About 18 months ago we had a Cisco TAC enable it while troubleshooting another problem. It caused thousands of alerts to be generated, and we had problems with the WLC's quarantining AP's that were associated with another controller. What was generating all of the alerts was a bug that is supposed to be fixed in 7.0. It has to do with 2 ap's being in an ap group but on different controllers. The groups have a different id on the controllers and this will generate an alert. How the groups get different id's and a different SSID order when configs are pushed out using templates is very frustrating, and why that makes a difference is beyond me.
Thank you, Lee Weers Central College Assistant Director for Network Services 641-628-7675 Vcard https://www.mcpvirtualbusinesscard.com/VBCServer/LeeWeers/interactivecard Vprofile https://www.mcpvirtualbusinesscard.com/VBCServer/LeeWeers/profile -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Dennis Xu Sent: Friday, May 28, 2010 9:45 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Management Frame Protection Just wondering what are people's MFP experiences after enabling it on Cisco WLCs. How well does it work? Any issues caused by enabling this? Do you get a lots of MFP alerts? As I understand, the infrastructure MFP can only detect and report intrusions but cannot stop them. So what are your action plans after receiving the MFP alerts? Thanks! Dennis Xu Network Analyst Computing and Communication Services University of Guelph 5198244120 x 56217 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.