cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
20309
Views
5
Helpful
24
Replies

LAP drops client connections

18091988n
Level 1
Level 1

Hello! we have WLC 5508 (6.0.188.0) and some converted APs   AIR-AP1141N-E-K9. Everything works fine except one moment:

1 of this converted APs is located beyond the office building, but it is still connected to our local network as if it was located within the office (there is a fiber channel between our cisco core switch and a switch, to which that 1 LAP is connected)

The trouble is that users can't have the normal wi-fi on that beyond LAP. I see few successful pings to the "associated" client then drops, again a little success, than long drops.

Logs from the WLC:

Feb 15 10:04:53 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:11:17.702: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M1 retransmissions exceeded for client xx:xx:xx:xx:xx:xx

Feb 15 10:04:57 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:11:22.104: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M1 retransmissions exceeded for client xx:xx:xx:xx:xx:xx

Feb 15 10:36:14 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:42:38.859: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:354 Invalid replay counter from client xx:xx:xx:xx:xx:xx - got 00 00 00 00 00 00 00 00, expected 00 00 00 00 00 00 00 01

Feb 15 10:37:07 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:43:32.061: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M3 retransmissions exceeded for client xx:xx:xx:xx:xx:xx

Feb 15 10:37:12 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:43:37.061: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M1 retransmissions exceeded for client xx:xx:xx:xx:xx:xx

Feb 15 10:37:16 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:43:40.888: %DOT1X-1-INVALID_WPA_KEY_STATE: 1x_eapkey.c:1638 Received EAPOL-key message while in invalid state (0) - version 1, type 3, descriptor 2, client xx:xx:xx:xx:xx:xx

Feb 15 10:37:21 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:43:45.661: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M1 retransmissions exceeded for client xx:xx:xx:xx:xx:xx

Feb 15 10:37:23 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:43:47.540: %DOT1X-1-INVALID_WPA_KEY_STATE: 1x_eapkey.c:1638 Received EAPOL-key message while in invalid state (0) - version 1, type 3, descriptor 2, client xx:xx:xx:xx:xx:xx

Feb 15 10:37:26 172.22.90.20 Wi-Fi_Controller: *Feb 15 10:43:50.461: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M1 retransmissions exceeded for client xx:xx:xx:xx:xx:xx

What could it be? Is it possible that some noises or whatever could cause it? The building with this problematic LAP is a kind of film studio...

2 Accepted Solutions

Accepted Solutions

Scott Fella
Hall of Fame
Hall of Fame

Well as long as the connection between the remote location and the location where the wlc is connected to is fine, then it can be interference. If you click on the ap from the wlc wireless tab, on the bottom of the image you can see the uptime and the join time. If these times are okay and not short, then the link is okay. Have you tried to swap an ap to see if you still have the same issue and I'm guessing that clients in the main building work fine, but when they go to the other site, they have issues on the same SSID. If you think it is interference, you might want to use a spectrum analyzer to determine that. Could be some of the lighting or various wireless devices they might use out there.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

Well... Your roaming will break if you roam from another ap and the client needs to roam to that AP. Click on the blue triangle next to the AP under Wireless then Radios 802.11bgn. You might be able to disable the radio there.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

View solution in original post

24 Replies 24

Scott Fella
Hall of Fame
Hall of Fame

Well as long as the connection between the remote location and the location where the wlc is connected to is fine, then it can be interference. If you click on the ap from the wlc wireless tab, on the bottom of the image you can see the uptime and the join time. If these times are okay and not short, then the link is okay. Have you tried to swap an ap to see if you still have the same issue and I'm guessing that clients in the main building work fine, but when they go to the other site, they have issues on the same SSID. If you think it is interference, you might want to use a spectrum analyzer to determine that. Could be some of the lighting or various wireless devices they might use out there.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

thank you much for your answer!

yes, due to your recommendations I am inclined to think that the problem is in the interference.. Although the D-link AP works fine there...

what would you advise, maybe to change in settigs to minify its influence?..

I have tried to change the channels in Wireless -- 802.11b/g/n --DCA, but it didn't seem to work... in Wireless-- Access Point -- Radios --

802.11b/g/n I still see the channel 1,6 or 11 ......

