Hello, randomly i can't access my vWLC by WebUI and also all clients on Dot.1x losing connection and can't re-authenticate. Non dot1x clients staying with network. This problem appears with low and high utilization in network at any time. I can access my vWLC by ssh on management port when service port down.
I have couple of errors from syslog: Message: *Dot1x_NW_MsgTask_0: Feb 28 10:41:18.230: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:451 Invalid replay counter from client xx:xx:xx:xx:xx - got 00 00 00 00 00 00 00 03, expected 00 00 00 00 00 00 00 04
Message: *Dot1x_NW_MsgTask_1: Feb 28 10:40:13.929: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:477 Authentication Aborted for client xx:xx:xx:xx:xx Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
Message: *spamApTask4: Feb 28 10:36:20.554: %LWAPP-3-REPLAY_ERR: spam_lrad.c:42155 The system has received replay error on slot 0, WLAN ID 1, count 1 from AP xx:xx:xx:xx:xx
Right now i don't have syslog from end to end when disconnects happens. I'm trying to collect it.
I can't find reason why service port going down. I did not configure this system so i think maybe is there issue between Cisco ISE and vWLC, where ISE somehow disables interface on vWLC?. SNMP not enabled.
When i google this i found that when somebody writes sh port summary there's at least 2 interfaces showing. I have only one : STP Admin Physical Physical Link Link Pr Type Stat Mode Mode Status Status Trap POE -- ------- ---- ------- ---------- ---------- ------ ------- --------- 1 Normal Forw Enable Auto 1000 Full Up Enable N/A
Another question: In ISE wlc configured with Service port is it right or need to be management?
Configuration vWLC 126.96.36.199 ISE 188.8.131.520 16 AP
Sorry for errors in text. I will be glad to any answer.
My report tells you the experimental results of the performance of Cisco ClientLink supported on Cisco Aironet access points. You can remember the great performance of ClientLink forever.I have learned that new access points for IEEE802.11ax are Cisco ...
Join us live on Tuesday, March 3 at 10:00 am PT (and on demand after) to learn about how Wi-Fi 6 and 5G will change the wireless landscape in the enterprise? We'll be talking to Cisco's wireless CTO, Matt MacPherson, who will dive into each of t...
Join us live on Tuesday, March 3 at 10:00 am PT (and on demand after) to learn about how Wi-Fi 6 and 5G will change the wireless landscape in the enterprise? We'll be talking to Cisco's wireless CTO, Matt MacPherson, who will dive into each of these techn...
SymptomsWe deploy an SSO pair of 5520's in our DC and DR sites running 184.108.40.206 code.Our Enterprise WLAN had been somewhat reliable until several months back. Suddenly users began creating service tickets complaining that one or sometimes both...