Introduction
Authentication Success messages not seen in the Trap logs on WLC
Problem
The Trap logs on the controller do not show any Authenticated messages. One can see DeAuthenticated messages but cannot see any Authenticated messages eventhough there are clients associated with the APs on that controller.
Solution
Check the trap log controls under MANAGEMENT>SNMP>Trap Controls. Under the client options check if 'Authentication' is enabled. By default this option is disabled since most users are interested only in the failed logs.
SNMP Trap Controls and their respective Traps
Client Traps | 802.11 Association | bsnDot11StationAssociate |
802.11 Disassociation | bsnDot11StationDisassociate |
802.11 Deauthentication | bsnDot11StationDeauthenticate |
802.11 Failed Authentication | bsnDot11StationAuthenticateFail |
802.11 Failed Association | bsnDot11StationAssociateFail |
Exclusion | bsnDot11StationBlacklisted |
NAC Alert | cldcClientWlanProfileName, cldcClientIPAddress, cldcApMacAddress, cldcClientQuarantineVLAN, cldcClientAccessVLAN |
Client Related Traps
- 802.11 Association—Associate notification that is sent when the client sends an association frame.
- 802.11 Disassociation—Disassociate notification that is sent when the client sends a disassociation frame.
- 802.11 Deauthentication—Deauthenticate notification that is sent when the client sends a deauthentication frame.
- 802.11 Failed Authentication—Authenticate failure notification that is sent when the client sends an authentication frame with a status code other than successful.
- 802.11 Failed Association—Associate failure notification that is sent when the client sends an association frame with a status code other than successful.
- Exclusion—Associate failure notification that is sent when a client is Exclusion Listed (blacklisted).
- Authentication—Authentication notification that is sent when a client is successfully authenticated.
- Max Clients Limit Reached—Notification that is sent when the maximum number of clients, defined in the Threshold field, have associated with the controller.
- NAC Alert—Alert that is sent when a client joins an SNMP NAC-enabled WLAN. This notification is generated when a client on NAC-enabled SSIDs complete Layer2 authentication to inform about the client's presence to the NAC appliance. cldcClientWlanProfileName represents the profile name of the WLAN that the 802.11 wireless client is connected to. cldcClientIPAddress represents the unique IP address of the client. cldcApMacAddress represents the MAC address of the AP to which the client is associated. cldcClientQuarantineVLAN represents the quarantine VLAN for the client. cldcClientAccessVLAN represents the access VLAN for the client.
- Association with Stats—Associate notification that is sent with data statistics when a client associates with the controller or roams. The data statistics include transmitted and received bytes and packets.
- Disassociation with Stats—Disassociate notification that is sent with data statistics when a client disassociates from the controller. The data statistics include transmitted and received bytes and packets, SSID, and session ID.
Source
Authenticated messages in logs on WLC
Reference
SNMP Trap Controls and their respective Traps