We experienced a similar issue where we have Aruba installed. When I did some
debugs on the controller it looked like the controller thought the devices were
spoofing there mac address. I don't know much about Meru, but Aruba has a
feature, Prohibit ARP Spoofing, that we disabled and we have
We saw this when the ACS servers did not have write access to the AD domain. We
had to have the ACS servers able to write to the Domain, just for the join.
Once joined, we have been able to give them read only access.
|Bruce Boardman, Network Engineer, Syracuse University - c 315 412-4156|
Hello,
During installation/configuration of 5.2 we noticed after associating with
Active Directory that ACS could not retrieve or search for groups. This problem
doesn't exist on 5.1xx. Following the exact same procedures on that version
produced the results we expect. Has anyone ran into
Hello All,
We have been seeing a lot of MIC errors on WCS this semester, The AP
'xx' received a WPA MIC error on protocol '0' from Station
'xx.xx.xx.xx.xx.xx'. Counter measures have been activated and traffic has
been suspended for 60 seconds.
What I have read is that this may be a problem
Hi Chris,
MIC (message integrity check) was really a patch for TKIP to prevent
replay attacks. I happened to be in the IEEE TGI working group when
this feature was heavily discussed. Many felt that the
countermeasures were more harmful than beneficial. I still remember
the notion passing after
Hi Chris,
We asked this same question a while back and have decided to turn
countermeasures from 60 to zero on our controllers that serve our Resnet areas
because that is where the majority of the alarms originated.
Cisco will not officially recommend that you configure a WLAN this way but