- Cisco Community
- Technology and Support
- Networking
- Wireless
- %DOT1X-3-MAX_EAPOL_KEY_RETRANS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
%DOT1X-3-MAX_EAPOL_KEY_RETRANS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2016 05:39 PM - edited 07-05-2021 05:56 AM
I have a small wireless network that I am using for learning. Single controller and AP. One of my users is complaining that her phone keeps dropping the connection. The timing seems to match %DOT1X-3-MAX_EAPOL_KEY_RETRANS log. The confusing thing to me is that my understanding is that this message indicated that the issue is with EAP. I'm currently only using PSK. Any suggestions?
*dot1xMsgTask: Oct 09 00:17:31.951: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 23:48:29.551: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e0:b5:2d:c0:0a:cc
*dot1xMsgTask: Oct 08 23:26:31.766: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*spamReceiveTask: Oct 08 21:58:46.990: %LWAPP-3-REPLAY_ERR: spam_lrad.c:25502 Received replay error on slot 1, WLAN ID 1, count 1 from AP 6c:50:4d:7c:af:a0
*dot1xMsgTask: Oct 08 20:55:27.766: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 17:59:34.965: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client ac:5f:3e:53:8c:6f
*dot1xMsgTask: Oct 08 17:54:11.965: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 17:43:51.365: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client cc:3a:61:13:a8:1b
*dot1xMsgTask: Oct 08 16:53:43.357: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*spamReceiveTask: Oct 08 16:30:46.689: %LWAPP-3-REPLAY_ERR: spam_lrad.c:25502 Received replay error on slot 0, WLAN ID 1, count 1 from AP 6c:50:4d:7c:af:a0
*dot1xMsgTask: Oct 08 16:23:26.557: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 15:42:26.356: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client f4:b7:e2:3f:d0:3e
*dot1xMsgTask: Oct 08 15:22:57.956: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 15:22:52.956: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 14:43:24.349: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client f4:b7:e2:3f:d0:3e
*dot1xMsgTask: Oct 08 14:22:24.348: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 12:42:17.339: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e0:b5:2d:c0:0a:cc
*dot1xMsgTask: Oct 08 10:42:00.728: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 09:11:20.327: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 08:41:03.527: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 08:39:26.327: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client ac:5f:3e:53:8c:6f
*dot1xMsgTask: Oct 08 08:10:46.727: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 07:40:29.919: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 07:37:32.319: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e0:b5:2d:c0:0a:cc
*dot1xMsgTask: Oct 08 07:10:13.119: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 07:10:08.119: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 06:44:11.919: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client ac:5f:3e:53:8c:6f
*dot1xMsgTask: Oct 08 06:37:45.319: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e0:b5:2d:c0:0a:cc
*dot1xMsgTask: Oct 08 05:39:27.719: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 05:36:52.319: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e0:b5:2d:c0:0a:cc
*dot1xMsgTask: Oct 08 05:09:08.919: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 03:38:22.919: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 03:08:03.504: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 08 02:37:08.703: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client e0:b5:2d:c0:0a:cc
*dot1xMsgTask: Oct 07 23:06:29.503: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 22:36:12.703: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 22:05:55.903: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 21:05:43.303: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client a4:e4:b8:76:6a:d1
*spamReceiveTask: Oct 07 19:16:45.522: %LWAPP-3-REPLAY_ERR: spam_lrad.c:25502 Received replay error on slot 0, WLAN ID 1, count 6 from AP 6c:50:4d:7c:af:a0
*dot1xMsgTask: Oct 07 18:14:41.895: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 16:13:43.287: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 13:42:39.079: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 12:38:12.279: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 11:30:23.272: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e0:b5:2d:c0:0a:cc
*dot1xMsgTask: Oct 07 11:30:23.272: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client cc:3a:61:13:a8:1b
*dot1xMsgTask: Oct 07 09:29:04.271: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 07 07:20:22.054: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 06 19:46:46.012: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 06 17:45:50.012: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 06 17:13:47.012: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 0c:60:76:61:f6:dc
*dot1xMsgTask: Oct 06 16:45:18.412: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 06 13:43:54.011: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 28:18:78:87:e4:9b
*dot1xMsgTask: Oct 06 12:18:58.210: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 28:98:7b:da:38:11
- Labels:
-
Wireless LAN Controller
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2016 07:54 PM
Hi
this issue is due when the key negotiation is failing between the wlc and the client.
On your wlc, in ssh, could you share the following output:
show wlan <id of your ssid>
show advanced eap
Thanks
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2016 08:41 PM
(Cisco Controller) >show wlan 1
WLAN Identifier.................................. 1
Profile Name..................................... Private
Network Name (SSID).............................. Private
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 10
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ tardis
Multicast Interface.............................. Not Configured
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Disabled
PSK..................................... Enabled
CCKM.................................... Disabled
FT(802.11r)............................. Disabled
FT-PSK(802.11r)......................... Disabled
FT Reassociation Timeout......................... 20
FT Over-The-Air mode............................. Enabled
FT Over-The-Ds mode.............................. Enabled
CCKM tsf Tolerance............................... 1000
CKIP ......................................... Disabled
IP Security................................... Disabled
IP Security Passthru.......................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Local Authentication................... Disabled
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Mobility Anchor List
WLAN ID IP Address Status
------- --------------- ------
(Cisco Controller) >show advanced eap
EAP-Identity-Request Timeout (seconds)........... 30
EAP-Identity-Request Max Retries................. 2
EAP Key-Index for Dynamic WEP.................... 0
EAP Max-Login Ignore Identity Response........... enable
EAP-Request Timeout (seconds).................... 30
EAP-Request Max Retries.......................... 2
EAPOL-Key Timeout (milliseconds)................. 1000
EAPOL-Key Max Retries............................ 2
EAP-Broadcast Key Interval....................... 86400
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2016 07:08 AM
Hi
ok everything seems to be fine. Could you check the device configuration itself and its driver?
could you also run a debug client in the wlc using the client MAC address?
thanks.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
