Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2072
Views
8
Helpful
12
Replies

join ssid failed at first several minites

cco leadstarmcd
Visitor

‎12-26-2024 11:18 PM

we have 2 wlc, 9800 & 3504.

a wlan is deployed with same configuation from both wlc to 2 buildings.

wlan using 802.1x authentication by same nac.

user move from building a to b will suffer wifi connection failure at first several minutes.

nac got no authentication request  at this time.

wifi connection will restore automatically by waiting.

or

disable wlan nic and reenable.

user move from b to a will get the same problem.

any one encounter this problem??

and how to fix?

 

 

 

Labels:
12 Replies 12

cco leadstarmcd
Visitor
In response to MHM Cisco World

‎12-26-2024 11:44 PM

no,we do not use IRMC.

reconnect in 1-2 minute after user moving to other building is acceptable.

that is what I want.

roaming from one wlc to another is final solution if  there is no other way.

Thanks.

MHM Cisco World
VIP
VIP
In response to cco leadstarmcd

‎12-27-2024 04:55 AM

Same SSID in both buildings this will make clients not ask re-auth.

Either use different SSID or use IRMC

MHM

cco leadstarmcd
Visitor
In response to MHM Cisco World

‎12-30-2024 06:05 PM

just curious, what cause win 10 to wait a few minutes to make successful wifi connection?

After user walk out building A, the wifi connection is completely broken. The ssid even disappeared in wlan list.

so, after user walkin in building B, SSID reappeared, shouldnt win10 start full authentication process instead of re-auth?

 

 

0 Helpful

Flavio Miranda
VIP
VIP

‎12-27-2024 04:51 AM

@cco leadstarmcd 

This is not a good scenario for wifi but you can try a few actions. Of  course the best scenario is integrate both WLC in the same RF group but, if you can not do that at the moment, you can try this.

 Your problem is probably related to stick cilent problem. The client tries to remain connected to the previous network as much as it can. Clients avoid roaming at all cost.

First, make sure the cell overlaping on the transition area is appropriate.  then you can improve this by keeping the driver up to date and configure the roaming sensitivity on the client´s network adapter to at leat medium.

 On the WLC,  use optimized roaming and RX-SOP on the APs at the border between two WLC. This feature can help on the process of diconnecting the AP from one SSID and reconnecting to the other.

You can also make tests with the feature "DHCP Addr. Assignment Required" to force client renew theis IP address on the transtition.

All this feature need to be tested first and used with caution.

cco leadstarmcd
Visitor
In response to Flavio Miranda

‎12-30-2024 06:13 PM

9800 is recently deployed and 3504 is critical to daily operation.

so, I can not find time windows to test IRMC.

Can not figure out why network architecture staff need another WLC? even 3504 is capable to do the same job?

thank for advise.

0 Helpful

Rich R
VIP
VIP

‎12-29-2024 04:39 PM

As per the previous comments and:
Run client debug (3504) or radioactive trace (9800) on the client MAC address to understand exactly what is happening when the client tries to roam.

------------------------------
Please click Helpful if this post helped you and Accept as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
Field Notice: FN74383 APs Running 17.12.4/5/6/6a May Run Out of Flash Space Preventing Upgrades
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful

cco leadstarmcd
Visitor
In response to Rich R

‎12-30-2024 06:14 PM

thanks for reply.

I will make a radioactive trace.

0 Helpful

Rich R
VIP
VIP
In response to cco leadstarmcd

‎12-31-2024 01:00 AM

You can also use netsh wlan show wlanreport to get the Windows point of view of what is happening.
See https://support.microsoft.com/en-us/windows/analyze-the-wireless-network-report-76da0daa-1db2-6049-d154-7bb679eb03ed for more info.

It should go without saying that you should also make sure that the Windows network drivers are 100% up to date because the older Intel drivers (especially but also applies to eg RealTek) had known serious bugs:
https://www.intel.com/content/www/us/en/download/19351/intel-wireless-wi-fi-drivers-for-windows-10-and-windows-11.html

------------------------------
Please click Helpful if this post helped you and Accept as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
Field Notice: FN74383 APs Running 17.12.4/5/6/6a May Run Out of Flash Space Preventing Upgrades
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390

Scott Fella
Hall of Fame
Hall of Fame

‎12-30-2024 03:28 PM

I have to chime in on this.. I use to work at an organization that didn't have roaming enabled and for some odd reason didn't want to.  This caused very poor experience to the end users and really is a poor design/requirement.  There should be no issues setting up IRMC between the two and something you should test, so that you and others can compare the experience.  Like what was also mentioned previously, lower your TX power on AP's that are allowing this roam, which can force a full re-auth, but still roaming and TX power is preferred. Especially if people are on calls or meeting when they are walking from building to building... that will really give the network a bad name.

-Scott
*** Please rate helpful posts ***

cco leadstarmcd
Visitor
In response to Scott Fella

‎12-30-2024 06:19 PM

No roaming at all???

There is a old saying in China: Make decisions by BUTT

0 Helpful

JPavonM
VIP Alumni
VIP Alumni

‎01-01-2025 10:59 PM

That seems to me like a Windows issue. Endpoint behaviour could be out of logic, specially Windows, and what you think it could be doing may be not happening.

If you say that after enetering bulding B Windows does not start connection in the previous minutes, then the good point to start is to collect a trace in Windows, collect a radioactive trace in the WLC, analyze them and compare.

For Windows you can use the below command:

netsh wlan set tracing mode=yes
===> REPRODUCE THE ISSUE AND WAIT FOR THE ERROR
netsh wlan set tracing mode=no

... and then analyze the trace with Microsoft Network Monitor and use these filters there:

  1. Enable Windows parser under "Tools>Parser Profiles>Select Windows" and press "Set As Active"
  2. Open the .etl Capture file.
  3. Use this filter under "Display Filter" panel WLAN_MicrosoftWindowsWLANAutoConfig and click on "Apply".
  4. Use these filters to troubleshoot authentication issues in-deep:or EAPOL or DHCP or N802_MicrosoftWindowsNWiFi or ONEX_MicrosoftWindowsOneX or ExAuthen_MicrosoftWindowsEapHost
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card