I have an office with Cisco 3702i AP's. I am getting a lot of messages in my logs showing that some of my AP's are being contained. I have got a wireshark capture of the deauth packets. Can someone please help me identify anything I can about the source? I captured the traffic by putting one of my AP's in sniffer mode and dump it to wireshark.
The MAC address of the sniffer AP is f4:4e:05:12:c0:28