I ran into a bug today with an wireless controller of Meru. The customer had an wireless network with 802.1x authentication with reauthentication.
Within the access tracker i saw a lot of rejects from this controller.
Radius:IETF:Connect-Info CONNECT Unknown Radio
Radius:IETF:NAS-IP-Address %IP% from meru controller
Radius:IETF:User-Name %mac same as Calling station ID%
After a while i figured out that in the security profile both " MAC Auth Primary RADIUS Profile Name " and " MAC Auth Secondary RADIUS Profile Name " where filled in.
"MAC Filtering" was configured as off, so if i wanted to change this i needed to put is on and change it to no radius and set it back to off. The Meru controller did nothing with this change.
Trough the cli i tried it also with the following commands under the security profile:
no mac-filter-radius-server primary
no mac-filter-radius-server secondary
But when you exit you receive the following error:
Error:Acl Environment state and MAC Primary and Secondary Radius Profile valid only if mac filtering is on
So i created a new security profile and set it to the ESS of the network with the issue and the problem of the rejects disappeared.
PS: After applying the new security profile every client needs the re-authenticate.