Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1414
Views
0
Helpful
1
Replies

Client disconnects with ARP and EAPOL errors

jamie_5th
Level 1
Level 1

‎01-20-2010 12:47 PM - edited ‎07-03-2021 06:26 PM

Hi all,

We recently deployed a new WLAN (1242G APs and a 4402 controller) after performing a site survey in a somewhat challenging environment (a large theatre venue with surrounding offices on several different floors).  The site survey and AP placement/network design was done by a CCNA contractor, and all appeared to be working well at the time.

We are now having issues with laptop clients and barcode scanner clients disassociating from the network at intermittant times.  This appears to be happening on many of the 22 APs in different areas and floors of the buildings, if not most.  We are spread out between 5 different floors.

These are the errors I'm seeing intermittantly (though pretty steadily) in the controller log:

15:23:49.701 1x_ptsm.c:404 DOT1X-3-MAX_EAPOL_KEY_RETRANS: Max EAPOL-key M1 retransmissions exceeded for client

Jan 05 11:35:06.159 dtl_net.c:1343 DTL-1-ARP_POISON_DETECTED: STA [00:23:xx:xx:xx:xx, 0.0.0.0] ARP (op 1) received with invalid SPA 172.x.x.x/TPA 172.x.x.x

Jan 12 11:20:44.492 spam_lrad.c:21988 LWAPP-4-SIG_INFO1: Signature information; AP 00:24:xx:xx:xx:xx, alarm ON, standard sig Auth flood, track per-Macprecedence 5, hits 30, slot 0, channel 6, most offending MAC 00:12:xx:xx:xx

I've seen the error code explanation in the Cisco docs for the ARP_POISON error.  For security reasons, we need to require DHCP.  It does appear that clients eventually do re-DHCP after a delay.  So like the documentation notes, perhaps we can ignore this particular error.  In that case, I'm guessing this error is more of a symptom (ie, it happens after and because of a client disconnection), and we need to find the root cause of why clients are disconnecting.

As far as the MAX_EAPOL_KEY_RETRANS error - what would cause a client not respond to an EAPOL-key message?

I'm thinking about purchasing the Cisco Spectrum Expert equipment, as I'm concerned interference may be a possible cause.  So my questions would be:

1) Could something like this be caused by interference, or should we look elsewhere?

2) What is the learning curve in general for Cisco Spectrum Expert, for a Systems Admin with basic wireless knowledge?

Thanks,

Jamie

Labels:
0 Helpful
1 Reply 1

jamie_5th
Level 1
Level 1

‎01-26-2010 04:28 PM

All,

Any general ideas on which direction to take in terms of troubleshooting this?

Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card