cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7374
Views
5
Helpful
4
Replies

ACS 5.3 - 5411 EAP session timed out

rcoote5902_2
Level 2
Level 2

I've got ACS currently authenticating wireless users - using EAP-MSCHAPv2.  There are a large number of failures being reported as:

5411 EAP  session timed out

Description

This may be  due to EAP misconfiguration on ACS or Network  Device.

Resolution Steps

Please  contact TAC.

However there does not appear to be any impact to the users as they appear to be authenticating normally shortly after any of these errors.

At this point it's more of an inconvenience but I'd like to see if I can't resolve the issue.  The error says to contact TAC but we don't have a support contract for ACS at this time.

Any help is appreciated.

4 Replies 4

rcoote5902_2
Level 2
Level 2

Here is an example:

Sep 4,12 11:49:46.113 AM

Sep 4,12 11:49:46.093 AM


10-40-f3-ab-f5-ca
Domain Wireless
PEAP (EAP-MSCHAPv2)
co-srvr-wlc01
172.16.131.100

co-srvr-acs
Sep 4,12 11:49:03.910 AM

Sep 4,12 11:49:03.890 AM


10-40-f3-ab-f5-ca
Domain Wireless
PEAP
172.16.131.100

co-srvr-acs 5411 EAP session timed out

Jagdeep Gambhir
Level 10
Level 10

First of all I would suggest you to make sure that WLC have radius timeout set to 10 secs from default 2 secs and see if that makes any difference.

Regards,

~JG

Do rate helpful posts

Ah I forgot about that pesky 2 second timeout in the WLC.  Thanks, I'll definitely try that and monitor the ACS.

Thanks!

That has helped a bit, it seems there are fewer of those messages but there are still quite a few EAP session timed out being recorded.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: