User's Manual
Security: Upstream AP is using an untrusted auth server
Installation and User Guide: Airgo Access Point 303
E
xamp
l
es
For device-id AP_00-0A-F5-00-01-89 , the STA 00:0a:f5:00:05:f0 [0] on radio 0
with user paul and SSID NewYorkRm did not complete its auth sequence in time
with auth-type 4 and enc-type 6 due to reason code 6
S
ee
Al
so
EAP User-ID timeout, EAP Response Timeout
Security: Upstream AP is using an untrusted auth server
Notification that indicates the local BP has determined that the upstream AP is using an un-trusted
auth server
S
yntax
"For device-id %s, the upstream AP %s with SSID %s authenticating via local BP
radio %d is using an untrusted auth server %s with certificate SHA-1
thumbprint %s : IT MIGHT BE A ROGUE AP”
D
escr
i
p
ti
on
This notification is generated when the local BP has determined that the upstream AP is using
an untrusted auth server.
U
sage
G
u
id
e
li
nes
This indicates that the local BP has determined the upstream AP is using an un-trusted auth
server. This may indicate that the upstream AP is a rogue AP. It is safe to say that the upstream
AP and the downstream AP are not enrolled in the same network. If the downstream AP was
previously enrolled elsewhere, then reset it and re-enroll it in the new network.
E
xamp
l
es
For device-id AP_00-0A-F5-00-01-89 , the upstream AP 00:0a:f5:00:06:22 with
SSID NewYorkRm authenticating via local BP radio 0 is using an untrusted auth
server 00:0a:f5:00:01:45 with certificate SHA-1 thumbprint
98:72:a8:6d:56:f8:92:a8:f3:97:ec:3f:fa:0b:66:4e : IT MIGHT BE A ROGUE AP
Alarm Parameters
DeviceId The device ID of the AP
AP The MAC address of the upstream AP
SSID SSID on the AP to which the station has associated
Radio Radio interface on the AP
Node The device ID (X.509 Certificate CN) of the entity used by the
upstream AP as an auth server
Thumbprint The SHA-1 thumbprint of the certificate for this purported portal
Alarm Severity
Severity Critical