Which version you are running on WLC ?

Which WLC model you are using ?

How is your seup ?

Regards

Dont forget to rate helpful posts

Which version you are running on WLC ? 

8.2.151.0

Which WLC model you are using ?

5508

How is your seup ?

Radius Servers are in US and reachable via MPLS and S2S Tunnel also.

I have tried by changing the advanced eap bcast-key-interval to 86400 from default 3600 but issue is still there.

I also unchecked

but this is also not worked ..

Now this is getting serious issue and 10+ users are already affected from this.

only few clients are having issues or its with all clients ?

paste the output of the command: sh wlan <id>

Regards

Dont forget to rate helpful posts

Hi,

Please make sure shared key between WLC and RADIUS server is the same.

BR,

John 

Please make sure shared key between WLC and RADIUS server is the same.

= Same only..

Got anything Sir...Anyone..

I think:

you must be hitting a bug:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuu15866/?referring_site=bugquickviewredir

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuw37942/?referring_site=bugquickviewredir

Regards

Dont forget to rate helpful posts

Unlikely..Users are getting disconnected and we need to manually re connect to the SSID this is non frequent in nature and random occurring issue..

Dear Sir,

Did not able to find the bug in the release notes 8.2.151.0 .

Can you please guide further . i have upgraded the drivers of the laptop to the latest Intel 19.60 release but issue still persists.

only few clients are having issues or its with all clients ?

up to 20 Clients Not all.

(Cisco Controller) >show wlan 2

WLAN Identifier.................................. 2

Profile Name..................................... GLOBALACCESSII

Network Name (SSID).............................. GLOBALACCESSII

Status........................................... Enabled

MAC Filtering.................................... Disabled

Broadcast SSID................................... Enabled

AAA Policy Override.............................. Disabled

Network Admission Control

Client Profiling Status

    Radius Profiling ............................ Disabled

     DHCP ....................................... Disabled

     HTTP ....................................... Disabled

    Local Profiling ............................. Disabled

     DHCP ....................................... Disabled

     HTTP ....................................... Disabled

  Radius-NAC State............................... Disabled

  SNMP-NAC State................................. Disabled

  Quarantine VLAN................................ 0

Maximum number of Associated Clients............. 0

Maximum number of Clients per AP Radio........... 200

--More-- or (q)uit

ATF Policy....................................... 0

Number of Active Clients......................... 122

Exclusionlist Timeout............................ 60 seconds

Session Timeout.................................. 1800 seconds

User Idle Timeout................................ Disabled

Sleep Client..................................... disable

Sleep Client Timeout............................. 720 minutes

User Idle Threshold.............................. 0 Bytes

NAS-identifier................................... none

CHD per WLAN..................................... Enabled

Webauth DHCP exclusion........................... Disabled

Interface........................................ pune_main_office

Multicast Interface.............................. Not Configured

WLAN IPv4 ACL.................................... unconfigured

WLAN IPv6 ACL.................................... unconfigured

WLAN Layer2 ACL.................................. unconfigured

mDNS Status...................................... Disabled

mDNS Profile Name................................ unconfigured

DHCP Server...................................... Default

DHCP Address Assignment Required................. Disabled

Static IP client tunneling....................... Disabled

Tunnel Profile................................... Unconfigured

PMIPv6 Mobility Type............................. none

--More-- or (q)uit

    PMIPv6 MAG Profile........................... Unconfigured

    PMIPv6 Default Realm......................... Unconfigured

    PMIPv6 NAI Type.............................. Hexadecimal

    PMIPv6 MAG location.......................... AP

Quality of Service............................... Silver

Per-SSID Rate Limits............................. Upstream      Downstream

Average Data Rate................................   0             0

Average Realtime Data Rate.......................   0             0

Burst Data Rate..................................   0             0

Burst Realtime Data Rate.........................   0             0

Per-Client Rate Limits........................... Upstream      Downstream

Average Data Rate................................   0             0

Average Realtime Data Rate.......................   0             0

Burst Data Rate..................................   0             0

Burst Realtime Data Rate.........................   0             0

Scan Defer Priority.............................. 4,5,6

Scan Defer Time.................................. 100 milliseconds

WMM.............................................. Allowed

WMM UAPSD Compliant Client Support............... Disabled

Media Stream Multicast-direct.................... Disabled

CCX - AironetIe Support.......................... Enabled

CCX - Gratuitous ProbeResponse (GPR)............. Disabled

CCX - Diagnostics Channel Capability............. Disabled

--More-- or (q)uit

Dot11-Phone Mode (7920).......................... Disabled

Wired Protocol................................... 802.1P (Tag=0)

