Obviously I dont know what I am doing on many fronts.
The attachment didnt attach.?????????? OMG here it is..
AP Authentication Frames
Nov 17 10:57:50 station-up * 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac - - wpa aes
Nov 17 10:57:50 eap-id-req <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 5
Nov 17 10:57:50 eap-start -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac - -
Nov 17 10:57:50 eap-id-req <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 5
Nov 17 10:57:50 eap-id-resp -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 23 SOPM\user_name
Nov 17 10:57:50 rad-req -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 65414 223
Nov 17 10:57:50 eap-id-resp -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 23 SOPM\user_name
Nov 17 10:57:50 rad-resp <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac/sopm-dc1 65414 118
Nov 17 10:57:50 eap-req <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 2 34
Nov 17 10:57:50 eap-nak -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 2 6
Nov 17 10:57:50 rad-req -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac/sopm-dc1 65415 244
Nov 17 10:57:50 rad-reject <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac/sopm-dc1 65415 44
Nov 17 10:57:50 eap-failure <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 2 4 server rejected
Nov 17 10:57:52 station-up * 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac - - wpa aes
Nov 17 10:57:52 eap-id-req <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 5
Nov 17 10:57:52 eap-start -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac - -
Nov 17 10:57:52 eap-id-req <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 5
Nov 17 10:57:52 eap-id-resp -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 23 SOPM\user_name
Nov 17 10:57:52 rad-req -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 65416 223
Nov 17 10:57:52 eap-id-resp -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 1 23 SOPM\user_name
Nov 17 10:57:52 rad-resp <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac/sopm-dc1 65416 118
Nov 17 10:57:52 eap-req <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 2 34
Nov 17 10:57:52 eap-nak -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 2 6
Nov 17 10:57:52 rad-req -> 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac/sopm-dc1 65417 244
Nov 17 10:57:52 rad-reject <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac/sopm-dc1 65417 44
Nov 17 10:57:52 eap-failure <- 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac 2 4 server rejected
AP Log Security
Nov 17 10:57:50 stm[1022]: <132207> <ERRS> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 stm| RADIUS reject for station SOPM\user_name 00:1b:77:89:3e:5d from server sopm-dc1.
Nov 17 10:57:50 stm[1022]: <132053> <ERRS> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 stm| Dropping the radius packet for Station 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac doing 802.1x
Nov 17 10:57:52 stm[1022]: <132207> <ERRS> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 stm| RADIUS reject for station SOPM\user_name 00:1b:77:89:3e:5d from server sopm-dc1.
Nov 17 10:57:52 stm[1022]: <132053> <ERRS> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 stm| Dropping the radius packet for Station 00:1b:77:89:3e:5d 6c:f3:7f:c3:e8:ac doing 802.1x
AP Log User
Nov 17 10:57:50 cli[1016]: <541004> <WARN> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 cli| recv_sta_online: receive station msg, mac-00:1b:77:89:3e:5d bssid-6c:f3:7f:c3:e8:ac ssid-ShimSYDEnt.
Nov 17 10:57:50 cli[1016]: <541003> <WARN> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 cli| Client 00:1b:77:89:3e:5d is failed to authenticate, failure count is 5.
Nov 17 10:57:50 cli[1016]: <541004> <WARN> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 cli| recv_sta_offline: receive station msg, mac-00:1b:77:89:3e:5d bssid-00:00:00:00:25:73 ssid-.
Nov 17 10:57:52 cli[1016]: <541004> <WARN> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 cli| recv_sta_online: receive station msg, mac-00:1b:77:89:3e:5d bssid-6c:f3:7f:c3:e8:ac ssid-ShimSYDEnt.
Nov 17 10:57:52 cli[1016]: <541003> <WARN> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 cli| Client 00:1b:77:89:3e:5d is failed to authenticate, failure count is 6.
Nov 17 10:57:52 cli[1016]: <541004> <WARN> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 cli| recv_sta_offline: receive station msg, mac-00:1b:77:89:3e:5d bssid-00:00:00:00:25:73 ssid-.
AP Log System
Nov 17 10:59:24 cli[1016]: <341004> <WARN> |AP 6c:f3:7f:c4:3e:8a@172.20.40.114 cli| AP 172.20.40.114: Client 00:1b:77:89:3e:5d authenticate fail because RADIUS server authentication failure
AP ESSID Table
*********************************************************************************************************
11/17/2012 12:07:06 PM Target: 6c:f3:7f:c4:3e:8a Command: show network
*********************************************************************************************************
Networks
--------
Key Name Clients Type Band Authentication Method Key Management IP Assignment
--- ---- ------- ---- ---- --------------------- -------------- -------------
ShimGuest ShimGuest 0 employee all None WPA2-AES NAT Mode
ShimSYD ShimSYD 0 employee all None WPA-TKIP/WPA2-AES NAT Mode
ShimSYDEnt ShimSYDEnt 1 employee all Per User WPA-TKIP/WPA2-AES NAT Mode
NPS Accounting Log IN1211.log
<Event>
<Timestamp data_type="4">11/17/2012 11:57:52.650</Timestamp>
<Computer-Name data_type="1">SOPM-DC1</Computer-Name>
<Event-Source data_type="1">IAS</Event-Source>
<Class data_type="1">311 1 172.20.40.10 11/17/2012 00:21:06 13</Class>
<EAP-Friendly-Name data_type="1"></EAP-Friendly-Name>
<Quarantine-Update-Non-Compliant data_type="0">1</Quarantine-Update-Non-Compliant>
<Client-IP-Address data_type="3">172.20.40.114</Client-IP-Address>
<Client-Vendor data_type="0">0</Client-Vendor>
<Client-Friendly-Name data_type="1">ShimSYDAP01</Client-Friendly-Name>
<NP-Policy-Name data_type="1">Secure Wireless Connections</NP-Policy-Name>
<Proxy-Policy-Name data_type="1">Secure Wireless Connections</Proxy-Policy-Name>
<Provider-Type data_type="0">1</Provider-Type>
<SAM-Account-Name data_type="1">SOPM\user_name</SAM-Account-Name>
<Fully-Qualifed-User-Name data_type="1">SOPM\user_name</Fully-Qualifed-User-Name>
<Authentication-Type data_type="0">5</Authentication-Type>
<Packet-Type data_type="0">3</Packet-Type>
<Reason-Code data_type="0">22</Reason-Code>
</Event>