Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

WCS Alarms

We have deployed Wireless in a few offices as a proof of concept and we have started to get the following alarm at one site:

The AP '00:1f:ca:2e:59:a0' with protocol '802.11b/g' on Controller '#.#.##.#' received a message with a large NAV field and all traffic on the channel has been suspended. This is most likely a malicious denial of service attack.

The above is continually being reported on a couple (but not all) APs at this office.

In addition do you have any info/comment on the following:

· Big NAV Attack detected.

· Auth/De-auth floods i.e. "IDS 'Auth flood' Signature attack detected".

· Assoc/Deassoc flood i.e. "IDS 'Assoc flood' Signature attack detected".

Many Thanks

1 REPLY
Silver

Re: WCS Alarms

Here is the URL for the Alarms and Events for the WCS. Following guide will help you for the Events and Alarms :

http://www.cisco.com/en/US/docs/wireless/wcs/4.1/configuration/guide/wcsevent.html

339
Views
0
Helpful
1
Replies
CreatePlease to create content