06-25-2013 03:59 AM - edited 07-04-2021 12:17 AM
I have noticed a lot of packet s are dropping in authenication process as we using certificate(third party) based autentication
Security we use L2 WPA+ WPA2 - AES - 802.X and pointing to IAS server.
*dot1xMsgTask: Jun 25 10:54:47.600: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M3 retransmissions exceeded for client 98:fc:11:e5:31:12
*dot1xMsgTask: Jun 25 10:54:44.399: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M3 retransmissions exceeded for client 98:fc:11:e5:31:12
*dot1xMsgTask: Jun 25 10:54:41.200: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M3 retransmissions exceeded for client 98:fc:11:e5:31:12
*dot1xMsgTask: Jun 25 10:54:37.995: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M3 retransmissions exceeded for client 98:fc:11:e5:31:12
*spamApTask6: Jun 25 10:54:37.242: %CAPWAP-3-DECODE_ERR: capwap_ac_sm.c:3585 Error decoding Join request from AP 00:19:aa:77:0f:30
*dot1xMsgTask: Jun 25 10:54:36.997: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M5 retransmissions exceeded for client a0:88:b4:2b:86:a4
*dot1xMsgTask: Jun 25 10:54:36.995: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M5 retransmissions exceeded for client a0:88:b4:13:6e:d0
*dot1xMsgTask: Jun 25 10:54:34.795: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M3 retransmissions exceeded for client 98:fc:11:e5:31:12
*dot1xMsgTask: Jun 25 10:54:31.595: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M3 retransmissions exceeded for client 98:fc:11:e5:31:12
*SISF BT Process: Jun 25 10:54:31.049: %SISF-3-INTERNAL: sisf_shim_utils.c:316 Internal error, 0 length
-Traceback: 10c5fc74 10c1fe6c 10c216d4 11150d14 10c2fc58 1113f884 11149b10 10c2fc58 1113f884 10c5cb40 109313c8 119cc440 11a3254c
*dot1xMsgTask: Jun 25 10:54:28.395: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:456 Max EAPOL-key M3 retransmissions exceeded for client 98:fc:11:e5:31:12
with regards,
George
06-25-2013 07:01 AM
Are you using WPA + AES along with WPA 2 + AES? You should only use either WPA + TKIP or WPA2 + AES and not both or a mix of the two. This goes for windows clients too.
Sent from Cisco Technical Support iPhone App
06-25-2013 09:00 AM
try upgrade client driver first and test again?
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide