01-23-2014 03:48 AM - edited 07-05-2021 12:02 AM
Hi there,
is there anyone using the Controller IOS 7.4.121.0 on WLC 5508 noticing any traffic issues?
We have clients (not all), that are connected to the wireless network, are not able to pass traffic after a while.
The clients stay connected, you are able to see them on the wlc client-list, you can also run a link-test, but they are unable to communicate with network.
You also cannot ping the client from anywhere (also wlc). After they disable/enable WLAN, the clients are able to communicate again for a while.
Clients I found with this issue: HTC One, Galaxy S4 Active, severall Notebooks
After I rollback to version 7.4.110.0 on one set of our controllers the issue is away for clients connected to them.
SSID Config:
WLAN Identifier.................................. 1
Profile Name..................................... Guests
Network Name (SSID).............................. Guests
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Enabled
Network Admission Control
Client Profiling Status ....................... Enabled
DHCP ......................................... Disabled
HTTP ......................................... Enabled
Radius-NAC State............................... Enabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 11
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 86400 seconds
User Idle Timeout................................ 300 seconds
--More-- or (q)uit
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... Controller1
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ Inet
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Disabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
PMIPv6 Mobility Type............................. none
Quality of Service............................... Bronze
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Drop
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 4
DTIM period for 802.11b radio.................... 4
Radius Servers
Authentication................................ xxx.xxx.xxx.xxx 1812
Authentication................................ xxx.xxx.xxx.xxx 1812
Accounting.................................... xxx.xxx.xxx.xxx 1813
Accounting.................................... xxx.xxx.xxx.xxx 1813
Interim Update............................. 600 Seconds
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Enabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Enabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Disabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Enabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Optional
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Enabled
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Disabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
------- --------------- ------
1 local Up
802.11u........................................ Disabled
MSAP Services.................................. Disabled
CCNP R&S
01-23-2014 04:31 AM
Are you anchoring this SSID? I see that it's anchored to itself which is required when you anchor an SSID.
Sent from Cisco Technical Support iPhone App
01-23-2014 04:33 AM
Hi,
yes the SSIDs are anchored local.
CCNP R&S
01-23-2014 04:41 AM
So you have another WLC you are anchoring the SSID to this WLC you just posted. Just making sure. Post your show WLAN
Sent from Cisco Technical Support iPhone App
01-23-2014 04:49 AM
Sorry there is no foreign controller.
Client -->Wireless --> AP------> Switch---->WLC (Anchor set to itself/local)--->Interface
CCNP R&S
01-23-2014 05:01 AM
You should remove that as you should have that set. also remove the following and test:
CCKM.................................... Enabled
PMF-1X(802.11w)......................... Enabled
Set the DTIM to 2
Test with these changes and see if it helps.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
01-30-2014 11:39 PM
I build a small lab. It is regardless to disable CCKM, PMF or Anchor. The problem happens to Windows XP Clients (no Win 7 yet) and Access Points in FlexConnect Mode.
The first connect is stable. If you shortly disable the wlan adapter and reenable it, the client is connected to the wireless network but you cannot transmit any data. But Link test works :-)
After a rollback to 7.4.110.0 you can disable/enable the wireless adapter as many times as you want.
CCNP R&S
01-31-2014 04:47 AM
There was an issue with v7.4.121.0 if your device requires an IP too fast. Maybe your hitting that bug. If so, open a TAC case and they have a special release that fixes that.
Sent from Cisco Technical Support iPhone App
01-31-2014 10:23 AM
Do you have a bugid for this?
01-31-2014 02:56 PM
This is what we ran into: Bug ID is CSCuh72474 and the engineer special is 7.4.110.23
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
01-31-2014 03:32 PM
Thank you
02-01-2014 07:33 AM
No problem... this is what we were running into, but may or might not be what your hitting. We have also seen layer 2 connectivity loss with v7.4.110.0 on this customer and the fix was the TAC release. I have other customers on both v7.4.110.0 and v7.4.121.0 that are not having issues.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
06-16-2014 02:07 AM
I want to give you a short feedback.
The issue is related to NAC-State, because it is not support with FlexConnect and local Switching.
I do not know why there is no issue with 7.4.110.0, but in 7.4.121.0 it is disruptive for clients. Staying connected but can not transmit/receive any data.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: