Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2234
Views
5
Helpful
12
Replies

MAC Users disconnecting from WLC

iptech911
Level 1
Level 1

‎08-06-2021 01:53 AM

Hello Community, 

 

We are using WLC 4400 series with ACS 4.1. Users on the network with MAC OS are continuously disconnecting. Have tried to disable the session time out under the Advance settings but no luck. 

 

Any help is appreciated.

Labels:
0 Helpful
12 Replies 12

marce1000
VIP
VIP

‎08-06-2021 06:55 AM

 

              - You may debug a particular mac(-address) on the controller and have it analyzed with :

                            https://cway.cisco.com/tools/WirelessDebugAnalyzer/

             You can also have a sanity check of the controller configuration with :

                           https://cway.cisco.com/tools/WirelessAnalyzer/

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

iptech911
Level 1
Level 1
In response to marce1000

‎08-07-2021 09:10 AM

Thanks for the suggestion. 

 

The page doesn't say it supports 4400 series. Will it work or is there another tool?

 

This tool parses debug log files for AireOS (WLC 5500/2500/8500/7500/WISM1-2/vWLC)

 

Thanks.

0 Helpful

marce1000
VIP
VIP
In response to iptech911

‎08-07-2021 11:49 PM

 

 - You may have a try anyway , it is for instance tagged in this document :

                 https://community.cisco.com/t5/wireless-mobility-documents/wlc-config-analyzer/ta-p/3119057

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

iptech911
Level 1
Level 1
In response to marce1000

‎08-08-2021 01:40 AM

I tried using this https://cway.cisco.com/wireless-config-analyzer/ and uploaded the running config of the WLC but the page just refreshes back to the same with no error or output at all. 

 

Not sure if that's a sign of not being supported

 

0 Helpful

marce1000
VIP
VIP
In response to iptech911

‎08-08-2021 02:37 AM

 

  - May depend on the format which was used when it was uploaded , you may export the running config to a tftp server using the GUI or use show run , and save the output to a file but then , in between command prompting must be disabled with config paging disable , FYI :

    https://community.cisco.com/t5/networking-documents/show-the-complete-configuration-without-breaks-pauses-on-cisco/ta-p/3115114

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

iptech911
Level 1
Level 1
In response to marce1000

‎08-12-2021 11:09 AM

I tried downloading the running config on TFTP server and pasting the config on the tool but it just refreshes with no result. 

0 Helpful

patoberli
VIP Alumni
VIP Alumni

‎08-09-2021 08:23 AM

This is a very old and since many years unsupported WLC. 

My guess is, you run a buggy software version.

 

What you can do, make sure 802.11r (Fast Transition) is disabled on the SSID (not sure if the 4400 series ever supported that anyway). This is the main problem causing feature. Then also make sure that DHCP Address Assignment is not set to required on the SSID.

 

Other than that we need more output of an affected client (debug client aa:bb....) while the problem happens.

0 Helpful

iptech911
Level 1
Level 1
In response to patoberli

‎08-12-2021 11:08 AM

That option doesn't seem to be there. Attached is the screenshot of the options. 

 

 

Preview file
87 KB
0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to iptech911

‎08-13-2021 12:27 AM

Fast Transition would be under Security - Layer 2. Can you also share a screenshot of that?

Also, if not needed, disable Aironet IE and consider disabling Client Band Select for more stability. What it does is: https://ccie-or-null.net/tag/client-band-select/

On the other hand, I would enable Client Exclusion and set it to 5 seconds, if you use WPA2-Enterprise. That takes a bit load of your Radius servers (if in use). 

0 Helpful

iptech911
Level 1
Level 1
In response to patoberli

‎08-13-2021 02:22 AM

Attached is the screenshot. Client band selection was actually disabled this whole time and I just enabled it now thinking that WLC was forcing the band. Not sure the real purpose of it though. 

 

What is Aironet IE for? 

Preview file
40 KB
0 Helpful

marce1000
VIP
VIP
In response to iptech911

‎08-13-2021 03:23 AM

 

 - FYI : https://www.cisco.com/c/en/us/td/docs/wireless/controller/best-practices/base/b_bp_wlc/infrastructure.html#:~:text=Aironet%20IE%20is%20a%20Cisco,probe%20responses%20of%20the%20WLAN.&text=Selected%E2%80%94CCX%20Aironet%20IE%20disabled%20on%20all%20WLA....

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

patoberli
VIP Alumni
VIP Alumni
In response to iptech911

‎08-13-2021 03:46 AM

Here we probably have the problem. You have WPA1 enabled. Apple devices really don't like that (together with WPA2 enabled) and all devices released in the last ~10 years support at least WPA2 + AES. 

So disable "WPA Policy" and "WPA Encryption AES" and only leave WPA2 enabled with AES. On some devices you will probably need to delete the old wireless profile and then do a fresh connection on your SSID. Please note, WPA1 is by now also very insecure.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card