04-05-2017 08:00 AM
Hi All, I'm implementing MAC auth and a few devices are failing as expected. However, the AT is full of rejects, many of them the same devices and it is becoming a bit hard to weed through it. Is there a way to filter unique rejects? And then possibly only display rejects that have not changed to accepts?
04-05-2017 08:17 AM
04-05-2017 08:25 AM
Not sure you can get this from the access tracker directly...... you are going to see many MAC rejects- that's how they get to the captive portal page...
you could enable access to the insight database... setup some sql to grab users that had more than x number of rejects in a timeframe from the auth table with no success or perhaps a join on radius_auth with radius_acct and select macs that only show up in radius_auth (ie never got a session, only rejects)
Hmm that could be interesting... but I think it'll still be many macs and no info about whom they belong too.... useful for a wall of shame perhaps?