Sudden loss of network connectivity for Macbook pro client associated with WLC 2504 controlled 1140 ...

Sam Brynes · ‎07-24-2019

I have a Cisco WLC 2504 with a joined Aironet 1140 LWAPP in FlexConnect mode with a few SSIDs broadcasting on both radios. These SSIDs use WPA2-PSK and WPA2-802.1x on different SSIDs.

I'm troubleshooting an issue on a Macbook pro (made in 2015) where it loses all network connectivity all of a sudden. This SSID uses WPA2-802.1x. I have adaptive 802.11r and the "vanilla" 802.11k neighbor list (not cross-band type) enabled. 802.11v is also enabled. PMF 802.11w is set as optional. 802.1x and CCKM are the only authentiation and key mechanisms enabled.

I'm running a trial of Omnipeek on a Windows computer right next to my Macbook pro and have it tuned to the correct channel so that I can passively see the packets going between the access point and the Macbook pro. I see the normal packets - CTS / RTS / 802.11 encrypted data / block acknowledgement during the outage period. Also, none of the packets show a CRC error during the outage period, so I don't think it's an RF interference issue.

I also checked our Microsoft NPS server for denies on the 802.1x user and didn't see any.

I also enabled a "debug dot11 client-event all enable" and "debug client xx:xx:xx:xx:xx:xx" on the WLC and don't see any any debugs during the outage time.

The Cisco WLC shows the client connected (under the summary page, clients) during the entire time of the outage.

I'm pretty new to the Cisco 2504 WLC (or any WLC) and was thinking that maybe the outage could be caused somehow by the radio resource management (RRM)? Maybe the WLC is doing a scan to find the optimal channel and that might be causing the outages?

I'm looking for advice to see if there are any other places I should enable debugging on, or if there are any other places I should check for logs?

This has also happened on a Windows 10 client, although I haven't done as much troubleshooting with it as the Mac client.

rilpache · ‎07-24-2019

What version of code are you running on the 2504?

ETA: I had a similar issue but it was on my MacBook only, it did not happen happen on a windows machine.

Sam Brynes · ‎08-01-2019

I'm running 8.3.150.0 on the WLC. The "Field Recovery Image Version" is 7.6.101.1. I have the session timeout set to 300 seconds for testing.

Edit: During the time that I don't have network connectivity, the Mac will think it's connected as evidenced by the Wi-Fi signal icon with all bars in the top notification near the clock. Looking at the "debug client" WLC logs, the next 802.1x re-auth event restores network connectivity to the Mac.

Rasika Nayanajith · ‎08-01-2019

Would you be able to create a test SSID (with Open Auth) & see that SSID also experience issue once you see this behavior on corp SSID ?

HTH

Rasika

Sam Brynes · ‎08-01-2019

Sure, I can do that. Maybe I should do a test SSID with open auth and PSK? Or do you still suggest an 802.1x, and maybe a WLAN with all default settings in case some roaming standard is causing the issue?

Rasika Nayanajith · ‎08-01-2019

I would go with Open Auth first, in that way if you see the problem on that too, it is indicating radio level or software issue (not limited to a SSID).

If you do not notice issue on Open SSID, then I change that test SSID to use 802.1X with default settings (without any advanced settings, CCKM,adaptive roaming,etc)

HTH

Rasika

Sudden loss of network connectivity for Macbook pro client associated with WLC 2504 controlled 1140 on 802.1x WLAN