Passive Client Feature........................... Disabled

Peer-to-Peer Blocking Action..................... Disabled

Radio Policy..................................... All

DTIM period for 802.11a radio.................... 1

DTIM period for 802.11b radio.................... 1

Radius Servers

   Authentication................................ 151.171.47.224 1812 *

   Authentication................................ 151.171.47.215 1812 *

   Authentication................................ 10.106.3.59 1812 *

   Accounting.................................... 151.171.47.224 1813 *

   Accounting.................................... 151.171.47.215 1813 *

   Accounting.................................... 10.106.3.59 1813 *

      Interim Update............................. Enabled

      Interim Update Interval.................... 0

      Framed IPv6 Acct AVP ...................... Prefix

   Dynamic Interface............................. Disabled

   Dynamic Interface Priority.................... wlan

Local EAP Authentication......................... Disabled

Radius NAI-Realm................................. Disabled

Mu-Mimo.......................................... Enabled

Security

--More-- or (q)uit

   802.11 Authentication:........................ Open System

   FT Support.................................... Disabled

   Static WEP Keys............................... Disabled

   802.1X........................................ Disabled

   Wi-Fi Protected Access (WPA/WPA2)............. Enabled

      WPA (SSN IE)............................... Disabled

      WPA2 (RSN IE).............................. Enabled

         TKIP Cipher............................. Disabled

         AES Cipher.............................. Enabled

      OSEN IE.................................... Disabled

      Auth Key Management

         802.1x.................................. Enabled

         PSK..................................... Disabled

         CCKM.................................... Disabled

         FT-1X(802.11r).......................... Disabled

         FT-PSK(802.11r)......................... Disabled

         PMF-1X(802.11w)......................... Disabled

         PMF-PSK(802.11w)........................ Disabled

         OSEN-1X................................. Disabled

      FT Reassociation Timeout................... 20

      FT Over-The-DS mode........................ Disabled

      GTK Randomization.......................... Disabled

--More-- or (q)uit

      SKC Cache Support.......................... Disabled

      CCKM TSF Tolerance......................... 1000

   Wi-Fi Direct policy configured................ Disabled

   EAP-Passthrough............................... Disabled

   CKIP ......................................... Disabled

   Web Based Authentication...................... Disabled

   Web Authentication Timeout.................... 300

   Web-Passthrough............................... Disabled

   Mac-auth-server............................... 0.0.0.0

   Web-portal-server............................. 0.0.0.0

   Conditional Web Redirect...................... Disabled

   Splash-Page Web Redirect...................... Disabled

   Auto Anchor................................... Disabled

   FlexConnect Local Switching................... Enabled

   FlexConnect Central Association............... Disabled

   flexconnect Central Dhcp Flag................. Disabled

   flexconnect nat-pat Flag...................... Disabled

   flexconnect Dns Override Flag................. Disabled

   flexconnect PPPoE pass-through................ Disabled

   flexconnect local-switching IP-source-guar.... Disabled

   FlexConnect Vlan based Central Switching ..... Disabled

   FlexConnect Local Authentication.............. Disabled

   FlexConnect Learn IP Address.................. Enabled

--More-- or (q)uit

   Client MFP.................................... Optional

   PMF........................................... Disabled

   PMF Association Comeback Time................. 1

   PMF SA Query RetryTimeout..................... 200

   Tkip MIC Countermeasure Hold-down Timer....... 60

   Eap-params.................................... Disabled

AVC Visibilty.................................... Disabled

AVC Profile Name................................. None

Flex Avc Profile Name............................ None

Flow Monitor Name................................ None

Split Tunnel Configuration

    Split Tunnel................................. Disabled

Call Snooping.................................... Disabled

Roamed Call Re-Anchor Policy..................... Disabled

SIP CAC Fail Send-486-Busy Policy................ Enabled

SIP CAC Fail Send Dis-Association Policy......... Disabled

KTS based CAC Policy............................. Disabled

Assisted Roaming Prediction Optimization......... Disabled

802.11k Neighbor List............................ Disabled

802.11k Neighbor List Dual Band.................. Disabled

802.11v Directed Multicast Service............... Disabled

802.11v BSS Max Idle Service..................... Enabled

802.11v BSS Transition Service................... Disabled

--More-- or (q)uit

802.11v BSS Transition Disassoc Imminent......... Disabled

802.11v BSS Transition Disassoc Timer............ 200

802.11v BSS Transition OpRoam Disassoc Timer..... 40

DMS DB is empty

Band Select...................................... Disabled

Load Balancing................................... Disabled

Multicast Buffer................................. Disabled

Universal Ap Admin............................... Disabled

Mobility Anchor List

WLAN ID     IP Address            Status                             Priority

-------     ---------------       ------                             --------

802.11u........................................ Disabled

MSAP Services.................................. Disabled

Local Policy

----------------

Priority  Policy Name

--------  ---------------

Lync State ...................................... Disabled

--More-- or (q)uit

Audio QoS Policy................................. Silver

Video QoS Policy................................. Silver

App-Share QoS Policy............................. Silver

File Transfer QoS Policy......................... Silver

Hello @pankaj.bandewar

Did you find a solution to your problem? As i am having the same issue affecting few users only.

Regards,

Was there any resolution too this?

I am running the same 8.2.151.0 on 5508 and WPA2. I am getting the exact same symptom. It is very random. I am curious as to what might have been done. 

Thank You!

Well I did something Like this

1.Upgrade the NIC Card software version on Laptops.

2.Change the default epol key interval time to 24 hrs.

3.disable the session timeout.

4.enable the NAC state as : RADIUS NAC

5. Upgrade the IOS of Controller to Cisco Recommended ver.

resolved finally..