We currently have Prime Infrastructure 1.3 and we are having problems with one user. I would like to block her by username instead of mac, but I haven't found a place to do this. Is there anyway to do this? We don't have ISE or anything else that would help with this yet. Thank you for your help.
So basically, you've got someone using someone else's username and constantly hammering the authentication server (by using the wrong password) and locking out the account.
We see this all the time in our network and the best method of stopping this from happening is to track down which WLC is/are the wireless clients (using the wrong password) and temporarily blocking ALL the MAC addresses.
One of the most insane work-around I've heard is to give the legitimate user a new username and shut down the old one. Again, it's an "easy" fix but it's plain lazy.
Actually the user gave her password to someone else and it got passed around, so now there are about 800 mac addresses under her username. We are in a school district, so anytime kids get a hold of a password they take advantage. Thank you very much for your help.
Ok, they are PED (personal devices). We'll have to be creative.
Firstly, there's a setting in MS AD that will allow only limited instance to authentication. Meaning a setting for individual account where you can only log in to ONE device. So you enable this for this user alone.
Next, disable the wireless (temporarily). Get the teacher to log in (wired network) and once she's logged in to the wired network then you enable the wireless again.
The students using the wrong login credentials will not be able to log in so they'll be forced to use their own (I hope).
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...