I have a case started with Support, but am curious if anyone else has observed this. We have experienced random issues where clients are associating with an AP, but go nowhere after connecting (primarily chromebooks). A reboot of the AP remedies the issue. During one such period I captured some logs and see that while this is happening the AP is handling a ton of CAPWAP events related to MAC authentication. For example:
CAPWAP receive kevent AH_KEVENT_ITK_NOTIFY, eventid = 15, size = 369
CM2.0 detect problem(station=c8bc:c8c0:6bdf, problem id=0x00000001(denied-by-ACL), interface=wifi0.2(ifidx=17), count=2234)
The log is basically dominated by these.
My interpretation is that a client (in this case, primarily Apple computers) is being denied access to an interface we have set up to use MAC authentication. Because that client's MAC is not listed on the NPS controlling access it is rejected. This is all correct and what I would expect. What I am wondering is why so many... and if this is, in fact, why the AP is basically seizing up.
AP 230 running HiveOS 10.0r5
