Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Deny All role being assigned. Why?

This thread has been viewed 28 times

  • 1.  Deny All role being assigned. Why?

    Posted Dec 16, 2014 05:58 AM

    Hi All,

     

    I can see the Deny All role is being assigned to some clients from time to time. 

     

    It's an instant network and there's no specific Deny All role configured.

     

    Why would users be put in this role?

     

    Blacklisted?

    Max user limit reached on an AP?

     

    Another reason?

     

    Cheers

    James



  • 2.  RE: Deny All role being assigned. Why?

    Posted Dec 16, 2014 10:38 AM

    Hi,

     

    Which authentication is configured, dot1x or both MAC+dot1x and also can you share what is the image version of the IAP.

     

    please share the required information.



  • 3.  RE: Deny All role being assigned. Why?

    Posted Dec 16, 2014 12:23 PM
    I noticed this the other day on a mac auth setup and the user failed authentication and received the Deny All role


  • 4.  RE: Deny All role being assigned. Why?

    Posted Dec 17, 2014 07:48 AM

    There's no MAC auth in the deployment I was looking at.



  • 5.  RE: Deny All role being assigned. Why?

    Posted Dec 17, 2014 08:34 AM
    Did the user received this role after failing auth ?


  • 6.  RE: Deny All role being assigned. Why?

    Posted Feb 16, 2016 10:19 AM

    Dear All,

     

    I have the same issue, i am using MAC-Auth on one of the SSID. Most of the user are connected and getting the normal role. But some of the users are getting deny all role? why it is happened?

     

    I am using IAP-105



  • 7.  RE: Deny All role being assigned. Why?

    EMPLOYEE
    Posted Feb 16, 2016 11:08 AM

    You have to publish your config for us to understand what could be happening.



  • 8.  RE: Deny All role being assigned. Why?

    Posted Mar 16, 2017 12:54 PM

    Has there been any kind of answer to this? I too see clients assigned deny all role for unknows reasons. Is there a way to determine the reason for this role being assigned? IAP-225's running 4.2.4.5. WPA-2 Enterprise with RADIUS authentication going to a Windows 2008 R2 domain controller running NPS. 

     

    Thanks,

    Ricki



  • 9.  RE: Deny All role being assigned. Why?

    EMPLOYEE
    Posted Mar 16, 2017 01:47 PM

    You have to publish your configuration or possibly your tech-support for us to even understand what is wrong.



  • 10.  RE: Deny All role being assigned. Why?

    MVP EXPERT
    Posted Mar 17, 2017 07:08 AM

    Hey, I've seen this before in deployments as well, usually in 802.1x. When I took it was up with an SE I found that the reason was due to the client not authenticating to the network but still associated to the  BSSID (in order to complete the authorization). So the client had associated but the 802.1x did not occur correctly (such as a timeout or similar) they are placed in the Deny All.

     

    So in short since the client has a "connection" to the SSID but not a valid connection to the network, they was placed in the Deny All.



  • 11.  RE: Deny All role being assigned. Why?

    Posted Sep 10, 2019 09:51 AM

    Hi All,

             Even i am facing the same issue , if anyone has fix on this issue please suggest.

     

     



  • 12.  RE: Deny All role being assigned. Why?

    EMPLOYEE
    Posted Sep 10, 2019 09:58 AM

    Closing this thread because it was opened in 2014.   Many things have changed since then.. Please open a new thread with your specific details so the community can help.