05-28-2014 08:25 AM
We will be rolling out enforce DHCP for all AAA profiles, but I have questions about monitoring. It seems that 2 log messages are associated with packets being dropped because IP was not obtained through DHCP:
May 28 10:11:05 authmgr: <522026> <INFO> |authmgr| MAC="MAC" IP="IP" User miss: ingress=0x1001c, VLAN=598 flags=0x40
May 27 15:04:44 authmgr: <522141> <DBUG> |authmgr| "MAC" IP "IP": drop pkt as ip not assigned through dhcp.
Where "MAC" and "IP" are placeholders for legitimate values.
In order to produce the debug mssg I have to enable “logging level debugging user process authmgr” which includes many additional mssgs not require in our environment. Both logs create a line for each dropped packet - excessive for our needs.
Is there a way to monitor or flag clients which are in violation of the enforce DHCP policy without creating thousands of log mssgs? Is there a suppressible trigger in AirWave?
05-29-2014 08:18 AM
logging level debugging user process dhcpd
logging level debugging network subcat dhcp
maybe these can help.
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]