Symptom
A client attempting to connect to a wireless network sends an ARP request for the IP address of an existing wireless client. A SISF event occurs and the onboarding client is flagged for IP theft, then deleted
Conditions
Any wireless network, seen with a policy configured for DHCP required and IP MAC binding. A client device attempts to connect and ARPs for what is likely a previously held address. Another wireless must currently hold the IP address the onboarding client is sending the ARP out for
Workaround
The client will eventually clear out and not ARP for the previous IP.
Disabling exclusion for IP theft events will stop the client from being excluded, however, the client will still be disconnected, and need to reconnect.
Further Problem Description
Frequently seen with randomized MAC addresses but unsure if it's causal or only correlative