Natalia,

If you don't have any mission critical reason to stay on 6.0.x code, you might consider moving up to 7.0.x, preferably 7.0.220.0 or higher and then continue troubleshooting. If you have to stay on 6.0.x, consider upgrading to 6.0.220.0.

Another thing to consider is physical placement of the LAP. Do you have it mounted to a ceiling or wall? Is it near (within 40cm or so) sheet metal or a solid metal I-beam or other metal construction? As Scott mentioned, it is possible the AP is experiencing interference (or is interfering with itself). A best practice is to make sure that AP is mounted horizontally, typically to a ceiling or at the end of a mast extending downward from the ceiling, with the white dome facing the floor. Try to keep the AP vertically within 7m of the service area (i.e., don't mount it too high and away from where your mobile clients will be), and keep it away from hard metal surfaces.

Justin

Guys, thank you for your replies!

Justin, your advises will be useful for me in future.

We have found out that our AP is located between mobile television station and TV-cameras that broadcast on 2,4 GHz frequencies as our b/g/n  AP. As a solution we decided either to move the AP somewhere else or to change this to another one that is a/n. Hope one of these will help.

And as I was told today the D-Link AP also does not work fine while all the TV equipment is on =) only when it is off.

Is it possible to make the individual LAP work only in 5GHz using WLC? or how to disable the 2.4 GHz radio module on that LAP? I want it to support only 802.11a & 802.11n on only 5 GHz.

Thanks

You go to the Wireless tab then on the left side click 802.11bgn, click networks and disable 802.11b. That will disable globally 2.4.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

no, I don't want to disable it globally! only on one LAP, not on all! is it possible?

I have read that I can manually configure the channel for an individual AP, that I can configure the LAP to use 40 MHz (Channel Bonding) in 5 GHz (802.11a/n). Is that what I need?

Well... Your roaming will break if you roam from another ap and the client needs to roam to that AP. Click on the blue triangle next to the AP under Wireless then Radios 802.11bgn. You might be able to disable the radio there.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

thank you, Scott! that is what i needed!! thanks!

No problem.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

sorry for disturbing again, Scott!

while I was trying to solve this,

"

Is it possible to make the individual LAP work only in 5GHz using WLC? or how to disable the 2.4 GHz radio module on that LAP? I want it to support only 802.11a & 802.11n on only 5 GHz.

"

I was making an experiment of changing Radio Policy on a WLAN for SSID, to which only Apple users are connecting. I had chosen "802.11a only", then "802.11a/g" only, but finally I left "All" as it was before.

But now Apple devices choose only radio 802.11g or 802.11a to connect to, although they could choose 802.11n before my experiments! Don't understand what went wrong and how to deal with it.

EDIT:  You need to go to the wilreless tab on the WLC and then click on Access Points | Radios | 802,11 b/g/n.  Go to the right of the AP and click on the blue triange, click configure and disable the status.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

oh, I badly explained what I need again(((

I don't need only 2.4 Ghz now. I cited just to remind why I was doing this:

"  I was making an experiment of changing Radio Policy on a WLAN for SSID, to which only Apple users are connecting. I had chosen "802.11a only", then "802.11a/g" only, but finally I left "All" as it was before.   "

And now I am faced this problem :

But now Apple devices choose only radio 802.11g or 802.11a to connect to, although they could choose 802.11n before my experiments! " Now all that devices have only 54 Mbps as a Current Tx RateSet. They need 144 Mbps, which they had before, while connecting with radio 802.11n

Any ideas?

I don't know... maybe the iPads only connect on the 2.4ghz when using 802.11N.  Since you only see 144mbps, I'm guessing that the iPads only connect on the 2.4ghz.  If you have the 5ghz setup for 802.11n and you have 40mhz channel width, then the highest you will see on a laptop is 300mbps.  To achieve 300mbps, you need to either have an open authentication or use wpa2/aes.  Also WMM needs to be enabled on the SSID.

-Scott
*** Please rate helpful posts ***
Review Cisco Networking for a $25 gift card