I'm troubleshooting an issue where a Macbook client loses all connectivity suddenly even though the Wi-Fi icon shows it's still connected.
An Omnipeek capture still shows 802.11 frames between the Macbook and the AP during the period of the connectivity loss. I suspect that the connection fails after an 802.1x timeout re-auth "event" because if I disable the session timeout on the WLAN, the problem goes away, but I still need to get some proof. When I have the session timeout enabled, the connectivity drops, the client waits another re-auth period and the connectivity comes back. I have SKC on the WLAN disabled (not sure if that means that PKC / OKC is also disabled or not).
I was thinking that maybe the issue is occurring because the EAP parameters might need to be fine tuned. I see the following EAP Parameters in the WLAN settings under Security > AAA Servers:
EAPOL Key timeout
EAPOL Key Retries
Identity Request Timeout
Identity Request Retries
Request Timeout
Request Retries
Is there a Cisco WLC show command to see counters for how often each of these EAP timeouts and retries have happened? I did a debug client command, but I haven't seen any dot1x EAP timeouts or retry messages (yet).
