cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
955
Views
0
Helpful
2
Replies

Strange Reassociation behaviour - help on troubleshoot

b.petronio
Level 3
Level 3

Hi there,

I have a production wlc wich has several ssid's working.

In a particular ssid, the wifi clients are bar code readers, using a wpa psk encription/authentication.

My client had bought a new bar code readers, and since then, we are having problems.

I had capture a debug client <mac> and attached here.

I cant find a reason for so much reassociation requests... even for the same AP.

Please give a light in here please.

My Best Regards,

Petrónio

2 Replies 2

Leo Laohoo
Hall of Fame
Hall of Fame

Try this:

Create a new SSID with OPEN authentication.  See if the new bar code reader works.  If it does, then ramp up the security.

Bar Code readers/scanners are notorious for having early to very-early generation of wireless cards in them (the cost of those early models are in their cents) and most of the time 802.11b with data rates of 1 or 2 mbps is required.

Thank You leolaohoo,

I'll try it asap.

Do you detect any strange behaviour on the log ???

I detect a strange shortcut on the flow ...

START -> AUTHCHECK -> 8021X_REQD -> L2AUTHCOMPLETE -> RUN

*apfMsConnTask_0: Sep 23 13:41:06.809: e0:2a:82:68:b3:da 10.120.109.101 RUN (20) Change state to START (0) last state RUN (20)

*apfMsConnTask_0: Sep 23 13:41:06.809: e0:2a:82:68:b3:da 10.120.109.101 AUTHCHECK (2) Change state to 8021X_REQD (3) last state RUN (20)

*apfMsConnTask_0: Sep 23 13:41:06.809: e0:2a:82:68:b3:da 10.120.109.101 8021X_REQD (3) Plumbed mobile LWAPP rule on AP ac:a0:16:ca:b8:30 vapId 1 apVapId 1

*Dot1x_NW_MsgTask_2: Sep 23 13:41:06.878: e0:2a:82:68:b3:da 10.120.109.101 8021X_REQD (3) Change state to L2AUTHCOMPLETE (4) last state RUN (20)

*Dot1x_NW_MsgTask_2: Sep 23 13:41:06.878: e0:2a:82:68:b3:da 10.120.109.101 L2AUTHCOMPLETE (4) Change state to RUN (20) last state RUN (20)

From "Policy Enforcement Module (PEM)" Figure, in "http://www.cisco.com/en/US/products/hw/wireless/ps430/products_tech_note09186a008091b08b.shtml" i see it bypass dhcp states.

But nevertheless, if we have "RUN" states, then we could afirm, that " Client has successfully completed the required L2 and L3 policies and can now transmit traffic to the network" . Im i right ?

Petrónio

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: