Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4326
Views
0
Helpful
5
Replies

5440 Endpoint abandoned EAP session and started new,

Prkalavadia
Level 1
Level 1

‎02-13-2020 07:46 AM - edited ‎07-05-2021 11:42 AM

Hi 

When I roam from one floor to another with my Staff Device while connected to Staff WiFi I am facing this issue.

Each floor access switch is configured different VLAN for STAFF WiFi , So when I roam from one floor to another I get different IP address from the VLAN subnet for that particular floor .

Well THE PROBLEM is when some users go to different floor they are not getting new IP address and getting error ( No internet connection ).

Couple of time users need to tern off and on WiFi on the device they after few minutes they get WiFi connection and new IP address.

 

While I checked log for that device on the Cisco ISE, I can see error as below.

WLC is Cisco 5520

AP is AIR-CAP2702I-E-K9

 

Please can some one advise how to solve this issue 

 

""""Authentication Details
Policy Server LNZELSIME0-ISE-01
Event               :5440 Endpoint abandoned EAP session and started new
Failure Reason :5440 Endpoint abandoned EAP session and started new
Resolution        :Verify known NAD or supplicant issues and published bugs. Verify NAD and supplicant configuration.
Root cause       :Endpoint started new authentication while previous is still in progress. Most probable that supplicant on that endpoint stopped conducting the previous authentication and started the new one. Closing the previous authentication.""""

 

 

Many thanks,

 

1 person had this problem
Labels:
0 Helpful
5 Replies 5

Scott Fella
Hall of Fame
Hall of Fame

‎02-13-2020 08:25 AM

So I’m assuming that your AP’s are on FlexConnect? Because FlexConnect doesn’t support L3 roaming. If your AP’s are local mode, that means all traffic come back to the wlc and users would roam between L3 subnet. Seems like maybe the design and implementation was not done properly. Don’t know unless you provide more info.
-Scott
*** Please rate helpful posts ***
0 Helpful

Prkalavadia
Level 1
Level 1
In response to Scott Fella

‎02-14-2020 06:19 AM

Hi Scott
Yes APs are on FlexConnect,
Each floor and remote sites are on different FlexConnect group
Issue is only for SSID STAFF while SSID PUBLIC is fine.
STAFF is only for Company devices.
Users automatic connected to STAFF WiFi through certificate installed on the device and get authenticated from ISE.
I believe , while roaming from one floor to another Device go through re authentication process. While current session is already going on.
0 Helpful

Prkalavadia
Level 1
Level 1
In response to Scott Fella

‎02-18-2020 02:51 AM

Hi Scott,
Does it help or you need more information?
Many thanks,
0 Helpful

lecabral
Level 1
Level 1

‎02-18-2020 03:42 AM

Hi Prkalavadia,

Which is the software version in  your WLC?

 

Regards,

LeoC

0 Helpful

Prkalavadia
Level 1
Level 1
In response to lecabral

‎02-18-2020 03:54 AM

Hi LeoC

Software version is 8.2.141.0

Thanks,
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card