09-04-2012 11:24 AM - edited 03-10-2019 07:29 PM
I've got ACS currently authenticating wireless users - using EAP-MSCHAPv2. There are a large number of failures being reported as:
| ||
|
However there does not appear to be any impact to the users as they appear to be authenticating normally shortly after any of these errors.
At this point it's more of an inconvenience but I'd like to see if I can't resolve the issue. The error says to contact TAC but we don't have a support contract for ACS at this time.
Any help is appreciated.
09-04-2012 11:32 AM
Here is an example:
Sep 4,12 11:49:46.113 AM | Sep 4,12 11:49:46.093 AM | 10-40-f3-ab-f5-ca | PEAP (EAP-MSCHAPv2) | 172.16.131.100 | co-srvr-acs | |||||||||
Sep 4,12 11:49:03.910 AM | Sep 4,12 11:49:03.890 AM | 10-40-f3-ab-f5-ca | PEAP | 172.16.131.100 | co-srvr-acs | 5411 EAP session timed out |
09-04-2012 11:35 AM
First of all I would suggest you to make sure that WLC have radius timeout set to 10 secs from default 2 secs and see if that makes any difference.
Regards,
~JG
Do rate helpful posts
09-04-2012 11:53 AM
Ah I forgot about that pesky 2 second timeout in the WLC. Thanks, I'll definitely try that and monitor the ACS.
Thanks!
09-05-2012 02:57 PM
That has helped a bit, it seems there are fewer of those messages but there are still quite a few EAP session timed out being recorded.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide