then try to either remove them. If they it is a legitimate WLAN then ask the WLAN administrator to configure his systme not to harm your WLAN. This is configurable in the security features in that system.
Rating useful replies is more useful than saying "Thank you"
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...