I've got ACS currently authenticating wireless users - using EAP-MSCHAPv2. There are a large number of failures being reported as:
However there does not appear to be any impact to the users as they appear to be authenticating normally shortly after any of these errors.
At this point it's more of an inconvenience but I'd like to see if I can't resolve the issue. The error says to contact TAC but we don't have a support contract for ACS at this time.
Any help is appreciated.
Here is an example:
|Sep 4,12 11:49:46.113 AM|
Sep 4,12 11:49:46.093 AM
|Sep 4,12 11:49:03.910 AM|
Sep 4,12 11:49:03.890 AM
|10-40-f3-ab-f5-ca||PEAP||172.16.131.100||co-srvr-acs||5411 EAP session timed out|
First of all I would suggest you to make sure that WLC have radius timeout set to 10 secs from default 2 secs and see if that makes any difference.
Do rate helpful posts
That has helped a bit, it seems there are fewer of those messages but there are still quite a few EAP session timed out being recorded.