John, The bottom line is: How much effort do you want to spend to address this? On the time intensive end, these "forgotten devices" are likely to not move much and should be able to be physically found. In the middle effort level, you probably could blacklist the MAC address to fail the connection before an authentication attempt occurs. On the easiest end, your authentication server(s) sound like they're keeping the devices off of your wireless, even though they're cluttering your logs. Thanks, Brad
-----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of John Kristoff Sent: Wednesday, July 18, 2018 9:38 AM To: [email protected] Subject: [WIRELESS-LAN] Locating forgotten WiFi auth enabled systems Friends, Over time there is some non-negligible number of devices and systems that attempt to connect and authenticate to an institution's WiFi network. Many of these seem to be from devices or systems that had been configured with a former employee, student, or affiliated user's credentials that are no longer valid if they ever were. Some of these forgotten clients might try to authenticate thousands of times a day. While they may not cause a significant operational problems hammering away, it would be nice to keep the airspace and auth logs as clean as possible. I've perused a couple of odd solutions that purport to do some form of triangulation, but before I dig too far done this road I thought I'd issue a query here. What do you do or do you recommend to locate and eradicate poorly managed and inspid WiFi clients? Thank you, John ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
