I have had some clients complaining (laptop users) about being dropped from the WiFi and this appears to correlate with the events in the WLC log for DOT1X-4-MAX_EAPOL_KEY_RETRANS for those clients.
Drops are more frequent when the network and neighbours networks are under load during the day.
What would your advice be on tuning this? I based my settings off a guide found here:
The way I interpret this is that the settings present a bit of a tradeoff between the risk of being dropped and the time it takes to get back in if you are dropped.
We have a WLC 2500 with 2700 APs running 220.127.116.11.
Below are the current settings that we have set:
Edit: Table did not paste correctly
Local Auth Active Timeout1 (in secs) "300"
Identity Request Timeout (in secs) "5"
Identity request Max Retries "12"
Dynamic WEP Key Index "0"
Request Timeout (in secs) "30"
Request Max Retries "2"
Max-Login Ignore Identity Response "enable"
APOL-Key Timeout (in milliSeconds) "1000"
EAPOL-Key Max Retries "2"
EAP-Broadcast Key Interval(in secs) "3600"
Solved! Go to Solution.
I wouldn't upgrade to v8.0.x, but that's me. Look at optimizing your wireless to be honest and know of what client devices have issues, because there is only so much you can do to help with stability. The fix would be by the manufacture of the NIC drivers.
Identity Request Timeout of 30 seconds is default and we also experienced the drop problem when running that. We also had retry of 2 the default then.
Since laptops are what I'm getting most reports of dropping I would assume that the drop is not due to slow response and that timeout shouldn't be a factor in such a situation and I would assume that it happens as a consequence of interference? We're in a pretty crowded and central spot.
I don't think it's your timers. You can look at the stats on the WLC for the radius and if you see low milliseconds and not a lot of retries, then it's not that. Understanding what is really happening is the key. Going to the area where the complaints are and seeing it for yourself eliminates users providing you with bad info. Can it be interference from other wireless, sure it can, but you need to make sure that's the issue and not your WLAN configuration.